lmasi/webzine
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: lmasi:a24fa109d4e5524a8de4289fedf9c4eb31c0bfa1
Branches Tags
lmasi:main lmasi:loic-masi/ajout-auth-keycloak lmasi:dev
...
compare: lmasi:90dc1af5ec23e358697fa69fed53e784e6826699
Branches Tags
lmasi:loic-masi/ajout-auth-keycloak lmasi:main lmasi:dev

10 Commits
a24fa109d4 ... 90dc1af5ec

Author SHA1 Message Date
Loic Masi
90dc1af5ec #1 : Update token keycloak.
Some checks failed
Deploiement Test Keycloak / Build et Déploiement (push) Has been cancelled
Details
2026-04-22 11:54:32 +02:00
Loic Masi
7fd3137156 #1 : Mis à jours des urls avec le bon port. 2026-04-22 11:27:02 +02:00
Loic Masi
76f8ec1cf5 #1 : Il a perdu s'est crampté. 2026-04-21 16:44:14 +02:00
Loic Masi
50ca65c239 #69 : Qui a tiré sur mon petit frère. 2026-04-21 16:38:32 +02:00
Loic Masi
3451f8228a #69 : L'eau elle est couleur Whatsapp. 2026-04-21 16:31:58 +02:00
Loic Masi
777ddb4069 #1 : J'effectue le dab, dans des endroits inadéquats. 2026-04-21 16:27:40 +02:00
Loic Masi
2c144a2b5f #1 : Tung Tung Tung Sahur. 2026-04-21 16:18:24 +02:00
Loic Masi
ab488843ac #1 : Jean Neymar de Keycloak. 2026-04-21 16:07:32 +02:00
Loic Masi
e08a73dbd5 #1 : MMais qui m'a mis un Ops pareil. 2026-04-21 15:59:17 +02:00
Loic Masi
c23f481080 #1 : Quitoque le chef lol. 2026-04-21 15:41:42 +02:00
4 changed files with 26 additions and 9 deletions
Expand all files Collapse all files

14
Webzine.WebApplication/Program.cs
View File

@@ -212,7 +212,7 @@ try
// Désactive PAR pour éviter lerreur "Invalid parameter: redirect_uri" // Désactive PAR pour éviter lerreur "Invalid parameter: redirect_uri"
options.PushedAuthorizationBehavior = PushedAuthorizationBehavior.Disable; options.PushedAuthorizationBehavior = PushedAuthorizationBehavior.Disable;
options.SaveTokens = true; options.SaveTokens = false;
options.GetClaimsFromUserInfoEndpoint = false; options.GetClaimsFromUserInfoEndpoint = false;
options.Scope.Clear(); options.Scope.Clear();
@@ -260,6 +260,12 @@ try
OnRedirectToIdentityProviderForSignOut = context => OnRedirectToIdentityProviderForSignOut = context =>
{ {
var idToken = context.HttpContext.User.FindFirst("id_token")?.Value;
if (!string.IsNullOrWhiteSpace(idToken))
{
context.ProtocolMessage.IdTokenHint = idToken;
}
if (!string.IsNullOrWhiteSpace(publicOrigin)) if (!string.IsNullOrWhiteSpace(publicOrigin))
{ {
context.ProtocolMessage.PostLogoutRedirectUri = publicOrigin + context.Options.SignedOutCallbackPath; context.ProtocolMessage.PostLogoutRedirectUri = publicOrigin + context.Options.SignedOutCallbackPath;
@@ -273,6 +279,12 @@ try
var identity = (ClaimsIdentity)context.Principal!.Identity!; var identity = (ClaimsIdentity)context.Principal!.Identity!;
var clientId = context.Options.ClientId; var clientId = context.Options.ClientId;
if (context.SecurityToken is JwtSecurityToken idToken &&
!string.IsNullOrWhiteSpace(idToken.RawData))
{
identity.AddClaim(new Claim("id_token", idToken.RawData));
}
AddKeycloakRolesFromClaims(identity, context.Principal, clientId); AddKeycloakRolesFromClaims(identity, context.Principal, clientId);
AddKeycloakRolesFromAccessToken(identity, context.TokenEndpointResponse?.AccessToken, clientId); AddKeycloakRolesFromAccessToken(identity, context.TokenEndpointResponse?.AccessToken, clientId);

9
Webzine.WebApplication/appsettings.Development.json
View File

@@ -6,6 +6,11 @@
"ClientSecret": "" "ClientSecret": ""
}, },
"Keycloak": { "Keycloak": {
"PublicOrigin": "https://localhost:7095" "Authority": "https://10.4.0.131:8443/keycloak/realms/webzine-realm",
"MetadataAddress": "http://10.4.0.131:8080/keycloak/realms/webzine-realm/.well-known/openid-configuration",
"ClientId": "webzine-client",
"ClientSecret": "EEUiJ5mBmuOSElwnbNZeajLuw6yOyc8E",
"CallbackPath": "/signin-oidc",
"SignedOutCallbackPath": "/signout-callback-oidc"
} }
} }

6
Webzine.WebApplication/appsettings.Production.json
View File

@@ -6,8 +6,8 @@
"ClientSecret": "" "ClientSecret": ""
}, },
"Keycloak": { "Keycloak": {
"Authority": "https://10.4.0.131/keycloak/realms/webzine-realm", "Authority": "https://10.4.0.131:8443/keycloak/realms/webzine-realm",
"MetadataAddress": "https://10.4.0.131/realms/webzine-realm/.well-known/openid-configuration", "MetadataAddress": "https://10.4.0.131:8443/keycloak/realms/webzine-realm/.well-known/openid-configuration",
"PublicOrigin": "https://10.4.0.131" "PublicOrigin": "https://10.4.0.131:8443"
} }
} }

6
Webzine.WebApplication/appsettings.json
View File

@@ -26,10 +26,10 @@
"MaxCommentsPerTrack": 3 "MaxCommentsPerTrack": 3
}, },
"Keycloak": { "Keycloak": {
"Authority": "https://10.4.0.131/keycloak/realms/webzine-realm", "Authority": "https://10.4.0.131:8443/keycloak/realms/webzine-realm",
"PublicOrigin": "https://10.4.0.131", "PublicOrigin": "https://10.4.0.131:8443",
"ClientId": "webzine-client", "ClientId": "webzine-client",
"ClientSecret": "Z9JgRucpeZD4jqRhTciiznX3PPoJ9oYp", "ClientSecret": "EEUiJ5mBmuOSElwnbNZeajLuw6yOyc8E",
"ResponseType": "code", "ResponseType": "code",
"CallbackPath": "/signin-oidc", "CallbackPath": "/signin-oidc",
"SignedOutCallbackPath": "/signout-callback-oidc" "SignedOutCallbackPath": "/signout-callback-oidc"