im building some blazor wasm project i use company oidc so in wasm i have
builder.Services.AddOidcAuthentication(opt =>
{
opt.ProviderOptions.Authority = "https://xx.zz.pl/auth/cp";
opt.ProviderOptions.ClientId = "xxx";
opt.ProviderOptions.DefaultScopes.Add("email");
opt.ProviderOptions.ResponseType = "code";
});
and i have api configured to use this
builder.Services
.AddAuthentication("Bearer")
.AddJwtBearer("Bearer", options =>
{
options.Authority = "https://xx.zz.pl/auth/cp";;
});
and this works fine but question is how to skip this logon part during debug so i do not have everytime i run login with my corp account
i can do on api part do that if debug then allow anonym and this will work fine for every request
but how in this frontend webassembly
to hardcode some 'superadmin' account with all perms so it use this always during debug ? like fake oidc?
thanks and regards !
CodePudding user response:
If you just want to create your own local ClaimsPrincipal user, then I have used this code in my Startup.cs class (the request pipeline) to create a /login and /logout endpoint:
app.UseEndpoints(endpoints =>
{
endpoints.MapGet("/login", async context =>
{
var claims = new Claim[]
{
//Standard claims
new Claim(ClaimTypes.Name, "Joe Svensson"),
new Claim(ClaimTypes.Country, "Sweden"),
new Claim(ClaimTypes.Email, "[email protected]"),
//Custom claims
new Claim("JobTitle", "Developer"),
new Claim("JobLevel", "Senior"),
};
ClaimsIdentity identity = new ClaimsIdentity(claims: claims,
authenticationType: CookieAuthenticationDefaults.AuthenticationScheme);
ClaimsPrincipal user = new ClaimsPrincipal(identity: identity);
var authProperties = new AuthenticationProperties
{
IsPersistent = true
};
//Sign-in the user
await context.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, user, authProperties);
await context.Response.WriteAsync("<!DOCTYPE html><body>");
await context.Response.WriteAsync("<h1>Logged in!</h1>");
});
endpoints.MapGet("/logout", async context =>
{
//Do add a call to the signout method here
await context.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
await context.Response.WriteAsync("<!DOCTYPE html><body>");
await context.Response.WriteAsync("<h1>Logged out</h1>");
});
I hope it can of some inspiration for you.
CodePudding user response:
ok so i did eventually in webassembly
if (builder.HostEnvironment.IsDevelopment())
{
builder.Services.AddScoped<AuthenticationStateProvider,
DebugAuthStateProvicer>();
}
else
builder.Services.AddOidcAuthentication......
and this provider like
public class DebugAuthStateProvicer : AuthenticationStateProvider
{
public override async Task<AuthenticationState> GetAuthenticationStateAsync()
{
var identity = new ClaimsIdentity();
var claims = new List<Claim> { new Claim(ClaimTypes.Name, "DebugAdmin") };
claims.Add(new Claim(ClaimTypes.Role, "Admin"));
identity = new ClaimsIdentity(claims, "Server authentication");
}
return new AuthenticationState(new ClaimsPrincipal(identity));
}