107 lines
3.1 KiB
C#
107 lines
3.1 KiB
C#
// Copyright (c) SimpleIdServer. All rights reserved.
|
|
// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
|
|
using System;
|
|
using System.Collections.Generic;
|
|
using System.Linq;
|
|
using System.Security.Claims;
|
|
using Microsoft.AspNetCore.Builder;
|
|
using Microsoft.Extensions.DependencyInjection;
|
|
using SimpleIdServer.IdServer.Builders;
|
|
using SimpleIdServer.IdServer.Config;
|
|
using SimpleIdServer.IdServer.Domains;
|
|
|
|
var corsPolicyName = "AllowAll";
|
|
|
|
var users = new List<User>
|
|
{
|
|
UserBuilder
|
|
.Create("administrator", "password", "Administrator")
|
|
.SetEmail("adm@mail.com")
|
|
.SetFirstname("Administrator")
|
|
.AddRole("BI.PORTAL_ADMIN")
|
|
.AddRole("BI.TENANT_ADMIN")
|
|
.AddClaim("tid", "cbaa13c2-e95b-470a-bbcb-18911d5a6025")
|
|
.Build(),
|
|
};
|
|
|
|
var api = ApiResourceBuilder.Create("urn:bighand:api:bi:portal", "BI Portal API").Build();
|
|
|
|
var clients = new List<Client>
|
|
{
|
|
ClientBuilder
|
|
.BuildUserAgentClient("foo", null, null, new[] { "http://localhost:4200/loggedin" })
|
|
.AddScope(new Scope("openid"), new Scope("profile"), new Scope("offline_access"))
|
|
.AddRefreshToken()
|
|
.Build(),
|
|
};
|
|
|
|
var scopes = new List<Scope> { ScopeBuilder.CreateRoleScope(clients[0], "bi.portal", "").Build() };
|
|
var biScope = new Scope()
|
|
{
|
|
ApiResources = { api },
|
|
Name = "bi.portal",
|
|
Clients = { clients[0] },
|
|
Description = "BI Portal Scope",
|
|
ClaimMappers =
|
|
{
|
|
new ScopeClaimMapper()
|
|
{
|
|
IncludeInAccessToken = true,
|
|
TokenClaimJsonType = TokenClaimJsonTypes.STRING,
|
|
TargetClaimPath = "role",
|
|
MapperType = MappingRuleTypes.USERATTRIBUTE,
|
|
SourceUserAttribute = "role",
|
|
SourceUserProperty = "role",
|
|
},
|
|
new ScopeClaimMapper()
|
|
{
|
|
IncludeInAccessToken = true,
|
|
TokenClaimJsonType = TokenClaimJsonTypes.STRING,
|
|
TargetClaimPath = "tid",
|
|
MapperType = MappingRuleTypes.USERATTRIBUTE,
|
|
SourceUserAttribute = "tid",
|
|
SourceUserProperty = "tid",
|
|
},
|
|
new ScopeClaimMapper()
|
|
{
|
|
IncludeInAccessToken = true,
|
|
TokenClaimJsonType = TokenClaimJsonTypes.STRING,
|
|
TargetClaimPath = "email",
|
|
MapperType = MappingRuleTypes.USERATTRIBUTE,
|
|
SourceUserAttribute = "email",
|
|
SourceUserProperty = "email",
|
|
},
|
|
},
|
|
};
|
|
|
|
clients[0].Scopes.Add(biScope);
|
|
|
|
var builder = WebApplication.CreateBuilder(args);
|
|
|
|
builder.Services.AddCors(options =>
|
|
{
|
|
options.AddPolicy(
|
|
name: corsPolicyName,
|
|
policy =>
|
|
{
|
|
policy.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader();
|
|
}
|
|
);
|
|
});
|
|
|
|
builder
|
|
.AddSidIdentityServer()
|
|
.AddDeveloperSigningCredential()
|
|
.AddInMemoryUsers(users)
|
|
.AddInMemoryClients(clients)
|
|
.AddInMemoryScopes([biScope])
|
|
.AddInMemoryLanguages(DefaultLanguages.All)
|
|
.AddPwdAuthentication(true);
|
|
|
|
var app = builder.Build();
|
|
app.Services.SeedData();
|
|
app.UseSid();
|
|
app.UseCors(corsPolicyName);
|
|
|
|
await app.RunAsync();
|