szakatsa/Automatic-Parking
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Manual config
All checks were successful
Build, Push and Run Container / build (push) Successful in 24s
Details

Browse Source
This commit is contained in:
Szakáts Alpár
2025-08-16 23:50:09 +02:00
parent 890162394d
commit 20b11cff71
1 changed files with 34 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
Source/ProofOfConcept/Program.cs
View File

@@ -41,7 +41,8 @@ builder.Services
.AddOpenIdConnect(o =>
{
// Point directly at the third-party metadata
o.MetadataAddress = "https://fleet-auth.prd.vn.cloud.tesla.com/oauth2/v3/thirdparty/.well-known/openid-configuration";
// Metadata is wrong... it sets non-existing uris like: "jwks_uri": "https://fleet-auth.tesla.com/oauth2/v3/discovery/thirdparty/keys"
//o.MetadataAddress = "https://fleet-auth.prd.vn.cloud.tesla.com/oauth2/v3/thirdparty/.well-known/openid-configuration";
// === Use Fleet-Auth third-party OIDC config ===
o.Authority = "https://fleet-auth.tesla.com/oauth2/v3/nts";
@@ -52,7 +53,38 @@ builder.Services
o.Configuration.JwksUri = "https://fleet-auth.prd.vn.cloud.tesla.com/oauth2/v3/discovery/thirdparty/keys";
o.Configuration.EndSessionEndpoint = "https://fleet-auth.prd.vn.cloud.tesla.com/oauth2/v3/logout";
o.Configuration.UserInfoEndpoint = "https://fleet-auth.prd.vn.cloud.tesla.com/oauth2/v3/userinfo";
o.ConfigurationManager = new TeslaOIDCConfigurationManager(o.MetadataAddress);
o.Configuration.TokenEndpointAuthMethodsSupported.Clear();
o.Configuration.TokenEndpointAuthMethodsSupported.Add("client_secret_post");
o.Configuration.ResponseModesSupported.Clear();
o.Configuration.ResponseModesSupported.Add("query");
o.Configuration.GrantTypesSupported.Clear();
o.Configuration.GrantTypesSupported.Add("authorization_code");
o.Configuration.SubjectTypesSupported.Clear();
o.Configuration.SubjectTypesSupported.Add("public");
o.Configuration.ScopesSupported.Clear();
o.Configuration.ScopesSupported.Add("openid");
o.Configuration.ScopesSupported.Add("email");
o.Configuration.ScopesSupported.Add("profile");
o.Configuration.ScopesSupported.Add("metadata");
o.Configuration.IdTokenSigningAlgValuesSupported.Clear();
o.Configuration.IdTokenSigningAlgValuesSupported.Add("RS256");
o.Configuration.TokenEndpointAuthSigningAlgValuesSupported.Clear();
o.Configuration.TokenEndpointAuthSigningAlgValuesSupported.Add("RS256");
o.Configuration.ClaimsSupported.Clear();
o.Configuration.ClaimsSupported.Add("iss");
o.Configuration.ClaimsSupported.Add("iat");
o.Configuration.ClaimsSupported.Add("exp");
o.Configuration.ClaimsSupported.Add("nonce");
o.Configuration.ClaimsSupported.Add("sub");
o.Configuration.ClaimsSupported.Add("aud");
// Standard OIDC web app settings
o.ResponseType = OpenIdConnectResponseType.Code;