From d8c6e502a83824cacad4e4ee966c83fd7884b88a Mon Sep 17 00:00:00 2001 From: James Chapman Date: Tue, 14 Nov 2023 22:48:44 +0000 Subject: [PATCH] Remove OAuth authentication --- Groceries/Program.cs | 63 +------------------------------------------- Groceries/config.ini | 9 ------- 2 files changed, 1 insertion(+), 71 deletions(-) diff --git a/Groceries/Program.cs b/Groceries/Program.cs index 706bde2..4f05551 100644 --- a/Groceries/Program.cs +++ b/Groceries/Program.cs @@ -1,16 +1,11 @@ using DbUp; using Groceries.Common; using Groceries.Data; -using Microsoft.AspNetCore.Authentication.OAuth; using Microsoft.AspNetCore.DataProtection; using Microsoft.AspNetCore.HttpOverrides; -using Microsoft.AspNetCore.Identity; using Microsoft.AspNetCore.Mvc.Infrastructure; using Microsoft.AspNetCore.Mvc.Razor; using Microsoft.EntityFrameworkCore; -using System.Net.Http.Headers; -using System.Security.Claims; -using System.Text.Json; var builder = WebApplication.CreateBuilder(args); var env = builder.Environment; @@ -50,51 +45,6 @@ if (env.IsProduction()) dataProtection.PersistKeysToFileSystem(new DirectoryInfo(Path.Combine(dataDir, "keys"))); } -var oauthConfig = builder.Configuration.GetSection("OAuth"); -if (oauthConfig.Exists()) -{ - const string authenticationScheme = "OAuth"; - builder.Services.Configure(authenticationScheme, oauthConfig); - - builder.Services - .AddAuthentication(options => - { - options.DefaultScheme = IdentityConstants.ExternalScheme; - options.DefaultChallengeScheme = authenticationScheme; - }) - .AddOAuth(authenticationScheme, options => - { - options.SignInScheme = IdentityConstants.ExternalScheme; - options.CallbackPath = "/signin"; - - foreach (string scope in (oauthConfig["Scopes"] ?? string.Empty).Split(',', StringSplitOptions.RemoveEmptyEntries)) - { - options.Scope.Add(scope.Trim()); - } - - // Antiforgery token generation requires authenticated identities to have claims - // and the default OAuth authentication handler does not fetch user info. - options.Events.OnCreatingTicket = async context => - { - using var request = new HttpRequestMessage(HttpMethod.Get, context.Options.UserInformationEndpoint); - request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); - request.Headers.Authorization = new AuthenticationHeaderValue(context.TokenType ?? "Bearer", context.AccessToken); - - using var response = await context.Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, context.HttpContext.RequestAborted); - response.EnsureSuccessStatusCode(); - - using var payload = JsonDocument.Parse(await response.Content.ReadAsStreamAsync(context.HttpContext.RequestAborted)); - context.Identity!.AddClaims( - payload.RootElement.EnumerateObject() - .Where(property => property.Value.ValueKind is JsonValueKind.String or JsonValueKind.Number) - .Select(property => new Claim(property.Name, property.Value.ToString()))); - }; - }) - .AddExternalCookie(); - - builder.Services.AddAuthorization(); -} - builder.Services .AddControllersWithViews() .AddRazorOptions(options => @@ -122,20 +72,9 @@ var app = builder.Build(); app.UseForwardedHeaders(); app.UseStaticFiles(); app.UseRouting(); - -if (oauthConfig.Exists()) -{ - app.UseAuthentication(); - app.UseAuthorization(); -} - app.UseSession(); -var controllers = app.MapControllers(); -if (oauthConfig.Exists()) -{ - controllers.RequireAuthorization(); -} +app.MapControllers(); await app.RunAsync(); diff --git a/Groceries/config.ini b/Groceries/config.ini index 8f3a9bb..6d7898d 100644 --- a/Groceries/config.ini +++ b/Groceries/config.ini @@ -3,12 +3,3 @@ Database = "Host=127.0.0.1;Username=groceries;Password=password;Database=groceri [Logging:LogLevel] Default = Information Microsoft = Warning - -[OAuth] -;AuthorizationEndpoint = -;TokenEndpoint = -;UserInformationEndpoint = -;ClientId = -;ClientSecret = -;UsePkce = false -;Scopes = scope1, scope2