Login über SSO
This commit is contained in:
+62
-2
@@ -1,6 +1,13 @@
|
||||
using ZahlenAnalyse.Web.Components;
|
||||
using MudBlazor.Services;
|
||||
using Raven.Client.Documents;
|
||||
using Microsoft.AspNetCore.Authentication;
|
||||
using Microsoft.AspNetCore.Authentication.Cookies;
|
||||
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
using DotNetEnv;
|
||||
|
||||
Env.Load();
|
||||
|
||||
var builder = WebApplication.CreateBuilder(args);
|
||||
|
||||
@@ -11,12 +18,43 @@ builder.Services.AddMudServices();
|
||||
|
||||
var store = new DocumentStore
|
||||
{
|
||||
Urls = new[] { "http://localhost:8080" },
|
||||
Database = "ZahlenAnalyse"
|
||||
Urls = new[] { builder.Configuration["RavenDb:Urls"] },
|
||||
Database = builder.Configuration["RavenDb:Database"]
|
||||
};
|
||||
store.Initialize();
|
||||
builder.Services.AddSingleton<IDocumentStore>(store);
|
||||
|
||||
builder.Services.AddCascadingAuthenticationState();
|
||||
|
||||
builder.Services.AddAuthentication(options =>
|
||||
{
|
||||
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
|
||||
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
|
||||
})
|
||||
.AddCookie(CookieAuthenticationDefaults.AuthenticationScheme)
|
||||
.AddOpenIdConnect(OpenIdConnectDefaults.AuthenticationScheme, options =>
|
||||
{
|
||||
var pocketIdConfig = builder.Configuration.GetSection("PocketId");
|
||||
|
||||
options.Authority = pocketIdConfig["Authority"];
|
||||
options.ClientId = pocketIdConfig["ClientId"];
|
||||
options.ClientSecret = pocketIdConfig["ClientSecret"];
|
||||
|
||||
options.ResponseType = "code";
|
||||
options.SaveTokens = true;
|
||||
|
||||
// Wichtig für lokale Dev-Umgebungen ohne HTTPS-Zertifikatsprüfung (falls nötig)
|
||||
// options.RequireHttpsMetadata = false;
|
||||
|
||||
options.TokenValidationParameters = new TokenValidationParameters
|
||||
{
|
||||
NameClaimType = "name",
|
||||
RoleClaimType = "roles"
|
||||
};
|
||||
});
|
||||
|
||||
builder.Services.AddAuthorization();
|
||||
|
||||
|
||||
var app = builder.Build();
|
||||
|
||||
@@ -33,7 +71,29 @@ app.UseHttpsRedirection();
|
||||
app.UseAntiforgery();
|
||||
|
||||
app.MapStaticAssets();
|
||||
|
||||
app.UseAuthentication();
|
||||
app.UseAuthorization();
|
||||
|
||||
app.MapRazorComponents<App>()
|
||||
.AddInteractiveServerRenderMode();
|
||||
|
||||
|
||||
app.MapGet("/login", async (HttpContext context) =>
|
||||
{
|
||||
await context.ChallengeAsync(OpenIdConnectDefaults.AuthenticationScheme, new AuthenticationProperties
|
||||
{
|
||||
RedirectUri = "/"
|
||||
});
|
||||
});
|
||||
|
||||
app.MapGet("/logout", async (HttpContext context) =>
|
||||
{
|
||||
await context.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
|
||||
await context.SignOutAsync(OpenIdConnectDefaults.AuthenticationScheme, new AuthenticationProperties
|
||||
{
|
||||
RedirectUri = "/"
|
||||
});
|
||||
});
|
||||
|
||||
app.Run();
|
||||
|
||||
Reference in New Issue
Block a user