diff --git a/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.Domain/IdentityServer/IdentityServerDataSeedContributor.cs b/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.Domain/IdentityServer/IdentityServerDataSeedContributor.cs index 39cd540f46..badfde46da 100644 --- a/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.Domain/IdentityServer/IdentityServerDataSeedContributor.cs +++ b/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.Domain/IdentityServer/IdentityServerDataSeedContributor.cs @@ -158,7 +158,8 @@ namespace MyCompanyName.MyProjectName.IdentityServer secret: (configurationSection["MyProjectName_Web:ClientSecret"] ?? "1q2w3e*").Sha256(), redirectUri: $"{webClientRootUrl}signin-oidc", postLogoutRedirectUri: $"{webClientRootUrl}signout-callback-oidc", - frontChannelLogoutUri: $"{webClientRootUrl}Account/FrontChannelLogout" + frontChannelLogoutUri: $"{webClientRootUrl}Account/FrontChannelLogout", + corsOrigins: new[] { webClientRootUrl } ); } @@ -175,7 +176,8 @@ namespace MyCompanyName.MyProjectName.IdentityServer secret: (configurationSection["MyProjectName_App:ClientSecret"] ?? "1q2w3e*").Sha256(), requireClientSecret: false, redirectUri: webClientRootUrl, - postLogoutRedirectUri: webClientRootUrl + postLogoutRedirectUri: webClientRootUrl, + corsOrigins: new[] { webClientRootUrl } ); } @@ -192,7 +194,8 @@ namespace MyCompanyName.MyProjectName.IdentityServer secret: configurationSection["MyProjectName_Blazor:ClientSecret"]?.Sha256(), requireClientSecret: false, redirectUri: $"{blazorRootUrl}/authentication/login-callback", - postLogoutRedirectUri: $"{blazorRootUrl}/authentication/logout-callback" + postLogoutRedirectUri: $"{blazorRootUrl}/authentication/logout-callback", + corsOrigins: new[] { blazorRootUrl } ); } @@ -208,7 +211,8 @@ namespace MyCompanyName.MyProjectName.IdentityServer grantTypes: new[] { "authorization_code" }, secret: configurationSection["MyProjectName_Swagger:ClientSecret"]?.Sha256(), requireClientSecret: false, - redirectUri: $"{swaggerRootUrl}/swagger/oauth2-redirect.html" + redirectUri: $"{swaggerRootUrl}/swagger/oauth2-redirect.html", + corsOrigins: new[] { swaggerRootUrl } ); } } @@ -223,7 +227,8 @@ namespace MyCompanyName.MyProjectName.IdentityServer string frontChannelLogoutUri = null, bool requireClientSecret = true, bool requirePkce = false, - IEnumerable permissions = null) + IEnumerable permissions = null, + IEnumerable corsOrigins = null) { var client = await _clientRepository.FindByClientIdAsync(name); if (client == null) @@ -302,6 +307,17 @@ namespace MyCompanyName.MyProjectName.IdentityServer ); } + if (corsOrigins != null) + { + foreach (var origin in corsOrigins) + { + if (client.FindCorsOrigin(origin) == null) + { + client.AddCorsOrigin(origin); + } + } + } + return await _clientRepository.UpdateAsync(client); } } diff --git a/templates/module/aspnet-core/host/MyCompanyName.MyProjectName.IdentityServer/IdentityServer/IdentityServerDataSeedContributor.cs b/templates/module/aspnet-core/host/MyCompanyName.MyProjectName.IdentityServer/IdentityServer/IdentityServerDataSeedContributor.cs index 39cd540f46..badfde46da 100644 --- a/templates/module/aspnet-core/host/MyCompanyName.MyProjectName.IdentityServer/IdentityServer/IdentityServerDataSeedContributor.cs +++ b/templates/module/aspnet-core/host/MyCompanyName.MyProjectName.IdentityServer/IdentityServer/IdentityServerDataSeedContributor.cs @@ -158,7 +158,8 @@ namespace MyCompanyName.MyProjectName.IdentityServer secret: (configurationSection["MyProjectName_Web:ClientSecret"] ?? "1q2w3e*").Sha256(), redirectUri: $"{webClientRootUrl}signin-oidc", postLogoutRedirectUri: $"{webClientRootUrl}signout-callback-oidc", - frontChannelLogoutUri: $"{webClientRootUrl}Account/FrontChannelLogout" + frontChannelLogoutUri: $"{webClientRootUrl}Account/FrontChannelLogout", + corsOrigins: new[] { webClientRootUrl } ); } @@ -175,7 +176,8 @@ namespace MyCompanyName.MyProjectName.IdentityServer secret: (configurationSection["MyProjectName_App:ClientSecret"] ?? "1q2w3e*").Sha256(), requireClientSecret: false, redirectUri: webClientRootUrl, - postLogoutRedirectUri: webClientRootUrl + postLogoutRedirectUri: webClientRootUrl, + corsOrigins: new[] { webClientRootUrl } ); } @@ -192,7 +194,8 @@ namespace MyCompanyName.MyProjectName.IdentityServer secret: configurationSection["MyProjectName_Blazor:ClientSecret"]?.Sha256(), requireClientSecret: false, redirectUri: $"{blazorRootUrl}/authentication/login-callback", - postLogoutRedirectUri: $"{blazorRootUrl}/authentication/logout-callback" + postLogoutRedirectUri: $"{blazorRootUrl}/authentication/logout-callback", + corsOrigins: new[] { blazorRootUrl } ); } @@ -208,7 +211,8 @@ namespace MyCompanyName.MyProjectName.IdentityServer grantTypes: new[] { "authorization_code" }, secret: configurationSection["MyProjectName_Swagger:ClientSecret"]?.Sha256(), requireClientSecret: false, - redirectUri: $"{swaggerRootUrl}/swagger/oauth2-redirect.html" + redirectUri: $"{swaggerRootUrl}/swagger/oauth2-redirect.html", + corsOrigins: new[] { swaggerRootUrl } ); } } @@ -223,7 +227,8 @@ namespace MyCompanyName.MyProjectName.IdentityServer string frontChannelLogoutUri = null, bool requireClientSecret = true, bool requirePkce = false, - IEnumerable permissions = null) + IEnumerable permissions = null, + IEnumerable corsOrigins = null) { var client = await _clientRepository.FindByClientIdAsync(name); if (client == null) @@ -302,6 +307,17 @@ namespace MyCompanyName.MyProjectName.IdentityServer ); } + if (corsOrigins != null) + { + foreach (var origin in corsOrigins) + { + if (client.FindCorsOrigin(origin) == null) + { + client.AddCorsOrigin(origin); + } + } + } + return await _clientRepository.UpdateAsync(client); } }