This is scenario where we just want to use FIDO as the MFA. The user register and logins with their username and password. For demo purposes, we trigger the MFA registering on sign up.
10 |
12 |
13 |
4 |
--------------------------------------------------------------------------------
/Old/BlazorServerOidc/Data/WeatherForecastService.cs:
--------------------------------------------------------------------------------
1 | namespace BlazorServerOidc.Data
2 | {
3 | public class WeatherForecastService
4 | {
5 | private static readonly string[] Summaries = new[]
6 | {
7 | "Freezing", "Bracing", "Chilly", "Cool", "Mild", "Warm", "Balmy", "Hot", "Sweltering", "Scorching"
8 | };
9 |
10 | public TaskLog out
5 |Are you sure you want to sign out?
6 | 7 | 17 |You are not authorized to access this resource.
16 | } 17 |@ViewData["Title"]
10 | 11 |
12 |
20 |
21 | 13 | This action only disables 2FA. 14 |
15 |16 | Disabling 2FA does not change the keys used in authenticator apps. If you wish to change the key 17 | used in an authenticator app you should reset your authenticator keys. 18 |
19 |
22 |
25 |
26 |
--------------------------------------------------------------------------------
/IdentityProvider/Controllers/ResourceController.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.AspNetCore.Authorization;
2 | using Microsoft.AspNetCore.Identity;
3 | using Microsoft.AspNetCore.Mvc;
4 | using OpenIddict.Validation.AspNetCore;
5 | using OpeniddictServer.Data;
6 |
7 | namespace OpeniddictServer.Controllers;
8 |
9 | [Route("api")]
10 | public class ResourceController : Controller
11 | {
12 | private readonly UserManager
5 |
21 |
--------------------------------------------------------------------------------
/BlazorWebApp/Components/App.razor:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 | Authorization
6 | 7 |Do you want to grant @Model.ApplicationName access to your data? (scopes requested: @Model.Scope)
8 | 9 | 20 |Sorry, there's nothing at this address.
21 |Sorry, there's nothing at this address.
21 |Weather forecast
9 | 10 |This component demonstrates fetching data from a service.
11 | 12 | @if (forecasts == null) 13 | { 14 |Loading...
15 | } 16 | else 17 | { 18 || Date | 22 |Temp. (C) | 23 |Temp. (F) | 24 |Summary | 25 |
|---|---|---|---|
| @forecast.Date.ToShortDateString() | 32 |@forecast.TemperatureC | 33 |@forecast.TemperatureF | 34 |@forecast.Summary | 35 |
21 |
22 | An error has occurred. This application may no longer respond until reloaded.
23 |
24 |
25 | An unhandled exception has occurred. See browser dev tools for details.
26 |
27 | Reload
28 | 🗙
29 |
30 |
31 |
32 |
33 |
34 |
--------------------------------------------------------------------------------
/Old/BlazorServerOidc/Shared/NavMenu.razor.css:
--------------------------------------------------------------------------------
1 | .navbar-toggler {
2 | background-color: rgba(255, 255, 255, 0.1);
3 | }
4 |
5 | .top-row {
6 | height: 3.5rem;
7 | background-color: rgba(0,0,0,0.4);
8 | }
9 |
10 | .navbar-brand {
11 | font-size: 1.1rem;
12 | }
13 |
14 | .oi {
15 | width: 2rem;
16 | font-size: 1.1rem;
17 | vertical-align: text-top;
18 | top: -2px;
19 | }
20 |
21 | .nav-item {
22 | font-size: 0.9rem;
23 | padding-bottom: 0.5rem;
24 | }
25 |
26 | .nav-item:first-of-type {
27 | padding-top: 1rem;
28 | }
29 |
30 | .nav-item:last-of-type {
31 | padding-bottom: 1rem;
32 | }
33 |
34 | .nav-item ::deep a {
35 | color: #d7d7d7;
36 | border-radius: 4px;
37 | height: 3rem;
38 | display: flex;
39 | align-items: center;
40 | line-height: 3rem;
41 | }
42 |
43 | .nav-item ::deep a.active {
44 | background-color: rgba(255,255,255,0.25);
45 | color: white;
46 | }
47 |
48 | .nav-item ::deep a:hover {
49 | background-color: rgba(255,255,255,0.1);
50 | color: white;
51 | }
52 |
53 | @media (min-width: 641px) {
54 | .navbar-toggler {
55 | display: none;
56 | }
57 |
58 | .collapse {
59 | /* Never collapse the sidebar for wide screens */
60 | display: block;
61 | }
62 | }
63 |
--------------------------------------------------------------------------------
/BlazorWebApp/Components/Pages/Error.razor:
--------------------------------------------------------------------------------
1 | @page "/Error"
2 | @using System.Diagnostics
3 |
4 | Error.
7 |An error occurred while processing your request.
8 | 9 | @if (ShowRequestId) 10 | { 11 |
12 | Request ID: @RequestId
13 |
Development Mode
17 |18 | Swapping to Development environment will display more detailed information about the error that occurred. 19 |
20 |21 | The Development environment shouldn't be enabled for deployed applications. 22 | It can result in displaying sensitive information from exceptions to end users. 23 | For local debugging, enable the Development environment by setting the ASPNETCORE_ENVIRONMENT environment variable to Development 24 | and restarting the app. 25 |
26 | 27 | @code{ 28 | [CascadingParameter] 29 | private HttpContext? HttpContext { get; set; } 30 | 31 | private string? RequestId { get; set; } 32 | private bool ShowRequestId => !string.IsNullOrEmpty(RequestId); 33 | 34 | protected override void OnInitialized() => 35 | RequestId = Activity.Current?.Id ?? HttpContext?.TraceIdentifier; 36 | } 37 | -------------------------------------------------------------------------------- /Old/BlazorWebFromBlazorServerOidc/Pages/FetchData.razor: -------------------------------------------------------------------------------- 1 | @page "/fetchdata" 2 | 3 |Weather forecast
9 | 10 |This component demonstrates fetching data from a service.
11 | 12 | @if (forecasts == null) 13 | { 14 |Loading...
15 | } 16 | else 17 | { 18 || Date | 22 |Temp. (C) | 23 |Temp. (F) | 24 |Summary | 25 |
|---|---|---|---|
| @forecast.Date.ToShortDateString() | 32 |@forecast.TemperatureC | 33 |@forecast.TemperatureF | 34 |@forecast.Summary | 35 |
11 |
28 |
29 |
30 | @code {
31 | private bool collapseNavMenu = true;
32 |
33 | private string? NavMenuCssClass => collapseNavMenu ? "collapse" : null;
34 |
35 | private void ToggleNavMenu()
36 | {
37 | collapseNavMenu = !collapseNavMenu;
38 | }
39 | }
40 |
--------------------------------------------------------------------------------
/Old/BlazorWebFromBlazorServerOidc/Layout/NavMenu.razor:
--------------------------------------------------------------------------------
1 |
9 |
10 |
11 |
28 |
29 |
30 | @code {
31 | private bool collapseNavMenu = true;
32 |
33 | private string? NavMenuCssClass => collapseNavMenu ? "collapse" : null;
34 |
35 | private void ToggleNavMenu()
36 | {
37 | collapseNavMenu = !collapseNavMenu;
38 | }
39 | }
40 |
--------------------------------------------------------------------------------
/IdentityProvider/Helpers/FormValueRequiredAttribute.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.AspNetCore.Mvc.Abstractions;
2 | using Microsoft.AspNetCore.Mvc.ActionConstraints;
3 |
4 | namespace OpeniddictServer.Helpers;
5 |
6 | public sealed class FormValueRequiredAttribute : ActionMethodSelectorAttribute
7 | {
8 | private readonly string _name;
9 |
10 | public FormValueRequiredAttribute(string name)
11 | {
12 | _name = name;
13 | }
14 |
15 | public override bool IsValidForRequest(RouteContext context, ActionDescriptor action)
16 | {
17 | if (string.Equals(context.HttpContext.Request.Method, "GET", StringComparison.OrdinalIgnoreCase) ||
18 | string.Equals(context.HttpContext.Request.Method, "HEAD", StringComparison.OrdinalIgnoreCase) ||
19 | string.Equals(context.HttpContext.Request.Method, "DELETE", StringComparison.OrdinalIgnoreCase) ||
20 | string.Equals(context.HttpContext.Request.Method, "TRACE", StringComparison.OrdinalIgnoreCase))
21 | {
22 | return false;
23 | }
24 |
25 | if (string.IsNullOrEmpty(context.HttpContext.Request.ContentType))
26 | {
27 | return false;
28 | }
29 |
30 | if (!context.HttpContext.Request.ContentType.StartsWith("application/x-www-form-urlencoded", StringComparison.OrdinalIgnoreCase))
31 | {
32 | return false;
33 | }
34 |
35 | return !string.IsNullOrEmpty(context.HttpContext.Request.Form[_name]);
36 | }
37 | }
38 |
--------------------------------------------------------------------------------
/Old/BlazorWebFromBlazorServerOidc/App.razor:
--------------------------------------------------------------------------------
1 | @inject IHostEnvironment Env
2 | @inject BlazorNonceService BlazorNonceService
3 | @using System.Security.Cryptography;
4 |
5 |
6 |
7 |
8 |
9 |
10 |
17 |
40 |
41 |
42 |
43 |
--------------------------------------------------------------------------------
/Old/BlazorWebFromBlazorServerOidc/Pages/Error.cshtml:
--------------------------------------------------------------------------------
1 | @page
2 | @model BlazorWebFromBlazorServerOidc.Pages.ErrorModel
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
18 |
39 | Error.
19 |An error occurred while processing your request.
20 | 21 | @if (Model.ShowRequestId) 22 | { 23 |
24 | Request ID: @Model.RequestId
25 |
Development Mode
29 |30 | Swapping to the Development environment displays detailed information about the error that occurred. 31 |
32 |33 | The Development environment shouldn't be enabled for deployed applications. 34 | It can result in displaying sensitive information from exceptions to end users. 35 | For local debugging, enable the Development environment by setting the ASPNETCORE_ENVIRONMENT environment variable to Development 36 | and restarting the app. 37 |
38 |
17 |
40 |
41 |
42 |
43 |
--------------------------------------------------------------------------------
/IdentityProvider/wwwroot/lib/jquery/LICENSE.txt:
--------------------------------------------------------------------------------
1 | Copyright JS Foundation and other contributors, https://js.foundation/
2 |
3 | This software consists of voluntary contributions made by many
4 | individuals. For exact contribution history, see the revision history
5 | available at https://github.com/jquery/jquery
6 |
7 | The following license applies to all parts of this software except as
8 | documented below:
9 |
10 | ====
11 |
12 | Permission is hereby granted, free of charge, to any person obtaining
13 | a copy of this software and associated documentation files (the
14 | "Software"), to deal in the Software without restriction, including
15 | without limitation the rights to use, copy, modify, merge, publish,
16 | distribute, sublicense, and/or sell copies of the Software, and to
17 | permit persons to whom the Software is furnished to do so, subject to
18 | the following conditions:
19 |
20 | The above copyright notice and this permission notice shall be
21 | included in all copies or substantial portions of the Software.
22 |
23 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
24 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
25 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
26 | NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
27 | LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
28 | OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
29 | WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
30 |
31 | ====
32 |
33 | All files located in the node_modules and external directories are
34 | externally maintained libraries used by this software which have their
35 | own licenses; we recommend you read them, as their terms may differ from
36 | the terms above.
37 |
--------------------------------------------------------------------------------
/IdentityProvider/wwwroot/images/securitykey.min.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/BlazorWebApp/SecurityHeadersDefinitions.cs:
--------------------------------------------------------------------------------
1 | namespace BlazorWebApp;
2 |
3 | using Microsoft.AspNetCore.Builder;
4 |
5 | public static class SecurityHeadersDefinitions
6 | {
7 | public static HeaderPolicyCollection GetHeaderPolicyCollection(string? idpHost, bool isDev)
8 | {
9 | ArgumentNullException.ThrowIfNull(idpHost);
10 |
11 | var policy = new HeaderPolicyCollection()
12 | .AddFrameOptionsDeny()
13 | .AddContentTypeOptionsNoSniff()
14 | .AddReferrerPolicyStrictOriginWhenCrossOrigin()
15 | .AddCrossOriginOpenerPolicy(builder => builder.SameOrigin())
16 | .AddCrossOriginResourcePolicy(builder => builder.SameOrigin())
17 | // #if !DEBUG // remove for dev if using Visual studio development hot reload
18 | .AddCrossOriginEmbedderPolicy(builder => builder.RequireCorp())
19 | // #endif
20 | .AddContentSecurityPolicy(builder =>
21 | {
22 | builder.AddObjectSrc().None();
23 | builder.AddBlockAllMixedContent();
24 | builder.AddImgSrc().Self().From("data:");
25 | builder.AddFormAction().Self().From(idpHost);
26 | builder.AddFontSrc().Self();
27 | builder.AddStyleSrc().Self().UnsafeInline();
28 | builder.AddBaseUri().Self();
29 | builder.AddFrameAncestors().None();
30 |
31 | // #if !DEBUG // remove for Visual studio development
32 | builder.AddScriptSrc().WithNonce().UnsafeInline();
33 | // #endif
34 | })
35 | .RemoveServerHeader()
36 | .AddPermissionsPolicyWithDefaultSecureDirectives();
37 |
38 | if (!isDev)
39 | {
40 | // maxage = one year in seconds
41 | policy.AddStrictTransportSecurityMaxAgeIncludeSubDomains();
42 | }
43 |
44 | return policy;
45 | }
46 | }
47 |
--------------------------------------------------------------------------------
/IdentityProvider/Fido2/FidoStoredCredential.cs:
--------------------------------------------------------------------------------
1 | using Fido2NetLib.Objects;
2 | using System.ComponentModel.DataAnnotations.Schema;
3 | using System.Text.Json;
4 |
5 | namespace Fido2Identity;
6 |
7 | ///
18 |
39 | Error.
19 |An error occurred while processing your request.
20 | 21 | @if (Model.ShowRequestId) 22 | { 23 |
24 | Request ID: @Model.RequestId
25 |
Development Mode
29 |30 | Swapping to the Development environment displays detailed information about the error that occurred. 31 |
32 |33 | The Development environment shouldn't be enabled for deployed applications. 34 | It can result in displaying sensitive information from exceptions to end users. 35 | For local debugging, enable the Development environment by setting the ASPNETCORE_ENVIRONMENT environment variable to Development 36 | and restarting the app. 37 |
38 |Weather
7 | 8 |This component demonstrates showing data.
9 | 10 | @if (forecasts == null) 11 | { 12 |Loading...
13 | } 14 | else 15 | { 16 || Date | 20 |Temp. (C) | 21 |Temp. (F) | 22 |Summary | 23 |
|---|---|---|---|
| @forecast.Date.ToShortDateString() | 30 |@forecast.TemperatureC | 31 |@forecast.TemperatureF | 32 |@forecast.Summary | 33 |
37 |
38 |
40 |
41 |
42 |
47 |
48 |
49 |
50 |
51 |
--------------------------------------------------------------------------------
/Old/BlazorWebFromBlazorServerOidc/Pages/SignedOut.cshtml:
--------------------------------------------------------------------------------
1 | @page
2 | @addTagHelper *, NetEscapades.AspNetCore.SecurityHeaders.TagHelpers
3 | @model BlazorWebFromBlazorServerOidc.Pages.SignedOutModel
4 | @{
5 | ViewData["Title"] = "SignedOut";
6 | }
7 |
8 |
9 |
10 |
11 |
12 | You have successfully signed out
39 |
37 |
38 |
40 |
41 |
42 |
47 |
48 |
49 |
50 |
51 |
--------------------------------------------------------------------------------
/BlazorWebApp/Components/Layout/MainLayout.razor:
--------------------------------------------------------------------------------
1 | @inherits LayoutComponentBase
2 | @inject NavigationManager NavigationManager
3 |
4 | You have successfully signed out
39 |
5 |
8 |
9 |
10 |
11 |
12 |
25 |
26 |
32 |
33 |
34 |
35 | @Body
36 |
37 |
38 |
39 |
40 |
13 | @context.User.Identity?.Name
14 |
15 |
24 |
27 |
28 | Login
29 |
30 |
31 |
41 | An unhandled error has occurred.
42 | Reload
43 | 🗙
44 |
45 |
46 | @code {
47 | private string? currentUrl;
48 |
49 | protected override void OnInitialized()
50 | {
51 | currentUrl = NavigationManager.ToBaseRelativePath(NavigationManager.Uri);
52 | NavigationManager.LocationChanged += OnLocationChanged;
53 | }
54 |
55 | private void OnLocationChanged(object? sender, LocationChangedEventArgs e)
56 | {
57 | currentUrl = NavigationManager.ToBaseRelativePath(e.Location);
58 | StateHasChanged();
59 | }
60 |
61 | public void Dispose()
62 | {
63 | NavigationManager.LocationChanged -= OnLocationChanged;
64 | }
65 | }
66 |
67 |
--------------------------------------------------------------------------------
/Old/BlazorWebFromBlazorServerOidc/Controllers/AccountController.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.AspNetCore.Authentication;
2 | using Microsoft.AspNetCore.Authentication.Cookies;
3 | using Microsoft.AspNetCore.Authentication.OpenIdConnect;
4 | using Microsoft.AspNetCore.Authorization;
5 | using Microsoft.AspNetCore.Mvc;
6 |
7 | namespace BlazorWebFromBlazorServerOidc.Controllers;
8 |
9 | [Route("api/[controller]")]
10 | public class AccountController : ControllerBase
11 | {
12 | [HttpGet("Login")]
13 | public ActionResult Login(string? returnUrl, string? claimsChallenge)
14 | {
15 | var properties = GetAuthProperties(returnUrl);
16 |
17 | if (claimsChallenge != null)
18 | {
19 | string jsonString = claimsChallenge.Replace("\\", string.Empty)
20 | .Trim(['"']);
21 |
22 | properties.Items["claims"] = jsonString;
23 | }
24 |
25 | return Challenge(properties);
26 | }
27 |
28 | [ValidateAntiForgeryToken] // not needed explicitly due the the Auto global definition.
29 | [Authorize]
30 | [HttpPost("Logout")]
31 | public IActionResult Logout()
32 | {
33 | return SignOut(
34 | new AuthenticationProperties { RedirectUri = "/SignedOut" },
35 | CookieAuthenticationDefaults.AuthenticationScheme,
36 | OpenIdConnectDefaults.AuthenticationScheme);
37 | }
38 |
39 | /// @ViewData["Title"]
19 |
20 |
46 |
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 |
--------------------------------------------------------------------------------
/IdentityProvider/IdentityProvider.csproj:
--------------------------------------------------------------------------------
1 |
21 |
45 | 2FA/MFA
22 |
23 |
26 |
27 |
28 |
41 |
42 |
43 |
44 |
29 |
30 |
40 | Fido2 2FA
31 | 39 |
37 |
38 | @RenderBody()
39 |
40 |
41 |
42 |
47 |
48 |
49 |
50 |
51 |
52 | @await RenderSectionAsync("Scripts", required: false)
53 |
54 |
55 |
--------------------------------------------------------------------------------
/IdentityProvider/Areas/Identity/Pages/Account/Manage/Fido2Mfa.cshtml:
--------------------------------------------------------------------------------
1 | @page "/Fido2Mfa/{handler?}"
2 | @using Microsoft.AspNetCore.Identity
3 | @inject SignInManager@ViewData["Title"]
20 |
21 |
55 |
56 |
57 |
58 |
59 |
60 |
61 |
62 |
--------------------------------------------------------------------------------
/IdentityProvider/Controllers/UserinfoController.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.AspNetCore.Authentication;
2 | using Microsoft.AspNetCore.Authorization;
3 | using Microsoft.AspNetCore.Identity;
4 | using Microsoft.AspNetCore.Mvc;
5 | using OpenIddict.Abstractions;
6 | using OpenIddict.Server.AspNetCore;
7 | using OpeniddictServer.Data;
8 | using static OpenIddict.Abstractions.OpenIddictConstants;
9 |
10 | namespace OpeniddictServer.Controllers;
11 |
12 | public class UserinfoController : Controller
13 | {
14 | private readonly UserManager
22 |
24 |
27 |
28 |
54 | 2FA/MFA
23 |This is scenario where we just want to use FIDO as the MFA. The user register and logins with their username and password. For demo purposes, we trigger the MFA registering on sign up.
29 |
49 |
50 |
51 |
52 |
53 |
30 |
31 |
48 | Add a Fido2 MFA
32 | 47 |@ViewData["Title"]
11 | @{ 12 | var consentFeature = HttpContext.Features.Get
20 | You have no recovery codes left.
21 |
23 | }
24 | else if (Model.RecoveryCodesLeft == 1)
25 | {
26 | You must generate a new set of recovery codes before you can log in with a recovery code.
22 |
27 | You have 1 recovery code left.
28 |
30 | }
31 | else if (Model.RecoveryCodesLeft <= 3)
32 | {
33 | You can generate a new set of recovery codes.
29 |
34 | You have @Model.RecoveryCodesLeft recovery codes left.
35 |
37 | }
38 |
39 | if (Model.IsMachineRemembered)
40 | {
41 |
44 | }
45 | Disable 2FA
46 | Reset recovery codes
47 | }
48 |
49 | You should generate a new set of recovery codes.
36 |Authenticator app
50 | @if (!Model.HasAuthenticator) 51 | { 52 | Add authenticator app 53 | } 54 | else 55 | { 56 | Set up authenticator app 57 | Reset authenticator app 58 | } 59 | } 60 | else 61 | { 62 |
63 | Privacy and cookie policy have not been accepted.
64 |
66 | }
67 | }
68 |
69 | Add Fido2 MFA
70 |
71 | @section Scripts {
72 |
73 |
74 | }
75 |
--------------------------------------------------------------------------------
/Old/BlazorServerOidc/Program.cs:
--------------------------------------------------------------------------------
1 | using BlazorServerOidc.Data;
2 | using Microsoft.AspNetCore.Authentication.Cookies;
3 | using Microsoft.AspNetCore.Authentication.OpenIdConnect;
4 | using Microsoft.AspNetCore.Authorization;
5 | using Microsoft.AspNetCore.Mvc;
6 | using Microsoft.AspNetCore.Mvc.Authorization;
7 | using Microsoft.IdentityModel.JsonWebTokens;
8 | using Microsoft.IdentityModel.Protocols.OpenIdConnect;
9 | using Microsoft.IdentityModel.Tokens;
10 | using NetEscapades.AspNetCore.SecurityHeaders.Infrastructure;
11 |
12 | namespace BlazorServerOidc;
13 |
14 | public class Program
15 | {
16 | public static void Main(string[] args)
17 | {
18 | var builder = WebApplication.CreateBuilder(args);
19 |
20 | builder.Services.AddSecurityHeaderPolicies()
21 | .SetPolicySelector((PolicySelectorContext ctx) =>
22 | {
23 | return SecurityHeadersDefinitions.GetHeaderPolicyCollection(builder.Environment.IsDevelopment(),
24 | builder.Configuration["OpenIDConnectSettings:Authority"]);
25 | });
26 |
27 | builder.Services.AddAuthentication(options =>
28 | {
29 | options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
30 | options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
31 | })
32 | .AddCookie()
33 | .AddOpenIdConnect(options =>
34 | {
35 | builder.Configuration.GetSection("OpenIDConnectSettings").Bind(options);
36 |
37 | options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
38 | options.ResponseType = OpenIdConnectResponseType.Code;
39 |
40 | options.SaveTokens = true;
41 | options.GetClaimsFromUserInfoEndpoint = true;
42 | options.TokenValidationParameters = new TokenValidationParameters
43 | {
44 | NameClaimType = "name"
45 | };
46 | });
47 |
48 | builder.Services.AddRazorPages().AddMvcOptions(options =>
49 | {
50 | var policy = new AuthorizationPolicyBuilder()
51 | .RequireAuthenticatedUser()
52 | .Build();
53 | options.Filters.Add(new AuthorizeFilter(policy));
54 | });
55 |
56 | builder.Services.AddServerSideBlazor();
57 | builder.Services.AddSingletonYou must accept the policy before you can enable two factor authentication.
65 |
30 | ```
31 |
32 | #### Using Open Iconic's SVG Sprite
33 |
34 | Open Iconic also comes in a SVG sprite which allows you to display all the icons in the set with a single request. It's like an icon font, without being a hack.
35 |
36 | Adding an icon from an SVG sprite is a little different than what you're used to, but it's still a piece of cake. *Tip: To make your icons easily style able, we suggest adding a general class to the* `