lmasi/webzine
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

#1 : Test de Keycloak.

Browse Source
This commit is contained in:
Loic Masi
2026-04-21 11:46:29 +02:00
parent 4157991805
commit 3a116f9bae
15 changed files with 360 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Webzine.WebApplication/Areas/Administration/Controllers/DashboardController.cs
View File

@@ -1,5 +1,6 @@
namespace Webzine.WebApplication.Areas.Administration.Controllers; namespace Webzine.WebApplication.Areas.Administration.Controllers;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Webzine.Business.Contracts; using Webzine.Business.Contracts;
@@ -32,6 +33,7 @@ public class DashboardController : Controller
/// Affiche le tableau de bord de l'administration. /// Affiche le tableau de bord de l'administration.
/// </summary> /// </summary>
/// <returns>La vue Index du tableau de bord.</returns> /// <returns>La vue Index du tableau de bord.</returns>
[Authorize(Roles = "ADMIN")]
public IActionResult Index() public IActionResult Index()
{ {
DashboardDTO data = this.dashboardService.GetDashboardData(); DashboardDTO data = this.dashboardService.GetDashboardData();

49
Webzine.WebApplication/Controllers/AccountController.cs Normal file
View File

@@ -0,0 +1,49 @@
namespace Webzine.WebApplication.Controllers
{
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
using Microsoft.AspNetCore.Mvc;
public class AccountController : Controller
{
[HttpGet("/account/login")]
public IActionResult Login(string? returnUrl = "/")
{
return this.Challenge(
new AuthenticationProperties
{
RedirectUri = string.IsNullOrWhiteSpace(returnUrl) ? "/" : returnUrl,
},
OpenIdConnectDefaults.AuthenticationScheme);
}
[HttpGet("/account/logout")]
public IActionResult Logout()
{
return this.SignOut(
new AuthenticationProperties
{
RedirectUri = "/",
},
CookieAuthenticationDefaults.AuthenticationScheme,
OpenIdConnectDefaults.AuthenticationScheme);
}
[HttpGet("/account/access-denied")]
public IActionResult AccessDenied()
{
return this.View();
}
[HttpGet("/account/auth-error")]
public IActionResult AuthError(string? message = null)
{
this.ViewData["Message"] = string.IsNullOrWhiteSpace(message)
? "Une erreur est survenue pendant la connexion."
: message;
return this.View();
}
}
}

2
Webzine.WebApplication/Controllers/AccueilController.cs
View File

@@ -1,5 +1,6 @@
namespace Webzine.WebApplication.Controllers namespace Webzine.WebApplication.Controllers
{ {
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Webzine.Repository.Contracts; using Webzine.Repository.Contracts;
@@ -38,6 +39,7 @@
/// </summary> /// </summary>
/// <param name="page">Le numéro de page pour la pagination des titres (par défaut à 0).</param> /// <param name="page">Le numéro de page pour la pagination des titres (par défaut à 0).</param>
/// <returns>La vue Index avec le ViewModel contenant les listes de titres à afficher.</returns> /// <returns>La vue Index avec le ViewModel contenant les listes de titres à afficher.</returns>
[Authorize(Roles = "ADMIN")]
public IActionResult Index(int page = 0) public IActionResult Index(int page = 0)
{ {
this.logger.LogInformation("Arrivée sur la page d'accueil"); this.logger.LogInformation("Arrivée sur la page d'accueil");

2
Webzine.WebApplication/Controllers/ArtisteController.cs
View File

@@ -1,5 +1,6 @@
namespace Webzine.WebApplication.Controllers namespace Webzine.WebApplication.Controllers
{ {
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Webzine.Repository.Contracts; using Webzine.Repository.Contracts;
@@ -33,6 +34,7 @@
/// </summary> /// </summary>
/// <param name="nom">Le nom de l'artiste à rechercher, formaté en kebab-case (ex: "fatal-bazooka").</param> /// <param name="nom">Le nom de l'artiste à rechercher, formaté en kebab-case (ex: "fatal-bazooka").</param>
/// <returns>La vue de l'artiste avec son ViewModel, ou une redirection vers l'accueil si le nom est vide, ou une erreur 404 si l'artiste n'est pas trouvé.</returns> /// <returns>La vue de l'artiste avec son ViewModel, ou une redirection vers l'accueil si le nom est vide, ou une erreur 404 si l'artiste n'est pas trouvé.</returns>
[Authorize(Roles = "ADMIN")]
public IActionResult Index(string nom) public IActionResult Index(string nom)
{ {
this.logger.LogInformation("Tentative d'accès à l'artiste avec le nom : {NomArtiste}", nom); this.logger.LogInformation("Tentative d'accès à l'artiste avec le nom : {NomArtiste}", nom);

2
Webzine.WebApplication/Controllers/ContactController.cs
View File

@@ -1,5 +1,6 @@
namespace Webzine.WebApplication.Controllers namespace Webzine.WebApplication.Controllers
{ {
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
/// <summary> /// <summary>
@@ -25,6 +26,7 @@
/// Affiche la page de contact du webzine. /// Affiche la page de contact du webzine.
/// </summary> /// </summary>
/// <returns>La vue Index de la page de contact.</returns> /// <returns>La vue Index de la page de contact.</returns>
[Authorize(Roles = "ADMIN")]
public IActionResult Index() public IActionResult Index()
{ {
return this.View(); return this.View();

2
Webzine.WebApplication/Controllers/RechercheController.cs
View File

@@ -4,6 +4,7 @@
namespace Webzine.WebApplication.Controllers namespace Webzine.WebApplication.Controllers
{ {
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Webzine.Repository.Contracts; using Webzine.Repository.Contracts;
@@ -39,6 +40,7 @@ namespace Webzine.WebApplication.Controllers
/// </summary> /// </summary>
/// <param name="mot">Nom d'artiste ou de titre.</param> /// <param name="mot">Nom d'artiste ou de titre.</param>
/// <returns>Page de recherche avec les r<>sultats.</returns> /// <returns>Page de recherche avec les r<>sultats.</returns>
[Authorize(Roles = "ADMIN")]
public IActionResult Index(string mot) public IActionResult Index(string mot)
{ {
// Logger la recherche. // Logger la recherche.

2
Webzine.WebApplication/Controllers/TitreController.cs
View File

@@ -4,6 +4,7 @@
namespace Webzine.WebApplication.Controllers namespace Webzine.WebApplication.Controllers
{ {
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Webzine.Entity; using Webzine.Entity;
@@ -47,6 +48,7 @@ namespace Webzine.WebApplication.Controllers
/// <param name="id">Identifiant du titre.</param> /// <param name="id">Identifiant du titre.</param>
/// <param name="model">Model de donnée pour un commentaire.</param> /// <param name="model">Model de donnée pour un commentaire.</param>
/// <returns>Vue des details ou 404 si introuvable.</returns> /// <returns>Vue des details ou 404 si introuvable.</returns>
[Authorize(Roles = "ADMIN")]
public IActionResult Index(int id) public IActionResult Index(int id)
{ {
this.logger.LogInformation("Demande d'affichage du detail pour le titre ID {Id}.", id); this.logger.LogInformation("Demande d'affichage du detail pour le titre ID {Id}.", id);

237
Webzine.WebApplication/Program.cs
View File

@@ -1,7 +1,16 @@
// L'erreur SA1200 (ordre des using directives) est desactivee pour Program.cs // L'erreur SA1200 (ordre des using directives) est desactivee pour Program.cs
#pragma warning disable SA1200 #pragma warning disable SA1200
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text.Json;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
using Microsoft.AspNetCore.HttpOverrides;
using Microsoft.EntityFrameworkCore; using Microsoft.EntityFrameworkCore;
using Microsoft.IdentityModel.Protocols.OpenIdConnect;
using Microsoft.IdentityModel.Tokens;
using NLog; using NLog;
using NLog.Web; using NLog.Web;
@@ -23,30 +32,223 @@ using Webzine.WebApplication.Interceptors;
var logger = LogManager.Setup().LoadConfigurationFromAppSettings().GetCurrentClassLogger(); var logger = LogManager.Setup().LoadConfigurationFromAppSettings().GetCurrentClassLogger();
logger.Debug("init main"); logger.Debug("init main");
static void AddRoleClaim(ClaimsIdentity identity, string? roleValue)
{
if (!string.IsNullOrWhiteSpace(roleValue) &&
!identity.HasClaim(claim => claim.Type == "role" && claim.Value == roleValue))
{
identity.AddClaim(new Claim("role", roleValue));
}
}
static void AddKeycloakRolesFromJson(ClaimsIdentity identity, string? json, string? clientId)
{
if (string.IsNullOrWhiteSpace(json))
{
return;
}
using var document = JsonDocument.Parse(json);
if (document.RootElement.TryGetProperty("realm_access", out var realmAccessElement) &&
realmAccessElement.TryGetProperty("roles", out var realmRolesElement))
{
foreach (var role in realmRolesElement.EnumerateArray())
{
AddRoleClaim(identity, role.GetString());
}
}
if (!string.IsNullOrWhiteSpace(clientId) &&
document.RootElement.TryGetProperty("resource_access", out var resourceAccessElement) &&
resourceAccessElement.TryGetProperty(clientId, out var clientAccessElement) &&
clientAccessElement.TryGetProperty("roles", out var clientRolesElement))
{
foreach (var role in clientRolesElement.EnumerateArray())
{
AddRoleClaim(identity, role.GetString());
}
}
}
static void AddKeycloakRolesFromClaims(ClaimsIdentity identity, ClaimsPrincipal principal, string? clientId)
{
var realmAccessClaim = principal.FindFirst("realm_access")?.Value;
if (!string.IsNullOrWhiteSpace(realmAccessClaim))
{
AddKeycloakRolesFromJson(identity, $$"""{ "realm_access": {{realmAccessClaim}} }""", clientId);
}
var resourceAccessClaim = principal.FindFirst("resource_access")?.Value;
if (!string.IsNullOrWhiteSpace(resourceAccessClaim))
{
AddKeycloakRolesFromJson(identity, $$"""{ "resource_access": {{resourceAccessClaim}} }""", clientId);
}
}
static void AddKeycloakRolesFromAccessToken(ClaimsIdentity identity, string? accessToken, string? clientId)
{
if (string.IsNullOrWhiteSpace(accessToken))
{
return;
}
var token = new JwtSecurityTokenHandler().ReadJwtToken(accessToken);
var payload = JsonSerializer.Serialize(token.Payload);
AddKeycloakRolesFromJson(identity, payload, clientId);
}
try try
{ {
var builder = WebApplication.CreateBuilder(args); var builder = WebApplication.CreateBuilder(args);
// Ajoute les services necessaires pour permettre l'utilisation des
// controllers avec des vues.
builder.Services.AddControllersWithViews(options => builder.Services.AddControllersWithViews(options =>
{ {
// options.Filters.Add<GlobalExceptionFilter>();
options.Filters.Add<ValidationActionFilter>(); options.Filters.Add<ValidationActionFilter>();
options.Filters.Add<GlobalExceptionFilter>(); options.Filters.Add<GlobalExceptionFilter>();
})
.AddRazorRuntimeCompilation();
JwtSecurityTokenHandler.DefaultMapInboundClaims = false;
// Important derrière Nginx pour que ASP.NET Core comprenne bien :
// - le host public
// - le scheme https
builder.Services.Configure<ForwardedHeadersOptions>(options =>
{
options.ForwardedHeaders =
ForwardedHeaders.XForwardedFor |
ForwardedHeaders.XForwardedProto |
ForwardedHeaders.XForwardedHost;
options.KnownNetworks.Clear();
options.KnownProxies.Clear();
}); });
// Ajoute les services necessaires pour permettre l'utilisation des controllers avec des vues. builder.Services
builder.Services.AddControllersWithViews() .AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, options =>
{
options.LoginPath = "/account/login";
options.LogoutPath = "/account/logout";
options.AccessDeniedPath = "/account/access-denied";
})
.AddOpenIdConnect(OpenIdConnectDefaults.AuthenticationScheme, options =>
{
var publicOrigin = builder.Configuration["Keycloak:PublicOrigin"]?.TrimEnd('/');
var callbackPath = builder.Configuration["Keycloak:CallbackPath"] ?? "/signin-oidc";
var signedOutCallbackPath = builder.Configuration["Keycloak:SignedOutCallbackPath"] ?? "/signout-callback-oidc";
// Ajoute la compilation des vues lors de l'execution de l'application. options.Authority = builder.Configuration["Keycloak:Authority"];
// Cela nous evite de recompiler l'application a chaque modification de vue. options.ClientId = builder.Configuration["Keycloak:ClientId"];
// Necessite le package Nuget Microsoft.AspNetCore.Mvc.Razor.RuntimeCompilation. options.ClientSecret = builder.Configuration["Keycloak:ClientSecret"];
.AddRazorRuntimeCompilation(); options.ResponseType = OpenIdConnectResponseType.Code;
options.CallbackPath = callbackPath;
options.SignedOutCallbackPath = signedOutCallbackPath;
// Reverse proxy + certificat autosigné
options.RequireHttpsMetadata = false;
// Désactive PAR pour éviter lerreur "Invalid parameter: redirect_uri"
options.PushedAuthorizationBehavior = PushedAuthorizationBehavior.Disable;
options.SaveTokens = true;
options.GetClaimsFromUserInfoEndpoint = false;
options.Scope.Clear();
options.Scope.Add("openid");
options.Scope.Add("profile");
options.Scope.Add("email");
options.TokenValidationParameters = new TokenValidationParameters
{
NameClaimType = "preferred_username",
RoleClaimType = "role",
};
// Temporaire pour environnement de test avec certificat autosigné
options.BackchannelHttpHandler = new HttpClientHandler
{
ServerCertificateCustomValidationCallback =
HttpClientHandler.DangerousAcceptAnyServerCertificateValidator,
};
options.Events = new OpenIdConnectEvents
{
OnRedirectToIdentityProvider = context =>
{
if (!string.IsNullOrWhiteSpace(publicOrigin))
{
context.ProtocolMessage.RedirectUri = publicOrigin + context.Options.CallbackPath;
}
logger.Info("RedirectUri Keycloak envoyee : {RedirectUri}", context.ProtocolMessage.RedirectUri);
Console.WriteLine("RedirectUri envoyé à Keycloak : " + context.ProtocolMessage.RedirectUri);
Console.WriteLine("Authority utilisée : " + context.Options.Authority);
return Task.CompletedTask;
},
OnRedirectToIdentityProviderForSignOut = context =>
{
if (!string.IsNullOrWhiteSpace(publicOrigin))
{
context.ProtocolMessage.PostLogoutRedirectUri = publicOrigin + context.Options.SignedOutCallbackPath;
}
return Task.CompletedTask;
},
OnTokenValidated = context =>
{
var identity = (ClaimsIdentity)context.Principal!.Identity!;
var clientId = context.Options.ClientId;
AddKeycloakRolesFromClaims(identity, context.Principal, clientId);
AddKeycloakRolesFromAccessToken(identity, context.TokenEndpointResponse?.AccessToken, clientId);
logger.Info(
"Roles Keycloak ajoutes a l'utilisateur {User}: {Roles}",
identity.Name,
string.Join(", ", identity.FindAll("role").Select(claim => claim.Value)));
return Task.CompletedTask;
},
OnRemoteFailure = context =>
{
var remoteError = context.Request.Query["error"].ToString();
var remoteDescription = context.Request.Query["error_description"].ToString();
var failureMessage = context.Failure?.Message;
var message = string.Join(
Environment.NewLine,
new[] { remoteError, remoteDescription, failureMessage }.Where(value => !string.IsNullOrWhiteSpace(value)));
logger.Error(context.Failure, "Erreur OIDC distante : {Message}", message);
Console.WriteLine("Erreur OIDC distante : " + message);
context.HandleResponse();
context.Response.Redirect("/account/auth-error?message=" + Uri.EscapeDataString(message));
return Task.CompletedTask;
},
};
});
builder.Services.AddAuthorization(options =>
{
options.AddPolicy("RequireUser", policy => policy.RequireRole("USER", "ADMIN"));
options.AddPolicy("RequireAdmin", policy => policy.RequireRole("ADMIN"));
});
// NLog: Setup NLog for Dependency injection // NLog: Setup NLog for Dependency injection
builder.Logging.ClearProviders(); builder.Logging.ClearProviders();
builder.Host.UseNLog(); builder.Host.UseNLog();
builder.Services.Configure<SpotifySeederOptions>(builder.Configuration.GetSection("SpotifySeeder")); builder.Services.Configure<SpotifySeederOptions>(builder.Configuration.GetSection("SpotifySeeder"));
builder.Services.AddHttpClient<SeedDataSpotify>(); builder.Services.AddHttpClient<SeedDataSpotify>();
@@ -54,10 +256,10 @@ try
{ {
options.SeuilMs = builder.Configuration.GetValue<int>("EfPerformance:SeuilMs"); options.SeuilMs = builder.Configuration.GetValue<int>("EfPerformance:SeuilMs");
}); });
builder.Services.AddSingleton<EfSlowQueryInterceptor>(); builder.Services.AddSingleton<EfSlowQueryInterceptor>();
// En fonction de la configuration, utilise soit les repositories basés sur une base de données, soit les repositories basés sur des listes locales. // En fonction de la configuration, utilise soit les repositories basés sur une base de données, soit les repositories basés sur des listes locales.
// En fonction de la configuration, utilise soit les repositories bases sur une base de donnees, soit les repositories bases sur des listes locales.
var repositoryType = builder.Configuration.GetValue<RepositoryType>("Repository"); var repositoryType = builder.Configuration.GetValue<RepositoryType>("Repository");
var seederType = builder.Configuration.GetValue<SeederType>("Seeder"); var seederType = builder.Configuration.GetValue<SeederType>("Seeder");
var shouldSeed = args.Contains("--seed"); var shouldSeed = args.Contains("--seed");
@@ -104,12 +306,13 @@ try
builder.Services.AddScoped<ValidationActionFilter>(); builder.Services.AddScoped<ValidationActionFilter>();
builder.Services.AddScoped<GlobalExceptionFilter>(); builder.Services.AddScoped<GlobalExceptionFilter>();
// https://learn.microsoft.com/fr-fr/aspnet/core/performance/response-compression?view=aspnetcore-10.0#configuration
// Ajoute le service de compression des reponses HTTP pour reduire la taille des donnees envoyees au client et ameliorer les performances de l'application.
builder.Services.AddResponseCompression(); builder.Services.AddResponseCompression();
var app = builder.Build(); var app = builder.Build();
// Très important avant tout middleware qui lit le scheme/host de la requête.
app.UseForwardedHeaders();
app.UseMiddleware<Webzine.WebApplication.Middlewares.LogTempsExecutionMiddleware>(); app.UseMiddleware<Webzine.WebApplication.Middlewares.LogTempsExecutionMiddleware>();
if (repositoryType == RepositoryType.Db) if (repositoryType == RepositoryType.Db)
@@ -168,32 +371,30 @@ try
app.UseResponseCompression(); app.UseResponseCompression();
// Active la possibilite de servir des fichiers statiques presents dans le dossier wwwroot.
app.UseStaticFiles(new StaticFileOptions app.UseStaticFiles(new StaticFileOptions
{ {
OnPrepareResponse = ctx => OnPrepareResponse = ctx =>
{ {
// https://learn.microsoft.com/fr-fr/aspnet/core/fundamentals/static-files?view=aspnetcore-10.0#set-http-response-headers
ctx.Context.Response.Headers.Append("Cache-Control", "public, max-age=31536000"); ctx.Context.Response.Headers.Append("Cache-Control", "public, max-age=31536000");
}, },
}); });
// Active le middleware permettant le routage des requetes entrantes.
app.UseRouting(); app.UseRouting();
// Appelle les routes definies dans le dossier Extensions. app.UseAuthentication();
app.UseAuthorization();
app.MapCustomRoutes(); app.MapCustomRoutes();
app.MapControllers();
app.Run(); app.Run();
} }
catch (Exception exception) catch (Exception exception)
{ {
// NLog: attrape les exceptions non gerees et les logger.
logger.Error(exception, "Stopped program because of exception"); logger.Error(exception, "Stopped program because of exception");
throw; throw;
} }
finally finally
{ {
// Assure que NLog flush tous les messages de log avant de fermer l'application.
LogManager.Shutdown(); LogManager.Shutdown();
} }

13
Webzine.WebApplication/Views/Account/AccessDenied.cshtml Normal file
View File

@@ -0,0 +1,13 @@
@{
ViewData["Title"] = "Accès refusé";
}
<div class="container mt-5 text-center">
<h2>Accès refusé</h2>
<p>Vous n'avez pas les droits pour accéder à cette page.</p>
<a href="/" class="btn btn-secondary">
Retour à l'accueil
</a>
</div>

15
Webzine.WebApplication/Views/Account/Login.cshtml Normal file
View File

@@ -0,0 +1,15 @@
@{
ViewData["Title"] = "Connexion";
}
<div class="container mt-5 text-center">
<h2>Connexion</h2>
<p>Vous allez être redirigé vers le serveur d'authentification.</p>
<a asp-controller="Account"
asp-action="Login"
class="btn btn-primary">
Se connecter avec Keycloak
</a>
</div>

15
Webzine.WebApplication/Views/Account/Logout.cshtml Normal file
View File

@@ -0,0 +1,15 @@
@{
ViewData["Title"] = "Déconnexion";
}
<div class="container mt-5 text-center">
<h2>Déconnexion</h2>
<p>Vous êtes sur le point de vous déconnecter.</p>
<form asp-controller="Account" asp-action="Logout" method="get">
<button type="submit" class="btn btn-danger">
Se déconnecter
</button>
</form>
</div>

18
Webzine.WebApplication/Views/Shared/_Layout.cshtml
View File

@@ -14,6 +14,24 @@
</head> </head>
<body class="d-flex flex-column min-vh-100"> <body class="d-flex flex-column min-vh-100">
<partial name="_Header"/> <partial name="_Header"/>
@if (User.Identity?.IsAuthenticated == true)
{
<span class="me-2">Bonjour @User.Identity.Name</span>
<a asp-controller="Account"
asp-action="Logout"
class="btn btn-outline-danger btn-sm">
Déconnexion
</a>
}
else
{
<a asp-controller="Account"
asp-action="Login"
class="btn btn-outline-primary btn-sm">
Connexion
</a>
}
<div class="container-fluid flex-grow-1 py-4"> <div class="container-fluid flex-grow-1 py-4">
<div class="row"> <div class="row">
<main class="col mx-3"> <main class="col mx-3">

6
Webzine.WebApplication/Webzine.WebApplication.csproj
View File

@@ -1,4 +1,4 @@
<Project Sdk="Microsoft.NET.Sdk.Web"> <Project Sdk="Microsoft.NET.Sdk.Web">
<PropertyGroup> <PropertyGroup>
<TargetFramework>net10.0</TargetFramework> <TargetFramework>net10.0</TargetFramework>
@@ -27,6 +27,10 @@
<PackageReference Include="Microsoft.AspNetCore.Mvc.Razor.RuntimeCompilation" Version="10.0.3" /> <PackageReference Include="Microsoft.AspNetCore.Mvc.Razor.RuntimeCompilation" Version="10.0.3" />
<PackageReference Include="Microsoft.EntityFrameworkCore" Version="10.0.5" /> <PackageReference Include="Microsoft.EntityFrameworkCore" Version="10.0.5" />
<PackageReference Include="Microsoft.EntityFrameworkCore.Sqlite" Version="10.0.5" /> <PackageReference Include="Microsoft.EntityFrameworkCore.Sqlite" Version="10.0.5" />
<PackageReference Include="Microsoft.IdentityModel.JsonWebTokens" Version="8.17.0" />
<PackageReference Include="Microsoft.IdentityModel.Protocols.OpenIdConnect" Version="8.17.0" />
<PackageReference Include="Microsoft.IdentityModel.Tokens" Version="8.17.0" />
<PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="8.17.0" />
<PackageReference Include="NLog.Web.AspNetCore" Version="5.*" /> <PackageReference Include="NLog.Web.AspNetCore" Version="5.*" />
<PackageReference Include="NLog" Version="6.1.1" /> <PackageReference Include="NLog" Version="6.1.1" />
<PackageReference Include="StyleCop.Analyzers" Version="1.1.118"> <PackageReference Include="StyleCop.Analyzers" Version="1.1.118">

3
Webzine.WebApplication/appsettings.Development.json
View File

@@ -4,5 +4,8 @@
"SpotifySeeder": { "SpotifySeeder": {
"ClientId": "", "ClientId": "",
"ClientSecret": "" "ClientSecret": ""
},
"Keycloak": {
"PublicOrigin": "https://localhost:7095"
} }
} }

11
Webzine.WebApplication/appsettings.json
View File

@@ -26,10 +26,13 @@
"MaxCommentsPerTrack": 3 "MaxCommentsPerTrack": 3
}, },
"Keycloak": { "Keycloak": {
"Authority": "https://<keycloak-host>/realms/<your-realm>", "Authority": "https://10.4.0.131/keycloak/realms/webzine-realm",
"ClientId": "my-aspnet-app", "PublicOrigin": "http://10.4.0.131:8080",
"ClientSecret": "your-client-secret", "ClientId": "webzine-client",
"ResponseType": "code" "ClientSecret": "Z9JgRucpeZD4jqRhTciiznX3PPoJ9oYp",
"ResponseType": "code",
"CallbackPath": "/signin-oidc",
"SignedOutCallbackPath": "/signout-callback-oidc"
}, },
"AllowedHosts": "*", "AllowedHosts": "*",
"EfPerformance": { "EfPerformance": {