administrator/simpleidp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

WIP

Browse Source
This commit is contained in:
Marek Lesko
2025-09-02 17:43:26 +02:00
parent b18a89b087
commit a3eaf0f5b7
1 changed files with 62 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

76
Program.cs
View File

@@ -9,9 +9,14 @@ using Microsoft.Extensions.DependencyInjection;
using SimpleIdServer.IdServer.Builders;
using SimpleIdServer.IdServer.Config;
using SimpleIdServer.IdServer.Domains;
using SimpleIdServer.IdServer.Domains.DTOs;
var corsPolicyName = "AllowAll";
var realm = RealmBuilder.CreateMaster().Build();
//api.Audience = "urn:bighand:api:bi:portal";
var users = new List<User>
{
UserBuilder
@@ -21,26 +26,37 @@ var users = new List<User>
.AddRole("BI.PORTAL_ADMIN")
.AddRole("BI.TENANT_ADMIN")
.AddClaim("tid", "cbaa13c2-e95b-470a-bbcb-18911d5a6025")
.AddClaim("aud","urn:bighand:api:bi:portal")
.AddConsent("master","212C9DB96C2A4B6DA0AFDB2222F6EEAA.bighand.com","bi.portal")
.SetEmailVerified(true)
.Build(),
};
var api = ApiResourceBuilder.Create("urn:bighand:api:bi:portal", "BI Portal API").Build();
var clients = new List<Client>
var rUser = new RealmUser
{
ClientBuilder
.BuildUserAgentClient("foo", null, null, new[] { "http://localhost:4200/loggedin" })
.AddScope(new Scope("openid"), new Scope("profile"), new Scope("offline_access"))
.AddRefreshToken()
.Build(),
Realm = realm,
User = users[0],
};
var scopes = new List<Scope> { ScopeBuilder.CreateRoleScope(clients[0], "bi.portal", "").Build() };
users[0].Realms.Add(rUser);
var api = new ApiResource
{
Realms = { realm },
Name = "BI Portal API",
Audience = "urn:bighand:api:bi:portal"
};
//var scopes = new List<Scope> { ScopeBuilder.CreateRoleScope(clients[0], "bi.portal", "").Build() };
var biScope = new Scope()
{
Realms = { realm },
ApiResources = { api },
Protocol = ScopeProtocols.OAUTH,
Type = ScopeTypes.APIRESOURCE,
Name = "bi.portal",
Clients = { clients[0] },
Description = "BI Portal Scope",
ClaimMappers =
{
@@ -48,8 +64,9 @@ var biScope = new Scope()
{
IncludeInAccessToken = true,
TokenClaimJsonType = TokenClaimJsonTypes.STRING,
TargetClaimPath = "role",
TargetClaimPath = "roles",
MapperType = MappingRuleTypes.USERATTRIBUTE,
IsMultiValued=true,
SourceUserAttribute = "role",
SourceUserProperty = "role",
},
@@ -66,15 +83,44 @@ var biScope = new Scope()
{
IncludeInAccessToken = true,
TokenClaimJsonType = TokenClaimJsonTypes.STRING,
TargetClaimPath = "email",
TargetClaimPath = "upn",
MapperType = MappingRuleTypes.USERATTRIBUTE,
SourceUserAttribute = "email",
SourceUserProperty = "email",
},
},
};
clients[0].Scopes.Add(biScope);
api.Scopes.Add(biScope);
api.Realms.Add(realm);
var scopes = new List<Scope>
{
new Scope("openid") { Realms = { realm } },
new Scope("profile"){ Realms = { realm } },
new Scope("offline_access"){ Realms = { realm } },
biScope
};
var clients = new List<Client>
{
ClientBuilder
.BuildUserAgentClient("212C9DB96C2A4B6DA0AFDB2222F6EEAA.bighand.com", null, realm, new[] { "http://localhost:4200/loggedin" })
.SetClientName("BI Portal")
.AddScope(scopes.ToArray())
.AddRefreshToken()
.Build(),
};
clients[0].IsPublic = true;
clients[0].Realms.Add(realm);
realm.Clients.Add(clients[0]);
realm.ApiResources.Add(api);
realm.Users.Add(rUser);
scopes.ForEach(s => realm.Scopes.Add(s));
var builder = WebApplication.CreateBuilder(args);
@@ -92,12 +138,14 @@ builder.Services.AddCors(options =>
builder
.AddSidIdentityServer()
.AddDeveloperSigningCredential()
.AddInMemoryRealms(new[] { realm }.ToList())
.AddInMemoryUsers(users)
.AddInMemoryClients(clients)
.AddInMemoryScopes([biScope])
.AddInMemoryScopes(scopes)
.AddInMemoryLanguages(DefaultLanguages.All)
.AddPwdAuthentication(true);
var app = builder.Build();
app.Services.SeedData();
app.UseSid();