how to do fake oidc auth during debug

Question

im building some blazor wasm project i use company oidc so in wasm i have

 builder.Services.AddOidcAuthentication(opt =>
{
  opt.ProviderOptions.Authority = "https://xx.zz.pl/auth/cp";
  opt.ProviderOptions.ClientId = "xxx";
  opt.ProviderOptions.DefaultScopes.Add("email");
  opt.ProviderOptions.ResponseType = "code";
});

and i have api configured to use this

 builder.Services
   .AddAuthentication("Bearer")
   .AddJwtBearer("Bearer", options =>
   {
      options.Authority = "https://xx.zz.pl/auth/cp";;
   });
 

and this works fine but question is how to skip this logon part during debug so i do not have everytime i run login with my corp account

i can do on api part do that if debug then allow anonym and this will work fine for every request

but how in this frontend webassembly to hardcode some 'superadmin' account with all perms so it use this always during debug ? like fake oidc?

thanks and regards !

Answer 1

ok so i did eventually in webassembly

if (builder.HostEnvironment.IsDevelopment()) 
{
   builder.Services.AddScoped<AuthenticationStateProvider, 
   DebugAuthStateProvicer>();
}
else 
 builder.Services.AddOidcAuthentication......

and this provider like

  public class DebugAuthStateProvicer : AuthenticationStateProvider
  {
    public override async Task<AuthenticationState> GetAuthenticationStateAsync()
    {

            var identity = new ClaimsIdentity();
            var claims = new List<Claim> { new Claim(ClaimTypes.Name, "DebugAdmin") };

            claims.Add(new Claim(ClaimTypes.Role, "Admin"));

            identity = new ClaimsIdentity(claims, "Server authentication");
    }
   
    return new AuthenticationState(new ClaimsPrincipal(identity));
  }

Answer 2

If you just want to create your own local ClaimsPrincipal user, then I have used this code in my Startup.cs class (the request pipeline) to create a /login and /logout endpoint:

app.UseEndpoints(endpoints =>
{
    endpoints.MapGet("/login", async context =>
    {
        var claims = new Claim[]
        {
                            //Standard claims
                            new Claim(ClaimTypes.Name, "Joe Svensson"),
                            new Claim(ClaimTypes.Country, "Sweden"),
                            new Claim(ClaimTypes.Email, "[email protected]"),

                            //Custom claims
                            new Claim("JobTitle", "Developer"),
                            new Claim("JobLevel", "Senior"),
        };

        ClaimsIdentity identity = new ClaimsIdentity(claims: claims,
                                          authenticationType: CookieAuthenticationDefaults.AuthenticationScheme);

        ClaimsPrincipal user = new ClaimsPrincipal(identity: identity);

        var authProperties = new AuthenticationProperties
        {
            IsPersistent = true
        };

        //Sign-in the user
        await context.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, user, authProperties);

        await context.Response.WriteAsync("<!DOCTYPE html><body>");
        await context.Response.WriteAsync("<h1>Logged in!</h1>");
    });

    endpoints.MapGet("/logout", async context =>
    {
        //Do add a call to the signout method here
        await context.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);

        await context.Response.WriteAsync("<!DOCTYPE html><body>");
        await context.Response.WriteAsync("<h1>Logged out</h1>");
    });

I hope it can of some inspiration for you.