diff --git a/src/Ignis.Api/Controllers/AuthorizationController.cs b/src/Ignis.Api/Controllers/AuthorizationController.cs
new file mode 100644
index 0000000..3b64cbb
--- /dev/null
+++ b/src/Ignis.Api/Controllers/AuthorizationController.cs
@@ -0,0 +1,17 @@
+using Ignis.Auth;
+
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+
+namespace Ignis.Api.Controllers;
+
+[ApiController]
+public class AuthorizationController(AuthorizationHandler handler) : ControllerBase
+{
+ /// Exchange credentials for an access token (OAuth 2.0 client_credentials grant).
+ [HttpPost("~/connect/token")]
+ [ProducesResponseType(typeof(object), StatusCodes.Status200OK, "application/json")]
+ [ProducesResponseType(StatusCodes.Status400BadRequest)]
+ [ProducesResponseType(StatusCodes.Status401Unauthorized)]
+ public Task Exchange() => handler.ExchangeAsync(HttpContext);
+}
diff --git a/src/Ignis.Api/Program.cs b/src/Ignis.Api/Program.cs
index 3fa3206..9f379d7 100644
--- a/src/Ignis.Api/Program.cs
+++ b/src/Ignis.Api/Program.cs
@@ -1,6 +1,5 @@
using Ignis.Auth;
using Ignis.Auth.Extensions;
-using Ignis.Auth.Services;
using Spark.Engine;
using Spark.Engine.Extensions;
@@ -16,14 +15,13 @@
var storeSettings = new StoreSettings();
builder.Configuration.Bind("StoreSettings", storeSettings);
-// Bind Auth settings (optional OAuth 2.0 server)
+// Bind Auth settings
var authSettings = new AuthSettings();
builder.Configuration.Bind("AuthSettings", authSettings);
-if (authSettings.Enabled)
-{
- builder.Services.AddIgnisAuth(authSettings, builder.Environment.IsDevelopment());
-}
+builder.Services
+ .AddIgnisAuthServer(authSettings, builder.Environment.IsDevelopment())
+ .AddIgnisClientSync();
// Set up CORS policy
builder.Services.AddCors(options =>
@@ -49,20 +47,7 @@
// Register Spark FHIR engine (also registers controllers + FHIR formatters)
builder.Services.AddFhir(sparkSettings);
-// The project reference to Ignis.Auth causes auto-discovery of its controllers.
-// Remove them when auth is disabled to avoid DI resolution failures.
-builder.Services.AddControllers()
- .ConfigureApplicationPartManager(manager =>
- {
- if (!authSettings.Enabled)
- {
- var authAssemblyName = typeof(AuthSettings).Assembly.GetName().Name;
- var authPart = manager.ApplicationParts
- .FirstOrDefault(p => p.Name == authAssemblyName);
- if (authPart != null)
- manager.ApplicationParts.Remove(authPart);
- }
- });
+builder.Services.AddControllers();
// OpenAPI document generation
builder.Services.AddEndpointsApiExplorer();
@@ -70,13 +55,6 @@
var app = builder.Build();
-if (authSettings.Enabled)
-{
- await using var scope = app.Services.CreateAsyncScope();
- var clientSyncInitializer = scope.ServiceProvider.GetRequiredService();
- await clientSyncInitializer.RunAsync(app.Lifetime.ApplicationStopping);
-}
-
if (app.Environment.IsDevelopment())
{
app.MapOpenApi();
@@ -85,6 +63,10 @@
app.UseHttpsRedirection();
app.UseRouting();
app.UseCors();
+app.UseAuthentication();
+app.UseAuthorization();
+
+await app.SyncOAuthClientsAsync();
app.MapControllers();
app.MapGet("/healthz", () => Results.Ok("ok"));
diff --git a/src/Ignis.Api/appsettings.json b/src/Ignis.Api/appsettings.json
index 755ac0a..fe44edb 100644
--- a/src/Ignis.Api/appsettings.json
+++ b/src/Ignis.Api/appsettings.json
@@ -10,7 +10,6 @@
"ConnectionString": "mongodb://localhost:27017/ignis"
},
"AuthSettings": {
- "Enabled": false,
"ConnectionString": "mongodb://localhost:27017/ignis",
"Clients": [
{
diff --git a/src/Ignis.Auth/AuthSettings.cs b/src/Ignis.Auth/AuthSettings.cs
index 76cc7ee..9e03a78 100644
--- a/src/Ignis.Auth/AuthSettings.cs
+++ b/src/Ignis.Auth/AuthSettings.cs
@@ -2,7 +2,6 @@ namespace Ignis.Auth;
public class AuthSettings
{
- public bool Enabled { get; set; }
public string ConnectionString { get; set; } = "";
public List Clients { get; set; } = [];
public AuthEndpointSettings Endpoints { get; set; } = new();
diff --git a/src/Ignis.Auth/AuthorizationHandler.cs b/src/Ignis.Auth/AuthorizationHandler.cs
new file mode 100644
index 0000000..aa8e52b
--- /dev/null
+++ b/src/Ignis.Auth/AuthorizationHandler.cs
@@ -0,0 +1,76 @@
+using System.Security.Claims;
+
+using Microsoft.AspNetCore;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+
+using OpenIddict.Abstractions;
+using OpenIddict.Server.AspNetCore;
+
+using static OpenIddict.Abstractions.OpenIddictConstants;
+
+namespace Ignis.Auth;
+
+///
+/// Contains the OpenIddict token endpoint logic.
+/// Designed to be called from a thin controller in the host application.
+///
+public class AuthorizationHandler
+{
+ private readonly IOpenIddictApplicationManager _applicationManager;
+
+ public AuthorizationHandler(IOpenIddictApplicationManager applicationManager)
+ {
+ _applicationManager = applicationManager;
+ }
+
+ public async Task ExchangeAsync(HttpContext httpContext)
+ {
+ var request = httpContext.GetOpenIddictServerRequest()
+ ?? throw new InvalidOperationException("The OpenID Connect request cannot be retrieved.");
+
+ if (request.IsClientCredentialsGrantType())
+ {
+ return await ExchangeClientCredentialsAsync(request);
+ }
+
+ return ForbidWithError(Errors.UnsupportedGrantType, "The specified grant type is not supported.");
+ }
+
+ private async Task ExchangeClientCredentialsAsync(OpenIddictRequest request)
+ {
+ if (string.IsNullOrEmpty(request.ClientId))
+ {
+ return ForbidWithError(Errors.InvalidClient, "The client identifier is missing.");
+ }
+
+ var application = await _applicationManager.FindByClientIdAsync(request.ClientId);
+ if (application is null)
+ {
+ return ForbidWithError(Errors.InvalidClient, "The specified client application was not found.");
+ }
+
+ var identity = new ClaimsIdentity(
+ OpenIddictServerAspNetCoreDefaults.AuthenticationScheme,
+ Claims.Name, Claims.Role);
+
+ identity.SetClaim(Claims.Subject, await _applicationManager.GetClientIdAsync(application));
+ identity.SetClaim(Claims.Name, await _applicationManager.GetDisplayNameAsync(application));
+
+ identity.SetScopes(request.GetScopes());
+ identity.SetDestinations(static claim => [Destinations.AccessToken]);
+
+ return new SignInResult(
+ OpenIddictServerAspNetCoreDefaults.AuthenticationScheme,
+ new ClaimsPrincipal(identity));
+ }
+
+ private static ForbidResult ForbidWithError(string error, string description) =>
+ new([OpenIddictServerAspNetCoreDefaults.AuthenticationScheme],
+ new AuthenticationProperties(new Dictionary
+ {
+ [OpenIddictServerAspNetCoreConstants.Properties.Error] = error,
+ [OpenIddictServerAspNetCoreConstants.Properties.ErrorDescription] = description,
+ }));
+}
diff --git a/src/Ignis.Auth/Controllers/AuthorizationController.cs b/src/Ignis.Auth/Controllers/AuthorizationController.cs
deleted file mode 100644
index 8728042..0000000
--- a/src/Ignis.Auth/Controllers/AuthorizationController.cs
+++ /dev/null
@@ -1,83 +0,0 @@
-using System.Security.Claims;
-
-using Microsoft.AspNetCore;
-using Microsoft.AspNetCore.Http;
-using Microsoft.AspNetCore.Mvc;
-
-using OpenIddict.Abstractions;
-using OpenIddict.Server.AspNetCore;
-
-using static OpenIddict.Abstractions.OpenIddictConstants;
-
-namespace Ignis.Auth.Controllers;
-
-[ApiController]
-public class AuthorizationController : ControllerBase
-{
- private readonly IOpenIddictApplicationManager _applicationManager;
-
- public AuthorizationController(IOpenIddictApplicationManager applicationManager)
- {
- _applicationManager = applicationManager;
- }
-
- [HttpPost("~/connect/token")]
- [EndpointDescription("Exchange client credentials for an access token (OAuth 2.0 client_credentials grant).")]
- [ProducesResponseType(typeof(object), StatusCodes.Status200OK, "application/json")]
- [ProducesResponseType(StatusCodes.Status400BadRequest)]
- [ProducesResponseType(StatusCodes.Status401Unauthorized)]
- public async Task Exchange()
- {
- var request = HttpContext.GetOpenIddictServerRequest()
- ?? throw new InvalidOperationException("The OpenID Connect request cannot be retrieved.");
-
- if (!request.IsClientCredentialsGrantType())
- {
- return Forbid(
- authenticationSchemes: OpenIddictServerAspNetCoreDefaults.AuthenticationScheme,
- properties: new(new Dictionary
- {
- [OpenIddictServerAspNetCoreConstants.Properties.Error] = Errors.UnsupportedGrantType,
- [OpenIddictServerAspNetCoreConstants.Properties.ErrorDescription] =
- "The specified grant type is not supported.",
- }));
- }
-
- if (string.IsNullOrEmpty(request.ClientId))
- {
- return Forbid(
- authenticationSchemes: OpenIddictServerAspNetCoreDefaults.AuthenticationScheme,
- properties: new(new Dictionary
- {
- [OpenIddictServerAspNetCoreConstants.Properties.Error] = Errors.InvalidClient,
- [OpenIddictServerAspNetCoreConstants.Properties.ErrorDescription] =
- "The client identifier is missing.",
- }));
- }
-
- var application = await _applicationManager.FindByClientIdAsync(request.ClientId);
- if (application is null)
- {
- return Forbid(
- authenticationSchemes: OpenIddictServerAspNetCoreDefaults.AuthenticationScheme,
- properties: new(new Dictionary
- {
- [OpenIddictServerAspNetCoreConstants.Properties.Error] = Errors.InvalidClient,
- [OpenIddictServerAspNetCoreConstants.Properties.ErrorDescription] =
- "The specified client application was not found.",
- }));
- }
-
- var identity = new ClaimsIdentity(
- OpenIddictServerAspNetCoreDefaults.AuthenticationScheme,
- Claims.Name, Claims.Role);
-
- identity.SetClaim(Claims.Subject, await _applicationManager.GetClientIdAsync(application));
- identity.SetClaim(Claims.Name, await _applicationManager.GetDisplayNameAsync(application));
-
- identity.SetScopes(request.GetScopes());
- identity.SetDestinations(static claim => [Destinations.AccessToken]);
-
- return SignIn(new ClaimsPrincipal(identity), OpenIddictServerAspNetCoreDefaults.AuthenticationScheme);
- }
-}
diff --git a/src/Ignis.Auth/Extensions/ServiceCollectionExtensions.cs b/src/Ignis.Auth/Extensions/AuthServerExtensions.cs
similarity index 78%
rename from src/Ignis.Auth/Extensions/ServiceCollectionExtensions.cs
rename to src/Ignis.Auth/Extensions/AuthServerExtensions.cs
index c41179c..7986bf8 100644
--- a/src/Ignis.Auth/Extensions/ServiceCollectionExtensions.cs
+++ b/src/Ignis.Auth/Extensions/AuthServerExtensions.cs
@@ -1,7 +1,5 @@
using System.Security.Cryptography.X509Certificates;
-using Ignis.Auth.Services;
-
using Microsoft.Extensions.DependencyInjection;
using MongoDB.Driver;
@@ -10,26 +8,46 @@
namespace Ignis.Auth.Extensions;
-public static class ServiceCollectionExtensions
+public static class AuthServerExtensions
{
- public static IServiceCollection AddIgnisAuth(
+ ///
+ /// Registers the OpenIddict authorization server and certificates.
+ /// Use this when the application acts as an authorization server.
+ ///
+ public static IServiceCollection AddIgnisAuthServer(
this IServiceCollection services,
AuthSettings settings,
bool useDevelopmentCertificates)
{
ArgumentNullException.ThrowIfNull(settings);
- ArgumentNullException.ThrowIfNull(settings.ConnectionString, "AuthSettings:ConnectionString is required when auth is enabled.");
- ArgumentNullException.ThrowIfNull(settings.Endpoints?.TokenEndpointPath, "AuthSettings:Endpoints:TokenEndpointPath is required when auth is enabled.");
+ ArgumentException.ThrowIfNullOrWhiteSpace(settings.ConnectionString);
services.Configure(options =>
{
- options.Enabled = settings.Enabled;
options.ConnectionString = settings.ConnectionString;
options.Clients = settings.Clients;
options.Endpoints = settings.Endpoints;
options.Certificates = settings.Certificates;
});
+ services.AddOpenIddictServer(settings, useDevelopmentCertificates);
+ services.AddOpenIddict()
+ .AddValidation(options =>
+ {
+ options.UseLocalServer();
+ options.UseAspNetCore();
+ });
+
+ services.AddTransient();
+
+ return services;
+ }
+
+ private static void AddOpenIddictServer(
+ this IServiceCollection services,
+ AuthSettings settings,
+ bool useDevelopmentCertificates)
+ {
services.AddOpenIddict()
.AddCore(options =>
{
@@ -43,31 +61,20 @@ public static IServiceCollection AddIgnisAuth(
.SetTokenEndpointUris(settings.Endpoints.TokenEndpointPath)
.AllowClientCredentialsFlow();
- ConfigureCertificates(options, settings, useDevelopmentCertificates);
+ ConfigureCertificates(options, settings.Certificates, useDevelopmentCertificates);
var aspNetCoreBuilder = options
.UseAspNetCore()
.EnableTokenEndpointPassthrough();
if (useDevelopmentCertificates)
- {
aspNetCoreBuilder.DisableTransportSecurityRequirement();
- }
- })
- .AddValidation(options =>
- {
- options.UseLocalServer();
- options.UseAspNetCore();
});
-
- services.AddTransient();
-
- return services;
}
private static void ConfigureCertificates(
OpenIddictServerBuilder options,
- AuthSettings settings,
+ AuthCertificateSettings certs,
bool useDevelopmentCertificates)
{
if (useDevelopmentCertificates)
@@ -78,8 +85,6 @@ private static void ConfigureCertificates(
return;
}
- var certs = settings.Certificates;
-
options
.AddSigningCertificate(LoadCertificate(
certs.SigningCertificatePath,
diff --git a/src/Ignis.Auth/Extensions/AuthServiceExtensions.cs b/src/Ignis.Auth/Extensions/AuthServiceExtensions.cs
new file mode 100644
index 0000000..faaefef
--- /dev/null
+++ b/src/Ignis.Auth/Extensions/AuthServiceExtensions.cs
@@ -0,0 +1,31 @@
+using Ignis.Auth.Services;
+
+using Microsoft.AspNetCore.Builder;
+using Microsoft.Extensions.DependencyInjection;
+
+namespace Ignis.Auth.Extensions;
+
+public static class AuthServiceExtensions
+{
+ ///
+ /// Registers for syncing configured OAuth clients to MongoDB.
+ /// Call on the built to run it on startup.
+ ///
+ public static IServiceCollection AddIgnisClientSync(
+ this IServiceCollection services)
+ {
+ services.AddTransient();
+ return services;
+ }
+
+ ///
+ /// Runs the OAuth client sync on startup, ensuring configured clients exist in MongoDB.
+ /// Requires to have been called during service registration.
+ ///
+ public static async Task SyncOAuthClientsAsync(this WebApplication app)
+ {
+ await using var scope = app.Services.CreateAsyncScope();
+ var initializer = scope.ServiceProvider.GetRequiredService();
+ await initializer.RunAsync(app.Lifetime.ApplicationStopping);
+ }
+}
diff --git a/src/Ignis.Auth/README.md b/src/Ignis.Auth/README.md
index 1a19bc4..27761ed 100644
--- a/src/Ignis.Auth/README.md
+++ b/src/Ignis.Auth/README.md
@@ -2,7 +2,7 @@
OAuth 2.0 token service for Ignis, built on [OpenIddict](https://documentation.openiddict.com/) with MongoDB storage.
-Currently supports the `client_credentials` grant type.
+The library provides an `AuthorizationHandler` containing the token endpoint logic, while the host application supplies a thin controller that delegates to it. Currently supports the `client_credentials` grant type.
## Configuration
@@ -15,12 +15,10 @@ Currently supports the `client_credentials` grant type.
{
"ClientId": "my-client",
"ClientSecret": "my-secret",
- "DisplayName": "My Client"
+ "DisplayName": "My Client",
+ "AllowedGrantTypes": ["client_credentials"]
}
],
- "Endpoints": {
- "TokenEndpointPath": "connect/token"
- },
"Certificates": {
"SigningCertificatePath": "certs/signing.pfx",
"SigningCertificatePassword": "",
diff --git a/tests/Ignis.Api.Tests/AuthConfigurationTests.cs b/tests/Ignis.Api.Tests/AuthConfigurationTests.cs
index c36dbf9..0c5aaeb 100644
--- a/tests/Ignis.Api.Tests/AuthConfigurationTests.cs
+++ b/tests/Ignis.Api.Tests/AuthConfigurationTests.cs
@@ -75,50 +75,10 @@ private static string CreateTempCertificate(string subject, string password)
}
[Fact]
- public async Task TokenEndpoint_NotAvailable_WhenAuthDisabled()
+ public async Task TokenEndpoint_ReturnsAccessToken()
{
var envVars = new Dictionary
{
- ["AuthSettings__Enabled"] = "false",
- ["AuthSettings__ConnectionString"] = _connectionString,
- ["StoreSettings__ConnectionString"] = _connectionString,
- };
- SetEnvVars(envVars);
- try
- {
- await using var factory = CreateFactory(new Dictionary
- {
- ["StoreSettings:ConnectionString"] = _connectionString,
- ["SparkSettings:Endpoint"] = "https://localhost/fhir",
- ["SparkSettings:FhirRelease"] = "R4",
- ["SparkSettings:UseAsynchronousIO"] = "true",
- ["AuthSettings:Enabled"] = "false",
- ["AuthSettings:ConnectionString"] = _connectionString,
- });
- using var client = factory.CreateClient();
-
- var response = await client.PostAsync("/connect/token",
- new FormUrlEncodedContent(new Dictionary
- {
- ["grant_type"] = "client_credentials",
- ["client_id"] = "test-client",
- ["client_secret"] = "test-secret",
- }), CT);
-
- response.StatusCode.Should().Be(HttpStatusCode.NotFound);
- }
- finally
- {
- ClearEnvVars(envVars);
- }
- }
-
- [Fact]
- public async Task TokenEndpoint_Available_WhenAuthEnabled()
- {
- var envVars = new Dictionary
- {
- ["AuthSettings__Enabled"] = "true",
["AuthSettings__ConnectionString"] = _connectionString,
["AuthSettings__Clients__0__ClientId"] = "config-client",
["AuthSettings__Clients__0__ClientSecret"] = "config-secret",
@@ -135,7 +95,6 @@ public async Task TokenEndpoint_Available_WhenAuthEnabled()
["SparkSettings:Endpoint"] = "https://localhost/fhir",
["SparkSettings:FhirRelease"] = "R4",
["SparkSettings:UseAsynchronousIO"] = "true",
- ["AuthSettings:Enabled"] = "true",
["AuthSettings:ConnectionString"] = _connectionString,
["AuthSettings:Clients:0:ClientId"] = "config-client",
["AuthSettings:Clients:0:ClientSecret"] = "config-secret",
@@ -171,7 +130,6 @@ public async Task TokenEndpoint_Works_WithCertificatesInProduction()
{
var envVars = new Dictionary
{
- ["AuthSettings__Enabled"] = "true",
["AuthSettings__ConnectionString"] = _connectionString,
["AuthSettings__Clients__0__ClientId"] = "cert-client",
["AuthSettings__Clients__0__ClientSecret"] = "cert-secret",
@@ -192,7 +150,6 @@ public async Task TokenEndpoint_Works_WithCertificatesInProduction()
["SparkSettings:Endpoint"] = "https://localhost/fhir",
["SparkSettings:FhirRelease"] = "R4",
["SparkSettings:UseAsynchronousIO"] = "true",
- ["AuthSettings:Enabled"] = "true",
["AuthSettings:ConnectionString"] = _connectionString,
["AuthSettings:Clients:0:ClientId"] = "cert-client",
["AuthSettings:Clients:0:ClientSecret"] = "cert-secret",
@@ -235,7 +192,6 @@ public void Startup_Fails_WhenCertificatesMissing_InProduction()
{
var envVars = new Dictionary
{
- ["AuthSettings__Enabled"] = "true",
["AuthSettings__ConnectionString"] = _connectionString,
["AuthSettings__Clients__0__ClientId"] = "cert-client",
["AuthSettings__Clients__0__ClientSecret"] = "cert-secret",
@@ -253,7 +209,6 @@ public void Startup_Fails_WhenCertificatesMissing_InProduction()
["SparkSettings:Endpoint"] = "https://localhost/fhir",
["SparkSettings:FhirRelease"] = "R4",
["SparkSettings:UseAsynchronousIO"] = "true",
- ["AuthSettings:Enabled"] = "true",
["AuthSettings:ConnectionString"] = _connectionString,
["AuthSettings:Clients:0:ClientId"] = "cert-client",
["AuthSettings:Clients:0:ClientSecret"] = "cert-secret",
diff --git a/tests/Ignis.Api.Tests/ClientSyncInitializerTests.cs b/tests/Ignis.Api.Tests/ClientSyncInitializerTests.cs
index 8953da2..9353273 100644
--- a/tests/Ignis.Api.Tests/ClientSyncInitializerTests.cs
+++ b/tests/Ignis.Api.Tests/ClientSyncInitializerTests.cs
@@ -47,14 +47,12 @@ public async ValueTask DisposeAsync()
["SparkSettings:Endpoint"] = "https://localhost/fhir",
["SparkSettings:FhirRelease"] = "R4",
["SparkSettings:UseAsynchronousIO"] = "true",
- ["AuthSettings:Enabled"] = "true",
["AuthSettings:ConnectionString"] = _connectionString,
};
var envVars = new Dictionary
{
["StoreSettings__ConnectionString"] = _connectionString,
- ["AuthSettings__Enabled"] = "true",
["AuthSettings__ConnectionString"] = _connectionString,
};
diff --git a/tests/Ignis.Api.Tests/IgnisApiFactory.cs b/tests/Ignis.Api.Tests/IgnisApiFactory.cs
index 5eadc9e..833ce8c 100644
--- a/tests/Ignis.Api.Tests/IgnisApiFactory.cs
+++ b/tests/Ignis.Api.Tests/IgnisApiFactory.cs
@@ -1,7 +1,6 @@
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Mvc.Testing;
using Microsoft.Extensions.Configuration;
-using Microsoft.Extensions.DependencyInjection;
namespace Ignis.Api.Tests;
@@ -24,21 +23,14 @@ protected override void ConfigureWebHost(IWebHostBuilder builder)
["SparkSettings:Endpoint"] = "https://localhost/fhir",
["SparkSettings:FhirRelease"] = "R4",
["SparkSettings:UseAsynchronousIO"] = "true",
- ["AuthSettings:Enabled"] = "true",
["AuthSettings:ConnectionString"] = _connectionString,
["AuthSettings:Clients:0:ClientId"] = "test-client",
["AuthSettings:Clients:0:ClientSecret"] = "test-secret",
["AuthSettings:Clients:0:DisplayName"] = "Test Client",
["AuthSettings:Clients:0:AllowedGrantTypes:0"] = "client_credentials",
- ["AuthSettings:Clients:0:RedirectUris:0"] = "http://localhost/callback",
});
});
- builder.ConfigureServices(services =>
- {
- services.AddSingleton();
- });
-
builder.UseEnvironment("Development");
}
}
diff --git a/tests/Ignis.Api.Tests/IntegrationFixture.cs b/tests/Ignis.Api.Tests/IntegrationFixture.cs
index 0367bb6..a498b1a 100644
--- a/tests/Ignis.Api.Tests/IntegrationFixture.cs
+++ b/tests/Ignis.Api.Tests/IntegrationFixture.cs
@@ -33,14 +33,11 @@ private static string BuildConnectionString(string raw)
private static readonly string[] EnvVarKeys =
[
"StoreSettings__ConnectionString",
- "AuthSettings__Enabled",
"AuthSettings__ConnectionString",
"AuthSettings__Clients__0__ClientId",
"AuthSettings__Clients__0__ClientSecret",
"AuthSettings__Clients__0__DisplayName",
"AuthSettings__Clients__0__AllowedGrantTypes__0",
- "AuthSettings__Clients__0__AllowedGrantTypes__1",
- "AuthSettings__Clients__0__RedirectUris__0",
];
public async ValueTask InitializeAsync()
@@ -49,13 +46,11 @@ public async ValueTask InitializeAsync()
var connectionString = BuildConnectionString(_mongo.GetConnectionString());
Environment.SetEnvironmentVariable("StoreSettings__ConnectionString", connectionString);
- Environment.SetEnvironmentVariable("AuthSettings__Enabled", "true");
Environment.SetEnvironmentVariable("AuthSettings__ConnectionString", connectionString);
Environment.SetEnvironmentVariable("AuthSettings__Clients__0__ClientId", "test-client");
Environment.SetEnvironmentVariable("AuthSettings__Clients__0__ClientSecret", "test-secret");
Environment.SetEnvironmentVariable("AuthSettings__Clients__0__DisplayName", "Test Client");
Environment.SetEnvironmentVariable("AuthSettings__Clients__0__AllowedGrantTypes__0", "client_credentials");
- Environment.SetEnvironmentVariable("AuthSettings__Clients__0__RedirectUris__0", "http://localhost/callback");
Factory = new IgnisApiFactory(connectionString);
}