The next generation of the Teknik Services. Written in ASP.NET. https://www.teknik.io/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

Configuration.cs 4.6KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143
  1. using System;
  2. using System.Collections.Generic;
  3. using System.IdentityModel.Tokens.Jwt;
  4. using System.Security.Claims;
  5. using IdentityModel;
  6. using IdentityServer4;
  7. using IdentityServer4.Models;
  8. using IdentityServer4.Test;
  9. using Teknik.Configuration;
  10. namespace Teknik.IdentityServer.Configuration
  11. {
  12. internal class Clients
  13. {
  14. public static IEnumerable<Client> Get(Config config)
  15. {
  16. return new List<Client> {
  17. new Client
  18. {
  19. ClientId = config.UserConfig.IdentityServerConfig.ClientId,
  20. ClientName = "Teknik Web Services",
  21. AllowedGrantTypes = GrantTypes.HybridAndClientCredentials,
  22. ClientSecrets =
  23. {
  24. new Secret(config.UserConfig.IdentityServerConfig.ClientSecret.Sha256())
  25. },
  26. RequireConsent = false,
  27. AllowedScopes =
  28. {
  29. IdentityServerConstants.StandardScopes.OpenId,
  30. "role",
  31. "account-info",
  32. "security-info",
  33. "teknik-api.read",
  34. "teknik-api.write",
  35. "auth-api"
  36. },
  37. AllowOfflineAccess = true
  38. }
  39. };
  40. }
  41. }
  42. internal class Resources
  43. {
  44. public static IEnumerable<IdentityResource> GetIdentityResources()
  45. {
  46. return new List<IdentityResource> {
  47. new IdentityResources.OpenId(),
  48. new IdentityResource
  49. {
  50. Name = "account-info",
  51. DisplayName = "Account Info",
  52. UserClaims = new List<string>
  53. {
  54. "username",
  55. "email",
  56. "creation-date",
  57. "last-seen",
  58. "account-type",
  59. "account-status"
  60. }
  61. },
  62. new IdentityResource
  63. {
  64. Name = "security-info",
  65. DisplayName = "Security Info",
  66. UserClaims = new List<string>
  67. {
  68. "recovery-email",
  69. "recovery-verified",
  70. "pgp-public-key"
  71. }
  72. },
  73. new IdentityResource {
  74. Name = "role",
  75. DisplayName = "Role",
  76. UserClaims = new List<string> {"role"}
  77. }
  78. };
  79. }
  80. public static IEnumerable<ApiResource> GetApiResources(Config config)
  81. {
  82. return new List<ApiResource> {
  83. new ApiResource {
  84. Name = config.UserConfig.IdentityServerConfig.APIName,
  85. DisplayName = "Teknik API",
  86. Description = "Teknik API Access for end users",
  87. UserClaims = new List<string> {"role", "username"},
  88. ApiSecrets = new List<Secret> {new Secret(config.UserConfig.IdentityServerConfig.APISecret.Sha256()) },
  89. Scopes = new List<Scope> {
  90. new Scope("teknik-api.read", "Teknik API Read Access"),
  91. new Scope("teknik-api.write", "Teknik API Write Access")
  92. }
  93. },
  94. new ApiResource {
  95. Name = "auth-api",
  96. DisplayName = "Auth Server API",
  97. Description = "Auth Server API Access for managing the Auth Server",
  98. Scopes = new List<Scope> {
  99. new Scope()
  100. {
  101. Name = "auth-api",
  102. ShowInDiscoveryDocument = false,
  103. Required = true
  104. }
  105. }
  106. }
  107. };
  108. }
  109. }
  110. internal class Policies
  111. {
  112. public static IEnumerable<Policy> Get()
  113. {
  114. return new List<Policy>
  115. {
  116. new Policy
  117. {
  118. Name = "Internal",
  119. Scopes = { "auth-api" }
  120. }
  121. };
  122. }
  123. }
  124. internal class Policy
  125. {
  126. public string Name { get; set; }
  127. public ICollection<string> Scopes { get; set; }
  128. public Policy()
  129. {
  130. Name = string.Empty;
  131. Scopes = new List<string>();
  132. }
  133. }
  134. }