Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable PS256 signing by default on oauth apps and add a checkbox for existing apps #18

Merged
merged 2 commits into from
Mar 11, 2024
Merged

Enable PS256 signing by default on oauth apps and add a checkbox for existing apps #18

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
687c364
Allow PS256 signing by default
DebugOk Mar 11, 2024
42946ad
Add a checkbox to enable/disable PS256 signing
DebugOk Mar 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
1 change: 1 addition & 0 deletions SS14.Web/Areas/Identity/Pages/Account/Manage/OAuthApps/Create.cshtml.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,7 @@ public async Task<IActionResult> OnPostAsync()
new() { Scope = "profile" },
new() { Scope = "email" }
},
AllowedIdentityTokenSigningAlgorithms = "PS256",
RedirectUris = new List<ClientRedirectUri>
{
new() { RedirectUri = Input.CallbackUrl }
Expand Down
6 changes: 6 additions & 0 deletions SS14.Web/Areas/Identity/Pages/Account/Manage/OAuthApps/Manage.cshtml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,12 @@
<label asp-for="Input.RequirePkce" class="form-check-label"></label>
</div>
</div>
<div class="form-group">
<div class="form-check">
<input asp-for="Input.AllowPS256" class="form-check-input"/>
<label asp-for="Input.AllowPS256" class="form-check-label"></label>
</div>
</div>
<button type="submit" asp-page-handler="Update" class="btn btn-primary">Update</button>
</form>
<div class="col-lg-6">
Expand Down
8 changes: 7 additions & 1 deletion SS14.Web/Areas/Identity/Pages/Account/Manage/OAuthApps/Manage.cshtml.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,10 @@ public sealed class InputModel
[Required]
[DisplayName("Require PKCE")]
public bool RequirePkce { get; set; }

[Required]
[DisplayName("Allow PS256 signing")]
public bool AllowPS256 { get; set; } = true;
}

public Manage(ApplicationDbContext dbContext, UserManager<SpaceUser> userManager)
Expand All @@ -62,7 +66,8 @@ public async Task<IActionResult> OnGetAsync(int client)
Name = App.Client.ClientName,
CallbackUrl = App.Client.RedirectUris.FirstOrDefault()?.RedirectUri ?? "",
HomepageUrl = App.Client.ClientUri,
RequirePkce = App.Client.RequirePkce
RequirePkce = App.Client.RequirePkce,
AllowPS256 = App.Client.AllowedIdentityTokenSigningAlgorithms?.Contains("PS256") ?? false
};

return Page();
Expand All @@ -77,6 +82,7 @@ public async Task<IActionResult> OnPostUpdateAsync(int client)
App.Client.RedirectUris = new List<ClientRedirectUri> { new() { RedirectUri = Input.CallbackUrl } };
App.Client.ClientUri = Input.HomepageUrl;
App.Client.RequirePkce = Input.RequirePkce;
App.Client.AllowedIdentityTokenSigningAlgorithms = Input.AllowPS256 ? "PS256" : null;

await _dbContext.SaveChangesAsync();

Expand Down