Activities of "maliming"

默认的项目模版就是这样工作的.

Blazor Server 或者 WASM 会使用code流通过AuthServer完成认证(获取access token/ id token).

你的最终需求是在authserver中完成登录吗?

谢谢

hi

I noticed that it gets executed 4 times. Is this the expected behavior? This causes an issue because I cannot reliably set my claim value to false.

Yes, the BankIdClaimsPrincipalContributor will be called by some services. So executing 4 times is normal.

You can use BankIdOpenIddictServerHandler to add more claims.

This works, but it only adds the claim to the access_token. How can I also include the claim in the id_token?

Can you change your BankIdOpenIddictServerHandler code to add claims to context.IdentityTokenPrincipal?

Thanks,

hi

Blazor Server and WASM apps can only redirect to the AuthServer project to sign in(code flow).

Thanks.

hi

Please set the issuer, and add a middleware to set ctx.Request.Scheme to HTTPS

public override void PreConfigureServices(ServiceConfigurationContext context)
{
    PreConfigure<OpenIddictServerBuilder>(serverBuilder =>
    {
        serverBuilder.AddProductionEncryptionAndSigningCertificate("openiddict.pfx", configuration["AuthServer:CertificatePassPhrase"]!);
        serverBuilder.SetIssuer(new Uri(configuration["AuthServer:Authority"]!));
    });
}

public override void OnApplicationInitialization(ApplicationInitializationContext context)
{
    var app = context.GetApplicationBuilder();
    var env = context.GetEnvironment();

    app.Use((ctx, next) =>
    {
        /* This application should act like it is always called as HTTPS.
         * Because it will work in a HTTPS url in production,
         * but the HTTPS is stripped out in Ingress controller.
         */
        ctx.Request.Scheme = "https";
        return next();
    });

hi

I updated my PR code.

XXXCore and XXXAuth are both auth servers.

So you can use a username and password to get an access token from them.

But the user has to exist in their database.

hi

After creating a user in your XXXCore database, you can send a token request to XXXCore to obtain the user access token.

Thanks,

Great : )

hi

The Blazor Server and WASM use different authentication methods.

In a short, Blazor Server and WASM can't use your EmployeeNumberGrant

Thanks,.

hi

Your app will add initial EF Core migrations if it doesn't exist.

If you want to remove all migrations, Just delete Migrations folder.

BTW, there is an empty Armada.EntityFrameworkCore folder. Maybe you can try to remove it, I think this is why the app can't find the right folder.

Thanks.