-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathConfig.cs
102 lines (97 loc) · 3.6 KB
/
Config.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks;
using IdentityServer4.Models;
using IdentityServer4.Test;
using IdentityServer4Extras;
namespace IdentityServer4.HostApp
{
public class Config
{
// scopes define the API resources in your system
public static IEnumerable<ApiResource> GetApiResources()
{
return new List<ApiResource>
{
new ApiResource("nitro", "nitro"),
new ApiResource("metal", "metal")
};
}
public static IEnumerable<IdentityResource> GetIdentityResources()
{
return new List<IdentityResource>
{
new IdentityResources.OpenId(),
new IdentityResources.Profile(),
};
}
private static int AccessTokenLifetimeMax => 60 * 60 * 24 * 30;// 30 day
private static int AbsoluteRefreshTokenLifetimeMax => 60 * 60 * 24 * 30 * 12;// 1 yearish
// clients want to access resources (aka scopes)
public static IEnumerable<Client> GetClients()
{
// client credentials client
return new List<Client>
{
// arbitrary resource owner grant client
new Client
{
ClientId = "arbitrary-resource-owner-client",
AllowedGrantTypes = new[]
{
ArbitraryResourceOwnerExtensionGrant.Constants.ArbitraryResourceOwner,
ArbitraryNoSubjectExtensionGrant.Constants.ArbitraryNoSubject,
GrantType.Implicit
},
AllowOfflineAccess = true,
RefreshTokenUsage = TokenUsage.OneTimeOnly,
ClientSecrets =
{
new Secret("secret".Sha256())
},
AllowedScopes = {
"nitro",
"metal",
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile },
RequireClientSecret = false,
AccessTokenLifetime = AccessTokenLifetimeMax,//this is the default if not pased in, and the upperrange.
AbsoluteRefreshTokenLifetime =AbsoluteRefreshTokenLifetimeMax,
ClientClaimsPrefix = null,
RedirectUris = { "http://localhost:5002/signin-oidc" },
PostLogoutRedirectUris = { "http://localhost:5002/signout-callback-oidc" },
}
};
}
public static List<TestUser> GetUsers()
{
return new List<TestUser>
{
new TestUser
{
SubjectId = "1",
Username = "alice",
Password = "password",
Claims = new List<Claim>
{
new Claim("name", "Alice"),
new Claim("website", "https://alice.com")
}
},
new TestUser
{
SubjectId = "2",
Username = "bob",
Password = "password",
Claims = new List<Claim>
{
new Claim("name", "Bob"),
new Claim("website", "https://bob.com")
}
}
};
}
}
}