Oidc Services.

8 years ago · f464844d56
6 changed files with 59 additions and 4 deletions
--- a/src/Squidex/Config/Authentication/AuthenticationServices.cs
+++ b/src/Squidex/Config/Authentication/AuthenticationServices.cs
@ -17,8 +17,9 @@ namespace Squidex.Config.Authentication
            var identityOptions = config.GetSection("identity").Get<MyIdentityOptions>();

            services.AddAuthentication()
-                .AddMyGoogleAuthentication(identityOptions)
-                .AddMyMicrosoftAuthentication(identityOptions)
+                .AddMyExternalGoogleAuthentication(identityOptions)
+                .AddMyExternalMicrosoftAuthentication(identityOptions)
+                .AddMyExternalOdic(identityOptions)
                .AddMyIdentityServerAuthentication(identityOptions, config)
                .AddCookie();
        }
--- a/src/Squidex/Config/Authentication/GoogleAuthenticationServices.cs
+++ b/src/Squidex/Config/Authentication/GoogleAuthenticationServices.cs
@ -12,7 +12,7 @@ namespace Squidex.Config.Authentication
 {
    public static class GoogleAuthenticationServices
    {
-        public static AuthenticationBuilder AddMyGoogleAuthentication(this AuthenticationBuilder authBuilder, MyIdentityOptions identityOptions)
+        public static AuthenticationBuilder AddMyExternalGoogleAuthentication(this AuthenticationBuilder authBuilder, MyIdentityOptions identityOptions)
        {
            if (identityOptions.IsGoogleAuthConfigured())
            {
--- a/src/Squidex/Config/Authentication/MicrosoftAuthenticationServices.cs
+++ b/src/Squidex/Config/Authentication/MicrosoftAuthenticationServices.cs
@ -12,7 +12,7 @@ namespace Squidex.Config.Authentication
 {
    public static class MicrosoftAuthenticationServices
    {
-        public static AuthenticationBuilder AddMyMicrosoftAuthentication(this AuthenticationBuilder authBuilder, MyIdentityOptions identityOptions)
+        public static AuthenticationBuilder AddMyExternalMicrosoftAuthentication(this AuthenticationBuilder authBuilder, MyIdentityOptions identityOptions)
        {
            if (identityOptions.IsMicrosoftAuthConfigured())
            {
--- a/src/Squidex/Config/Authentication/OidcServices.cs
+++ b/src/Squidex/Config/Authentication/OidcServices.cs
@ -0,0 +1,34 @@
+// ==========================================================================
+//  Squidex Headless CMS
+// ==========================================================================
+//  Copyright (c) Squidex UG (haftungsbeschränkt)
+//  All rights reserved. Licensed under the MIT license.
+// ==========================================================================
+
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.OpenIdConnect;
+using Microsoft.Extensions.DependencyInjection;
+
+namespace Squidex.Config.Authentication
+{
+    public static class OidcServices
+    {
+        public static AuthenticationBuilder AddMyExternalOdic(this AuthenticationBuilder authBuilder, MyIdentityOptions identityOptions)
+        {
+            if (identityOptions.IsOidcConfigured())
+            {
+                var displayName = !string.IsNullOrWhiteSpace(identityOptions.OidcName) ? identityOptions.OidcName : OpenIdConnectDefaults.DisplayName;
+
+                authBuilder.AddOpenIdConnect("ExternalOidc", displayName, options =>
+                {
+                    options.Authority = identityOptions.OidcAuthority;
+                    options.ClientId = identityOptions.OidcClient;
+                    options.ClientSecret = identityOptions.OidcSecret;
+                    options.RequireHttpsMetadata = false;
+                });
+            }
+
+            return authBuilder;
+        }
+    }
+}
--- a/src/Squidex/Config/MyIdentityOptions.cs
+++ b/src/Squidex/Config/MyIdentityOptions.cs
@ -21,6 +21,14 @@ namespace Squidex.Config

        public string MicrosoftSecret { get; set; }

+        public string OidcName { get; set; }
+
+        public string OidcClient { get; set; }
+
+        public string OidcSecret { get; set; }
+
+        public string OidcAuthority { get; set; }
+
        public string AuthorityUrl { get; set; }

        public string PrivacyUrl { get; set; }
@ -36,6 +44,11 @@ namespace Squidex.Config
            return !string.IsNullOrWhiteSpace(AdminEmail) && !string.IsNullOrWhiteSpace(AdminPassword);
        }

+        public bool IsOidcConfigured()
+        {
+            return !string.IsNullOrWhiteSpace(OidcAuthority) && !string.IsNullOrWhiteSpace(OidcClient) && !string.IsNullOrWhiteSpace(OidcSecret);
+        }
+
        public bool IsGoogleAuthConfigured()
        {
            return !string.IsNullOrWhiteSpace(GoogleClient) && !string.IsNullOrWhiteSpace(GoogleSecret);
--- a/src/Squidex/appsettings.json
+++ b/src/Squidex/appsettings.json
@ -232,6 +232,13 @@
     */
    "microsoftClient": "b55da740-6648-4502-8746-b9003f29d5f1",
    "microsoftSecret": "idWbANxNYEF4cB368WXJhjN",
+    /*
+     * Settings for your custom oidc server.
+     */
+    "oidcName": "OIDC",
+    "oidcAuthority": "",
+    "oidcClient": "", 
+    "oidcSecret": ""
    /*
     * Lock new users automatically, the administrator must unlock them.
     */