imhven
/
abp
mirror of https://github.com/abpframework/abp
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Ignore antiforgery token on token and userinfo endpoint

Browse Source 
Resolve #13568
pull/13599/head
maliming 3 years ago
parent 0c4fe0c9af
commit d62605509e
No known key found for this signature in database
GPG Key ID: 096224957E51C89E
2 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File

4
modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/TokenController.cs
Unescape View File

@ -1,5 +1,4 @@
using System.Linq;
using System.Threading.Tasks;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Options;
@ -9,6 +8,7 @@ using Volo.Abp.OpenIddict.ExtensionGrantTypes;
namespace Volo.Abp.OpenIddict.Controllers;
[Route("connect/token")]
[IgnoreAntiforgeryToken]
[ApiExplorerSettings(IgnoreApi = true)]
public partial class TokenController : AbpOpenIdDictControllerBase
{

1
modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/UserInfoController.cs
Unescape View File

@ -11,6 +11,7 @@ using Volo.Abp.Security.Claims;
namespace Volo.Abp.OpenIddict.Controllers;
[Route("connect/userinfo")]
[IgnoreAntiforgeryToken]
[Authorize(AuthenticationSchemes = OpenIddictServerAspNetCoreDefaults.AuthenticationScheme)]
[ApiExplorerSettings(IgnoreApi = true)]
public class UserInfoController : AbpOpenIdDictControllerBase

Write Preview
Loading…
Cancel
Save