15:[["$","$L133",null,{"props":{"lessonContent":{"components":[{"type":"SlateHTML","content":{"html":"

As we know, here are the two types of web API endpoints:

Controllers
Minimal APIs

In this lesson, we will learn different ways of securing the endpoints represented by controller classes. We will do so with the help of the following setup:

","comp_id":"A_Q5RRmpOemxE2LdAK4fX"},"hash":0},{"type":"WebpackBin","mode":"view","content":{"version":6,"theme":"default","showLineNumbers":true,"openFileTree":false,"showConsole":false,"disableExecution":false,"hideResultOutput":true,"hideOutputUrl":false,"hideCodeView":false,"loaders":{"babel":{"title":"React","config":{"es2015":true,"react":true},"enabled":true},"dart":{"title":"Dart","config":{"dart":true},"enabled":false},"ts-react":{"title":"Typescript React","config":{"ts-react":true},"enabled":false},"elm":{"title":"Elm","config":{"elm":true},"enabled":false},"vue":{"title":"Vue.js","config":{"vue":true},"enabled":false},"gojs-react":{"title":"GoJS React","config":{"gojs-react":true},"enabled":false}},"npmPackages":{"react":"15.6.1","react-dom":"15.6.1"},"outputHeight":300,"selectedApiKeys":{},"selectedEnvVars":{},"outputLayout":"desktop","codeContents":{"canAddNpmPackages":true,"judge":{"judgeDisabled":false,"judgeActive":false,"evaluationContent":"$134","hintsContent":[],"solutionContent":"","showSolution":false,"exerciseTabsVisible":false,"version":"1.1"},"module":"/","id":0,"maxId":105,"selectedId":2,"children":[{"children":[{"id":6,"parentId":4,"leaf":true,"module":"appsettings.json","data":{"content":"{\r\n \"Logging\": {\r\n \"LogLevel\": {\r\n \"Default\": \"Information\",\r\n \"Microsoft.AspNetCore\": \"Warning\"\r\n }\r\n },\r\n \"AllowedHosts\": \"*\"\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":7,"parentId":4,"leaf":true,"module":"DemoApp.csproj","data":{"content":"\r\n\r\n \r\n net8.0\r\n enable\r\n enable\r\n \r\n\r\n \r\n \r\n \r\n\r\n","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":"10"}},{"id":9,"parentId":4,"leaf":true,"module":"Program.cs","data":{"content":"$135","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"children":[{"id":11,"parentId":10,"leaf":true,"module":"favicon.ico","data":{"content":"$136","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"children":[{"id":13,"parentId":12,"leaf":true,"module":"site.js","data":{"content":"// Please see documentation at https://docs.microsoft.com/aspnet/core/client-side/bundling-and-minification\r\n// for details on configuring this project to bundle and minify static web assets.\r\n\r\n// Write your JavaScript code.","language":"jsx","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":12,"leaf":false,"module":"js","parentId":10},{"children":[{"id":15,"parentId":14,"leaf":true,"module":"site.css","data":{"content":"html {\r\n font-size: 14px;\r\n}\r\n\r\n@media (min-width: 768px) {\r\n html {\r\n font-size: 16px;\r\n }\r\n}\r\n\r\nhtml {\r\n position: relative;\r\n min-height: 100%;\r\n}\r\n\r\nbody {\r\n margin-bottom: 60px;\r\n}","language":"css","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":14,"leaf":false,"module":"css","parentId":10}],"collapsed":true,"id":10,"leaf":false,"module":"wwwroot","parentId":4},{"children":[{"id":17,"parentId":16,"leaf":true,"module":"_ViewImports.cshtml","data":{"content":"@using DemoApp\r\n@using DemoApp.Models\r\n@addTagHelper *, Microsoft.AspNetCore.Mvc.TagHelpers","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":18,"parentId":16,"leaf":true,"module":"_ViewStart.cshtml","data":{"content":"@{\r\n Layout = \"_Layout\";\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"children":[{"id":20,"parentId":19,"leaf":true,"module":"Error.cshtml","data":{"content":"@model ErrorViewModel\r\n@{\r\n ViewData[\"Title\"] = \"Error\";\r\n}\r\n\r\n

Error.

\r\n

An error occurred while processing your request.

\r\n\r\n@if (Model.ShowRequestId)\r\n{\r\n

\r\n Request ID: @Model.RequestId\r\n

\r\n}\r\n\r\n

Development Mode

\r\n

\r\n Swapping to Development environment will display more detailed information about the error that occurred.\r\n

\r\n

\r\n The Development environment shouldn't be enabled for deployed applications.\r\n It can result in displaying sensitive information from exceptions to end users.\r\n For local debugging, enable the Development environment by setting the ASPNETCORE_ENVIRONMENT environment variable to Development\r\n and restarting the app.\r\n

","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":21,"parentId":19,"leaf":true,"module":"_Layout.cshtml","data":{"content":"$137","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":22,"parentId":19,"leaf":true,"module":"_Layout.cshtml.css","data":{"content":"/* Please see documentation at https://docs.microsoft.com/aspnet/core/client-side/bundling-and-minification\r\nfor details on configuring this project to bundle and minify static web assets. */\r\n\r\na.navbar-brand {\r\n white-space: normal;\r\n text-align: center;\r\n word-break: break-all;\r\n}\r\n\r\na {\r\n color: #0077cc;\r\n}\r\n\r\n.btn-primary {\r\n color: #fff;\r\n background-color: #1b6ec2;\r\n border-color: #1861ac;\r\n}\r\n\r\n.nav-pills .nav-link.active, .nav-pills .show > .nav-link {\r\n color: #fff;\r\n background-color: #1b6ec2;\r\n border-color: #1861ac;\r\n}\r\n\r\n.border-top {\r\n border-top: 1px solid #e5e5e5;\r\n}\r\n.border-bottom {\r\n border-bottom: 1px solid #e5e5e5;\r\n}\r\n\r\n.box-shadow {\r\n box-shadow: 0 .25rem .75rem rgba(0, 0, 0, .05);\r\n}\r\n\r\nbutton.accept-policy {\r\n font-size: 1rem;\r\n line-height: inherit;\r\n}\r\n\r\n.footer {\r\n position: absolute;\r\n bottom: 0;\r\n width: 100%;\r\n white-space: nowrap;\r\n line-height: 60px;\r\n}","language":"css","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":23,"parentId":19,"leaf":true,"module":"_ValidationScriptsPartial.cshtml","data":{"content":"\r\n","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":19,"leaf":false,"module":"Shared","parentId":16},{"children":[{"id":25,"parentId":24,"leaf":true,"module":"Index.cshtml","data":{"content":"@model IEnumerable\r\n\r\n@{\r\n ViewData[\"Title\"] = \"Weather Forecasts\";\r\n}\r\n\r\n

@ViewData[\"Title\"]

\r\n\r\n\r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n@foreach (var item in Model) {\r\n \r\n \r\n \r\n \r\n \r\n \r\n}\r\n \r\n

\r\n Date\r\n	\r\n Summary\r\n	\r\n Temperature C\r\n	\r\n Temperature F\r\n
\r\n @Html.DisplayFor(modelItem => item.Date.DayOfWeek)\r\n	\r\n @Html.DisplayFor(modelItem => item.Summary)\r\n	\r\n @Html.DisplayFor(modelItem => item.TemperatureC)\r\n	\r\n @Html.DisplayFor(modelItem => item.TemperatureF)\r\n

","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":26,"parentId":24,"leaf":true,"module":"Privacy.cshtml","data":{"content":"@{\r\n ViewData[\"Title\"] = \"Privacy Policy\";\r\n}\r\n

@ViewData[\"Title\"]

\r\n\r\n

Use this page to detail your site's privacy policy.

\r\n","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":24,"leaf":false,"module":"Home","parentId":16}],"collapsed":true,"id":16,"leaf":false,"module":"Views","parentId":4},{"children":[{"id":28,"parentId":27,"leaf":true,"module":"launchSettings.json","data":{"content":"{\r\n \"profiles\": {\r\n \"MvcApp\": {\r\n \"commandName\": \"Project\",\r\n \"dotnetRunMessages\": true,\r\n \"launchBrowser\": true,\r\n \"applicationUrl\": \"http://*:5050\",\r\n \"environmentVariables\": {\r\n \"ASPNETCORE_ENVIRONMENT\": \"Development\"\r\n }\r\n }\r\n }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":27,"leaf":false,"module":"Properties","parentId":4},{"children":[{"id":30,"parentId":29,"leaf":true,"module":"ErrorViewModel.cs","data":{"content":"namespace DemoApp.Models\r\n{\r\n public class ErrorViewModel\r\n {\r\n public string? RequestId { get; set; }\r\n\r\n public bool ShowRequestId => !string.IsNullOrEmpty(RequestId);\r\n }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":31,"parentId":29,"leaf":true,"module":"WeatherForecast.cs","data":{"content":"namespace DemoApp.Models;\r\n\r\npublic class WeatherForecast\r\n{\r\n public DateTime Date { get; set; }\r\n\r\n public int TemperatureC { get; set; }\r\n\r\n public int TemperatureF => 32 + (int)(TemperatureC / 0.5556);\r\n\r\n public string? Summary { get; set; }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":29,"leaf":false,"module":"Models","parentId":4},{"children":[{"id":33,"parentId":32,"leaf":true,"module":"AuthenticationController.cs","data":{"content":"using Microsoft.AspNetCore.Authentication;\r\nusing Microsoft.AspNetCore.Authentication.OpenIdConnect;\r\nusing Microsoft.AspNetCore.Mvc;\r\n\r\nnamespace DemoApp.Controllers;\r\n\r\npublic class AuthenticationController : Controller\r\n{\r\n public IActionResult Logout()\r\n {\r\n return new SignOutResult(new[]\r\n {\r\n OpenIdConnectDefaults.AuthenticationScheme,\r\n \"Cookies\" \r\n }); \r\n }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":34,"parentId":32,"leaf":true,"module":"HomeController.cs","data":{"content":"$138","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":"line 6"}}],"collapsed":true,"id":32,"leaf":false,"module":"Controllers","parentId":4}],"collapsed":true,"id":4,"leaf":false,"module":"DemoApp","parentId":0},{"children":[{"id":37,"parentId":35,"leaf":true,"module":"appsettings.json","data":{"content":"{\r\n \"Logging\": {\r\n \"LogLevel\": {\r\n \"Default\": \"Information\",\r\n \"Microsoft.AspNetCore\": \"Warning\"\r\n }\r\n },\r\n \"AllowedHosts\": \"*\"\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":38,"parentId":35,"leaf":true,"module":"InitialDataSeed.cs","data":{"content":"$139","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":39,"parentId":35,"leaf":true,"module":"OpenIddictAuthProvider.csproj","data":{"content":"$13a","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":41,"parentId":35,"leaf":true,"module":"Program.cs","data":{"content":"$13b","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"children":[{"id":43,"parentId":42,"leaf":true,"module":"favicon.ico","data":{"content":"$13c","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"children":[{"id":45,"parentId":44,"leaf":true,"module":"site.js","data":{"content":"// Please see documentation at https://docs.microsoft.com/aspnet/core/client-side/bundling-and-minification\r\n// for details on configuring this project to bundle and minify static web assets.\r\n\r\n// Write your JavaScript code.","language":"jsx","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":44,"leaf":false,"module":"js","parentId":42},{"children":[{"id":47,"parentId":46,"leaf":true,"module":"site.css","data":{"content":"$13d","language":"css","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":46,"leaf":false,"module":"css","parentId":42}],"collapsed":true,"id":42,"leaf":false,"module":"wwwroot","parentId":35},{"children":[{"id":49,"parentId":48,"leaf":true,"module":"_ViewImports.cshtml","data":{"content":"@using OpenIddictAuthProvider\r\n@using OpenIddictAuthProvider.Data\r\n@using OpenIddictAuthProvider.ViewModels.Authorization\r\n@using OpenIddictAuthProvider.ViewModels.Shared\r\n@addTagHelper *, Microsoft.AspNetCore.Mvc.TagHelpers","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":50,"parentId":48,"leaf":true,"module":"_ViewStart.cshtml","data":{"content":"@{\r\n Layout = \"_Layout\";\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"children":[{"id":52,"parentId":51,"leaf":true,"module":"Error.cshtml","data":{"content":"@model ErrorViewModel\r\n \r\n

\r\n

Ooooops, something went really bad! :(

\r\n

\r\n @if (!string.IsNullOrEmpty(Model.Error)) {\r\n @Model.Error\r\n }\r\n\r\n @if (!string.IsNullOrEmpty(Model.ErrorDescription)) {\r\n @Model.ErrorDescription\r\n }\r\n

\r\n

","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":53,"parentId":51,"leaf":true,"module":"_Layout.cshtml","data":{"content":"$13e","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":54,"parentId":51,"leaf":true,"module":"_LoginPartial.cshtml","data":{"content":"@using Microsoft.AspNetCore.Identity\r\n@inject SignInManager SignInManager\r\n@inject UserManager UserManager\r\n\r\n","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":55,"parentId":51,"leaf":true,"module":"_ValidationScriptsPartial.cshtml","data":{"content":"\r\n","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":51,"leaf":false,"module":"Shared","parentId":48},{"children":[{"id":57,"parentId":56,"leaf":true,"module":"Index.cshtml","data":{"content":"@{\r\n ViewData[\"Title\"] = \"Home Page\";\r\n}\r\n\r\n

\r\n

Welcome

\r\n

Identity Provider is ready to use.

\r\n

","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":58,"parentId":56,"leaf":true,"module":"Privacy.cshtml","data":{"content":"@{\r\n ViewData[\"Title\"] = \"Privacy Policy\";\r\n}\r\n

@ViewData[\"Title\"]

\r\n\r\n

Use this page to detail your site's privacy policy.

","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":56,"leaf":false,"module":"Home","parentId":48},{"children":[{"id":60,"parentId":59,"leaf":true,"module":"Authorize.cshtml","data":{"content":"@using Microsoft.Extensions.Primitives\r\n@model AuthorizeViewModel\r\n\r\n

\r\n

Authorization

\r\n\r\n

Do you want to grant @Model.ApplicationName access to your data? (scopes requested: @Model.Scope)

\r\n\r\n

","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":61,"parentId":59,"leaf":true,"module":"Logout.cshtml","data":{"content":"@using Microsoft.Extensions.Primitives\r\n\r\n

\r\n

Log out

\r\n

Are you sure you want to sign out?

\r\n\r\n

","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":59,"leaf":false,"module":"Authorization","parentId":48}],"collapsed":true,"id":48,"leaf":false,"module":"Views","parentId":35},{"children":[{"children":[{"id":64,"parentId":63,"leaf":true,"module":"ErrorViewModel.cs","data":{"content":"using System.ComponentModel.DataAnnotations;\r\n\r\nnamespace OpenIddictAuthProvider.ViewModels.Shared;\r\n\r\npublic class ErrorViewModel\r\n{\r\n [Display(Name = \"Error\")]\r\n public string Error { get; set; }\r\n\r\n [Display(Name = \"Description\")]\r\n public string ErrorDescription { get; set; }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":63,"leaf":false,"module":"Shared","parentId":62},{"children":[{"id":66,"parentId":65,"leaf":true,"module":"AuthorizeViewModel.cs","data":{"content":"using System.ComponentModel.DataAnnotations;\r\n\r\nnamespace OpenIddictAuthProvider.ViewModels.Authorization;\r\n\r\npublic class AuthorizeViewModel\r\n{\r\n [Display(Name = \"Application\")]\r\n public string ApplicationName { get; set; }\r\n\r\n [Display(Name = \"Scope\")]\r\n public string Scope { get; set; }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":65,"leaf":false,"module":"Authorization","parentId":62}],"collapsed":true,"id":62,"leaf":false,"module":"ViewModels","parentId":35},{"children":[{"id":68,"parentId":67,"leaf":true,"module":"launchSettings.json","data":{"content":"{\r\n \"profiles\": {\r\n \"OpenIdDictSample.Server\": {\r\n \"commandName\": \"Project\",\r\n \"dotnetRunMessages\": true,\r\n \"launchBrowser\": true,\r\n \"applicationUrl\": \"http://*:3000\",\r\n \"environmentVariables\": {\r\n \"ASPNETCORE_ENVIRONMENT\": \"Development\",\r\n \"ASPNETCORE_HOSTINGSTARTUPASSEMBLIES\": \"Microsoft.AspNetCore.Mvc.Razor.RuntimeCompilation\"\r\n }\r\n }\r\n }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":67,"leaf":false,"module":"Properties","parentId":35},{"children":[{"id":72,"parentId":71,"leaf":true,"module":"AsyncEnumerableExtensions.cs","data":{"content":"namespace OpenIddictAuthProvider.Helpers;\r\n\r\npublic static class AsyncEnumerableExtensions\r\n{\r\n public static Task> ToListAsync(this IAsyncEnumerable source)\r\n {\r\n if (source == null)\r\n {\r\n throw new ArgumentNullException(nameof(source));\r\n }\r\n\r\n return ExecuteAsync();\r\n\r\n async Task> ExecuteAsync()\r\n {\r\n var list = new List();\r\n\r\n await foreach (var element in source)\r\n {\r\n list.Add(element);\r\n }\r\n\r\n return list;\r\n }\r\n }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":73,"parentId":71,"leaf":true,"module":"FormValueRequiredAttribute.cs","data":{"content":"$13f","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":71,"leaf":false,"module":"Helpers","parentId":35},{"children":[{"id":75,"parentId":74,"leaf":true,"module":"ApplicationDbContext.cs","data":{"content":"using Microsoft.AspNetCore.Identity.EntityFrameworkCore;\r\nusing Microsoft.EntityFrameworkCore;\r\n\r\nnamespace OpenIddictAuthProvider.Data;\r\n\r\npublic class ApplicationDbContext : IdentityDbContext\r\n{\r\n public ApplicationDbContext(DbContextOptions options)\r\n : base(options) { }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":76,"parentId":74,"leaf":true,"module":"ApplicationUser.cs","data":{"content":"using Microsoft.AspNetCore.Identity;\r\n\r\nnamespace OpenIddictAuthProvider.Data;\r\n\r\n// Add profile data for application users by adding properties to the ApplicationUser class\r\npublic class ApplicationUser : IdentityUser { }","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":74,"leaf":false,"module":"Data","parentId":35},{"children":[{"id":78,"parentId":77,"leaf":true,"module":"AuthorizationController.cs","data":{"content":"$140","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":79,"parentId":77,"leaf":true,"module":"ErrorController.cs","data":{"content":"using Microsoft.AspNetCore;\r\nusing Microsoft.AspNetCore.Mvc;\r\nusing OpenIddictAuthProvider.ViewModels.Shared;\r\n\r\nnamespace OpenIddictAuthProvider.Controllers;\r\n\r\npublic class ErrorController : Controller\r\n{\r\n [Route(\"error\")]\r\n [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]\r\n public IActionResult Error()\r\n {\r\n // If the error was not caused by an invalid\r\n // OIDC request, display a generic error page.\r\n var response = HttpContext.GetOpenIddictServerResponse();\r\n if (response == null)\r\n {\r\n return View(new ErrorViewModel());\r\n }\r\n\r\n return View(new ErrorViewModel\r\n {\r\n Error = response.Error,\r\n ErrorDescription = response.ErrorDescription\r\n });\r\n }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":80,"parentId":77,"leaf":true,"module":"HomeController.cs","data":{"content":"using Microsoft.AspNetCore.Mvc;\r\n\r\nnamespace OpenIddictAuthProvider.Controllers;\r\n\r\npublic class HomeController : Controller\r\n{\r\n public IActionResult Index()\r\n {\r\n return View();\r\n }\r\n\r\n public IActionResult Privacy()\r\n {\r\n return View();\r\n }\r\n\r\n public IActionResult Error()\r\n {\r\n return View();\r\n }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":81,"parentId":77,"leaf":true,"module":"ResourceController.cs","data":{"content":"$141","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":82,"parentId":77,"leaf":true,"module":"UserinfoController.cs","data":{"content":"$142","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":77,"leaf":false,"module":"Controllers","parentId":35},{"children":[{"children":[{"children":[{"id":86,"parentId":85,"leaf":true,"module":"_ViewStart.cshtml","data":{"content":"@{\r\n Layout = \"/Views/Shared/_Layout.cshtml\";\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":85,"leaf":false,"module":"Pages","parentId":84}],"collapsed":true,"id":84,"leaf":false,"module":"Identity","parentId":83}],"collapsed":true,"id":83,"leaf":false,"module":"Areas","parentId":35}],"collapsed":true,"id":35,"leaf":false,"module":"OpenIddictAuthProvider","parentId":0},{"children":[{"id":89,"parentId":87,"leaf":true,"module":"appsettings.json","data":{"content":"{\r\n \"Logging\": {\r\n \"LogLevel\": {\r\n \"Default\": \"Information\",\r\n \"Microsoft.AspNetCore\": \"Warning\"\r\n }\r\n },\r\n \"AllowedHosts\": \"*\"\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":90,"parentId":87,"leaf":true,"module":"Program.cs","data":{"content":"$143","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":"40"}},{"id":91,"parentId":87,"leaf":true,"module":"WeatherForecast.cs","data":{"content":"namespace SecondaryApiApp\r\n{\r\n public class WeatherForecast\r\n {\r\n public DateTime Date { get; set; }\r\n\r\n public int TemperatureC { get; set; }\r\n\r\n public int TemperatureF => 32 + (int)(TemperatureC / 0.5556);\r\n\r\n public string? Summary { get; set; }\r\n }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":92,"parentId":87,"leaf":true,"module":"SecondaryApiApp.csproj","data":{"content":"\r\n\r\n \r\n net8.0\r\n enable\r\n enable\r\n \r\n\r\n \r\n \r\n \r\n \r\n\r\n","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"children":[{"id":94,"parentId":93,"leaf":true,"module":"launchSettings.json","data":{"content":"{\r\n \"profiles\": {\r\n \"WebApiApp\": {\r\n \"commandName\": \"Project\",\r\n \"dotnetRunMessages\": true,\r\n \"launchBrowser\": true,\r\n \"applicationUrl\": \"http://*:5060\",\r\n \"environmentVariables\": {\r\n \"ASPNETCORE_ENVIRONMENT\": \"Development\"\r\n }\r\n }\r\n }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":93,"leaf":false,"module":"Properties","parentId":87},{"children":[{"id":105,"parentId":104,"leaf":true,"module":"WeatherForecastController.cs","data":{"content":"$144","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":"22"}}],"collapsed":true,"id":104,"leaf":false,"module":"Controllers","parentId":87}],"collapsed":true,"id":87,"leaf":false,"module":"SecondaryApiApp","parentId":0}],"defaultSelectedFile":90},"comp_id":"LoaKA_k7IcCCYUUo-6_lH","dockerJob":{"key":"m1irZyCSD1V5ndnGThKO9","jobType":"Live","name":"Full Authentication Flow With Secondary App","inputFileName":"Program.cs","runScript":"ls","ports":"5050","startScript":"dotnet run --project /usercode/OpenIddictAuthProvider/OpenIddictAuthProvider.csproj &\nuntil $(curl --output /dev/null --silent --head --fail http://localhost:3000); do\n printf '.'\n sleep 5\ndone\ndotnet run --project /usercode/DemoApp/DemoApp.csproj &\ndotnet run --project /usercode/SecondaryApiApp/SecondaryApiApp.csproj","https":false,"forceRelaunchOnRun":true,"runInLiveContainer":true},"caption":"Web API app with the full OIDC authentication flow","isCopied":true},"status":"normal","contentID":"4kyDUo4NcX4rxcYuDaGA7","saveVersion":64,"widgetCopyId":"5945896371748864","iteration":0,"hash":1,"children":[{"text":""}],"comp_id":"Tz8AZVdwLYITI8B_rcb_0"},{"type":"SlateHTML","content":{"html":"

Note: Because we have to build two ASP.NET Core applications and populate the IdP database with the initial seed data, the build process is expected to take at least a few minutes. Also, because each playground launch rebuilds the IdP along with its database, the ...

","comp_id":"Jp8_VHpy3cPIdtOPD_iQE"},"hash":4}],"summary":{"title":"Securing Controllers","titleUpdated":true,"description":"Get familiar with securing web API controllers."},"content":[{"type":"SlateHTML","content":{"html":"

As we know, here are the two types of web API endpoints:

Controllers
Minimal APIs

In this lesson, we will learn different ways of securing the endpoints represented by controller classes. We will do so with the help of the following setup:

","comp_id":"A_Q5RRmpOemxE2LdAK4fX"},"hash":0},{"type":"WebpackBin","mode":"view","content":{"version":6,"theme":"default","showLineNumbers":true,"openFileTree":false,"showConsole":false,"disableExecution":false,"hideResultOutput":true,"hideOutputUrl":false,"hideCodeView":false,"loaders":{"babel":{"title":"React","config":{"es2015":true,"react":true},"enabled":true},"dart":{"title":"Dart","config":{"dart":true},"enabled":false},"ts-react":{"title":"Typescript React","config":{"ts-react":true},"enabled":false},"elm":{"title":"Elm","config":{"elm":true},"enabled":false},"vue":{"title":"Vue.js","config":{"vue":true},"enabled":false},"gojs-react":{"title":"GoJS React","config":{"gojs-react":true},"enabled":false}},"npmPackages":{"react":"15.6.1","react-dom":"15.6.1"},"outputHeight":300,"selectedApiKeys":{},"selectedEnvVars":{},"outputLayout":"desktop","codeContents":{"canAddNpmPackages":true,"judge":{"judgeDisabled":false,"judgeActive":false,"evaluationContent":"$145","hintsContent":[],"solutionContent":"","showSolution":false,"exerciseTabsVisible":false,"version":"1.1"},"module":"/","id":0,"maxId":105,"selectedId":2,"children":[{"children":[{"id":6,"parentId":4,"leaf":true,"module":"appsettings.json","data":{"content":"{\r\n \"Logging\": {\r\n \"LogLevel\": {\r\n \"Default\": \"Information\",\r\n \"Microsoft.AspNetCore\": \"Warning\"\r\n }\r\n },\r\n \"AllowedHosts\": \"*\"\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":7,"parentId":4,"leaf":true,"module":"DemoApp.csproj","data":{"content":"\r\n\r\n \r\n net8.0\r\n enable\r\n enable\r\n \r\n\r\n \r\n \r\n \r\n\r\n","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":"10"}},{"id":9,"parentId":4,"leaf":true,"module":"Program.cs","data":{"content":"$146","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"children":[{"id":11,"parentId":10,"leaf":true,"module":"favicon.ico","data":{"content":"$147","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"children":[{"id":13,"parentId":12,"leaf":true,"module":"site.js","data":{"content":"// Please see documentation at https://docs.microsoft.com/aspnet/core/client-side/bundling-and-minification\r\n// for details on configuring this project to bundle and minify static web assets.\r\n\r\n// Write your JavaScript code.","language":"jsx","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":12,"leaf":false,"module":"js","parentId":10},{"children":[{"id":15,"parentId":14,"leaf":true,"module":"site.css","data":{"content":"html {\r\n font-size: 14px;\r\n}\r\n\r\n@media (min-width: 768px) {\r\n html {\r\n font-size: 16px;\r\n }\r\n}\r\n\r\nhtml {\r\n position: relative;\r\n min-height: 100%;\r\n}\r\n\r\nbody {\r\n margin-bottom: 60px;\r\n}","language":"css","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":14,"leaf":false,"module":"css","parentId":10}],"collapsed":true,"id":10,"leaf":false,"module":"wwwroot","parentId":4},{"children":[{"id":17,"parentId":16,"leaf":true,"module":"_ViewImports.cshtml","data":{"content":"@using DemoApp\r\n@using DemoApp.Models\r\n@addTagHelper *, Microsoft.AspNetCore.Mvc.TagHelpers","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":18,"parentId":16,"leaf":true,"module":"_ViewStart.cshtml","data":{"content":"@{\r\n Layout = \"_Layout\";\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"children":[{"id":20,"parentId":19,"leaf":true,"module":"Error.cshtml","data":{"content":"@model ErrorViewModel\r\n@{\r\n ViewData[\"Title\"] = \"Error\";\r\n}\r\n\r\n

Error.

\r\n

An error occurred while processing your request.

\r\n\r\n@if (Model.ShowRequestId)\r\n{\r\n

\r\n Request ID: @Model.RequestId\r\n

\r\n}\r\n\r\n

Development Mode

\r\n

\r\n Swapping to Development environment will display more detailed information about the error that occurred.\r\n

\r\n

","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":21,"parentId":19,"leaf":true,"module":"_Layout.cshtml","data":{"content":"$148","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":22,"parentId":19,"leaf":true,"module":"_Layout.cshtml.css","data":{"content":"/* Please see documentation at https://docs.microsoft.com/aspnet/core/client-side/bundling-and-minification\r\nfor details on configuring this project to bundle and minify static web assets. */\r\n\r\na.navbar-brand {\r\n white-space: normal;\r\n text-align: center;\r\n word-break: break-all;\r\n}\r\n\r\na {\r\n color: #0077cc;\r\n}\r\n\r\n.btn-primary {\r\n color: #fff;\r\n background-color: #1b6ec2;\r\n border-color: #1861ac;\r\n}\r\n\r\n.nav-pills .nav-link.active, .nav-pills .show > .nav-link {\r\n color: #fff;\r\n background-color: #1b6ec2;\r\n border-color: #1861ac;\r\n}\r\n\r\n.border-top {\r\n border-top: 1px solid #e5e5e5;\r\n}\r\n.border-bottom {\r\n border-bottom: 1px solid #e5e5e5;\r\n}\r\n\r\n.box-shadow {\r\n box-shadow: 0 .25rem .75rem rgba(0, 0, 0, .05);\r\n}\r\n\r\nbutton.accept-policy {\r\n font-size: 1rem;\r\n line-height: inherit;\r\n}\r\n\r\n.footer {\r\n position: absolute;\r\n bottom: 0;\r\n width: 100%;\r\n white-space: nowrap;\r\n line-height: 60px;\r\n}","language":"css","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":23,"parentId":19,"leaf":true,"module":"_ValidationScriptsPartial.cshtml","data":{"content":"\r\n","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":19,"leaf":false,"module":"Shared","parentId":16},{"children":[{"id":25,"parentId":24,"leaf":true,"module":"Index.cshtml","data":{"content":"@model IEnumerable\r\n\r\n@{\r\n ViewData[\"Title\"] = \"Weather Forecasts\";\r\n}\r\n\r\n

@ViewData[\"Title\"]

\r\n\r\n\r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n@foreach (var item in Model) {\r\n \r\n \r\n \r\n \r\n \r\n \r\n}\r\n \r\n

\r\n Date\r\n	\r\n Summary\r\n	\r\n Temperature C\r\n	\r\n Temperature F\r\n
\r\n @Html.DisplayFor(modelItem => item.Date.DayOfWeek)\r\n	\r\n @Html.DisplayFor(modelItem => item.Summary)\r\n	\r\n @Html.DisplayFor(modelItem => item.TemperatureC)\r\n	\r\n @Html.DisplayFor(modelItem => item.TemperatureF)\r\n

@ViewData[\"Title\"]

\r\n\r\n

Use this page to detail your site's privacy policy.

\r\n","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":24,"leaf":false,"module":"Home","parentId":16}],"collapsed":true,"id":16,"leaf":false,"module":"Views","parentId":4},{"children":[{"id":28,"parentId":27,"leaf":true,"module":"launchSettings.json","data":{"content":"{\r\n \"profiles\": {\r\n \"MvcApp\": {\r\n \"commandName\": \"Project\",\r\n \"dotnetRunMessages\": true,\r\n \"launchBrowser\": true,\r\n \"applicationUrl\": \"http://*:5050\",\r\n \"environmentVariables\": {\r\n \"ASPNETCORE_ENVIRONMENT\": \"Development\"\r\n }\r\n }\r\n }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":27,"leaf":false,"module":"Properties","parentId":4},{"children":[{"id":30,"parentId":29,"leaf":true,"module":"ErrorViewModel.cs","data":{"content":"namespace DemoApp.Models\r\n{\r\n public class ErrorViewModel\r\n {\r\n public string? RequestId { get; set; }\r\n\r\n public bool ShowRequestId => !string.IsNullOrEmpty(RequestId);\r\n }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":31,"parentId":29,"leaf":true,"module":"WeatherForecast.cs","data":{"content":"namespace DemoApp.Models;\r\n\r\npublic class WeatherForecast\r\n{\r\n public DateTime Date { get; set; }\r\n\r\n public int TemperatureC { get; set; }\r\n\r\n public int TemperatureF => 32 + (int)(TemperatureC / 0.5556);\r\n\r\n public string? Summary { get; set; }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":29,"leaf":false,"module":"Models","parentId":4},{"children":[{"id":33,"parentId":32,"leaf":true,"module":"AuthenticationController.cs","data":{"content":"using Microsoft.AspNetCore.Authentication;\r\nusing Microsoft.AspNetCore.Authentication.OpenIdConnect;\r\nusing Microsoft.AspNetCore.Mvc;\r\n\r\nnamespace DemoApp.Controllers;\r\n\r\npublic class AuthenticationController : Controller\r\n{\r\n public IActionResult Logout()\r\n {\r\n return new SignOutResult(new[]\r\n {\r\n OpenIdConnectDefaults.AuthenticationScheme,\r\n \"Cookies\" \r\n }); \r\n }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":34,"parentId":32,"leaf":true,"module":"HomeController.cs","data":{"content":"$149","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":"line 6"}}],"collapsed":true,"id":32,"leaf":false,"module":"Controllers","parentId":4}],"collapsed":true,"id":4,"leaf":false,"module":"DemoApp","parentId":0},{"children":[{"id":37,"parentId":35,"leaf":true,"module":"appsettings.json","data":{"content":"{\r\n \"Logging\": {\r\n \"LogLevel\": {\r\n \"Default\": \"Information\",\r\n \"Microsoft.AspNetCore\": \"Warning\"\r\n }\r\n },\r\n \"AllowedHosts\": \"*\"\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":38,"parentId":35,"leaf":true,"module":"InitialDataSeed.cs","data":{"content":"$14a","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":39,"parentId":35,"leaf":true,"module":"OpenIddictAuthProvider.csproj","data":{"content":"$14b","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":41,"parentId":35,"leaf":true,"module":"Program.cs","data":{"content":"$14c","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"children":[{"id":43,"parentId":42,"leaf":true,"module":"favicon.ico","data":{"content":"$14d","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"children":[{"id":45,"parentId":44,"leaf":true,"module":"site.js","data":{"content":"// Please see documentation at https://docs.microsoft.com/aspnet/core/client-side/bundling-and-minification\r\n// for details on configuring this project to bundle and minify static web assets.\r\n\r\n// Write your JavaScript code.","language":"jsx","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":44,"leaf":false,"module":"js","parentId":42},{"children":[{"id":47,"parentId":46,"leaf":true,"module":"site.css","data":{"content":"$14e","language":"css","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":46,"leaf":false,"module":"css","parentId":42}],"collapsed":true,"id":42,"leaf":false,"module":"wwwroot","parentId":35},{"children":[{"id":49,"parentId":48,"leaf":true,"module":"_ViewImports.cshtml","data":{"content":"@using OpenIddictAuthProvider\r\n@using OpenIddictAuthProvider.Data\r\n@using OpenIddictAuthProvider.ViewModels.Authorization\r\n@using OpenIddictAuthProvider.ViewModels.Shared\r\n@addTagHelper *, Microsoft.AspNetCore.Mvc.TagHelpers","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":50,"parentId":48,"leaf":true,"module":"_ViewStart.cshtml","data":{"content":"@{\r\n Layout = \"_Layout\";\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"children":[{"id":52,"parentId":51,"leaf":true,"module":"Error.cshtml","data":{"content":"@model ErrorViewModel\r\n \r\n

\r\n

Ooooops, something went really bad! :(

\r\n

\r\n @if (!string.IsNullOrEmpty(Model.Error)) {\r\n @Model.Error\r\n }\r\n\r\n @if (!string.IsNullOrEmpty(Model.ErrorDescription)) {\r\n @Model.ErrorDescription\r\n }\r\n

\r\n

","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":53,"parentId":51,"leaf":true,"module":"_Layout.cshtml","data":{"content":"$14f","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":54,"parentId":51,"leaf":true,"module":"_LoginPartial.cshtml","data":{"content":"@using Microsoft.AspNetCore.Identity\r\n@inject SignInManager SignInManager\r\n@inject UserManager UserManager\r\n\r\n","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":55,"parentId":51,"leaf":true,"module":"_ValidationScriptsPartial.cshtml","data":{"content":"\r\n","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":51,"leaf":false,"module":"Shared","parentId":48},{"children":[{"id":57,"parentId":56,"leaf":true,"module":"Index.cshtml","data":{"content":"@{\r\n ViewData[\"Title\"] = \"Home Page\";\r\n}\r\n\r\n

\r\n

Welcome

\r\n

Identity Provider is ready to use.

\r\n

@ViewData[\"Title\"]

\r\n\r\n

Use this page to detail your site's privacy policy.

\r\n

Authorization

\r\n\r\n

Do you want to grant @Model.ApplicationName access to your data? (scopes requested: @Model.Scope)

\r\n\r\n

\r\n

Log out

\r\n

Are you sure you want to sign out?

\r\n\r\n

","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":59,"leaf":false,"module":"Authorization","parentId":48}],"collapsed":true,"id":48,"leaf":false,"module":"Views","parentId":35},{"children":[{"children":[{"id":64,"parentId":63,"leaf":true,"module":"ErrorViewModel.cs","data":{"content":"using System.ComponentModel.DataAnnotations;\r\n\r\nnamespace OpenIddictAuthProvider.ViewModels.Shared;\r\n\r\npublic class ErrorViewModel\r\n{\r\n [Display(Name = \"Error\")]\r\n public string Error { get; set; }\r\n\r\n [Display(Name = \"Description\")]\r\n public string ErrorDescription { get; set; }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":63,"leaf":false,"module":"Shared","parentId":62},{"children":[{"id":66,"parentId":65,"leaf":true,"module":"AuthorizeViewModel.cs","data":{"content":"using System.ComponentModel.DataAnnotations;\r\n\r\nnamespace OpenIddictAuthProvider.ViewModels.Authorization;\r\n\r\npublic class AuthorizeViewModel\r\n{\r\n [Display(Name = \"Application\")]\r\n public string ApplicationName { get; set; }\r\n\r\n [Display(Name = \"Scope\")]\r\n public string Scope { get; set; }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":65,"leaf":false,"module":"Authorization","parentId":62}],"collapsed":true,"id":62,"leaf":false,"module":"ViewModels","parentId":35},{"children":[{"id":68,"parentId":67,"leaf":true,"module":"launchSettings.json","data":{"content":"{\r\n \"profiles\": {\r\n \"OpenIdDictSample.Server\": {\r\n \"commandName\": \"Project\",\r\n \"dotnetRunMessages\": true,\r\n \"launchBrowser\": true,\r\n \"applicationUrl\": \"http://*:3000\",\r\n \"environmentVariables\": {\r\n \"ASPNETCORE_ENVIRONMENT\": \"Development\",\r\n \"ASPNETCORE_HOSTINGSTARTUPASSEMBLIES\": \"Microsoft.AspNetCore.Mvc.Razor.RuntimeCompilation\"\r\n }\r\n }\r\n }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":67,"leaf":false,"module":"Properties","parentId":35},{"children":[{"id":72,"parentId":71,"leaf":true,"module":"AsyncEnumerableExtensions.cs","data":{"content":"namespace OpenIddictAuthProvider.Helpers;\r\n\r\npublic static class AsyncEnumerableExtensions\r\n{\r\n public static Task> ToListAsync(this IAsyncEnumerable source)\r\n {\r\n if (source == null)\r\n {\r\n throw new ArgumentNullException(nameof(source));\r\n }\r\n\r\n return ExecuteAsync();\r\n\r\n async Task> ExecuteAsync()\r\n {\r\n var list = new List();\r\n\r\n await foreach (var element in source)\r\n {\r\n list.Add(element);\r\n }\r\n\r\n return list;\r\n }\r\n }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":73,"parentId":71,"leaf":true,"module":"FormValueRequiredAttribute.cs","data":{"content":"$150","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":71,"leaf":false,"module":"Helpers","parentId":35},{"children":[{"id":75,"parentId":74,"leaf":true,"module":"ApplicationDbContext.cs","data":{"content":"using Microsoft.AspNetCore.Identity.EntityFrameworkCore;\r\nusing Microsoft.EntityFrameworkCore;\r\n\r\nnamespace OpenIddictAuthProvider.Data;\r\n\r\npublic class ApplicationDbContext : IdentityDbContext\r\n{\r\n public ApplicationDbContext(DbContextOptions options)\r\n : base(options) { }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":76,"parentId":74,"leaf":true,"module":"ApplicationUser.cs","data":{"content":"using Microsoft.AspNetCore.Identity;\r\n\r\nnamespace OpenIddictAuthProvider.Data;\r\n\r\n// Add profile data for application users by adding properties to the ApplicationUser class\r\npublic class ApplicationUser : IdentityUser { }","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":74,"leaf":false,"module":"Data","parentId":35},{"children":[{"id":78,"parentId":77,"leaf":true,"module":"AuthorizationController.cs","data":{"content":"$151","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":79,"parentId":77,"leaf":true,"module":"ErrorController.cs","data":{"content":"using Microsoft.AspNetCore;\r\nusing Microsoft.AspNetCore.Mvc;\r\nusing OpenIddictAuthProvider.ViewModels.Shared;\r\n\r\nnamespace OpenIddictAuthProvider.Controllers;\r\n\r\npublic class ErrorController : Controller\r\n{\r\n [Route(\"error\")]\r\n [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]\r\n public IActionResult Error()\r\n {\r\n // If the error was not caused by an invalid\r\n // OIDC request, display a generic error page.\r\n var response = HttpContext.GetOpenIddictServerResponse();\r\n if (response == null)\r\n {\r\n return View(new ErrorViewModel());\r\n }\r\n\r\n return View(new ErrorViewModel\r\n {\r\n Error = response.Error,\r\n ErrorDescription = response.ErrorDescription\r\n });\r\n }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":80,"parentId":77,"leaf":true,"module":"HomeController.cs","data":{"content":"using Microsoft.AspNetCore.Mvc;\r\n\r\nnamespace OpenIddictAuthProvider.Controllers;\r\n\r\npublic class HomeController : Controller\r\n{\r\n public IActionResult Index()\r\n {\r\n return View();\r\n }\r\n\r\n public IActionResult Privacy()\r\n {\r\n return View();\r\n }\r\n\r\n public IActionResult Error()\r\n {\r\n return View();\r\n }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":81,"parentId":77,"leaf":true,"module":"ResourceController.cs","data":{"content":"$152","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":82,"parentId":77,"leaf":true,"module":"UserinfoController.cs","data":{"content":"$153","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":77,"leaf":false,"module":"Controllers","parentId":35},{"children":[{"children":[{"children":[{"id":86,"parentId":85,"leaf":true,"module":"_ViewStart.cshtml","data":{"content":"@{\r\n Layout = \"/Views/Shared/_Layout.cshtml\";\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":85,"leaf":false,"module":"Pages","parentId":84}],"collapsed":true,"id":84,"leaf":false,"module":"Identity","parentId":83}],"collapsed":true,"id":83,"leaf":false,"module":"Areas","parentId":35}],"collapsed":true,"id":35,"leaf":false,"module":"OpenIddictAuthProvider","parentId":0},{"children":[{"id":89,"parentId":87,"leaf":true,"module":"appsettings.json","data":{"content":"{\r\n \"Logging\": {\r\n \"LogLevel\": {\r\n \"Default\": \"Information\",\r\n \"Microsoft.AspNetCore\": \"Warning\"\r\n }\r\n },\r\n \"AllowedHosts\": \"*\"\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":90,"parentId":87,"leaf":true,"module":"Program.cs","data":{"content":"$154","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":"40"}},{"id":91,"parentId":87,"leaf":true,"module":"WeatherForecast.cs","data":{"content":"namespace SecondaryApiApp\r\n{\r\n public class WeatherForecast\r\n {\r\n public DateTime Date { get; set; }\r\n\r\n public int TemperatureC { get; set; }\r\n\r\n public int TemperatureF => 32 + (int)(TemperatureC / 0.5556);\r\n\r\n public string? Summary { get; set; }\r\n }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":92,"parentId":87,"leaf":true,"module":"SecondaryApiApp.csproj","data":{"content":"\r\n\r\n \r\n net8.0\r\n enable\r\n enable\r\n \r\n\r\n \r\n \r\n \r\n \r\n\r\n","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"children":[{"id":94,"parentId":93,"leaf":true,"module":"launchSettings.json","data":{"content":"{\r\n \"profiles\": {\r\n \"WebApiApp\": {\r\n \"commandName\": \"Project\",\r\n \"dotnetRunMessages\": true,\r\n \"launchBrowser\": true,\r\n \"applicationUrl\": \"http://*:5060\",\r\n \"environmentVariables\": {\r\n \"ASPNETCORE_ENVIRONMENT\": \"Development\"\r\n }\r\n }\r\n }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":93,"leaf":false,"module":"Properties","parentId":87},{"children":[{"id":105,"parentId":104,"leaf":true,"module":"WeatherForecastController.cs","data":{"content":"$155","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":"22"}}],"collapsed":true,"id":104,"leaf":false,"module":"Controllers","parentId":87}],"collapsed":true,"id":87,"leaf":false,"module":"SecondaryApiApp","parentId":0}],"defaultSelectedFile":90},"comp_id":"LoaKA_k7IcCCYUUo-6_lH","dockerJob":{"key":"m1irZyCSD1V5ndnGThKO9","jobType":"Live","name":"Full Authentication Flow With Secondary App","inputFileName":"Program.cs","runScript":"ls","ports":"5050","startScript":"dotnet run --project /usercode/OpenIddictAuthProvider/OpenIddictAuthProvider.csproj &\nuntil $(curl --output /dev/null --silent --head --fail http://localhost:3000); do\n printf '.'\n sleep 5\ndone\ndotnet run --project /usercode/DemoApp/DemoApp.csproj &\ndotnet run --project /usercode/SecondaryApiApp/SecondaryApiApp.csproj","https":false,"forceRelaunchOnRun":true,"runInLiveContainer":true},"caption":"Web API app with the full OIDC authentication flow","isCopied":true},"status":"normal","contentID":"4kyDUo4NcX4rxcYuDaGA7","saveVersion":64,"widgetCopyId":"5945896371748864","iteration":0,"hash":1,"children":[{"text":""}],"comp_id":"Tz8AZVdwLYITI8B_rcb_0"},{"type":"SlateHTML","content":{"html":"

Note: Because we have to build two ASP.NET Core applications and populate the IdP database with the initial seed data, the build process is expected to take at least a few minutes. Also, because each playground launch rebuilds the IdP along with its database, the ...

","comp_id":"Jp8_VHpy3cPIdtOPD_iQE"},"hash":4}],"darkModeContent":[{"type":"SlateHTML","content":{"html":"

As we know, here are the two types of web API endpoints:

Controllers
Minimal APIs

In this lesson, we will learn different ways of securing the endpoints represented by controller classes. We will do so with the help of the following setup:

","comp_id":"A_Q5RRmpOemxE2LdAK4fX"},"hash":0},{"type":"WebpackBin","mode":"view","content":{"version":6,"theme":"default","showLineNumbers":true,"openFileTree":false,"showConsole":false,"disableExecution":false,"hideResultOutput":true,"hideOutputUrl":false,"hideCodeView":false,"loaders":{"babel":{"title":"React","config":{"es2015":true,"react":true},"enabled":true},"dart":{"title":"Dart","config":{"dart":true},"enabled":false},"ts-react":{"title":"Typescript React","config":{"ts-react":true},"enabled":false},"elm":{"title":"Elm","config":{"elm":true},"enabled":false},"vue":{"title":"Vue.js","config":{"vue":true},"enabled":false},"gojs-react":{"title":"GoJS React","config":{"gojs-react":true},"enabled":false}},"npmPackages":{"react":"15.6.1","react-dom":"15.6.1"},"outputHeight":300,"selectedApiKeys":{},"selectedEnvVars":{},"outputLayout":"desktop","codeContents":{"canAddNpmPackages":true,"judge":{"judgeDisabled":false,"judgeActive":false,"evaluationContent":"$156","hintsContent":[],"solutionContent":"","showSolution":false,"exerciseTabsVisible":false,"version":"1.1"},"module":"/","id":0,"maxId":105,"selectedId":2,"children":[{"children":[{"id":6,"parentId":4,"leaf":true,"module":"appsettings.json","data":{"content":"{\r\n \"Logging\": {\r\n \"LogLevel\": {\r\n \"Default\": \"Information\",\r\n \"Microsoft.AspNetCore\": \"Warning\"\r\n }\r\n },\r\n \"AllowedHosts\": \"*\"\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":7,"parentId":4,"leaf":true,"module":"DemoApp.csproj","data":{"content":"\r\n\r\n \r\n net8.0\r\n enable\r\n enable\r\n \r\n\r\n \r\n \r\n \r\n\r\n","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":"10"}},{"id":9,"parentId":4,"leaf":true,"module":"Program.cs","data":{"content":"$157","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"children":[{"id":11,"parentId":10,"leaf":true,"module":"favicon.ico","data":{"content":"$158","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"children":[{"id":13,"parentId":12,"leaf":true,"module":"site.js","data":{"content":"// Please see documentation at https://docs.microsoft.com/aspnet/core/client-side/bundling-and-minification\r\n// for details on configuring this project to bundle and minify static web assets.\r\n\r\n// Write your JavaScript code.","language":"jsx","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":12,"leaf":false,"module":"js","parentId":10},{"children":[{"id":15,"parentId":14,"leaf":true,"module":"site.css","data":{"content":"html {\r\n font-size: 14px;\r\n}\r\n\r\n@media (min-width: 768px) {\r\n html {\r\n font-size: 16px;\r\n }\r\n}\r\n\r\nhtml {\r\n position: relative;\r\n min-height: 100%;\r\n}\r\n\r\nbody {\r\n margin-bottom: 60px;\r\n}","language":"css","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":14,"leaf":false,"module":"css","parentId":10}],"collapsed":true,"id":10,"leaf":false,"module":"wwwroot","parentId":4},{"children":[{"id":17,"parentId":16,"leaf":true,"module":"_ViewImports.cshtml","data":{"content":"@using DemoApp\r\n@using DemoApp.Models\r\n@addTagHelper *, Microsoft.AspNetCore.Mvc.TagHelpers","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":18,"parentId":16,"leaf":true,"module":"_ViewStart.cshtml","data":{"content":"@{\r\n Layout = \"_Layout\";\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"children":[{"id":20,"parentId":19,"leaf":true,"module":"Error.cshtml","data":{"content":"@model ErrorViewModel\r\n@{\r\n ViewData[\"Title\"] = \"Error\";\r\n}\r\n\r\n

Error.

\r\n

An error occurred while processing your request.

\r\n\r\n@if (Model.ShowRequestId)\r\n{\r\n

\r\n Request ID: @Model.RequestId\r\n

\r\n}\r\n\r\n

Development Mode

\r\n

\r\n Swapping to Development environment will display more detailed information about the error that occurred.\r\n

\r\n

","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":21,"parentId":19,"leaf":true,"module":"_Layout.cshtml","data":{"content":"$159","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":22,"parentId":19,"leaf":true,"module":"_Layout.cshtml.css","data":{"content":"/* Please see documentation at https://docs.microsoft.com/aspnet/core/client-side/bundling-and-minification\r\nfor details on configuring this project to bundle and minify static web assets. */\r\n\r\na.navbar-brand {\r\n white-space: normal;\r\n text-align: center;\r\n word-break: break-all;\r\n}\r\n\r\na {\r\n color: #0077cc;\r\n}\r\n\r\n.btn-primary {\r\n color: #fff;\r\n background-color: #1b6ec2;\r\n border-color: #1861ac;\r\n}\r\n\r\n.nav-pills .nav-link.active, .nav-pills .show > .nav-link {\r\n color: #fff;\r\n background-color: #1b6ec2;\r\n border-color: #1861ac;\r\n}\r\n\r\n.border-top {\r\n border-top: 1px solid #e5e5e5;\r\n}\r\n.border-bottom {\r\n border-bottom: 1px solid #e5e5e5;\r\n}\r\n\r\n.box-shadow {\r\n box-shadow: 0 .25rem .75rem rgba(0, 0, 0, .05);\r\n}\r\n\r\nbutton.accept-policy {\r\n font-size: 1rem;\r\n line-height: inherit;\r\n}\r\n\r\n.footer {\r\n position: absolute;\r\n bottom: 0;\r\n width: 100%;\r\n white-space: nowrap;\r\n line-height: 60px;\r\n}","language":"css","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":23,"parentId":19,"leaf":true,"module":"_ValidationScriptsPartial.cshtml","data":{"content":"\r\n","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":19,"leaf":false,"module":"Shared","parentId":16},{"children":[{"id":25,"parentId":24,"leaf":true,"module":"Index.cshtml","data":{"content":"@model IEnumerable\r\n\r\n@{\r\n ViewData[\"Title\"] = \"Weather Forecasts\";\r\n}\r\n\r\n

@ViewData[\"Title\"]

\r\n\r\n\r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n@foreach (var item in Model) {\r\n \r\n \r\n \r\n \r\n \r\n \r\n}\r\n \r\n

\r\n Date\r\n	\r\n Summary\r\n	\r\n Temperature C\r\n	\r\n Temperature F\r\n
\r\n @Html.DisplayFor(modelItem => item.Date.DayOfWeek)\r\n	\r\n @Html.DisplayFor(modelItem => item.Summary)\r\n	\r\n @Html.DisplayFor(modelItem => item.TemperatureC)\r\n	\r\n @Html.DisplayFor(modelItem => item.TemperatureF)\r\n

@ViewData[\"Title\"]

\r\n\r\n

Use this page to detail your site's privacy policy.

\r\n","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":24,"leaf":false,"module":"Home","parentId":16}],"collapsed":true,"id":16,"leaf":false,"module":"Views","parentId":4},{"children":[{"id":28,"parentId":27,"leaf":true,"module":"launchSettings.json","data":{"content":"{\r\n \"profiles\": {\r\n \"MvcApp\": {\r\n \"commandName\": \"Project\",\r\n \"dotnetRunMessages\": true,\r\n \"launchBrowser\": true,\r\n \"applicationUrl\": \"http://*:5050\",\r\n \"environmentVariables\": {\r\n \"ASPNETCORE_ENVIRONMENT\": \"Development\"\r\n }\r\n }\r\n }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":27,"leaf":false,"module":"Properties","parentId":4},{"children":[{"id":30,"parentId":29,"leaf":true,"module":"ErrorViewModel.cs","data":{"content":"namespace DemoApp.Models\r\n{\r\n public class ErrorViewModel\r\n {\r\n public string? RequestId { get; set; }\r\n\r\n public bool ShowRequestId => !string.IsNullOrEmpty(RequestId);\r\n }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":31,"parentId":29,"leaf":true,"module":"WeatherForecast.cs","data":{"content":"namespace DemoApp.Models;\r\n\r\npublic class WeatherForecast\r\n{\r\n public DateTime Date { get; set; }\r\n\r\n public int TemperatureC { get; set; }\r\n\r\n public int TemperatureF => 32 + (int)(TemperatureC / 0.5556);\r\n\r\n public string? Summary { get; set; }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":29,"leaf":false,"module":"Models","parentId":4},{"children":[{"id":33,"parentId":32,"leaf":true,"module":"AuthenticationController.cs","data":{"content":"using Microsoft.AspNetCore.Authentication;\r\nusing Microsoft.AspNetCore.Authentication.OpenIdConnect;\r\nusing Microsoft.AspNetCore.Mvc;\r\n\r\nnamespace DemoApp.Controllers;\r\n\r\npublic class AuthenticationController : Controller\r\n{\r\n public IActionResult Logout()\r\n {\r\n return new SignOutResult(new[]\r\n {\r\n OpenIdConnectDefaults.AuthenticationScheme,\r\n \"Cookies\" \r\n }); \r\n }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":34,"parentId":32,"leaf":true,"module":"HomeController.cs","data":{"content":"$15a","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":"line 6"}}],"collapsed":true,"id":32,"leaf":false,"module":"Controllers","parentId":4}],"collapsed":true,"id":4,"leaf":false,"module":"DemoApp","parentId":0},{"children":[{"id":37,"parentId":35,"leaf":true,"module":"appsettings.json","data":{"content":"{\r\n \"Logging\": {\r\n \"LogLevel\": {\r\n \"Default\": \"Information\",\r\n \"Microsoft.AspNetCore\": \"Warning\"\r\n }\r\n },\r\n \"AllowedHosts\": \"*\"\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":38,"parentId":35,"leaf":true,"module":"InitialDataSeed.cs","data":{"content":"$15b","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":39,"parentId":35,"leaf":true,"module":"OpenIddictAuthProvider.csproj","data":{"content":"$15c","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":41,"parentId":35,"leaf":true,"module":"Program.cs","data":{"content":"$15d","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"children":[{"id":43,"parentId":42,"leaf":true,"module":"favicon.ico","data":{"content":"$15e","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"children":[{"id":45,"parentId":44,"leaf":true,"module":"site.js","data":{"content":"// Please see documentation at https://docs.microsoft.com/aspnet/core/client-side/bundling-and-minification\r\n// for details on configuring this project to bundle and minify static web assets.\r\n\r\n// Write your JavaScript code.","language":"jsx","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":44,"leaf":false,"module":"js","parentId":42},{"children":[{"id":47,"parentId":46,"leaf":true,"module":"site.css","data":{"content":"$15f","language":"css","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":46,"leaf":false,"module":"css","parentId":42}],"collapsed":true,"id":42,"leaf":false,"module":"wwwroot","parentId":35},{"children":[{"id":49,"parentId":48,"leaf":true,"module":"_ViewImports.cshtml","data":{"content":"@using OpenIddictAuthProvider\r\n@using OpenIddictAuthProvider.Data\r\n@using OpenIddictAuthProvider.ViewModels.Authorization\r\n@using OpenIddictAuthProvider.ViewModels.Shared\r\n@addTagHelper *, Microsoft.AspNetCore.Mvc.TagHelpers","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":50,"parentId":48,"leaf":true,"module":"_ViewStart.cshtml","data":{"content":"@{\r\n Layout = \"_Layout\";\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"children":[{"id":52,"parentId":51,"leaf":true,"module":"Error.cshtml","data":{"content":"@model ErrorViewModel\r\n \r\n

\r\n

Ooooops, something went really bad! :(

\r\n

\r\n @if (!string.IsNullOrEmpty(Model.Error)) {\r\n @Model.Error\r\n }\r\n\r\n @if (!string.IsNullOrEmpty(Model.ErrorDescription)) {\r\n @Model.ErrorDescription\r\n }\r\n

\r\n

","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":53,"parentId":51,"leaf":true,"module":"_Layout.cshtml","data":{"content":"$160","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":54,"parentId":51,"leaf":true,"module":"_LoginPartial.cshtml","data":{"content":"@using Microsoft.AspNetCore.Identity\r\n@inject SignInManager SignInManager\r\n@inject UserManager UserManager\r\n\r\n","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":55,"parentId":51,"leaf":true,"module":"_ValidationScriptsPartial.cshtml","data":{"content":"\r\n","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":51,"leaf":false,"module":"Shared","parentId":48},{"children":[{"id":57,"parentId":56,"leaf":true,"module":"Index.cshtml","data":{"content":"@{\r\n ViewData[\"Title\"] = \"Home Page\";\r\n}\r\n\r\n

\r\n

Welcome

\r\n

Identity Provider is ready to use.

\r\n

@ViewData[\"Title\"]

\r\n\r\n

Use this page to detail your site's privacy policy.

\r\n

Authorization

\r\n\r\n

Do you want to grant @Model.ApplicationName access to your data? (scopes requested: @Model.Scope)

\r\n\r\n

\r\n

Log out

\r\n

Are you sure you want to sign out?

\r\n\r\n

","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":59,"leaf":false,"module":"Authorization","parentId":48}],"collapsed":true,"id":48,"leaf":false,"module":"Views","parentId":35},{"children":[{"children":[{"id":64,"parentId":63,"leaf":true,"module":"ErrorViewModel.cs","data":{"content":"using System.ComponentModel.DataAnnotations;\r\n\r\nnamespace OpenIddictAuthProvider.ViewModels.Shared;\r\n\r\npublic class ErrorViewModel\r\n{\r\n [Display(Name = \"Error\")]\r\n public string Error { get; set; }\r\n\r\n [Display(Name = \"Description\")]\r\n public string ErrorDescription { get; set; }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":63,"leaf":false,"module":"Shared","parentId":62},{"children":[{"id":66,"parentId":65,"leaf":true,"module":"AuthorizeViewModel.cs","data":{"content":"using System.ComponentModel.DataAnnotations;\r\n\r\nnamespace OpenIddictAuthProvider.ViewModels.Authorization;\r\n\r\npublic class AuthorizeViewModel\r\n{\r\n [Display(Name = \"Application\")]\r\n public string ApplicationName { get; set; }\r\n\r\n [Display(Name = \"Scope\")]\r\n public string Scope { get; set; }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":65,"leaf":false,"module":"Authorization","parentId":62}],"collapsed":true,"id":62,"leaf":false,"module":"ViewModels","parentId":35},{"children":[{"id":68,"parentId":67,"leaf":true,"module":"launchSettings.json","data":{"content":"{\r\n \"profiles\": {\r\n \"OpenIdDictSample.Server\": {\r\n \"commandName\": \"Project\",\r\n \"dotnetRunMessages\": true,\r\n \"launchBrowser\": true,\r\n \"applicationUrl\": \"http://*:3000\",\r\n \"environmentVariables\": {\r\n \"ASPNETCORE_ENVIRONMENT\": \"Development\",\r\n \"ASPNETCORE_HOSTINGSTARTUPASSEMBLIES\": \"Microsoft.AspNetCore.Mvc.Razor.RuntimeCompilation\"\r\n }\r\n }\r\n }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":67,"leaf":false,"module":"Properties","parentId":35},{"children":[{"id":72,"parentId":71,"leaf":true,"module":"AsyncEnumerableExtensions.cs","data":{"content":"namespace OpenIddictAuthProvider.Helpers;\r\n\r\npublic static class AsyncEnumerableExtensions\r\n{\r\n public static Task> ToListAsync(this IAsyncEnumerable source)\r\n {\r\n if (source == null)\r\n {\r\n throw new ArgumentNullException(nameof(source));\r\n }\r\n\r\n return ExecuteAsync();\r\n\r\n async Task> ExecuteAsync()\r\n {\r\n var list = new List();\r\n\r\n await foreach (var element in source)\r\n {\r\n list.Add(element);\r\n }\r\n\r\n return list;\r\n }\r\n }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":73,"parentId":71,"leaf":true,"module":"FormValueRequiredAttribute.cs","data":{"content":"$161","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":71,"leaf":false,"module":"Helpers","parentId":35},{"children":[{"id":75,"parentId":74,"leaf":true,"module":"ApplicationDbContext.cs","data":{"content":"using Microsoft.AspNetCore.Identity.EntityFrameworkCore;\r\nusing Microsoft.EntityFrameworkCore;\r\n\r\nnamespace OpenIddictAuthProvider.Data;\r\n\r\npublic class ApplicationDbContext : IdentityDbContext\r\n{\r\n public ApplicationDbContext(DbContextOptions options)\r\n : base(options) { }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":76,"parentId":74,"leaf":true,"module":"ApplicationUser.cs","data":{"content":"using Microsoft.AspNetCore.Identity;\r\n\r\nnamespace OpenIddictAuthProvider.Data;\r\n\r\n// Add profile data for application users by adding properties to the ApplicationUser class\r\npublic class ApplicationUser : IdentityUser { }","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":74,"leaf":false,"module":"Data","parentId":35},{"children":[{"id":78,"parentId":77,"leaf":true,"module":"AuthorizationController.cs","data":{"content":"$162","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":79,"parentId":77,"leaf":true,"module":"ErrorController.cs","data":{"content":"using Microsoft.AspNetCore;\r\nusing Microsoft.AspNetCore.Mvc;\r\nusing OpenIddictAuthProvider.ViewModels.Shared;\r\n\r\nnamespace OpenIddictAuthProvider.Controllers;\r\n\r\npublic class ErrorController : Controller\r\n{\r\n [Route(\"error\")]\r\n [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]\r\n public IActionResult Error()\r\n {\r\n // If the error was not caused by an invalid\r\n // OIDC request, display a generic error page.\r\n var response = HttpContext.GetOpenIddictServerResponse();\r\n if (response == null)\r\n {\r\n return View(new ErrorViewModel());\r\n }\r\n\r\n return View(new ErrorViewModel\r\n {\r\n Error = response.Error,\r\n ErrorDescription = response.ErrorDescription\r\n });\r\n }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":80,"parentId":77,"leaf":true,"module":"HomeController.cs","data":{"content":"using Microsoft.AspNetCore.Mvc;\r\n\r\nnamespace OpenIddictAuthProvider.Controllers;\r\n\r\npublic class HomeController : Controller\r\n{\r\n public IActionResult Index()\r\n {\r\n return View();\r\n }\r\n\r\n public IActionResult Privacy()\r\n {\r\n return View();\r\n }\r\n\r\n public IActionResult Error()\r\n {\r\n return View();\r\n }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":81,"parentId":77,"leaf":true,"module":"ResourceController.cs","data":{"content":"$163","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":82,"parentId":77,"leaf":true,"module":"UserinfoController.cs","data":{"content":"$164","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":77,"leaf":false,"module":"Controllers","parentId":35},{"children":[{"children":[{"children":[{"id":86,"parentId":85,"leaf":true,"module":"_ViewStart.cshtml","data":{"content":"@{\r\n Layout = \"/Views/Shared/_Layout.cshtml\";\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":85,"leaf":false,"module":"Pages","parentId":84}],"collapsed":true,"id":84,"leaf":false,"module":"Identity","parentId":83}],"collapsed":true,"id":83,"leaf":false,"module":"Areas","parentId":35}],"collapsed":true,"id":35,"leaf":false,"module":"OpenIddictAuthProvider","parentId":0},{"children":[{"id":89,"parentId":87,"leaf":true,"module":"appsettings.json","data":{"content":"{\r\n \"Logging\": {\r\n \"LogLevel\": {\r\n \"Default\": \"Information\",\r\n \"Microsoft.AspNetCore\": \"Warning\"\r\n }\r\n },\r\n \"AllowedHosts\": \"*\"\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":90,"parentId":87,"leaf":true,"module":"Program.cs","data":{"content":"$165","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":"40"}},{"id":91,"parentId":87,"leaf":true,"module":"WeatherForecast.cs","data":{"content":"namespace SecondaryApiApp\r\n{\r\n public class WeatherForecast\r\n {\r\n public DateTime Date { get; set; }\r\n\r\n public int TemperatureC { get; set; }\r\n\r\n public int TemperatureF => 32 + (int)(TemperatureC / 0.5556);\r\n\r\n public string? Summary { get; set; }\r\n }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"id":92,"parentId":87,"leaf":true,"module":"SecondaryApiApp.csproj","data":{"content":"\r\n\r\n \r\n net8.0\r\n enable\r\n enable\r\n \r\n\r\n \r\n \r\n \r\n \r\n\r\n","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}},{"children":[{"id":94,"parentId":93,"leaf":true,"module":"launchSettings.json","data":{"content":"{\r\n \"profiles\": {\r\n \"WebApiApp\": {\r\n \"commandName\": \"Project\",\r\n \"dotnetRunMessages\": true,\r\n \"launchBrowser\": true,\r\n \"applicationUrl\": \"http://*:5060\",\r\n \"environmentVariables\": {\r\n \"ASPNETCORE_ENVIRONMENT\": \"Development\"\r\n }\r\n }\r\n }\r\n}","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":""}}],"collapsed":true,"id":93,"leaf":false,"module":"Properties","parentId":87},{"children":[{"id":105,"parentId":104,"leaf":true,"module":"WeatherForecastController.cs","data":{"content":"$166","language":"javascript","staticFile":false,"hidden":false,"highlightedLines":"22"}}],"collapsed":true,"id":104,"leaf":false,"module":"Controllers","parentId":87}],"collapsed":true,"id":87,"leaf":false,"module":"SecondaryApiApp","parentId":0}],"defaultSelectedFile":90},"comp_id":"LoaKA_k7IcCCYUUo-6_lH","dockerJob":{"key":"m1irZyCSD1V5ndnGThKO9","jobType":"Live","name":"Full Authentication Flow With Secondary App","inputFileName":"Program.cs","runScript":"ls","ports":"5050","startScript":"dotnet run --project /usercode/OpenIddictAuthProvider/OpenIddictAuthProvider.csproj &\nuntil $(curl --output /dev/null --silent --head --fail http://localhost:3000); do\n printf '.'\n sleep 5\ndone\ndotnet run --project /usercode/DemoApp/DemoApp.csproj &\ndotnet run --project /usercode/SecondaryApiApp/SecondaryApiApp.csproj","https":false,"forceRelaunchOnRun":true,"runInLiveContainer":true},"caption":"Web API app with the full OIDC authentication flow","isCopied":true},"status":"normal","contentID":"4kyDUo4NcX4rxcYuDaGA7","saveVersion":64,"widgetCopyId":"5945896371748864","iteration":0,"hash":1,"children":[{"text":""}],"comp_id":"Tz8AZVdwLYITI8B_rcb_0"},{"type":"SlateHTML","content":{"html":"

Note: Because we have to build two ASP.NET Core applications and populate the IdP database with the initial seed data, the build process is expected to take at least a few minutes. Also, because each playground launch rebuilds the IdP along with its database, the ...

","comp_id":"Jp8_VHpy3cPIdtOPD_iQE"},"hash":4}]},"isPreviewLesson":false,"pageType":"collection_lesson","aiCoachVideoUrl":"https://youtu.be/kgl8y9J3O6c","collectionDetailsSSR":{"title":"Using Single Sign-On for Securing Applications in ASP.NET Core","summary":"Securing web applications is extremely important, as you do not want unauthorized people to gain access to your data. The most convenient way of securing an application is to use single sign-on (SSO) because it allows users to authenticate once and gain access to all apps within the same system.\n\nIn this course, you’ll cover the process of using SSO in ASP.NET Core apps. You’ll also cover its usage inside all application types supported by ASP.NET Core, including MVC, web API, gRPC services, Blazor, and SignalR.\n\nBy the end of this course, you will have learned what SSO consists of, what protocols it uses, and how it’s configured inside an ASP.NET Core middleware. You will also have learned how to secure any endpoints, pages, and views supported by ASP.NET Core.","details":"","clos":["An understanding of the fundamentals of authentication and authorization","Familiarity with how single sign-on works with OpenID Connect and OAuth","Hands-on experience implementing single sign-on in all ASP.NET Core application types, including Blazor","Working knowledge of how to build your own authentication provider","Hands-on experience with integrating any type of single sign-on provider with ASP.NET Core application middleware"],"arabic_available":false,"page_tags":{"5993576884076544":"","5996030266703872":"","4692595453984768":"","6293188786257920":"","4971582168236032":"","4628052900052992":"","4514612965539840":"","6199262347788288":"","4662468355555328":"","6618777237848064":"","5479313086087168":"","5221990371426304":"","4697489518886912":"","5156053244968960":"","6433800973975552":"","4701978267222016":"","6387982942339072":"","5645723523350528":"","6449158466306048":"","6261817137168384":"","5177272598003712":"","6721865781084160":"","5364452020715520":"","5903151380824064":"","5574049931198464":"","5385503886802944":"","4940034089943040":"","5194484360675328":"","5065698390573056":"","5955086125367296":"","4558459749793792":"","5626935675453440":"","5410249407987712":"","6645194843488256":"","4786948184735744":"","6412327085408256":"","5877280178044928":"","5142536244690944":"","6054847679561728":"","6584689894359040":"","6261986704490496":"","4564163382476800":"","5353745539661824":"","6232719002173440":"","5221333996404736":"","6591166570823680":"","5719043212050432":"","5891531699126272":"","5901931761106944":"","5056965866422272":"","6615257579257856":"","5315934191091712":"","5640512872382464":"","5630748130017280":"","5884646262571008":"","5124486292307968":"","4513640474214400":"","5867793347772416":""},"collection_toc_is_enabled":true,"page_count":null,"docker":{"container":{"file":{"name":"sso.tar.gz","size":229},"imageName":"author-6586453712175104-collection-5945896371748864-rev-37-container-4735967091097600-sso","buildStatusUrl":"/api/author/6586453712175104/collection/5945896371748864/containers/4735967091097600/build/status","buildLogUrl":"/api/author/6586453712175104/collection/5945896371748864/containers/4735967091097600/build/log","metadata":{"sizeInBytes":229},"id":-1,"tarballDownloadUrl":"/api/author/6586453712175104/collection/5945896371748864/containers/4735967091097600/download","rebuildImageUrl":"/api/author/6586453712175104/collection/5945896371748864/containers/4735967091097600/rebuild","buildStatus":"SUCCESS","track":false},"envs":[],"jobs":[{"key":"DWxL083pjkKVvQehkLXiN","jobType":"Live","name":"Stand Alone Auth Provider","inputFileName":"Program.cs","runScript":"ls","ports":"5050","startScript":"dotnet run --project /usercode/OpenIddictAuthProvider/OpenIddictAuthProvider.csproj","https":false,"forceRelaunchOnRun":true,"runInLiveContainer":true},{"key":"37utipSRRywkkYUC7Ftbq","jobType":"Live","name":"Client App Only","inputFileName":"Program.cs","runScript":"ls","ports":"5050","startScript":"dotnet run --project /usercode/DemoApp/DemoApp.csproj","https":false,"forceRelaunchOnRun":true,"runInLiveContainer":true},{"key":"jx26GEOc6tgqKSxf7SQaT","jobType":"Live","name":"Full Authentication Flow","inputFileName":"Program.cs","runScript":"ls","ports":"5050","startScript":"dotnet run --project /usercode/OpenIddictAuthProvider/OpenIddictAuthProvider.csproj &\nuntil $(curl --output /dev/null --silent --head --fail http://localhost:3000); do\n printf '.'\n sleep 5\ndone\ndotnet run --project /usercode/DemoApp/DemoApp.csproj","https":false,"forceRelaunchOnRun":true,"runInLiveContainer":true},{"key":"m1irZyCSD1V5ndnGThKO9","jobType":"Live","name":"Full Authentication Flow With Secondary App","inputFileName":"Program.cs","runScript":"ls","ports":"5050","startScript":"dotnet run --project /usercode/OpenIddictAuthProvider/OpenIddictAuthProvider.csproj &\nuntil $(curl --output /dev/null --silent --head --fail http://localhost:3000); do\n printf '.'\n sleep 5\ndone\ndotnet run --project /usercode/DemoApp/DemoApp.csproj &\ndotnet run --project /usercode/SecondaryApiApp/SecondaryApiApp.csproj","https":false,"forceRelaunchOnRun":true,"runInLiveContainer":true},{"key":"rg_gF4PRlnjkoi3iNZ1v1","jobType":"Live","name":"Blazor WebAssembly OIDC","inputFileName":"Program.cs","runScript":"ls","ports":"5050","startScript":"sed -i -e 's@xxxxx@'\"$EDUCATIVE_LIVE_VM_ALT_SERVER_URL\"'@g' /usercode/DemoApp/wwwroot/appsettings.json &&\ndotnet run --project /usercode/OpenIddictAuthProvider/OpenIddictAuthProvider.csproj &\nuntil $(curl --output /dev/null --silent --head --fail http://localhost:3000); do\n printf '.'\n sleep 5\ndone\ndotnet run --project /usercode/DemoApp/DemoApp.csproj","https":false,"forceRelaunchOnRun":true,"runInLiveContainer":true},{"key":"KkZgpE6uBIh5OM2cCu0hU","jobType":"Live","name":"Client and back-end","inputFileName":"Program.cs","runScript":"ls","ports":"5050","startScript":"dotnet run --project /usercode/DemoApp/DemoApp.csproj &\ndotnet run --project /usercode/SecondaryApiApp/SecondaryApiApp.csproj","https":false,"forceRelaunchOnRun":true,"runInLiveContainer":true}],"testRunners":[],"version":3,"loaded":true},"discounted_price":29,"cover_image_id":5388576943112192,"cover_image_metadata":"{\"width\":1024,\"height\":512,\"sizeInBytes\":19460,\"name\":\"Single Sign-on Authentication and authorization in ASP.NET Core.png\"}","cover_image_serving_url":"/v2api/collection/6586453712175104/5945896371748864/image/5388576943112192","tags":["ASP.NET Core",".NET Applications","C#","Single Sign-On"],"intro_video_url":"","intro_video_thumbnail_url":null,"aggregated_widget_stats":{"projects":0,"assessments":0,"cloudlabs":0,"WebpackBin":43,"codeExerciseCount":0,"codeRunnableCount":43,"codeSnippetCount":156,"illustrations":52,"SlateHTML":304,"DrawIOWidget":51,"EditorCode":141,"Code":15,"Quiz":8,"SpoilerEditor":7,"Columns":1},"default_themes":{"code_themes":{"Code":"default","Markdown":"default","RunJS":"default","SPA":"default","isForced":{"Code":false,"Markdown":false,"RunJS":false,"SPA":false}}},"api_keys":{"api_keys":[]},"skills":[],"testimonials":[],"licensing":null,"target_audience":"intermediate","author_id":"6586453712175104","collection_id":"5945896371748864","approval_status":3005,"price":29,"is_private":false,"path_type":"regular","organization_id":null,"is_mini":false,"is_priced":true,"brief_summary":"Delve into using Single Sign-On (SSO) to secure ASP.NET Core applications, including MVC, web API, and more. Discover protocols, configuration, and securing pages and endpoints.","approval_update_time":"2024-04-09T08:17:47.890Z","rating_visibility":true,"update_last_published_on_homepage":true,"show_developed_by":true,"udata_files":[],"CodeThemes":{"Code":"default","Markdown":"default","RunJS":"default","SPA":"default","isForced":{"Code":false,"Markdown":false,"RunJS":false,"SPA":false}},"is_marked_for_deletion":false,"transition_page_title":"","is_redirectable":false,"collection_type":"collection","adaptive_learning_mode":false,"HLOs_to_toc":{},"is_guide":false,"read_time":90000,"allow_logged_out_executions":false,"unique_live_widget_urls":false,"metadata_status":101,"palified_version":null},"pageSummarySSR":{"title":"Securing Controllers","description":"Get familiar with securing web API controllers.","discourse_page_url":"https://discuss.educative.io/tag/securing-controllers__enabling-sso-in-web-api__using-single-sign-on-for-securing-applications-in-aspnet-core?open=true&ctag=using-single-sign-on-for-securing-applications-in-aspnet-core__fiodar-sazanavets&cslug=using-single-sign-on-for-securing-applications-in-aspnet-core&pslug=securing-controllers"},"adaptiveLearningConfigConstantSSR":0,"enableLessonPageLockedBannerV2":true,"allowAllLessonPreview":false,"lockedBannerStatsSSR":{"b2cTrialStats":{"is_b2c_trial_active":true,"b2c_trial_active_duration":21,"b2c_trial_categories":"$167"},"b2cStatus":100,"learnerTags":"$168","workStats":1600,"interviewWorksStats":93,"inL2cStarterPack":false,"l2cWorkStats":46,"enableL2cStarterPackPaymentWidget":"false"},"pageTocSSR":"

","authorId":"6586453712175104","collectionId":"5945896371748864","pageId":"5626935675453440","isCollectionPageLockedCachingEnabled":true,"aceFeatureFlags":{"enableAceEditor":true,"enableAceEditorForAnswers":true},"meta":{"type":["Article","TechArticle"],"title":"Securing Controllers","name":"Using Single Sign-On for Securing Applications in ASP.NET Core","description":"Get familiar with securing web API controllers.","image":"https://educative.io/api/collection/6586453712175104/5945896371748864/image/5388576943112192.png","isAccessibleForFree":false,"keywords":"$168","provider":"Educative","publisher":"Educative","id":"courses/using-single-sign-on-for-securing-applications-in-aspnet-core/securing-controllers","author":"Educative","educationalLevel":"intermediate","noIndex":true,"isForcedNoIndex":true,"noFollow":false,"redirectInfo":{"isDeletedCollectionPageRedirectable":false},"page_titles":{"6199262347788288":"Getting Started","4692595453984768":"Authentication vs. Authorization","4662468355555328":"Single Sign-On (SSO) Basics","5993576884076544":"SSO Provider Basics","5996030266703872":"Using OAuth for Authorization","6618777237848064":"Quiz Yourself on SSO Basics","5479313086087168":"JSON Web Token and its Structure","6293188786257920":"ASP.NET Core Authentication Middleware","4971582168236032":"Configuring SSO Middleware in ASP.NET Core","4628052900052992":"Role-Based Authorization","4514612965539840":"Policy-Based Authorization","5156053244968960":"Quiz Yourself on Authorization Middleware","5221990371426304":"Challenge: Enforcing Role-Based Authorization","4697489518886912":"Solution Review: Enforcing Role-Based Authorization","6387982942339072":"MVC Overview","5645723523350528":"Configuring SSO Inside an MVC Application","6261817137168384":"Enforcing Authentication and Authorization on MVC Views","5903151380824064":"Quiz Yourself on SSO in MVC Apps","5385503886802944":"Challenge: Adding Public and Admin Views","4940034089943040":"Solution Review: Adding Public and Admin Views","6721865781084160":"Razor Pages Overview","5177272598003712":"Configuring SSO inside a Razor Pages App","5364452020715520":"Enforcing Authorization on Individual Razor Pages","5574049931198464":"Quiz Yourself on SSO in Razor Pages","5194484360675328":"Challenge: Adding a Restricted Razor Page","5065698390573056":"Solution Review: Adding a Restricted Razor Page","5955086125367296":"Web API Overview","4558459749793792":"Passing a JWT into Headless APIs","5626935675453440":"Securing Controllers","5410249407987712":"Securing Minimal API Endpoints","6584689894359040":"Quiz Yourself on Using SSO in a Web API","4564163382476800":"Challenge: Restricting Write Requests","6261986704490496":"Solution Review: Restricting Write Requests","6412327085408256":"Blazor WebAssembly Overview","6645194843488256":"Configuring SSO in Blazor WebAssembly","5142536244690944":"Securing Blazor WebAssembly Views","4786948184735744":"Configuring SSO in Blazor Server","6054847679561728":"Securing Blazor Server Views","5221333996404736":"Quiz Yourself on SSO in Blazor","6232719002173440":"Challenge: Securing Blazor Pages","5353745539661824":"Solution Review: Securing Blazor Pages","5719043212050432":"gRPC Overview","5891531699126272":"Securing gRPC Endpoints","6591166570823680":"Passing JWT from a gRPC Client","6615257579257856":"Quiz Yourself on SSO in gRPC","5056965866422272":"Challenge: Securing gRPC Communication","5901931761106944":"Solution Review: Securing gRPC Communication","5640512872382464":"SignalR Overview","5315934191091712":"Passing JWT from a SignalR Client","5124486292307968":"Quiz Yourself on SSO in SignalR","5884646262571008":"Challenge: Adding a Secure Chat Channel","5630748130017280":"Solution Review: Adding a Secure Chat Channel","4513640474214400":"Summary","5867793347772416":"Closing Thoughts","6433800973975552":"Setting Up a Local Development Environment","4701978267222016":"Setting Up a Self-Signed SSL Certificate","6449158466306048":"Using OpenID Connect for Authentication","5877280178044928":"Blazor Server Overview"},"is_marked_for_deletion":false,"transition_page_title":"","is_redirectable":false,"deleted_course_lesson_redirect":{"author_id":null,"collection_id":null,"page_id":null,"redirect_url_slug":null},"metadata_status":101,"additional_course_alternatives":[]},"requestUrl":"/courses/using-single-sign-on-for-securing-applications-in-aspnet-core/securing-controllers","requestUrlInfo":{"authorId":6586453712175104,"collectionId":5945896371748864,"pageId":5626935675453440,"courseUrlSlug":"using-single-sign-on-for-securing-applications-in-aspnet-core","pageUrlSlug":"securing-controllers"},"isExternalContent":false}}],[["$","script",null,{"id":"generate-data","type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"$169"}}],false,"$undefined"]]