添加允许通过外部源登录当前站点
This commit is contained in:
ShaoHua
@@ -1,4 +1,5 @@
|
||||
using System;
|
||||
using System.Threading.Tasks;
|
||||
using System.Collections.Generic;
|
||||
using System.IO;
|
||||
using System.Linq;
|
||||
@@ -123,6 +124,39 @@ public class DemoHttpApiHostModule : AbpModule
|
||||
private void ConfigureAuthentication(ServiceConfigurationContext context)
|
||||
{
|
||||
context.Services.ForwardIdentityAuthenticationForBearer(OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme);
|
||||
|
||||
var configuration = context.Services.GetConfiguration();
|
||||
context.Services.AddAuthentication()
|
||||
.AddOpenIdConnect("WeGit", "Login with WeGit", options =>
|
||||
{
|
||||
options.Authority = "https://git.we965.cn";
|
||||
options.ClientId = configuration["Authentication:WeGit:ClientId"]!;
|
||||
options.ClientSecret = configuration["Authentication:WeGit:ClientSecret"]!;
|
||||
options.ResponseType = "code";
|
||||
|
||||
// Gitea specific scopes or defaults
|
||||
options.Scope.Add("openid");
|
||||
options.Scope.Add("profile");
|
||||
options.Scope.Add("email");
|
||||
|
||||
// Ensure HTTPS
|
||||
options.RequireHttpsMetadata = true;
|
||||
options.SaveTokens = true;
|
||||
|
||||
// Handle events if needed, e.g. mapping claims
|
||||
options.Events.OnTokenValidated = async context =>
|
||||
{
|
||||
// You might need to map specific claims here if Gitea returns non-standard ones
|
||||
await Task.CompletedTask;
|
||||
};
|
||||
|
||||
// Bypass SSL certificate validation (DEV ONLY)
|
||||
options.BackchannelHttpHandler = new System.Net.Http.HttpClientHandler
|
||||
{
|
||||
ServerCertificateCustomValidationCallback = System.Net.Http.HttpClientHandler.DangerousAcceptAnyServerCertificateValidator
|
||||
};
|
||||
});
|
||||
|
||||
context.Services.Configure<AbpClaimsPrincipalFactoryOptions>(options =>
|
||||
{
|
||||
options.IsDynamicClaimsEnabled = true;
|
||||
|
||||
Reference in New Issue
Block a user