Fix form submissions failing when using OAuth
This commit is contained in:
parent
8ea0c769d8
commit
60c48ce952
GPG Key ID:
765FE58130277547
@ -8,6 +8,9 @@ using Microsoft.AspNetCore.Identity;
|
|||||||
using Microsoft.AspNetCore.Mvc.Infrastructure;
|
using Microsoft.AspNetCore.Mvc.Infrastructure;
|
||||||
using Microsoft.AspNetCore.Mvc.Razor;
|
using Microsoft.AspNetCore.Mvc.Razor;
|
||||||
using Microsoft.EntityFrameworkCore;
|
using Microsoft.EntityFrameworkCore;
|
||||||
|
using System.Net.Http.Headers;
|
||||||
|
using System.Security.Claims;
|
||||||
|
using System.Text.Json;
|
||||||
|
|
||||||
var builder = WebApplication.CreateBuilder(args);
|
var builder = WebApplication.CreateBuilder(args);
|
||||||
var env = builder.Environment;
|
var env = builder.Environment;
|
||||||
@ -63,6 +66,29 @@ if (oauthConfig.Exists())
|
|||||||
{
|
{
|
||||||
options.SignInScheme = IdentityConstants.ExternalScheme;
|
options.SignInScheme = IdentityConstants.ExternalScheme;
|
||||||
options.CallbackPath = "/signin";
|
options.CallbackPath = "/signin";
|
||||||
|
|
||||||
|
foreach (string scope in (oauthConfig["Scopes"] ?? string.Empty).Split(',', StringSplitOptions.RemoveEmptyEntries))
|
||||||
|
{
|
||||||
|
options.Scope.Add(scope.Trim());
|
||||||
|
}
|
||||||
|
|
||||||
|
// Antiforgery token generation requires authenticated identities to have claims
|
||||||
|
// and the default OAuth authentication handler does not fetch user info.
|
||||||
|
options.Events.OnCreatingTicket = async context =>
|
||||||
|
{
|
||||||
|
using var request = new HttpRequestMessage(HttpMethod.Get, context.Options.UserInformationEndpoint);
|
||||||
|
request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
|
||||||
|
request.Headers.Authorization = new AuthenticationHeaderValue(context.TokenType ?? "Bearer", context.AccessToken);
|
||||||
|
|
||||||
|
using var response = await context.Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, context.HttpContext.RequestAborted);
|
||||||
|
response.EnsureSuccessStatusCode();
|
||||||
|
|
||||||
|
using var payload = JsonDocument.Parse(await response.Content.ReadAsStreamAsync(context.HttpContext.RequestAborted));
|
||||||
|
context.Identity!.AddClaims(
|
||||||
|
payload.RootElement.EnumerateObject()
|
||||||
|
.Where(property => property.Value.ValueKind is JsonValueKind.String or JsonValueKind.Number)
|
||||||
|
.Select(property => new Claim(property.Name, property.Value.ToString())));
|
||||||
|
};
|
||||||
})
|
})
|
||||||
.AddExternalCookie();
|
.AddExternalCookie();
|
||||||
|
|
||||||
|
|||||||
@ -7,6 +7,8 @@ Microsoft = Warning
|
|||||||
[OAuth]
|
[OAuth]
|
||||||
;AuthorizationEndpoint =
|
;AuthorizationEndpoint =
|
||||||
;TokenEndpoint =
|
;TokenEndpoint =
|
||||||
|
;UserInformationEndpoint =
|
||||||
;ClientId =
|
;ClientId =
|
||||||
;ClientSecret =
|
;ClientSecret =
|
||||||
;UsePkce = false
|
;UsePkce = false
|
||||||
|
;Scopes = scope1, scope2
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user