From e679f62c57ae67bd6ca9448fed4ee88353073131 Mon Sep 17 00:00:00 2001 From: Gabriel Santos Date: Fri, 7 Nov 2025 10:11:46 -0500 Subject: [PATCH 1/4] Added gpa-colors css for frontend shared css files since gpa-gemstone requires it --- .../Shared/Content/gpa-colors.css | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 src/Gemstone.Web/Shared/Content/gpa-colors.css diff --git a/src/Gemstone.Web/Shared/Content/gpa-colors.css b/src/Gemstone.Web/Shared/Content/gpa-colors.css new file mode 100644 index 00000000..08a963ba --- /dev/null +++ b/src/Gemstone.Web/Shared/Content/gpa-colors.css @@ -0,0 +1,24 @@ +:root { + --gpa-0: #A30000; + --gpa-1: #0029A3; + --gpa-2: #007A29; + --gpa-3: #d3d3d3; + --gpa-4: #FF0000; + --gpa-5: #0066CC; + --gpa-6: #33CC33; + --gpa-7: #4287f5; + --gpa-8: #edc240; + --gpa-9: #afd8f8; + --gpa-10: #cb4b4b; + --gpa-11: #4da74d; + --gpa-12: #9440ed; + --gpa-13: #BD9B33; + --gpa-14: #EE2E2F; + --gpa-15: #008C48; + --gpa-16: #185AA9; + --gpa-17: #F47D23; + --gpa-18: #662C91; + --gpa-19: #A21D21; + --gpa-20: #B43894; + --gpa-21: #737373; +} From 7387040736ca62d809eea7176efe8b8de2f4e7e6 Mon Sep 17 00:00:00 2001 From: Christoph Lackner Date: Wed, 12 Nov 2025 16:33:13 -0500 Subject: [PATCH 2/4] Added Logic to use OAUth AuthProvider --- src/Gemstone.Web/Gemstone.Web.csproj | 1 + .../Security/IAuthenticationWebBuilder.cs | 28 +++++++++++++++++++ 2 files changed, 29 insertions(+) diff --git a/src/Gemstone.Web/Gemstone.Web.csproj b/src/Gemstone.Web/Gemstone.Web.csproj index e9c1a956..0810e8c7 100644 --- a/src/Gemstone.Web/Gemstone.Web.csproj +++ b/src/Gemstone.Web/Gemstone.Web.csproj @@ -65,6 +65,7 @@ + diff --git a/src/Gemstone.Web/Security/IAuthenticationWebBuilder.cs b/src/Gemstone.Web/Security/IAuthenticationWebBuilder.cs index e2f0f500..8fe6239f 100644 --- a/src/Gemstone.Web/Security/IAuthenticationWebBuilder.cs +++ b/src/Gemstone.Web/Security/IAuthenticationWebBuilder.cs @@ -22,10 +22,13 @@ //****************************************************************************************************** using System; +using System.Security.Claims; using System.Threading.Tasks; +using Gemstone.Configuration; using Gemstone.Security.AuthenticationProviders; using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication.Cookies; +using Microsoft.AspNetCore.Authentication.OpenIdConnect; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Http; using Microsoft.Extensions.DependencyInjection; @@ -249,8 +252,33 @@ private static AuthenticationBuilder ConfigureGemstoneWebDefaults(this IServiceC return services .AddWindowsAuthenticationProvider() + .AddOAuthAuthenticationProvider((config) => + { + SettingsSection section = Settings.Instance["Security.OpenIDConnect"]; + config.UserIdClaim = (string)section["UserIdClaim"] ?? "sub"; + }) .AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme) .AddNegotiate("windows", _ => { }) + .AddOpenIdConnect("oauth", options => + { + SettingsSection section = Settings.Instance["Security.OpenIDConnect"]; + + //options.Authority = "https://auth.gridprotectionalliance.org/realms/Test"; + //options.ClientId = "PQDigest"; + //options.ClientSecret = "5vjXZXmliLyTkTxGeHD7WvyHQPgrd98E"; + //options.CallbackPath = "/index.html"; + + options.Authority = (string)section["Authority"]; + options.ClientId = (string)section["ClientId"]; + options.ClientSecret = (string)section["ClientSecret"]; + options.CallbackPath = "/index.html"; + + options.Scope.Add("openid"); + + foreach (string scope in ((string)section["Scopes"]).Split(' ', StringSplitOptions.RemoveEmptyEntries)) + options.Scope.Add(scope); + + }) .AddCookie(); } } From 31d2ee29e4abb0bafe56f11a91a480cf621a1166 Mon Sep 17 00:00:00 2001 From: Christoph Lackner Date: Wed, 26 Nov 2025 09:26:20 -0500 Subject: [PATCH 3/4] Fixed Logic to allow Disabling of OAuth --- .../Security/IAuthenticationWebBuilder.cs | 47 ++++++++++--------- 1 file changed, 25 insertions(+), 22 deletions(-) diff --git a/src/Gemstone.Web/Security/IAuthenticationWebBuilder.cs b/src/Gemstone.Web/Security/IAuthenticationWebBuilder.cs index 8fe6239f..98e599ad 100644 --- a/src/Gemstone.Web/Security/IAuthenticationWebBuilder.cs +++ b/src/Gemstone.Web/Security/IAuthenticationWebBuilder.cs @@ -250,35 +250,38 @@ private static AuthenticationBuilder ConfigureGemstoneWebDefaults(this IServiceC options.Cookie.IsEssential = true; }); - return services - .AddWindowsAuthenticationProvider() - .AddOAuthAuthenticationProvider((config) => + // Only Add OpenID if it is configured + SettingsSection section = Settings.Instance["Security.OpenIDConnect"]; + bool addOAuth = (bool)(section["Enabled"] ?? false); + + IServiceCollection authenticationServices = services.AddWindowsAuthenticationProvider(); + + if (addOAuth) + authenticationServices = authenticationServices.AddOAuthAuthenticationProvider((config) => { - SettingsSection section = Settings.Instance["Security.OpenIDConnect"]; - config.UserIdClaim = (string)section["UserIdClaim"] ?? "sub"; - }) + config.UserIdClaim = (string)(section["UserIdClaim"] ?? "sub"); + }); + + AuthenticationBuilder builder = authenticationServices .AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme) - .AddNegotiate("windows", _ => { }) - .AddOpenIdConnect("oauth", options => - { - SettingsSection section = Settings.Instance["Security.OpenIDConnect"]; + .AddNegotiate("windows", _ => { }); - //options.Authority = "https://auth.gridprotectionalliance.org/realms/Test"; - //options.ClientId = "PQDigest"; - //options.ClientSecret = "5vjXZXmliLyTkTxGeHD7WvyHQPgrd98E"; - //options.CallbackPath = "/index.html"; + if (addOAuth) + builder.AddOpenIdConnect("oauth", options => + { + options.Authority = (string)(section["Authority"] ?? ""); + options.ClientId = (string)(section["ClientId"] ?? ""); + options.ClientSecret = (string)(section["ClientSecret"] ?? ""); + options.CallbackPath = "/index.html"; - options.Authority = (string)section["Authority"]; - options.ClientId = (string)section["ClientId"]; - options.ClientSecret = (string)section["ClientSecret"]; - options.CallbackPath = "/index.html"; + options.Scope.Add("openid"); - options.Scope.Add("openid"); + foreach (string scope in ((string)(section["Scopes"] ?? "")).Split(' ', StringSplitOptions.RemoveEmptyEntries)) + options.Scope.Add(scope); - foreach (string scope in ((string)section["Scopes"]).Split(' ', StringSplitOptions.RemoveEmptyEntries)) - options.Scope.Add(scope); + }); - }) + return builder .AddCookie(); } } From 321007072e9331e1029164d6e7b777931d835447 Mon Sep 17 00:00:00 2001 From: StephenCWills Date: Wed, 26 Nov 2025 15:18:55 -0500 Subject: [PATCH 4/4] Replace references to Settings singleton with Options parameter --- .../Security/IAuthenticationWebBuilder.cs | 61 ++++++++----------- 1 file changed, 27 insertions(+), 34 deletions(-) diff --git a/src/Gemstone.Web/Security/IAuthenticationWebBuilder.cs b/src/Gemstone.Web/Security/IAuthenticationWebBuilder.cs index 98e599ad..32042eac 100644 --- a/src/Gemstone.Web/Security/IAuthenticationWebBuilder.cs +++ b/src/Gemstone.Web/Security/IAuthenticationWebBuilder.cs @@ -22,13 +22,10 @@ //****************************************************************************************************** using System; -using System.Security.Claims; using System.Threading.Tasks; -using Gemstone.Configuration; using Gemstone.Security.AuthenticationProviders; using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication.Cookies; -using Microsoft.AspNetCore.Authentication.OpenIdConnect; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Http; using Microsoft.Extensions.DependencyInjection; @@ -195,6 +192,30 @@ public static AuthenticationBuilder ConfigureGemstoneWebAuthentication(this ISer .ConfigureGemstoneWebDefaults(); } + /// + /// Configures an authentication provider that uses OAuth to authenticate users. + /// + /// The authentication builder for the application + /// The options to configure the OAuth provider + /// The authentication builder for the application. + public static AuthenticationBuilder ConfigureOAuthProvider(this AuthenticationBuilder builder, OAuthAuthenticationProviderOptions providerOptions) + { + builder.Services.AddOAuthAuthenticationProvider(providerOptions); + + return builder.AddOpenIdConnect("oauth", config => + { + config.Authority = providerOptions.Authority; + config.ClientId = providerOptions.ClientId; + config.ClientSecret = providerOptions.ClientSecret; + config.CallbackPath = "/index.html"; + + config.Scope.Add("openid"); + + foreach (string scope in providerOptions.Scopes.Split(' ', StringSplitOptions.RemoveEmptyEntries)) + config.Scope.Add(scope); + }); + } + /// /// Automatically configures the request pipeline to support well-known authentication providers. /// @@ -250,38 +271,10 @@ private static AuthenticationBuilder ConfigureGemstoneWebDefaults(this IServiceC options.Cookie.IsEssential = true; }); - // Only Add OpenID if it is configured - SettingsSection section = Settings.Instance["Security.OpenIDConnect"]; - bool addOAuth = (bool)(section["Enabled"] ?? false); - - IServiceCollection authenticationServices = services.AddWindowsAuthenticationProvider(); - - if (addOAuth) - authenticationServices = authenticationServices.AddOAuthAuthenticationProvider((config) => - { - config.UserIdClaim = (string)(section["UserIdClaim"] ?? "sub"); - }); - - AuthenticationBuilder builder = authenticationServices + return services + .AddWindowsAuthenticationProvider() .AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme) - .AddNegotiate("windows", _ => { }); - - if (addOAuth) - builder.AddOpenIdConnect("oauth", options => - { - options.Authority = (string)(section["Authority"] ?? ""); - options.ClientId = (string)(section["ClientId"] ?? ""); - options.ClientSecret = (string)(section["ClientSecret"] ?? ""); - options.CallbackPath = "/index.html"; - - options.Scope.Add("openid"); - - foreach (string scope in ((string)(section["Scopes"] ?? "")).Split(' ', StringSplitOptions.RemoveEmptyEntries)) - options.Scope.Add(scope); - - }); - - return builder + .AddNegotiate("windows", _ => { }) .AddCookie(); } }