public static void AddAuthentication(this IServiceCollection services, IHostingEnvironment hostingEnvironment)
{
services.AddIdentity<UserIdentity, UserIdentityRole>()
.AddEntityFrameworkStores<AdminDbContext>()
.AddDefaultTokenProviders();
//For integration tests use only cookie middleware
if (hostingEnvironment.IsStaging())
{
services.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultForbidScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignOutScheme = CookieAuthenticationDefaults.AuthenticationScheme;
})
.AddCookie(CookieAuthenticationDefaults.AuthenticationScheme,
options => { options.Cookie.Name = AuthorizationConsts.IdentityAdminCookieName; });
}
else
{
services.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = AuthorizationConsts.OidcAuthenticationScheme;
options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultForbidScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignOutScheme = CookieAuthenticationDefaults.AuthenticationScheme;
})
.AddCookie(CookieAuthenticationDefaults.AuthenticationScheme,
options => { options.Cookie.Name = AuthorizationConsts.IdentityAdminCookieName; })
.AddOpenIdConnect(AuthorizationConsts.OidcAuthenticationScheme, options =>
{
options.Authority = AuthorizationConsts.IdentityServerBaseUrl;
options.RequireHttpsMetadata = false;
options.ClientId = AuthorizationConsts.OidcClientId;
options.Scope.Clear();
options.Scope.Add(AuthorizationConsts.ScopeOpenId);
options.Scope.Add(AuthorizationConsts.ScopeProfile);
options.Scope.Add(AuthorizationConsts.ScopeEmail);
options.Scope.Add(AuthorizationConsts.ScopeRoles);
options.SaveTokens = true;
options.TokenValidationParameters = new TokenValidationParameters
{
NameClaimType = JwtClaimTypes.Name,
RoleClaimType = JwtClaimTypes.Role,
};
options.Events = new OpenIdConnectEvents
{
OnMessageReceived = OnMessageReceived,
OnRedirectToIdentityProvider = OnRedirectToIdentityProvider
};
});
}
App Admin does't contain definition for OpenIdConnect for Staging and I think it use default authentication methods. But app Admin doesn't contain Login page.