modify token information

features/IdentitySvc
Vianney JOURDY 2 weeks ago
parent 9baad91ab4
commit 21bb2b079d

@ -14,15 +14,15 @@ public static class Config
public static IEnumerable<ApiScope> ApiScopes => public static IEnumerable<ApiScope> ApiScopes =>
new ApiScope[] new ApiScope[]
{ {
new ApiScope("scope1"), new ApiScope("optifitApp", "Optifit App API Scope"),
new ApiScope("scope2"), //new ApiScope("scope2"),
}; };
public static IEnumerable<Client> Clients => public static IEnumerable<Client> Clients =>
new Client[] new Client[]
{ {
// m2m client credentials flow client // m2m client credentials flow client
new Client /*new Client
{ {
ClientId = "m2m.client", ClientId = "m2m.client",
ClientName = "Client Credentials Client", ClientName = "Client Credentials Client",
@ -31,10 +31,10 @@ public static class Config
ClientSecrets = { new Secret("511536EF-F270-4058-80CA-1C89C192F69A".Sha256()) }, ClientSecrets = { new Secret("511536EF-F270-4058-80CA-1C89C192F69A".Sha256()) },
AllowedScopes = { "scope1" } AllowedScopes = { "scope1" }
}, },*/
// interactive client using code flow + pkce // interactive client using code flow + pkce
new Client /*new Client
{ {
ClientId = "interactive", ClientId = "interactive",
ClientSecrets = { new Secret("49C1A7E1-0C79-4A89-A3D6-A37998FB86B0".Sha256()) }, ClientSecrets = { new Secret("49C1A7E1-0C79-4A89-A3D6-A37998FB86B0".Sha256()) },
@ -47,6 +47,16 @@ public static class Config
AllowOfflineAccess = true, AllowOfflineAccess = true,
AllowedScopes = { "openid", "profile", "scope2" } AllowedScopes = { "openid", "profile", "scope2" }
}, },*/
new Client
{
ClientId = "postman",
ClientName = "Postman",
AllowedScopes = {"openid", "profile", "optifitApp"},
RedirectUris = {"https://www.getpostman.com/oauth2/callback"},
ClientSecrets = new[] {new Secret("NotASecret".Sha256())},
AllowedGrantTypes = {GrantType.ResourceOwnerPassword}
}
}; };
} }

@ -1,6 +1,7 @@
using Duende.IdentityServer; using Duende.IdentityServer;
using IdentitySvc.Data; using IdentitySvc.Data;
using IdentitySvc.Models; using IdentitySvc.Models;
using IdentitySvc.Services;
using Microsoft.AspNetCore.Identity; using Microsoft.AspNetCore.Identity;
using Microsoft.EntityFrameworkCore; using Microsoft.EntityFrameworkCore;
using Serilog; using Serilog;
@ -34,7 +35,8 @@ internal static class HostingExtensions
.AddInMemoryIdentityResources(Config.IdentityResources) .AddInMemoryIdentityResources(Config.IdentityResources)
.AddInMemoryApiScopes(Config.ApiScopes) .AddInMemoryApiScopes(Config.ApiScopes)
.AddInMemoryClients(Config.Clients) .AddInMemoryClients(Config.Clients)
.AddAspNetIdentity<ApplicationUser>(); .AddAspNetIdentity<ApplicationUser>()
.AddProfileService<CustomProfileService>();
builder.Services.ConfigureApplicationCookie(options => builder.Services.ConfigureApplicationCookie(options =>
{ {

@ -0,0 +1,37 @@
using System.Security.Claims;
using Duende.IdentityServer.Models;
using Duende.IdentityServer.Services;
using IdentityModel;
using Microsoft.AspNetCore.Identity;
using IdentitySvc.Models;
namespace IdentitySvc.Services;
public class CustomProfileService : IProfileService
{
private readonly UserManager<ApplicationUser> _userManager;
public CustomProfileService(UserManager<ApplicationUser> userManager)
{
_userManager = userManager;
}
public async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
var user = await _userManager.GetUserAsync(context.Subject);
var existingClaims = await _userManager.GetClaimsAsync(user);
var claims = new List<Claim>
{
new Claim("username", user.UserName),
};
context.IssuedClaims.AddRange(claims);
context.IssuedClaims.Add(existingClaims.FirstOrDefault(x => x.Type == JwtClaimTypes.Name));
}
public Task IsActiveAsync(IsActiveContext context)
{
return Task.CompletedTask;
}
}
Loading…
Cancel
Save