Compare commits
10 Commits
a24fa109d4
...
90dc1af5ec
| Author | SHA1 | Date | |
|---|---|---|---|
|
90dc1af5ec | ||
|
|
7fd3137156 | ||
|
|
76f8ec1cf5 | ||
|
|
50ca65c239 | ||
|
|
3451f8228a | ||
|
|
777ddb4069 | ||
|
|
2c144a2b5f | ||
|
|
ab488843ac | ||
|
|
e08a73dbd5 | ||
|
|
c23f481080 |
@@ -212,7 +212,7 @@ try
|
||||
// Désactive PAR pour éviter l’erreur "Invalid parameter: redirect_uri"
|
||||
options.PushedAuthorizationBehavior = PushedAuthorizationBehavior.Disable;
|
||||
|
||||
options.SaveTokens = true;
|
||||
options.SaveTokens = false;
|
||||
options.GetClaimsFromUserInfoEndpoint = false;
|
||||
|
||||
options.Scope.Clear();
|
||||
@@ -260,6 +260,12 @@ try
|
||||
|
||||
OnRedirectToIdentityProviderForSignOut = context =>
|
||||
{
|
||||
var idToken = context.HttpContext.User.FindFirst("id_token")?.Value;
|
||||
if (!string.IsNullOrWhiteSpace(idToken))
|
||||
{
|
||||
context.ProtocolMessage.IdTokenHint = idToken;
|
||||
}
|
||||
|
||||
if (!string.IsNullOrWhiteSpace(publicOrigin))
|
||||
{
|
||||
context.ProtocolMessage.PostLogoutRedirectUri = publicOrigin + context.Options.SignedOutCallbackPath;
|
||||
@@ -273,6 +279,12 @@ try
|
||||
var identity = (ClaimsIdentity)context.Principal!.Identity!;
|
||||
var clientId = context.Options.ClientId;
|
||||
|
||||
if (context.SecurityToken is JwtSecurityToken idToken &&
|
||||
!string.IsNullOrWhiteSpace(idToken.RawData))
|
||||
{
|
||||
identity.AddClaim(new Claim("id_token", idToken.RawData));
|
||||
}
|
||||
|
||||
AddKeycloakRolesFromClaims(identity, context.Principal, clientId);
|
||||
AddKeycloakRolesFromAccessToken(identity, context.TokenEndpointResponse?.AccessToken, clientId);
|
||||
|
||||
|
||||
@@ -6,6 +6,11 @@
|
||||
"ClientSecret": ""
|
||||
},
|
||||
"Keycloak": {
|
||||
"PublicOrigin": "https://localhost:7095"
|
||||
"Authority": "https://10.4.0.131:8443/keycloak/realms/webzine-realm",
|
||||
"MetadataAddress": "http://10.4.0.131:8080/keycloak/realms/webzine-realm/.well-known/openid-configuration",
|
||||
"ClientId": "webzine-client",
|
||||
"ClientSecret": "EEUiJ5mBmuOSElwnbNZeajLuw6yOyc8E",
|
||||
"CallbackPath": "/signin-oidc",
|
||||
"SignedOutCallbackPath": "/signout-callback-oidc"
|
||||
}
|
||||
}
|
||||
@@ -6,8 +6,8 @@
|
||||
"ClientSecret": ""
|
||||
},
|
||||
"Keycloak": {
|
||||
"Authority": "https://10.4.0.131/keycloak/realms/webzine-realm",
|
||||
"MetadataAddress": "https://10.4.0.131/realms/webzine-realm/.well-known/openid-configuration",
|
||||
"PublicOrigin": "https://10.4.0.131"
|
||||
"Authority": "https://10.4.0.131:8443/keycloak/realms/webzine-realm",
|
||||
"MetadataAddress": "https://10.4.0.131:8443/keycloak/realms/webzine-realm/.well-known/openid-configuration",
|
||||
"PublicOrigin": "https://10.4.0.131:8443"
|
||||
}
|
||||
}
|
||||
@@ -26,10 +26,10 @@
|
||||
"MaxCommentsPerTrack": 3
|
||||
},
|
||||
"Keycloak": {
|
||||
"Authority": "https://10.4.0.131/keycloak/realms/webzine-realm",
|
||||
"PublicOrigin": "https://10.4.0.131",
|
||||
"Authority": "https://10.4.0.131:8443/keycloak/realms/webzine-realm",
|
||||
"PublicOrigin": "https://10.4.0.131:8443",
|
||||
"ClientId": "webzine-client",
|
||||
"ClientSecret": "Z9JgRucpeZD4jqRhTciiznX3PPoJ9oYp",
|
||||
"ClientSecret": "EEUiJ5mBmuOSElwnbNZeajLuw6yOyc8E",
|
||||
"ResponseType": "code",
|
||||
"CallbackPath": "/signin-oidc",
|
||||
"SignedOutCallbackPath": "/signout-callback-oidc"
|
||||
|
||||
Reference in New Issue
Block a user