using App.Shared;
...
namespace App.Server
{
public class Startup
{
...
public void ConfigureServices(IServiceCollection services)
{
...
services.AddDefaultIdentity<AppUser>(options =>
{
options.SignIn.RequireConfirmedAccount = true;
})
.AddRoles<IdentityRole>()
.AddEntityFrameworkStores<AppDb>();
services.AddIdentityServer()
.AddApiAuthorization<AppUser, AppDb>(options =>
{
// https://github.com/dotnet/AspNetCore.Docs/issues/17649
options.IdentityResources["openid"].UserClaims.Add("role");
options.ApiResources.Single().UserClaims.Add("role");
});
// Need to do this as it maps "role" to ClaimTypes.Role and causes issues
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Remove("role");
services.AddAuthentication()
.AddIdentityServerJwt();
services.AddAuthorization(options => options.AddAppPolicies());
...
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
...
app.UseAuthentication();
app.UseAuthorization();
app.UseIdentityServer();
...
}
}
}