Remove OAuth authentication

Groceries/Program.cs

@@ -1,16 +1,11 @@
 using DbUp;
 using Groceries.Common;
 using Groceries.Data;
-using Microsoft.AspNetCore.Authentication.OAuth;
 using Microsoft.AspNetCore.DataProtection;
 using Microsoft.AspNetCore.HttpOverrides;
-using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc.Infrastructure;
 using Microsoft.AspNetCore.Mvc.Razor;
 using Microsoft.EntityFrameworkCore;
-using System.Net.Http.Headers;
-using System.Security.Claims;
-using System.Text.Json;
 
 var builder = WebApplication.CreateBuilder(args);
 var env = builder.Environment;
@@ -50,51 +45,6 @@ if (env.IsProduction())
     dataProtection.PersistKeysToFileSystem(new DirectoryInfo(Path.Combine(dataDir, "keys")));
 }
 
-var oauthConfig = builder.Configuration.GetSection("OAuth");
-if (oauthConfig.Exists())
-{
-    const string authenticationScheme = "OAuth";
-    builder.Services.Configure<OAuthOptions>(authenticationScheme, oauthConfig);
-
-    builder.Services
-        .AddAuthentication(options =>
-        {
-            options.DefaultScheme = IdentityConstants.ExternalScheme;
-            options.DefaultChallengeScheme = authenticationScheme;
-        })
-        .AddOAuth(authenticationScheme, options =>
-        {
-            options.SignInScheme = IdentityConstants.ExternalScheme;
-            options.CallbackPath = "/signin";
-
-            foreach (string scope in (oauthConfig["Scopes"] ?? string.Empty).Split(',', StringSplitOptions.RemoveEmptyEntries))
-            {
-                options.Scope.Add(scope.Trim());
-            }
-
-            // Antiforgery token generation requires authenticated identities to have claims
-            // and the default OAuth authentication handler does not fetch user info.
-            options.Events.OnCreatingTicket = async context =>
-            {
-                using var request = new HttpRequestMessage(HttpMethod.Get, context.Options.UserInformationEndpoint);
-                request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
-                request.Headers.Authorization = new AuthenticationHeaderValue(context.TokenType ?? "Bearer", context.AccessToken);
-
-                using var response = await context.Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, context.HttpContext.RequestAborted);
-                response.EnsureSuccessStatusCode();
-
-                using var payload = JsonDocument.Parse(await response.Content.ReadAsStreamAsync(context.HttpContext.RequestAborted));
-                context.Identity!.AddClaims(
-                    payload.RootElement.EnumerateObject()
-                        .Where(property => property.Value.ValueKind is JsonValueKind.String or JsonValueKind.Number)
-                        .Select(property => new Claim(property.Name, property.Value.ToString())));
-            };
-        })
-        .AddExternalCookie();
-
-    builder.Services.AddAuthorization();
-}
-
 builder.Services
     .AddControllersWithViews()
     .AddRazorOptions(options =>
@@ -122,20 +72,9 @@ var app = builder.Build();
 app.UseForwardedHeaders();
 app.UseStaticFiles();
 app.UseRouting();
-
-if (oauthConfig.Exists())
-{
-    app.UseAuthentication();
-    app.UseAuthorization();
-}
-
 app.UseSession();
 
-var controllers = app.MapControllers();
-if (oauthConfig.Exists())
-{
-    controllers.RequireAuthorization();
-}
+app.MapControllers();
 
 await app.RunAsync();
 

Groceries/config.ini

@@ -3,12 +3,3 @@ Database = "Host=127.0.0.1;Username=groceries;Password=password;Database=groceri
 [Logging:LogLevel]
 Default = Information
 Microsoft = Warning
-
-[OAuth]
-;AuthorizationEndpoint =
-;TokenEndpoint =
-;UserInformationEndpoint =
-;ClientId =
-;ClientSecret =
-;UsePkce = false
-;Scopes = scope1, scope2