Merge pull request #176 from Etherna/feature/ESSO-231-add-gateway-cli…

…-client

add gateway cli client

src/EthernaSSO/Configs/IdentityServer/IdServerConfig.cs

@@ -104,6 +104,9 @@ public static class IdResourcesDef
         private readonly string ethernaGateway_Webapp_ClientId;
         private readonly string ethernaGateway_Webapp_Secret;
 
+        private readonly string ethernaGatewayCli_BaseUrl;
+        private readonly string ethernaGatewayCli_ClientId;
+
         private readonly string ethernaIndex_BaseUrl;
         private readonly string ethernaIndex_Sso_ClientId;
         private readonly string ethernaIndex_Sso_Secret;
@@ -139,6 +142,9 @@ public IdServerConfig(IConfiguration configuration)
             ethernaGateway_Webapp_ClientId = configuration["IdServer:Clients:EthernaGateway:Clients:Webapp:ClientId"] ?? throw new ServiceConfigurationException();
             ethernaGateway_Webapp_Secret = configuration["IdServer:Clients:EthernaGateway:Clients:Webapp:Secret"] ?? throw new ServiceConfigurationException();
 
+            ethernaGatewayCli_BaseUrl = configuration["IdServer:Clients:EthernaGatewayCli:BaseUrl"] ?? throw new ServiceConfigurationException();
+            ethernaGatewayCli_ClientId = configuration["IdServer:Clients:EthernaGatewayCli:ClientId"] ?? throw new ServiceConfigurationException();
+
             ethernaIndex_BaseUrl = configuration["IdServer:Clients:EthernaIndex:BaseUrl"] ?? throw new ServiceConfigurationException();
             ethernaIndex_Sso_ClientId = configuration["IdServer:Clients:EthernaIndex:Clients:SsoServer:ClientId"] ?? throw new ServiceConfigurationException();
             ethernaIndex_Sso_Secret = configuration["IdServer:Clients:EthernaIndex:Clients:SsoServer:Secret"] ?? throw new ServiceConfigurationException();
@@ -334,6 +340,40 @@ public IdServerConfig(IConfiguration configuration)
                 // Allow token refresh.
                 AllowOfflineAccess = true
             },
+
+            //gateway cli
+            new Client
+            {
+                ClientId = ethernaGatewayCli_ClientId,
+                ClientName = "Etherna Gateway CLI",
+                RequireClientSecret = false,
+
+                AllowedGrantTypes = GrantTypes.Code,
+
+                //where to redirect to after login
+                RedirectUris = { ethernaGatewayCli_BaseUrl },
+
+                //where to redirect to after logout
+                PostLogoutRedirectUris = { ethernaGatewayCli_BaseUrl },
+
+                AllowedCorsOrigins = { ethernaGatewayCli_BaseUrl },
+
+                AlwaysIncludeUserClaimsInIdToken = true,
+                AllowedScopes =
+                {
+                    //identity
+                    IdentityServerConstants.StandardScopes.OpenId,
+                    IdentityServerConstants.StandardScopes.Profile,
+                    IdResourcesDef.EtherAccounts.Name,
+
+                    //resource
+                    ApiScopesDef.UserInteractEthernaGateway.Name,
+                },
+
+                // Allow token refresh.
+                AllowOfflineAccess = true,
+                RefreshTokenUsage = TokenUsage.OneTimeOnly //because client have not secret
+            },
 
             //index (sso client)
             new Client

src/EthernaSSO/appsettings.json

@@ -47,6 +47,11 @@
         }
       },
 
+      "EthernaGatewayCli": {
+        "BaseUrl": "http://127.0.0.1:11430",
+        "ClientId": "ethernaGatewayCliId"
+      },
+
       "EthernaIndex": {
         "Clients": {
           "SsoServer": {