-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
14 changed files
with
172 additions
and
65 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -7,6 +7,10 @@ | |
"Database": { | ||
"longName": "database", | ||
"shortName": "db" | ||
}, | ||
"Auth": { | ||
"longName": "auth", | ||
"shortName": "oa" | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
using Api.Options; | ||
|
||
using Microsoft.Extensions.Options; | ||
using Microsoft.Identity.Web; | ||
|
||
using Swashbuckle.AspNetCore.SwaggerGen; | ||
|
||
namespace Api; | ||
|
||
public static class ConfigureMicrosoftEntraAuth | ||
{ | ||
public static IServiceCollection AddMicrosoftEntraAuth(this IServiceCollection services, IConfiguration configuration) | ||
{ | ||
services.Configure<MicrosoftEntraOptions>(options => | ||
configuration.Bind(MicrosoftEntraOptions.SectionName, options)); | ||
|
||
services.AddTransient<IConfigureOptions<SwaggerGenOptions>, MicrosoftEntraSwaggerConfigurationOptions>(); | ||
|
||
services.AddAuthentication() | ||
.AddMicrosoftIdentityWebApi(configuration, MicrosoftEntraOptions.SectionName) | ||
.EnableTokenAcquisitionToCallDownstreamApi() | ||
.AddInMemoryTokenCaches(); | ||
|
||
return services; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
using Microsoft.Identity.Web; | ||
|
||
namespace Api.Options; | ||
|
||
public class MicrosoftEntraOptions : MicrosoftIdentityOptions | ||
{ | ||
public const string SectionName = "Entra"; | ||
|
||
public string BaseUrl => $"{Instance}/{TenantId}/oauth2/v2.0"; | ||
public string AuthorizationUrl => $"{BaseUrl}/authorize"; | ||
public string TokenUrl => $"{BaseUrl}/token"; | ||
} |
55 changes: 55 additions & 0 deletions
55
src/Api/Options/MicrosoftEntraSwaggerConfigurationOptions.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
using Application.Authorization; | ||
|
||
using Microsoft.Extensions.Options; | ||
using Microsoft.OpenApi.Models; | ||
|
||
using Swashbuckle.AspNetCore.SwaggerGen; | ||
|
||
namespace Api.Options; | ||
|
||
public class MicrosoftEntraSwaggerConfigurationOptions : IConfigureOptions<SwaggerGenOptions> | ||
{ | ||
private readonly MicrosoftEntraOptions _options; | ||
|
||
public MicrosoftEntraSwaggerConfigurationOptions(IOptions<MicrosoftEntraOptions> options) | ||
{ | ||
_options = options.Value; | ||
} | ||
|
||
public void Configure(SwaggerGenOptions options) | ||
{ | ||
var authorizationUrl = _options?.AuthorizationUrl ?? string.Empty; | ||
var tokenUrl = _options?.TokenUrl ?? string.Empty; | ||
var clientId = _options?.ClientId ?? string.Empty; | ||
|
||
options.AddSecurityDefinition("Entra", new OpenApiSecurityScheme | ||
{ | ||
Type = SecuritySchemeType.OAuth2, | ||
Flows = new OpenApiOAuthFlows | ||
{ | ||
AuthorizationCode = new OpenApiOAuthFlow | ||
{ | ||
AuthorizationUrl = new Uri(authorizationUrl), | ||
TokenUrl = new Uri(tokenUrl), | ||
Scopes = new[] { $"{AuthorizationScopes.AccessAsUser}" } | ||
.ToDictionary(p => $"api://{clientId}/{p}") | ||
} | ||
} | ||
}); | ||
options.AddSecurityRequirement(new OpenApiSecurityRequirement | ||
{ | ||
{ | ||
new OpenApiSecurityScheme | ||
{ | ||
Reference = new OpenApiReference | ||
{ | ||
Type = ReferenceType.SecurityScheme, | ||
Id = "Entra" | ||
}, | ||
UnresolvedReference = true | ||
}, | ||
Array.Empty<string>() | ||
} | ||
}); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
namespace Application.Authorization; | ||
|
||
public static class AuthorizationScopes | ||
{ | ||
public const string AccessAsUser = "access_as_user"; | ||
} |