Add CorsOrigin when create identity server client.

5 years ago · 3511de5b3f
parent 53d74ecb9a
commit 3511de5b3f
2 changed files with 42 additions and 10 deletions
--- a/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.Domain/IdentityServer/IdentityServerDataSeedContributor.cs
+++ b/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.Domain/IdentityServer/IdentityServerDataSeedContributor.cs
@ -158,7 +158,8 @@ namespace MyCompanyName.MyProjectName.IdentityServer
                    secret: (configurationSection["MyProjectName_Web:ClientSecret"] ?? "1q2w3e*").Sha256(),
                    redirectUri: $"{webClientRootUrl}signin-oidc",
                    postLogoutRedirectUri: $"{webClientRootUrl}signout-callback-oidc",
-                    frontChannelLogoutUri: $"{webClientRootUrl}Account/FrontChannelLogout"
+                    frontChannelLogoutUri: $"{webClientRootUrl}Account/FrontChannelLogout",
+                    corsOrigins: new[] { webClientRootUrl }
                );
            }

@ -175,7 +176,8 @@ namespace MyCompanyName.MyProjectName.IdentityServer
                    secret: (configurationSection["MyProjectName_App:ClientSecret"] ?? "1q2w3e*").Sha256(),
                    requireClientSecret: false,
                    redirectUri: webClientRootUrl,
-                    postLogoutRedirectUri: webClientRootUrl
+                    postLogoutRedirectUri: webClientRootUrl,
+                    corsOrigins: new[] { webClientRootUrl }
                );
            }

@ -192,7 +194,8 @@ namespace MyCompanyName.MyProjectName.IdentityServer
                    secret: configurationSection["MyProjectName_Blazor:ClientSecret"]?.Sha256(),
                    requireClientSecret: false,
                    redirectUri: $"{blazorRootUrl}/authentication/login-callback",
-                    postLogoutRedirectUri: $"{blazorRootUrl}/authentication/logout-callback"
+                    postLogoutRedirectUri: $"{blazorRootUrl}/authentication/logout-callback",
+                    corsOrigins: new[] { blazorRootUrl }
                );
            }

@ -208,7 +211,8 @@ namespace MyCompanyName.MyProjectName.IdentityServer
                    grantTypes: new[] { "authorization_code" },
                    secret: configurationSection["MyProjectName_Swagger:ClientSecret"]?.Sha256(),
                    requireClientSecret: false,
-                    redirectUri: $"{swaggerRootUrl}/swagger/oauth2-redirect.html"
+                    redirectUri: $"{swaggerRootUrl}/swagger/oauth2-redirect.html",
+                    corsOrigins: new[] { swaggerRootUrl }
                );
            }
        }
@ -223,7 +227,8 @@ namespace MyCompanyName.MyProjectName.IdentityServer
            string frontChannelLogoutUri = null,
            bool requireClientSecret = true,
            bool requirePkce = false,
-            IEnumerable<string> permissions = null)
+            IEnumerable<string> permissions = null,
+            IEnumerable<string> corsOrigins = null)
        {
            var client = await _clientRepository.FindByClientIdAsync(name);
            if (client == null)
@ -302,6 +307,17 @@ namespace MyCompanyName.MyProjectName.IdentityServer
                );
            }

+            if (corsOrigins != null)
+            {
+                foreach (var origin in corsOrigins)
+                {
+                    if (client.FindCorsOrigin(origin) == null)
+                    {
+                        client.AddCorsOrigin(origin);
+                    }
+                }
+            }
+
            return await _clientRepository.UpdateAsync(client);
        }
    }
--- a/templates/module/aspnet-core/host/MyCompanyName.MyProjectName.IdentityServer/IdentityServer/IdentityServerDataSeedContributor.cs
+++ b/templates/module/aspnet-core/host/MyCompanyName.MyProjectName.IdentityServer/IdentityServer/IdentityServerDataSeedContributor.cs
@ -158,7 +158,8 @@ namespace MyCompanyName.MyProjectName.IdentityServer
                    secret: (configurationSection["MyProjectName_Web:ClientSecret"] ?? "1q2w3e*").Sha256(),
                    redirectUri: $"{webClientRootUrl}signin-oidc",
                    postLogoutRedirectUri: $"{webClientRootUrl}signout-callback-oidc",
-                    frontChannelLogoutUri: $"{webClientRootUrl}Account/FrontChannelLogout"
+                    frontChannelLogoutUri: $"{webClientRootUrl}Account/FrontChannelLogout",
+                    corsOrigins: new[] { webClientRootUrl }
                );
            }

@ -175,7 +176,8 @@ namespace MyCompanyName.MyProjectName.IdentityServer
                    secret: (configurationSection["MyProjectName_App:ClientSecret"] ?? "1q2w3e*").Sha256(),
                    requireClientSecret: false,
                    redirectUri: webClientRootUrl,
-                    postLogoutRedirectUri: webClientRootUrl
+                    postLogoutRedirectUri: webClientRootUrl,
+                    corsOrigins: new[] { webClientRootUrl }
                );
            }

@ -192,7 +194,8 @@ namespace MyCompanyName.MyProjectName.IdentityServer
                    secret: configurationSection["MyProjectName_Blazor:ClientSecret"]?.Sha256(),
                    requireClientSecret: false,
                    redirectUri: $"{blazorRootUrl}/authentication/login-callback",
-                    postLogoutRedirectUri: $"{blazorRootUrl}/authentication/logout-callback"
+                    postLogoutRedirectUri: $"{blazorRootUrl}/authentication/logout-callback",
+                    corsOrigins: new[] { blazorRootUrl }
                );
            }

@ -208,7 +211,8 @@ namespace MyCompanyName.MyProjectName.IdentityServer
                    grantTypes: new[] { "authorization_code" },
                    secret: configurationSection["MyProjectName_Swagger:ClientSecret"]?.Sha256(),
                    requireClientSecret: false,
-                    redirectUri: $"{swaggerRootUrl}/swagger/oauth2-redirect.html"
+                    redirectUri: $"{swaggerRootUrl}/swagger/oauth2-redirect.html",
+                    corsOrigins: new[] { swaggerRootUrl }
                );
            }
        }
@ -223,7 +227,8 @@ namespace MyCompanyName.MyProjectName.IdentityServer
            string frontChannelLogoutUri = null,
            bool requireClientSecret = true,
            bool requirePkce = false,
-            IEnumerable<string> permissions = null)
+            IEnumerable<string> permissions = null,
+            IEnumerable<string> corsOrigins = null)
        {
            var client = await _clientRepository.FindByClientIdAsync(name);
            if (client == null)
@ -302,6 +307,17 @@ namespace MyCompanyName.MyProjectName.IdentityServer
                );
            }

+            if (corsOrigins != null)
+            {
+                foreach (var origin in corsOrigins)
+                {
+                    if (client.FindCorsOrigin(origin) == null)
+                    {
+                        client.AddCorsOrigin(origin);
+                    }
+                }
+            }
+
            return await _clientRepository.UpdateAsync(client);
        }
    }