using Duende.IdentityServer; using Duende.IdentityServer.Models; using IdentityModel; namespace Microser.IdS { public static class Config { public static IEnumerable IdentityResources => new IdentityResource[] { new IdentityResources.OpenId(), new IdentityResources.Profile(), new IdentityResources.Address(), new IdentityResources.Email(), new IdentityResource( "roles", "Your role(s)", new List(){ JwtClaimTypes.Role }) }; public static IEnumerable ApiScopes => new ApiScope[] { new ApiScope("scope1"), new ApiScope("scope2"), new ApiScope("microser_api_weather"), }; public static IEnumerable Clients => new Client[] { new Client { ClientId = "dotnet_blazor_serverapp", ClientName = "Blazor Server App", ClientSecrets = { new Secret("E8C65E41BB0E4E519D409023CF5112F4".Sha256()) }, AllowedGrantTypes = GrantTypes.Code, RequirePkce = true, RequireClientSecret = true, AllowedCorsOrigins = { "https://localhost:7001" }, AllowedScopes = { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Profile, IdentityServerConstants.StandardScopes.Address, IdentityServerConstants.StandardScopes.Email, "roles", "scope1", "microser_api_weather" }, RedirectUris = { "https://localhost:7001/signin-oidc" }, PostLogoutRedirectUris = { "https://localhost:7001/signout-callback-oidc" }, Enabled = true }, new Client { ClientId = "dotnet_api_swagger", ClientName = "Dotnet Swagger UI Auth", ClientSecrets = { new Secret("76CD4B0FC93846F08395BF8994B86BC6".Sha256()) }, AllowedGrantTypes = GrantTypes.Code, RequirePkce = true, RequireClientSecret = true, AllowedCorsOrigins = { "https://localhost:6001" }, AllowedScopes = { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Profile, IdentityServerConstants.StandardScopes.Address, IdentityServerConstants.StandardScopes.Email, "roles", "scope1", "microser_api_weather" }, RedirectUris = { "https://localhost:6001/swagger/oauth2-redirect.html" }, Enabled = true }, // m2m client credentials flow client new Client { ClientId = "m2m.client", ClientName = "Client Credentials Client", AllowedGrantTypes = GrantTypes.ClientCredentials, ClientSecrets = { new Secret("511536EF-F270-4058-80CA-1C89C192F69A".Sha256()) }, AllowedScopes = { "scope1" } }, // interactive client using code flow + pkce new Client { ClientId = "interactive", ClientSecrets = { new Secret("49C1A7E1-0C79-4A89-A3D6-A37998FB86B0".Sha256()) }, AllowedGrantTypes = GrantTypes.Code, RedirectUris = { "https://localhost:44300/signin-oidc" }, FrontChannelLogoutUri = "https://localhost:44300/signout-oidc", PostLogoutRedirectUris = { "https://localhost:44300/signout-callback-oidc" }, AllowOfflineAccess = true, AllowedScopes = { "openid", "profile", "scope2" } }, }; } }