I hereby claim:
- I am ghstahl on github.
- I am ghstahl (https://keybase.io/ghstahl) on keybase.
- I have a public key ASB9Dis5iMFoUSYXBkRAEKIWVPL--pjwojBGE5WE-rzMbwo
To claim this, I am signing this object:
foreach (var exchange in exchanges) | |
{ | |
services.Configure<PipelineExchangeOptions>(exchange.ExchangeName, options => | |
{ | |
options.PreProcessors = exchange.Preprocessors; | |
}); | |
services.AddTransient<ITokenExchangeHandler>(x => | |
{ | |
var tokenExchangeHandler = x.GetRequiredService<PipelineTokenExchangeHandler>(); | |
tokenExchangeHandler.Configure(exchange); |
apiVersion: extensions/v1beta1 | |
kind: Deployment | |
metadata: | |
name: kubewebapp-deployment | |
spec: | |
replicas: 2 | |
selector: | |
matchLabels: | |
app: kubewebapp | |
template: |
{ | |
"issuer": "https://accounts.google.com", | |
"authorization_endpoint": "https://localhost:6001/connect/authorize", | |
"token_endpoint": "https://localhost:6001/connect/token", | |
"userinfo_endpoint": "https://openidconnect.googleapis.com/v1/userinfo", | |
"revocation_endpoint": "https://oauth2.googleapis.com/revoke", | |
"jwks_uri": "https://www.googleapis.com/oauth2/v3/certs", | |
"response_types_supported": ["code", "token", "id_token", "code token", "code id_token", "token id_token", "code token id_token", "none"], | |
"subject_types_supported": ["public"], | |
"id_token_signing_alg_values_supported": ["RS256"], |
using System; | |
using System.Collections.Generic; | |
using System.Collections.Specialized; | |
using System.Globalization; | |
using System.IdentityModel.Tokens.Jwt; | |
using System.Linq; | |
using System.Text; | |
using System.Threading.Tasks; | |
using IdentityModel; | |
using Microsoft.AspNetCore.Authentication.OpenIdConnect; |
I hereby claim:
To claim this, I am signing this object:
using Azure.Security.KeyVault.Keys; | |
using Azure.Security.KeyVault.Secrets; | |
using System; | |
namespace Common | |
{ | |
public class AzureKeyVaultClients : IAzureKeyVaultClients | |
{ | |
private AzureKeyVaultTokenCredential _azureKeyVaultTokenCredential; |
services.AddIdentity<IdentityUser,IdentityRole>(options => options.SignIn.RequireConfirmedAccount = true) | |
.AddEntityFrameworkStores<ApplicationDbContext>() | |
.AddDefaultTokenProviders(); | |
// services.AddDefaultIdentity must be adding its own fake | |
// Switched to services.AddIdentity<IdentityUser,IdentityRole>, and now I have to add it. | |
services.AddScoped<IEmailSender, FakeEmailSender>(); | |
services.AddScoped<IUserClaimsPrincipalFactory<IdentityUser>, SeedSessionClaimsPrincipalFactory>(); |
app.UseSession(); | |
app.UseAuthentication(); | |
app.UseAuthorization(); | |
app.UseMiddleware<AuthSessionValidationMiddleware>(); |
var sessionKey = GuidN; | |
var identity = await base.GenerateClaimsAsync(user); | |
identity.AddClaim(new Claim(".sessionKey", sessionKey)); | |
HttpContext.Session.SetString(sessionKey, sessionKey); |
public async Task<IActionResult> OnGetCallbackAsync( | |
string returnUrl = null, | |
string remoteError = null) | |
{ | |
returnUrl = returnUrl ?? Url.Content("~/"); | |
if (remoteError != null) | |
{ | |
ErrorMessage = $"Error from external provider: {remoteError}"; | |
return RedirectToPage("./Login", new {ReturnUrl = returnUrl}); | |
} |