Skip to content

Commit

Permalink
Add both use OpenId and Custom authorization sample code for dashboard.
Browse files Browse the repository at this point in the history
  • Loading branch information
yang-xiaodong committed Nov 28, 2024
1 parent 1a3465e commit da885b5
Show file tree
Hide file tree
Showing 3 changed files with 65 additions and 16 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
using System.Text.Encodings.Web;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;

Expand All @@ -23,22 +24,25 @@ public class MyDashboardAuthenticationHandler : AuthenticationHandler<MyDashboar
public MyDashboardAuthenticationHandler(IOptionsMonitor<MyDashboardAuthenticationSchemeOptions> options,
ILoggerFactory logger, UrlEncoder encoder) : base(options, logger, encoder)
{
options.CurrentValue.ForwardChallenge = "";
// options.CurrentValue.ForwardChallenge = "";
}

protected override Task<AuthenticateResult> HandleAuthenticateAsync()
{
var testAuthHeaderPresent = Request.Headers["X-Base-Token"].Contains("xxx");

var authResult = testAuthHeaderPresent ? CreateAuthenticatonTicket() : AuthenticateResult.NoResult();

return Task.FromResult(authResult);
}

protected override Task HandleChallengeAsync(AuthenticationProperties properties)
{
Response.Headers["WWW-Authenticate"] = MyDashboardAuthenticationSchemeDefaults.Scheme;
return base.HandleChallengeAsync(properties);
//Response.Headers["WWW-Authenticate"] = MyDashboardAuthenticationSchemeDefaults.Scheme;
//return base.HandleChallengeAsync(properties);

// Challenge use OpenId for AddCapWithOpenIdAndCustomAuthorization
return Context.ChallengeAsync(OpenIdConnectDefaults.AuthenticationScheme, properties);
}

private AuthenticateResult CreateAuthenticatonTicket()
Expand Down
3 changes: 2 additions & 1 deletion samples/Sample.Dashboard.Auth/Properties/launchSettings.json
Original file line number Diff line number Diff line change
Expand Up @@ -19,10 +19,11 @@
"Sample.Dashboard.Auth": {
"commandName": "Project",
"launchBrowser": true,
"launchUrl": "cap",
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
},
"applicationUrl": "https://localhost:5001"
"applicationUrl": "https://localhost:5001/"
}
}
}
66 changes: 55 additions & 11 deletions samples/Sample.Dashboard.Auth/Startup.cs
Original file line number Diff line number Diff line change
Expand Up @@ -10,10 +10,11 @@ public class Startup
{
public void ConfigureServices(IServiceCollection services)
{
AddCapWithOpenIdAuthorization(services);
// AddCapWithOpenIdAuthorization(services);
// AddCapWithAnonymousAccess(services);
// AddCapWithCustomAuthorization(services);

AddCapWithOpenIdAndCustomAuthorization(services);

services.AddCors(x =>
{
x.AddDefaultPolicy(p =>
Expand Down Expand Up @@ -41,10 +42,10 @@ public void Configure(IApplicationBuilder app)
private IServiceCollection AddCapWithOpenIdAuthorization(IServiceCollection services)
{
const string DashboardAuthorizationPolicy = "DashboardAuthorizationPolicy";

services
.AddAuthorization(options =>
{
{
options.AddPolicy(DashboardAuthorizationPolicy, policy => policy
.AddAuthenticationSchemes(OpenIdConnectDefaults.AuthenticationScheme)
.RequireAuthenticatedUser());
Expand All @@ -64,11 +65,12 @@ private IServiceCollection AddCapWithOpenIdAuthorization(IServiceCollection serv
options.Scope.Add("openid");
options.Scope.Add("profile");
});

services.AddCap(cap =>
{
cap.UseDashboard(d =>
{
d.AllowAnonymousExplicit = false;
d.AuthorizationPolicy = DashboardAuthorizationPolicy;
});
cap.UseInMemoryStorage();
Expand All @@ -77,21 +79,21 @@ private IServiceCollection AddCapWithOpenIdAuthorization(IServiceCollection serv

return services;
}

private IServiceCollection AddCapWithCustomAuthorization(IServiceCollection services)
{
const string MyDashboardAuthenticationPolicy = "MyDashboardAuthenticationPolicy";

services
.AddAuthorization(options =>
{
{
options.AddPolicy(MyDashboardAuthenticationPolicy, policy => policy
.AddAuthenticationSchemes(MyDashboardAuthenticationSchemeDefaults.Scheme)
.RequireAuthenticatedUser());
})
.AddAuthentication()
.AddScheme<MyDashboardAuthenticationSchemeOptions, MyDashboardAuthenticationHandler>(MyDashboardAuthenticationSchemeDefaults.Scheme,null);
.AddScheme<MyDashboardAuthenticationSchemeOptions, MyDashboardAuthenticationHandler>(MyDashboardAuthenticationSchemeDefaults.Scheme, null);

services.AddCap(cap =>
{
cap.UseDashboard(d =>
Expand All @@ -104,7 +106,49 @@ private IServiceCollection AddCapWithCustomAuthorization(IServiceCollection serv

return services;
}


private IServiceCollection AddCapWithOpenIdAndCustomAuthorization(IServiceCollection services)
{
const string DashboardAuthorizationPolicy = "DashboardAuthorizationPolicy";

services
.AddAuthorization(options =>
{
options.AddPolicy(DashboardAuthorizationPolicy, policy => policy
.AddAuthenticationSchemes(OpenIdConnectDefaults.AuthenticationScheme, MyDashboardAuthenticationSchemeDefaults.Scheme)
.RequireAuthenticatedUser());
})
.AddAuthentication(opt => opt.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme)
.AddScheme<MyDashboardAuthenticationSchemeOptions, MyDashboardAuthenticationHandler>(MyDashboardAuthenticationSchemeDefaults.Scheme, null)
.AddCookie()
.AddOpenIdConnect(options =>
{
options.RequireHttpsMetadata = false;
options.Authority = "https://demo.duendesoftware.com/";
options.ClientId = "interactive.confidential";
options.ClientSecret = "secret";
options.ResponseType = "code";
options.UsePkce = true;

options.Scope.Clear();
options.Scope.Add("openid");
options.Scope.Add("profile");
});

services.AddCap(cap =>
{
cap.UseDashboard(d =>
{
d.AllowAnonymousExplicit = false;
d.AuthorizationPolicy = DashboardAuthorizationPolicy;
});
cap.UseInMemoryStorage();
cap.UseInMemoryMessageQueue();
});

return services;
}

private IServiceCollection AddCapWithAnonymousAccess(IServiceCollection services)
{
services.AddCap(cap =>
Expand Down

0 comments on commit da885b5

Please sign in to comment.