Blazor
Client:
cs
using Blazor.Client;
using Microsoft.AspNetCore.Components.Web;
using Microsoft.AspNetCore.Components.WebAssembly.Authentication;
using Microsoft.AspNetCore.Components.WebAssembly.Hosting;
var builder = WebAssemblyHostBuilder.CreateDefault(args);
builder.RootComponents.Add<App>("#app");
builder.RootComponents.Add<HeadOutlet>("head::after");
var services = builder.Services;
RegisterHttpClient(builder, services);
builder.Services.AddOidcAuthentication(options =>
{
options.ProviderOptions.MetadataUrl = "http://localhost:8080/realms/Test/.well-known/openid-configuration";
options.ProviderOptions.Authority = "http://localhost:8080/realms/Test";
options.ProviderOptions.ClientId = "test-client";
options.ProviderOptions.ResponseType = "id_token token";
//options.ProviderOptions.DefaultScopes.Add("Audience");
options.UserOptions.NameClaim = "preferred_username";
options.UserOptions.RoleClaim = "roles";
options.UserOptions.ScopeClaim = "scope";
});
var app = builder.Build();
await app.RunAsync();
static void RegisterHttpClient(
WebAssemblyHostBuilder builder,
IServiceCollection services)
{
var httpClientName = "Default";
services.AddHttpClient(httpClientName,
client => client.BaseAddress = new Uri(builder.HostEnvironment.BaseAddress))
.AddHttpMessageHandler<BaseAddressAuthorizationMessageHandler>();
services.AddScoped(
sp => sp.GetRequiredService<IHttpClientFactory>()
.CreateClient(httpClientName));
}Server:
cs
using System.Globalization;
using Keycloak.AuthServices.Authentication;
using Microsoft.OpenApi.Models;
using Serilog;
using Serilog.Events;
var builder = WebApplication.CreateBuilder(args);
var services = builder.Services;
var configuration = builder.Configuration;
services.AddControllersWithViews();
services.AddRazorPages();
services.AddEndpointsApiExplorer();
var openIdConnectUrl = $"{configuration["Keycloak:auth-server-url"]}realms/{configuration["Keycloak:realm"]}/.well-known/openid-configuration";
services.AddSwaggerGen(c =>
{
var securityScheme = new OpenApiSecurityScheme
{
Name = "Auth",
In = ParameterLocation.Header,
Type = SecuritySchemeType.OpenIdConnect,
OpenIdConnectUrl = new Uri(openIdConnectUrl),
Scheme = "bearer",
BearerFormat = "JWT",
Reference = new OpenApiReference
{
Id = "Bearer",
Type = ReferenceType.SecurityScheme
}
};
c.AddSecurityDefinition(securityScheme.Reference.Id, securityScheme);
c.AddSecurityRequirement(new OpenApiSecurityRequirement
{
{securityScheme, Array.Empty<string>()}
});
});
Log.Logger = new LoggerConfiguration()
.MinimumLevel.Verbose()
.WriteTo.Console(
outputTemplate: "[{Level:u4}] | {Message:lj}{NewLine}{Exception}",
restrictedToMinimumLevel: LogEventLevel.Information,
formatProvider: CultureInfo.InvariantCulture)
.CreateBootstrapLogger();
builder.Host.UseSerilog();
services.AddKeycloakWebApiAuthentication(configuration);
var app = builder.Build();
if (app.Environment.IsDevelopment())
{
app.UseWebAssemblyDebugging();
app.UseSwagger().UseSwaggerUI();
}
else
{
app.UseExceptionHandler("/Error");
}
app.UseBlazorFrameworkFiles();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.MapRazorPages();
app.MapControllers();
app.MapFallbackToFile("index.html");
app.Run();See sample source code: keycloak-authorization-services-dotnet/tree/main/samples/Blazor