From 1501bb2aecfeafbdc22c40b2b114aff4765bbd78 Mon Sep 17 00:00:00 2001 From: Savorboard Date: Thu, 28 Nov 2024 10:56:10 +0800 Subject: [PATCH] Add both use OpenId and Custom authorization sample code for dashboard. --- .../MyDashboardAuthenticationHandler.cs | 12 ++++++---- .../Properties/launchSettings.json | 3 ++- samples/Sample.Dashboard.Auth/Startup.cs | 24 ++++++++++--------- 3 files changed, 23 insertions(+), 16 deletions(-) diff --git a/samples/Sample.Dashboard.Auth/MyDashboardAuthenticationHandler.cs b/samples/Sample.Dashboard.Auth/MyDashboardAuthenticationHandler.cs index 2c413db9c..1b8048186 100644 --- a/samples/Sample.Dashboard.Auth/MyDashboardAuthenticationHandler.cs +++ b/samples/Sample.Dashboard.Auth/MyDashboardAuthenticationHandler.cs @@ -3,6 +3,7 @@ using System.Text.Encodings.Web; using System.Threading.Tasks; using Microsoft.AspNetCore.Authentication; +using Microsoft.AspNetCore.Authentication.OpenIdConnect; using Microsoft.Extensions.Logging; using Microsoft.Extensions.Options; @@ -23,7 +24,7 @@ public class MyDashboardAuthenticationHandler : AuthenticationHandler options, ILoggerFactory logger, UrlEncoder encoder) : base(options, logger, encoder) { - options.CurrentValue.ForwardChallenge = ""; + // options.CurrentValue.ForwardChallenge = ""; } protected override Task HandleAuthenticateAsync() @@ -31,14 +32,17 @@ protected override Task HandleAuthenticateAsync() var testAuthHeaderPresent = Request.Headers["X-Base-Token"].Contains("xxx"); var authResult = testAuthHeaderPresent ? CreateAuthenticatonTicket() : AuthenticateResult.NoResult(); - + return Task.FromResult(authResult); } protected override Task HandleChallengeAsync(AuthenticationProperties properties) { - Response.Headers["WWW-Authenticate"] = MyDashboardAuthenticationSchemeDefaults.Scheme; - return base.HandleChallengeAsync(properties); + //Response.Headers["WWW-Authenticate"] = MyDashboardAuthenticationSchemeDefaults.Scheme; + //return base.HandleChallengeAsync(properties); + + // Challenge use OpenId for AddCapWithOpenIdAndCustomAuthorization + return Context.ChallengeAsync(OpenIdConnectDefaults.AuthenticationScheme, properties); } private AuthenticateResult CreateAuthenticatonTicket() diff --git a/samples/Sample.Dashboard.Auth/Properties/launchSettings.json b/samples/Sample.Dashboard.Auth/Properties/launchSettings.json index 240d046c2..953698474 100644 --- a/samples/Sample.Dashboard.Auth/Properties/launchSettings.json +++ b/samples/Sample.Dashboard.Auth/Properties/launchSettings.json @@ -19,10 +19,11 @@ "Sample.Dashboard.Auth": { "commandName": "Project", "launchBrowser": true, + "launchUrl": "cap", "environmentVariables": { "ASPNETCORE_ENVIRONMENT": "Development" }, - "applicationUrl": "https://localhost:5001" + "applicationUrl": "https://localhost:5001/" } } } \ No newline at end of file diff --git a/samples/Sample.Dashboard.Auth/Startup.cs b/samples/Sample.Dashboard.Auth/Startup.cs index 5d2cc4519..194760e5e 100644 --- a/samples/Sample.Dashboard.Auth/Startup.cs +++ b/samples/Sample.Dashboard.Auth/Startup.cs @@ -13,7 +13,7 @@ public void ConfigureServices(IServiceCollection services) AddCapWithOpenIdAuthorization(services); // AddCapWithAnonymousAccess(services); // AddCapWithCustomAuthorization(services); - + services.AddCors(x => { x.AddDefaultPolicy(p => @@ -41,15 +41,16 @@ public void Configure(IApplicationBuilder app) private IServiceCollection AddCapWithOpenIdAuthorization(IServiceCollection services) { const string DashboardAuthorizationPolicy = "DashboardAuthorizationPolicy"; - + services .AddAuthorization(options => - { + { options.AddPolicy(DashboardAuthorizationPolicy, policy => policy - .AddAuthenticationSchemes(OpenIdConnectDefaults.AuthenticationScheme) + .AddAuthenticationSchemes(OpenIdConnectDefaults.AuthenticationScheme, MyDashboardAuthenticationSchemeDefaults.Scheme) .RequireAuthenticatedUser()); }) .AddAuthentication(opt => opt.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme) + .AddScheme(MyDashboardAuthenticationSchemeDefaults.Scheme, null) .AddCookie() .AddOpenIdConnect(options => { @@ -64,11 +65,12 @@ private IServiceCollection AddCapWithOpenIdAuthorization(IServiceCollection serv options.Scope.Add("openid"); options.Scope.Add("profile"); }); - + services.AddCap(cap => { cap.UseDashboard(d => { + d.AllowAnonymousExplicit = false; d.AuthorizationPolicy = DashboardAuthorizationPolicy; }); cap.UseInMemoryStorage(); @@ -77,21 +79,21 @@ private IServiceCollection AddCapWithOpenIdAuthorization(IServiceCollection serv return services; } - + private IServiceCollection AddCapWithCustomAuthorization(IServiceCollection services) { const string MyDashboardAuthenticationPolicy = "MyDashboardAuthenticationPolicy"; - + services .AddAuthorization(options => - { + { options.AddPolicy(MyDashboardAuthenticationPolicy, policy => policy .AddAuthenticationSchemes(MyDashboardAuthenticationSchemeDefaults.Scheme) .RequireAuthenticatedUser()); }) .AddAuthentication() - .AddScheme(MyDashboardAuthenticationSchemeDefaults.Scheme,null); - + .AddScheme(MyDashboardAuthenticationSchemeDefaults.Scheme, null); + services.AddCap(cap => { cap.UseDashboard(d => @@ -104,7 +106,7 @@ private IServiceCollection AddCapWithCustomAuthorization(IServiceCollection serv return services; } - + private IServiceCollection AddCapWithAnonymousAccess(IServiceCollection services) { services.AddCap(cap =>