I have the following code which seems to not do anything when I run the project.
I expect a browser redirect to happen to http://localhost:5000 requesting the "code" authorization flow.
Instead I just see "Hello World".
This is my startup.cs file:
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using Microsoft.IdentityModel.Protocols.OpenIdConnect;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
namespace OAuthService
{
public class Startup
{
// This method gets called by the runtime. Use this method to add services to the container.
// For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = "cookie";
options.DefaultSignInScheme = "cookie";
options.DefaultChallengeScheme = "oidc";
})
.AddOpenIdConnect("oidc", options =>
{
options.Authority = "http://localhost:5000";
options.RequireHttpsMetadata = false; // dev only
options.ClientId = "pkce_client";
options.ClientSecret = "acf2ec6fb01a4b698ba240c2b10a0243";
options.ResponseType = OpenIdConnectResponseType.Code;
options.ResponseMode = "form_post";
options.CallbackPath = "/OAuthService/GetResponse";
options.UsePkce = true;
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseRouting();
app.UseAuthentication();
app.UseEndpoints(endpoints =>
{
endpoints.MapGet("/", async context =>
{
await context.Response.WriteAsync("Hello World!");
});
});
}
}
}
>Solution :
Someone needs to tell the authentication module that the user has to login. You either trigge that using
app.UseEndpoints(endpoints =>
{
endpoints.MapGet("/login", async context =>
{
var claims = new Claim[]
{
//Standard claims
new Claim(ClaimTypes.Name, "Joe Svensson"),
new Claim(ClaimTypes.Country, "Sweden"),
new Claim(ClaimTypes.Email, "joe@edument.se"),
//Custom claims
new Claim("JobTitle", "Developer"),
new Claim("JobLevel", "Senior"),
};
ClaimsIdentity identity = new ClaimsIdentity(claims: claims,
authenticationType: CookieAuthenticationDefaults.AuthenticationScheme);
ClaimsPrincipal user = new ClaimsPrincipal(identity: identity);
var authProperties = new AuthenticationProperties
{
IsPersistent = true
};
//Sign-in the user
await context.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, user, authProperties);
await context.Response.WriteAsync("<!DOCTYPE html><body>");
await context.Response.WriteAsync("<h1>Logged in!</h1>");
});
....
Or you add the Authorization handler middleware using
app.UseAuthorization();
and configure it properly using:
.AddAuthorization(options =>
{
...
})