OnlineShop/AppWithTests/OnlineShop/OnlineShop.Web/AuthExtensions.cs

using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
using Microsoft.IdentityModel.Protocols.OpenIdConnect;

namespace OnlineShop.Web;

public static class AuthExtensions
{
    public static void ConfigureWebAppOpenIdConnect(this AuthenticationBuilder authentication)
    {
        // Named options
        authentication.Services
            .AddOptions<OpenIdConnectOptions>(
                OpenIdConnectDefaults.AuthenticationScheme)
            .Configure<
                IConfiguration,
                IHttpClientFactory,
                IHostEnvironment>(Configure);

        // Unnamed options
        authentication.Services.AddOptions<OpenIdConnectOptions>()
            .Configure<
                IConfiguration,
                IHttpClientFactory,
                IHostEnvironment>(Configure);

        static void Configure(
            OpenIdConnectOptions options,
            IConfiguration configuration,
            IHttpClientFactory httpClientFactory,
            IHostEnvironment hostEnvironment)
        {
            var backchannelHttpClient =
                httpClientFactory.CreateClient(
                    "OidcBackchannel");

            options.Backchannel = backchannelHttpClient;
            options.Authority =
                backchannelHttpClient
                    .GetIdpAuthorityUri().ToString();
            options.ClientId = "webapp";
            options.ClientSecret =
                Environment
                    .GetEnvironmentVariable(
                        "Identity__ClientSecret");
            options.ResponseType =
                OpenIdConnectResponseType.Code;
            options.SaveTokens = true;
            options.RequireHttpsMetadata =
                !hostEnvironment.IsDevelopment();
            options.MapInboundClaims = false;
        }
    }

}