Skip to content

Commit

Permalink
Use MapInboundClaims and get rid of useEndpoints (#515)
Browse files Browse the repository at this point in the history
Co-authored-by: Roland Guijt <[email protected]>
  • Loading branch information
RolandGuijt and Roland Guijt authored Sep 10, 2024
1 parent 9b1ffab commit 0ba7897
Showing 1 changed file with 11 additions and 20 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -106,7 +106,6 @@ builder.Services
.AddBff()
.AddRemoteApis();

JwtSecurityTokenHandler.DefaultMapInboundClaims = false;
builder.Services
.AddAuthentication(options =>
{
Expand All @@ -125,6 +124,7 @@ builder.Services
options.Scope.Add("offline_access");
options.SaveTokens = true;
options.GetClaimsFromUserInfoEndpoint = true;
options.MapInboundClaims = false;
});

var app = builder.Build();
Expand Down Expand Up @@ -153,11 +153,7 @@ app.UseAuthentication();
app.UseBff();

app.UseAuthorization();

app.UseEndpoints(endpoints =>
{
endpoints.MapBffManagementEndpoints();
});
app.MapBffManagementEndpoints();

app.Run();
```
Expand Down Expand Up @@ -412,25 +408,20 @@ HttpContext.GetUserAccessTokenAsync();*
### Update routing to accept local and remote API calls

Next, you need to register both the local API and the BFF proxy for the remote
API in the ASP.NET Core routing system. Add the code below to the *UseEndpoints*
call in *src/JavaScriptClient/Program.cs*.
API in the ASP.NET Core routing system. Add the code below to the endpoint configuration code in *src/JavaScriptClient/Program.cs*.

```cs
app.UseEndpoints(endpoints =>
{
endpoints.MapBffManagementEndpoints();

// Uncomment this for Controller support
// endpoints.MapControllers()
// .AsBffApiEndpoint();
app.MapBffManagementEndpoints();

endpoints.MapGet("/local/identity", LocalIdentityHandler)
.AsBffApiEndpoint();
// Uncomment this for Controller support
// app.MapControllers()
// .AsBffApiEndpoint();
endpoints.MapRemoteBffApiEndpoint("/remote", "https://localhost:6001")
.RequireAccessToken(Duende.Bff.TokenType.User);
app.MapGet("/local/identity", LocalIdentityHandler)
.AsBffApiEndpoint();

});
app.MapRemoteBffApiEndpoint("/remote", "https://localhost:6001")
.RequireAccessToken(Duende.Bff.TokenType.User);
```
The call to the *AsBffApiEndpoint()* fluent helper method adds BFF support to
the local APIs. This includes anti-forgery protection as well as suppressing
Expand Down

0 comments on commit 0ba7897

Please sign in to comment.