Commit d873090f authored by alan.f's avatar alan.f

add access-token-and-id-token

parent 4402f5c6
...@@ -13,7 +13,7 @@ namespace ApiOne.Controllers ...@@ -13,7 +13,7 @@ namespace ApiOne.Controllers
[Authorize] [Authorize]
public string Index() public string Index()
{ {
//var claims = User.Claims.ToList(); var claims = User.Claims.ToList();
return "secret message from ApiOne"; return "secret message from ApiOne";
} }
} }
......
...@@ -27,7 +27,7 @@ namespace IdentityServer ...@@ -27,7 +27,7 @@ namespace IdentityServer
new List<ApiResource> new List<ApiResource>
{ {
new ApiResource("ApiOne"), new ApiResource("ApiOne"),
new ApiResource("ApiTwo"), new ApiResource("ApiTwo",new string[]{"rc.api.grandma"}),
}; };
public static IEnumerable<Client> GetClients() => public static IEnumerable<Client> GetClients() =>
new List<Client> new List<Client>
......
...@@ -25,6 +25,8 @@ namespace IdentityServer ...@@ -25,6 +25,8 @@ namespace IdentityServer
userManager.CreateAsync(user, "password").GetAwaiter().GetResult(); userManager.CreateAsync(user, "password").GetAwaiter().GetResult();
userManager.AddClaimAsync(user, new Claim("rc.garndma", "big.cookie")) userManager.AddClaimAsync(user, new Claim("rc.garndma", "big.cookie"))
.GetAwaiter().GetResult(); .GetAwaiter().GetResult();
userManager.AddClaimAsync(user, new Claim("rc.api.garndma", "big..api.cookie"))
.GetAwaiter().GetResult();
} }
host.Run(); host.Run();
} }
......
...@@ -38,7 +38,7 @@ namespace MvcClient.Controllers ...@@ -38,7 +38,7 @@ namespace MvcClient.Controllers
var result = await GetSecret(accessToken); var result = await GetSecret(accessToken);
await RefreshAccessToken(); //await RefreshAccessToken();
return View(); return View();
} }
...@@ -49,7 +49,7 @@ namespace MvcClient.Controllers ...@@ -49,7 +49,7 @@ namespace MvcClient.Controllers
apiClient.SetBearerToken(accessToken); apiClient.SetBearerToken(accessToken);
var response = await apiClient.GetAsync("https://localhost:44337/secret"); var response = await apiClient.GetAsync("https://localhost:44340/secret");
var content = await response.Content.ReadAsStringAsync(); var content = await response.Content.ReadAsStringAsync();
...@@ -59,7 +59,7 @@ namespace MvcClient.Controllers ...@@ -59,7 +59,7 @@ namespace MvcClient.Controllers
private async Task RefreshAccessToken() private async Task RefreshAccessToken()
{ {
var serverClient = _httpClientFactory.CreateClient(); var serverClient = _httpClientFactory.CreateClient();
var discoveryDocument = await serverClient.GetDiscoveryDocumentAsync("https://localhost:44305/"); var discoveryDocument = await serverClient.GetDiscoveryDocumentAsync("https://localhost:44325/");
var accessToken = await HttpContext.GetTokenAsync("access_token"); var accessToken = await HttpContext.GetTokenAsync("access_token");
var idToken = await HttpContext.GetTokenAsync("id_token"); var idToken = await HttpContext.GetTokenAsync("id_token");
......
...@@ -2,6 +2,7 @@ using System; ...@@ -2,6 +2,7 @@ using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.Linq; using System.Linq;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting; using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Http;
...@@ -27,10 +28,17 @@ namespace MvcClient ...@@ -27,10 +28,17 @@ namespace MvcClient
config.ResponseType = "code"; config.ResponseType = "code";
//config cookie claim mapping
config.ClaimActions.DeleteClaim("amr");
config.ClaimActions.MapUniqueJsonKey("ReadaCoding.Grandma","rc.grandma");
//two trips to load claims in to the cookie //two trips to load claims in to the cookie
config.GetClaimsFromUserInfoEndpoint = true; config.GetClaimsFromUserInfoEndpoint = true;
//configure scope //configure scope
config.Scope.Clear();
config.Scope.Add("openid");
config.Scope.Add("rc.scope"); config.Scope.Add("rc.scope");
config.Scope.Add("ApiOne");
config.Scope.Add("ApiTwo");
} ); } );
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment