From 7c5a8d773b2d2f63611bf88206758a78a554c4ba Mon Sep 17 00:00:00 2001 From: Dominick Baier Date: Tue, 9 Nov 2021 10:46:03 +0100 Subject: [PATCH] first cut --- Directory.Build.props | 5 -- clients/Duende.IdentityServer.Clients.sln | 12 ++-- .../ResourceBasedApi/ResourceBasedApi.csproj | 19 +++---- clients/src/APIs/ResourceBasedApi/Selector.cs | 57 +++++++++++++++++++ clients/src/APIs/ResourceBasedApi/Startup.cs | 3 - clients/src/APIs/SimpleApi/SimpleApi.csproj | 7 +-- .../ConsoleCibaClient.csproj | 4 +- .../ConsoleCibaClient/Program.cs | 0 ...entialsFlowCallingIdentityServerApi.csproj | 2 +- ...onsoleClientCredentialsFlowPostBody.csproj | 2 +- clients/src/ConsoleCode/ConsoleCode.csproj | 27 +++++---- .../ConsoleExtensionGrant.csproj | 2 +- .../ConsoleDeviceFlow.csproj | 2 +- .../ConsoleEphemeralMtlsClient.csproj | 2 +- .../ConsoleIntrospectionClient.csproj | 2 +- .../ConsoleMTLSClient.csproj | 2 +- .../ConsoleParameterizedScopeClient.csproj | 3 +- .../ConsolePrivateKeyJwtClient.csproj | 4 +- .../ConsoleResourceIndicators.csproj | 10 ++-- .../ConsoleResourceOwnerFlow.csproj | 2 +- .../ConsoleResourceOwnerFlowPublic.csproj | 2 +- .../ConsoleResourceOwnerFlowReference.csproj | 2 +- ...onsoleResourceOwnerFlowRefreshToken.csproj | 2 +- .../ConsoleResourceOwnerFlowUserInfo.csproj | 2 +- .../ConsoleScopesResources.csproj | 4 +- clients/src/JsOidc/JsOidc.csproj | 2 +- .../MvcAutomaticTokenManagement.csproj | 24 ++++---- .../MvcAutomaticTokenManagement/Startup.cs | 2 +- clients/src/MvcCode/MvcCode.csproj | 14 ++--- .../MvcHybridBackChannel.csproj | 4 +- .../AssertionConfigurationService.cs | 12 ++-- clients/src/MvcJarJwt/MvcJarJwt.csproj | 24 ++++---- clients/src/MvcJarJwt/Startup.cs | 5 +- .../AssertionConfigurationService.cs | 11 ++-- clients/src/MvcJarUriJwt/MvcJarUriJwt.csproj | 10 ++-- clients/src/MvcJarUriJwt/Startup.cs | 2 +- 36 files changed, 165 insertions(+), 124 deletions(-) create mode 100644 clients/src/APIs/ResourceBasedApi/Selector.cs rename clients/src/{ConsoleClientCredentialsFlow => }/ConsoleCibaClient/ConsoleCibaClient.csproj (57%) rename clients/src/{ConsoleClientCredentialsFlow => }/ConsoleCibaClient/Program.cs (100%) diff --git a/Directory.Build.props b/Directory.Build.props index 5d8b7015d..58ab09120 100644 --- a/Directory.Build.props +++ b/Directory.Build.props @@ -15,13 +15,8 @@ https://github.com/DuendeSoftware/IdentityServer https://github.com/DuendeSoftware/IdentityServer/releases - true - - true - - embedded True diff --git a/clients/Duende.IdentityServer.Clients.sln b/clients/Duende.IdentityServer.Clients.sln index c8ff0904c..2371bbaad 100644 --- a/clients/Duende.IdentityServer.Clients.sln +++ b/clients/Duende.IdentityServer.Clients.sln @@ -67,7 +67,7 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "ConsoleResourceIndicators", EndProject Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "MvcJarUriJwt", "src\MvcJarUriJwt\MvcJarUriJwt.csproj", "{0BC37D8C-5A67-4A4E-A562-AEBCC97A31D9}" EndProject -Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "ConsoleCibaClient", "src\ConsoleClientCredentialsFlow\ConsoleCibaClient\ConsoleCibaClient.csproj", "{3024047C-FA85-4213-AEA2-0DEF0EC126B7}" +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "ConsoleCibaClient", "src\ConsoleCibaClient\ConsoleCibaClient.csproj", "{5B89FD38-A096-4C9B-B39F-1FD6C591EE3D}" EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution @@ -183,10 +183,10 @@ Global {0BC37D8C-5A67-4A4E-A562-AEBCC97A31D9}.Debug|Any CPU.Build.0 = Debug|Any CPU {0BC37D8C-5A67-4A4E-A562-AEBCC97A31D9}.Release|Any CPU.ActiveCfg = Release|Any CPU {0BC37D8C-5A67-4A4E-A562-AEBCC97A31D9}.Release|Any CPU.Build.0 = Release|Any CPU - {3024047C-FA85-4213-AEA2-0DEF0EC126B7}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {3024047C-FA85-4213-AEA2-0DEF0EC126B7}.Debug|Any CPU.Build.0 = Debug|Any CPU - {3024047C-FA85-4213-AEA2-0DEF0EC126B7}.Release|Any CPU.ActiveCfg = Release|Any CPU - {3024047C-FA85-4213-AEA2-0DEF0EC126B7}.Release|Any CPU.Build.0 = Release|Any CPU + {5B89FD38-A096-4C9B-B39F-1FD6C591EE3D}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {5B89FD38-A096-4C9B-B39F-1FD6C591EE3D}.Debug|Any CPU.Build.0 = Debug|Any CPU + {5B89FD38-A096-4C9B-B39F-1FD6C591EE3D}.Release|Any CPU.ActiveCfg = Release|Any CPU + {5B89FD38-A096-4C9B-B39F-1FD6C591EE3D}.Release|Any CPU.Build.0 = Release|Any CPU EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE @@ -222,7 +222,7 @@ Global {68C3A94B-1CE1-4434-A59D-5119AF648C38} = {D027D36B-262B-450A-B444-5B7893B5142E} {C07E9414-8AFF-4B71-8B28-76DA6250B94C} = {D027D36B-262B-450A-B444-5B7893B5142E} {0BC37D8C-5A67-4A4E-A562-AEBCC97A31D9} = {158628D7-8B68-451E-AF22-B64F473C5943} - {3024047C-FA85-4213-AEA2-0DEF0EC126B7} = {D027D36B-262B-450A-B444-5B7893B5142E} + {5B89FD38-A096-4C9B-B39F-1FD6C591EE3D} = {D027D36B-262B-450A-B444-5B7893B5142E} EndGlobalSection GlobalSection(ExtensibilityGlobals) = postSolution SolutionGuid = {BAD78470-3D66-466E-9C17-2A67F0905B18} diff --git a/clients/src/APIs/ResourceBasedApi/ResourceBasedApi.csproj b/clients/src/APIs/ResourceBasedApi/ResourceBasedApi.csproj index 33df99781..b2c6c4721 100644 --- a/clients/src/APIs/ResourceBasedApi/ResourceBasedApi.csproj +++ b/clients/src/APIs/ResourceBasedApi/ResourceBasedApi.csproj @@ -1,16 +1,13 @@  - - net5.0 - + + net6.0 + - - - - - - - - + + + + + \ No newline at end of file diff --git a/clients/src/APIs/ResourceBasedApi/Selector.cs b/clients/src/APIs/ResourceBasedApi/Selector.cs new file mode 100644 index 000000000..a0b70b925 --- /dev/null +++ b/clients/src/APIs/ResourceBasedApi/Selector.cs @@ -0,0 +1,57 @@ +using System; +using System.Linq; +using Microsoft.AspNetCore.Http; + +namespace ResourceBasedApi +{ + /// + /// Provides helper functions for forwarding logic + /// + public static class Selector + { + /// + /// Provides a forwarding func for JWT vs reference tokens (based on existence of dot in token) + /// + /// Scheme name of the introspection handler + /// + public static Func ForwardReferenceToken(string introspectionScheme = "introspection") + { + string Select(HttpContext context) + { + var (scheme, credential) = GetSchemeAndCredential(context); + if (scheme.Equals("Bearer", StringComparison.OrdinalIgnoreCase) && + !credential.Contains(".")) + { + return introspectionScheme; + } + + return null; + } + + return Select; + } + + /// + /// Extracts scheme and credential from Authorization header (if present) + /// + /// + /// + public static (string, string) GetSchemeAndCredential(HttpContext context) + { + var header = context.Request.Headers["Authorization"].FirstOrDefault(); + + if (string.IsNullOrEmpty(header)) + { + return ("", ""); + } + + var parts = header.Split(' ', StringSplitOptions.RemoveEmptyEntries); + if (parts.Length != 2) + { + return ("", ""); + } + + return (parts[0], parts[1]); + } + } +} \ No newline at end of file diff --git a/clients/src/APIs/ResourceBasedApi/Startup.cs b/clients/src/APIs/ResourceBasedApi/Startup.cs index 44c4863d6..068dfe1d3 100644 --- a/clients/src/APIs/ResourceBasedApi/Startup.cs +++ b/clients/src/APIs/ResourceBasedApi/Startup.cs @@ -1,6 +1,5 @@ using Microsoft.AspNetCore.Builder; using Microsoft.Extensions.DependencyInjection; -using IdentityModel.AspNetCore.AccessTokenValidation; namespace ResourceBasedApi { @@ -35,8 +34,6 @@ namespace ResourceBasedApi options.ClientId = "urn:resource1"; options.ClientSecret = "secret"; }); - - services.AddScopeTransformation(); } public void Configure(IApplicationBuilder app) diff --git a/clients/src/APIs/SimpleApi/SimpleApi.csproj b/clients/src/APIs/SimpleApi/SimpleApi.csproj index 6cf7f5078..df44ce655 100644 --- a/clients/src/APIs/SimpleApi/SimpleApi.csproj +++ b/clients/src/APIs/SimpleApi/SimpleApi.csproj @@ -1,7 +1,7 @@  - net5.0 + net6.0 @@ -9,9 +9,8 @@ - - - + + \ No newline at end of file diff --git a/clients/src/ConsoleClientCredentialsFlow/ConsoleCibaClient/ConsoleCibaClient.csproj b/clients/src/ConsoleCibaClient/ConsoleCibaClient.csproj similarity index 57% rename from clients/src/ConsoleClientCredentialsFlow/ConsoleCibaClient/ConsoleCibaClient.csproj rename to clients/src/ConsoleCibaClient/ConsoleCibaClient.csproj index 5bfbbb67f..02215ade8 100644 --- a/clients/src/ConsoleClientCredentialsFlow/ConsoleCibaClient/ConsoleCibaClient.csproj +++ b/clients/src/ConsoleCibaClient/ConsoleCibaClient.csproj @@ -1,12 +1,12 @@ + net6.0 Exe - net5.0 - + diff --git a/clients/src/ConsoleClientCredentialsFlow/ConsoleCibaClient/Program.cs b/clients/src/ConsoleCibaClient/Program.cs similarity index 100% rename from clients/src/ConsoleClientCredentialsFlow/ConsoleCibaClient/Program.cs rename to clients/src/ConsoleCibaClient/Program.cs diff --git a/clients/src/ConsoleClientCredentialsFlowCallingIdentityServerApi/ConsoleClientCredentialsFlowCallingIdentityServerApi.csproj b/clients/src/ConsoleClientCredentialsFlowCallingIdentityServerApi/ConsoleClientCredentialsFlowCallingIdentityServerApi.csproj index 64178956d..fddfa4c4c 100644 --- a/clients/src/ConsoleClientCredentialsFlowCallingIdentityServerApi/ConsoleClientCredentialsFlowCallingIdentityServerApi.csproj +++ b/clients/src/ConsoleClientCredentialsFlowCallingIdentityServerApi/ConsoleClientCredentialsFlowCallingIdentityServerApi.csproj @@ -1,7 +1,7 @@  - net5.0 + net6.0 Exe diff --git a/clients/src/ConsoleClientCredentialsFlowPostBody/ConsoleClientCredentialsFlowPostBody.csproj b/clients/src/ConsoleClientCredentialsFlowPostBody/ConsoleClientCredentialsFlowPostBody.csproj index 1f7d4de00..be424b745 100644 --- a/clients/src/ConsoleClientCredentialsFlowPostBody/ConsoleClientCredentialsFlowPostBody.csproj +++ b/clients/src/ConsoleClientCredentialsFlowPostBody/ConsoleClientCredentialsFlowPostBody.csproj @@ -1,6 +1,6 @@  - net5.0 + net6.0 Exe diff --git a/clients/src/ConsoleCode/ConsoleCode.csproj b/clients/src/ConsoleCode/ConsoleCode.csproj index 7b6a56f63..2f780e071 100644 --- a/clients/src/ConsoleCode/ConsoleCode.csproj +++ b/clients/src/ConsoleCode/ConsoleCode.csproj @@ -1,19 +1,18 @@  - - net5.0 - Exe - ConsoleHybridWithPkce - + + net6.0 + Exe + - - - - - - + + + + + + - - - + + + diff --git a/clients/src/ConsoleCustomGrant/ConsoleExtensionGrant.csproj b/clients/src/ConsoleCustomGrant/ConsoleExtensionGrant.csproj index 64178956d..fddfa4c4c 100644 --- a/clients/src/ConsoleCustomGrant/ConsoleExtensionGrant.csproj +++ b/clients/src/ConsoleCustomGrant/ConsoleExtensionGrant.csproj @@ -1,7 +1,7 @@  - net5.0 + net6.0 Exe diff --git a/clients/src/ConsoleDeviceFlow/ConsoleDeviceFlow.csproj b/clients/src/ConsoleDeviceFlow/ConsoleDeviceFlow.csproj index 64178956d..fddfa4c4c 100644 --- a/clients/src/ConsoleDeviceFlow/ConsoleDeviceFlow.csproj +++ b/clients/src/ConsoleDeviceFlow/ConsoleDeviceFlow.csproj @@ -1,7 +1,7 @@  - net5.0 + net6.0 Exe diff --git a/clients/src/ConsoleEphemeralMtlsClient/ConsoleEphemeralMtlsClient.csproj b/clients/src/ConsoleEphemeralMtlsClient/ConsoleEphemeralMtlsClient.csproj index ce0387160..ff708bb4e 100644 --- a/clients/src/ConsoleEphemeralMtlsClient/ConsoleEphemeralMtlsClient.csproj +++ b/clients/src/ConsoleEphemeralMtlsClient/ConsoleEphemeralMtlsClient.csproj @@ -2,7 +2,7 @@ Exe - net5.0 + net6.0 diff --git a/clients/src/ConsoleIntrospectionClient/ConsoleIntrospectionClient.csproj b/clients/src/ConsoleIntrospectionClient/ConsoleIntrospectionClient.csproj index 64178956d..fddfa4c4c 100644 --- a/clients/src/ConsoleIntrospectionClient/ConsoleIntrospectionClient.csproj +++ b/clients/src/ConsoleIntrospectionClient/ConsoleIntrospectionClient.csproj @@ -1,7 +1,7 @@  - net5.0 + net6.0 Exe diff --git a/clients/src/ConsoleMTLSClient/ConsoleMTLSClient.csproj b/clients/src/ConsoleMTLSClient/ConsoleMTLSClient.csproj index 695193d3b..0da5c0567 100644 --- a/clients/src/ConsoleMTLSClient/ConsoleMTLSClient.csproj +++ b/clients/src/ConsoleMTLSClient/ConsoleMTLSClient.csproj @@ -1,7 +1,7 @@  - net5.0 + net6.0 Exe diff --git a/clients/src/ConsoleParameterizedScopeClient/ConsoleParameterizedScopeClient.csproj b/clients/src/ConsoleParameterizedScopeClient/ConsoleParameterizedScopeClient.csproj index c2d059a35..30a4bf68b 100644 --- a/clients/src/ConsoleParameterizedScopeClient/ConsoleParameterizedScopeClient.csproj +++ b/clients/src/ConsoleParameterizedScopeClient/ConsoleParameterizedScopeClient.csproj @@ -2,8 +2,7 @@ Exe - net5.0 - ConsoleStructuredScopeClient + net6.0 diff --git a/clients/src/ConsolePrivateKeyJwtClient/ConsolePrivateKeyJwtClient.csproj b/clients/src/ConsolePrivateKeyJwtClient/ConsolePrivateKeyJwtClient.csproj index 9574de247..acb9e8362 100644 --- a/clients/src/ConsolePrivateKeyJwtClient/ConsolePrivateKeyJwtClient.csproj +++ b/clients/src/ConsolePrivateKeyJwtClient/ConsolePrivateKeyJwtClient.csproj @@ -1,7 +1,7 @@  - net5.0 + net6.0 Exe @@ -16,7 +16,7 @@ - + diff --git a/clients/src/ConsoleResourceIndicators/ConsoleResourceIndicators.csproj b/clients/src/ConsoleResourceIndicators/ConsoleResourceIndicators.csproj index 6e4de9f2c..49d0539c8 100644 --- a/clients/src/ConsoleResourceIndicators/ConsoleResourceIndicators.csproj +++ b/clients/src/ConsoleResourceIndicators/ConsoleResourceIndicators.csproj @@ -1,17 +1,15 @@  - net5.0 + net6.0 Exe - - - - - + + + diff --git a/clients/src/ConsoleResourceOwnerFlow/ConsoleResourceOwnerFlow.csproj b/clients/src/ConsoleResourceOwnerFlow/ConsoleResourceOwnerFlow.csproj index 64178956d..fddfa4c4c 100644 --- a/clients/src/ConsoleResourceOwnerFlow/ConsoleResourceOwnerFlow.csproj +++ b/clients/src/ConsoleResourceOwnerFlow/ConsoleResourceOwnerFlow.csproj @@ -1,7 +1,7 @@  - net5.0 + net6.0 Exe diff --git a/clients/src/ConsoleResourceOwnerFlowPublic/ConsoleResourceOwnerFlowPublic.csproj b/clients/src/ConsoleResourceOwnerFlowPublic/ConsoleResourceOwnerFlowPublic.csproj index 64178956d..fddfa4c4c 100644 --- a/clients/src/ConsoleResourceOwnerFlowPublic/ConsoleResourceOwnerFlowPublic.csproj +++ b/clients/src/ConsoleResourceOwnerFlowPublic/ConsoleResourceOwnerFlowPublic.csproj @@ -1,7 +1,7 @@  - net5.0 + net6.0 Exe diff --git a/clients/src/ConsoleResourceOwnerFlowReference/ConsoleResourceOwnerFlowReference.csproj b/clients/src/ConsoleResourceOwnerFlowReference/ConsoleResourceOwnerFlowReference.csproj index 64178956d..fddfa4c4c 100644 --- a/clients/src/ConsoleResourceOwnerFlowReference/ConsoleResourceOwnerFlowReference.csproj +++ b/clients/src/ConsoleResourceOwnerFlowReference/ConsoleResourceOwnerFlowReference.csproj @@ -1,7 +1,7 @@  - net5.0 + net6.0 Exe diff --git a/clients/src/ConsoleResourceOwnerFlowRefreshToken/ConsoleResourceOwnerFlowRefreshToken.csproj b/clients/src/ConsoleResourceOwnerFlowRefreshToken/ConsoleResourceOwnerFlowRefreshToken.csproj index 64178956d..fddfa4c4c 100644 --- a/clients/src/ConsoleResourceOwnerFlowRefreshToken/ConsoleResourceOwnerFlowRefreshToken.csproj +++ b/clients/src/ConsoleResourceOwnerFlowRefreshToken/ConsoleResourceOwnerFlowRefreshToken.csproj @@ -1,7 +1,7 @@  - net5.0 + net6.0 Exe diff --git a/clients/src/ConsoleResourceOwnerFlowUserInfo/ConsoleResourceOwnerFlowUserInfo.csproj b/clients/src/ConsoleResourceOwnerFlowUserInfo/ConsoleResourceOwnerFlowUserInfo.csproj index 64178956d..fddfa4c4c 100644 --- a/clients/src/ConsoleResourceOwnerFlowUserInfo/ConsoleResourceOwnerFlowUserInfo.csproj +++ b/clients/src/ConsoleResourceOwnerFlowUserInfo/ConsoleResourceOwnerFlowUserInfo.csproj @@ -1,7 +1,7 @@  - net5.0 + net6.0 Exe diff --git a/clients/src/ConsoleScopesResources/ConsoleScopesResources.csproj b/clients/src/ConsoleScopesResources/ConsoleScopesResources.csproj index 6c84a22ab..1c4ae6a53 100644 --- a/clients/src/ConsoleScopesResources/ConsoleScopesResources.csproj +++ b/clients/src/ConsoleScopesResources/ConsoleScopesResources.csproj @@ -1,12 +1,12 @@ + net6.0 Exe - net5.0 - + diff --git a/clients/src/JsOidc/JsOidc.csproj b/clients/src/JsOidc/JsOidc.csproj index 5553eefe4..51c150a86 100644 --- a/clients/src/JsOidc/JsOidc.csproj +++ b/clients/src/JsOidc/JsOidc.csproj @@ -1,6 +1,6 @@  - net5.0 + net6.0 \ No newline at end of file diff --git a/clients/src/MvcAutomaticTokenManagement/MvcAutomaticTokenManagement.csproj b/clients/src/MvcAutomaticTokenManagement/MvcAutomaticTokenManagement.csproj index 8241224b6..be989945d 100644 --- a/clients/src/MvcAutomaticTokenManagement/MvcAutomaticTokenManagement.csproj +++ b/clients/src/MvcAutomaticTokenManagement/MvcAutomaticTokenManagement.csproj @@ -1,19 +1,17 @@  - - net5.0 - + + net6.0 + - - - - + + + + + - - - - - - + + + \ No newline at end of file diff --git a/clients/src/MvcAutomaticTokenManagement/Startup.cs b/clients/src/MvcAutomaticTokenManagement/Startup.cs index 7834b2994..6d76fa79c 100644 --- a/clients/src/MvcAutomaticTokenManagement/Startup.cs +++ b/clients/src/MvcAutomaticTokenManagement/Startup.cs @@ -80,7 +80,7 @@ namespace MvcCode services.AddAccessTokenManagement(); // add HTTP client to call protected API - services.AddUserAccessTokenClient("client", client => + services.AddUserAccessTokenHttpClient("client", configureClient: client => { client.BaseAddress = new Uri(Constants.SampleApi); }); diff --git a/clients/src/MvcCode/MvcCode.csproj b/clients/src/MvcCode/MvcCode.csproj index b51102104..bdeb0de7e 100644 --- a/clients/src/MvcCode/MvcCode.csproj +++ b/clients/src/MvcCode/MvcCode.csproj @@ -1,14 +1,14 @@  - - net5.0 - + + net6.0 + - - + + - - + + diff --git a/clients/src/MvcHybridBackChannel/MvcHybridBackChannel.csproj b/clients/src/MvcHybridBackChannel/MvcHybridBackChannel.csproj index f77652919..022ca4825 100644 --- a/clients/src/MvcHybridBackChannel/MvcHybridBackChannel.csproj +++ b/clients/src/MvcHybridBackChannel/MvcHybridBackChannel.csproj @@ -1,11 +1,11 @@  - net5.0 + net6.0 - + diff --git a/clients/src/MvcJarJwt/AssertionConfigurationService.cs b/clients/src/MvcJarJwt/AssertionConfigurationService.cs index 35ba14eb6..d8cfeca41 100644 --- a/clients/src/MvcJarJwt/AssertionConfigurationService.cs +++ b/clients/src/MvcJarJwt/AssertionConfigurationService.cs @@ -4,7 +4,9 @@ using IdentityModel.AspNetCore.AccessTokenManagement; using IdentityModel.Client; using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication.OpenIdConnect; +using Microsoft.Extensions.Logging; using Microsoft.Extensions.Options; +using Serilog; namespace MvcCode { @@ -13,12 +15,14 @@ namespace MvcCode private readonly AssertionService _assertionService; public AssertionConfigurationService( - IOptions accessTokenManagementOptions, + UserAccessTokenManagementOptions userAccessTokenManagementOptions, + ClientAccessTokenManagementOptions clientAccessTokenManagementOptions, IOptionsMonitor oidcOptions, IAuthenticationSchemeProvider schemeProvider, - AssertionService assertionService) : base(accessTokenManagementOptions, - oidcOptions, - schemeProvider) + AssertionService assertionService, + ILogger logger) + + : base(userAccessTokenManagementOptions, clientAccessTokenManagementOptions, oidcOptions, schemeProvider, logger) { _assertionService = assertionService; } diff --git a/clients/src/MvcJarJwt/MvcJarJwt.csproj b/clients/src/MvcJarJwt/MvcJarJwt.csproj index 91e6a0a31..be989945d 100644 --- a/clients/src/MvcJarJwt/MvcJarJwt.csproj +++ b/clients/src/MvcJarJwt/MvcJarJwt.csproj @@ -1,19 +1,17 @@  - - net5.0 - + + net6.0 + - - - - + + + + + - - - - - - + + + \ No newline at end of file diff --git a/clients/src/MvcJarJwt/Startup.cs b/clients/src/MvcJarJwt/Startup.cs index 2e0f9382c..3b5c9cc30 100644 --- a/clients/src/MvcJarJwt/Startup.cs +++ b/clients/src/MvcJarJwt/Startup.cs @@ -13,8 +13,6 @@ namespace MvcCode { public void ConfigureServices(IServiceCollection services) { - JwtSecurityTokenHandler.DefaultMapInboundClaims = false; - services.AddSingleton(); services.AddTransient(); @@ -60,6 +58,7 @@ namespace MvcCode // keeps id_token smaller options.GetClaimsFromUserInfoEndpoint = true; options.SaveTokens = true; + options.MapInboundClaims = false; // needed to add JWR / private_key_jwt support options.EventsType = typeof(OidcEvents); @@ -76,7 +75,7 @@ namespace MvcCode services.AddTransient(); // add HTTP client to call protected API - services.AddUserAccessTokenClient("client", client => + services.AddUserAccessTokenHttpClient("client", configureClient: client => { client.BaseAddress = new Uri(Constants.SampleApi); }); diff --git a/clients/src/MvcJarUriJwt/AssertionConfigurationService.cs b/clients/src/MvcJarUriJwt/AssertionConfigurationService.cs index 35ba14eb6..f752c54f2 100644 --- a/clients/src/MvcJarUriJwt/AssertionConfigurationService.cs +++ b/clients/src/MvcJarUriJwt/AssertionConfigurationService.cs @@ -4,6 +4,7 @@ using IdentityModel.AspNetCore.AccessTokenManagement; using IdentityModel.Client; using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication.OpenIdConnect; +using Microsoft.Extensions.Logging; using Microsoft.Extensions.Options; namespace MvcCode @@ -13,12 +14,14 @@ namespace MvcCode private readonly AssertionService _assertionService; public AssertionConfigurationService( - IOptions accessTokenManagementOptions, + UserAccessTokenManagementOptions userAccessTokenManagementOptions, + ClientAccessTokenManagementOptions clientAccessTokenManagementOptions, IOptionsMonitor oidcOptions, IAuthenticationSchemeProvider schemeProvider, - AssertionService assertionService) : base(accessTokenManagementOptions, - oidcOptions, - schemeProvider) + AssertionService assertionService, + ILogger logger) + + : base(userAccessTokenManagementOptions, clientAccessTokenManagementOptions, oidcOptions, schemeProvider, logger) { _assertionService = assertionService; } diff --git a/clients/src/MvcJarUriJwt/MvcJarUriJwt.csproj b/clients/src/MvcJarUriJwt/MvcJarUriJwt.csproj index abcd76a44..c78e514a4 100644 --- a/clients/src/MvcJarUriJwt/MvcJarUriJwt.csproj +++ b/clients/src/MvcJarUriJwt/MvcJarUriJwt.csproj @@ -1,15 +1,13 @@  - net5.0 + net6.0 - - - - - + + + diff --git a/clients/src/MvcJarUriJwt/Startup.cs b/clients/src/MvcJarUriJwt/Startup.cs index 1b1e19735..be6a48df8 100644 --- a/clients/src/MvcJarUriJwt/Startup.cs +++ b/clients/src/MvcJarUriJwt/Startup.cs @@ -77,7 +77,7 @@ namespace MvcCode services.AddTransient(); // add HTTP client to call protected API - services.AddUserAccessTokenClient("client", client => + services.AddUserAccessTokenHttpClient("client", configureClient: client => { client.BaseAddress = new Uri(Constants.SampleApi); });