Prompt setting for oidc.

2 years ago · 01f73b20e4
3 changed files with 9 additions and 7 deletions
--- a/backend/src/Squidex/Config/Authentication/OidcServices.cs
+++ b/backend/src/Squidex/Config/Authentication/OidcServices.cs
@ -7,6 +7,7 @@

 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authentication.OpenIdConnect;
+using Squidex.Infrastructure;

 namespace Squidex.Config.Authentication;

@ -20,11 +21,12 @@ public static class OidcServices

            authBuilder.AddOpenIdConnect("ExternalOidc", displayName, options =>
            {
+                options.Events = new OidcHandler(identityOptions);
                options.Authority = identityOptions.OidcAuthority;
+                options.Prompt = identityOptions.OidcPrompt;
                options.ClientId = identityOptions.OidcClient;
                options.ClientSecret = identityOptions.OidcSecret;
                options.RequireHttpsMetadata = identityOptions.RequiresHttps;
-                options.Events = new OidcHandler(identityOptions);

                if (!string.IsNullOrEmpty(identityOptions.OidcMetadataAddress))
                {
@ -40,10 +42,7 @@ public static class OidcServices

                if (identityOptions.OidcScopes != null)
                {
-                    foreach (var scope in identityOptions.OidcScopes)
-                    {
-                        options.Scope.Add(scope);
-                    }
+                    options.Scope.AddRange(identityOptions.OidcScopes);
                }
            });
        }
--- a/backend/src/Squidex/Config/MyIdentityOptions.cs
+++ b/backend/src/Squidex/Config/MyIdentityOptions.cs
@ -45,6 +45,8 @@ public sealed class MyIdentityOptions

    public string OidcSecret { get; set; }

+    public string OidcPrompt { get; set; }
+
    public string OidcAuthority { get; set; }

    public string OidcMetadataAddress { get; set; }
--- a/backend/src/Squidex/appsettings.json
+++ b/backend/src/Squidex/appsettings.json
@ -585,8 +585,8 @@
        "suppressXFrameOptionsHeader": false,

        // Initial admin user.
-        "adminEmail": "hello@squidex.io",
-        "adminPassword": "1q2w3e$R",
+        "adminEmail": "",
+        "adminPassword": "",

        // Recreate the admin if it does not exist or the password does not match.
        "adminRecreate": true,
@ -618,6 +618,7 @@
        "oidcAuthority": "",
        "oidcClient": "",
        "oidcSecret": "",
+        "oidcPrompt": null,
        "oidcMetadataAddress": "",
        "oidcScopes": [
            "email"