Add usecors to allow setting of allowed origins

Add correct auth header on revocation request
skrymer · Mar 21, 2023 · f5016b5 · f5016b5
1 parent 9b6f2f9
commit f5016b5
Show file tree

Hide file tree

Showing 2 changed files with 38 additions and 1 deletion.
diff --git a/src/Middlewares/BaseAuthMiddleWare.cs b/src/Middlewares/BaseAuthMiddleWare.cs
@@ -0,0 +1,30 @@
+using Duende.IdentityServer.Extensions;
+using Duende.IdentityServer.Configuration;
+
+#pragma warning disable 1591
+
+namespace OpenIdConnectServer.Middlewares
+{
+    public class BaseAuthMiddleWare
+    {
+        private readonly RequestDelegate _next;
+        private readonly IdentityServerOptions _options;
+
+        public BaseAuthMiddleWare(RequestDelegate next, IdentityServerOptions options)
+        {
+            _next = next;
+            _options = options;
+        }
+
+        public async Task Invoke(HttpContext context)
+        {
+            if(context.Request.Path.Value.Contains("revocation")){
+                var plainTextBytes = System.Text.Encoding.UTF8.GetBytes("mock-client-id:mock-client-secret");
+                var base64Encoded = System.Convert.ToBase64String(plainTextBytes);
+                context.Response.Headers.Add("Authorization", "Basic " +  base64Encoded);
+                context.Request.Headers["Authorization"] = "Basic " + base64Encoded;
+            }
+            await _next(context);
+        }
+    }
+}
diff --git a/src/Program.cs b/src/Program.cs
@@ -53,7 +53,6 @@
 
 var app = builder.Build();
 
-
 var aspNetServicesOptions = Config.GetAspNetServicesOptions();
 AspNetServicesHelper.ConfigureAspNetServices(builder.Services, aspNetServicesOptions);
 AspNetServicesHelper.UseAspNetServices(app, aspNetServicesOptions);
@@ -62,6 +61,13 @@
 Config.ConfigureOptions<IdentityServerHost.Pages.Logout.LogoutOptions>("LOGOUT");
 
 app.UseDeveloperExceptionPage();
+var corsOptions = Config.GetServerCorsAllowedOrigins();
+
+app.UseCors(builder => builder
+     .WithOrigins(corsOptions.First())
+     .AllowAnyMethod()
+     .AllowAnyHeader()
+     .AllowCredentials());
 
 app.UseIdentityServer();
 
@@ -71,6 +77,7 @@
     app.UseWhen(ctx => ctx.Request.Path.StartsWithSegments(basePath), appBuilder =>
     {
         appBuilder.UseMiddleware<BasePathMiddleware>();
+        appBuilder.UseMiddleware<BaseAuthMiddleWare>();
         appBuilder.UseMiddleware<IdentityServerMiddleware>();
     });
 }