up

inspiration/Ablera.Serdica.Authentication/Models/Oidc/AllowedMask.cs

@@ -0,0 +1,10 @@
+namespace Ablera.Serdica.Authentication.Models.Oidc;
+
+public record AllowedMask
+{
+    public bool? SameNetworks { get; init; }
+    public string[]? Hosts { get; init; }
+    public string[]? Networks { get; init; }
+    public int[]? Ports { get; init; }
+    public string[]? ClientIds { get; init; }
+}

inspiration/Ablera.Serdica.Authentication/Models/Oidc/ClaimTypeAndValue.cs

@@ -0,0 +1,7 @@
+namespace Ablera.Serdica.Authentication.Models.Oidc;
+
+public record ClaimTypeAndValue
+{
+    public required string Type { get; init; } = null!;
+    public required string Value { get; init; } = null!;
+}

inspiration/Ablera.Serdica.Authentication/Models/Oidc/ClientCredentials.cs

@@ -0,0 +1,8 @@
+namespace Ablera.Serdica.Authentication.Models.Oidc;
+
+public record ClientCredentials : ConnectionSettingsBase
+{
+    public required string[] Scopes { get; init; }
+    public required string[] Claims { get; init; }
+    public bool RequireHttps { get; init; } = true;
+}

inspiration/Ablera.Serdica.Authentication/Models/Oidc/ConnectionSettingsBase.cs

@@ -0,0 +1,22 @@
+using System.Collections.Generic;
+using System.Text.Json;
+
+namespace Ablera.Serdica.Authentication.Models.Oidc;
+
+public abstract record ConnectionSettingsBase
+{
+    public required string[] GrantTypes { get; set; }
+
+    public required string ClientId { get; init; }
+
+    public string? ClientSecret { get; init; }
+    public required string ClientType { get; init; } = "public";
+
+    public required string DisplayName { get; init; }
+
+    public string[]? RedirectUris { get; init; }
+
+    public string[]? PostLogoutRedirectUris { get; init; }
+
+    public Dictionary<string, JsonElement>? Properties { get; init; }
+}

inspiration/Ablera.Serdica.Authentication/Models/Oidc/Endpoints.cs

@@ -0,0 +1,17 @@
+namespace Ablera.Serdica.Authority.Models;
+
+
+public record Endpoints
+{
+    public required string Authorization { get; init; } = "/connect/authorize";
+    public required string Introspection { get; init; } = "/connect/introspect";
+    public required string Token { get; init; } = "/connect/token";
+    public required string Userinfo { get; init; } = "/connect/userinfo";
+    public required string EndUserVerification { get; init; } = "/connect/verification";
+    public required string Revocation { get; init; } = "/connect/revocation";
+    public required string Logout { get; init; } = "/connect/endsession";
+    public required string CheckSession { get; init; } = "/connect/checksession";
+    public required string Device { get; init; } = "/connect/device";
+    public required string Jwks { get; init; } = "/connect/jwks";
+    public required string Configuration { get; init; } = "/.well-known/openid-configuration";
+}

inspiration/Ablera.Serdica.Authentication/Models/Oidc/OdicValidation.cs

@@ -0,0 +1,15 @@
+using Ablera.Serdica.Authority.Models;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Ablera.Serdica.Authentication.Models.Oidc;
+
+public record OidcValidation : OidcSettingsBase
+{
+    public required string IssuerUrl { get; set; }
+    public required string? ConfigurationUrl { get; set; }
+    public AllowedMask[] BypassValidationsMasks { get; init; } = Array.Empty<AllowedMask>();
+}

inspiration/Ablera.Serdica.Authentication/Models/Oidc/OidcServerSettings.cs

@@ -0,0 +1,21 @@
+using System;
+using System.Linq;
+using System.Text;
+using System.Text.Json.Serialization;
+using System.Threading.Tasks;
+using Ablera.Serdica.Authentication.Models.Oidc;
+
+namespace Ablera.Serdica.Authority.Models;
+
+public record OidcServerSettings : OidcSettingsBase
+{
+    public Endpoints Endpoints { get; init; } = null!;
+    public required string IssuerUrl { get; init; } = null!;
+    public bool? RequireHttps { get; set; } = false;
+    public required string CookieName { get; init; } = "oauth2-authorization";
+    public required int CookieExpirationInMinutes { get; init; } = 2;
+    public required int AuthorizationTokenDurationInMinutes { get; init; } = 5;
+    public RegisteredClient[] RegisteredClients { get; init; } = Array.Empty<RegisteredClient>();
+    public string[] Claims { get; init; } = Array.Empty<string>();   
+    public string[] Scopes { get; init; } = Array.Empty<string>();
+}

inspiration/Ablera.Serdica.Authentication/Models/Oidc/OidcSettingsBase.cs

@@ -0,0 +1,7 @@
+namespace Ablera.Serdica.Authentication.Models.Oidc;
+
+public abstract record OidcSettingsBase
+{
+    public string? EncryptionKey { get; init; }
+    public AllowedMask[]? AllowedMasks { get; init; }
+}

inspiration/Ablera.Serdica.Authentication/Models/Oidc/RegisteredClient.cs

@@ -0,0 +1,15 @@
+using System.Collections.Generic;
+
+namespace Ablera.Serdica.Authentication.Models.Oidc;
+
+public record RegisteredClient : ConnectionSettingsBase
+{
+    public string[]? Permissions { get; init; }
+
+    public string[]? Requirements { get; init; }
+
+    public AllowedMask[]? AllowedMasks { get; init; }
+
+    public ClaimTypeAndValue[]? BuiltinClaims { get; init; } = [];
+    public Dictionary<string, string?>? Settings { get; init; }
+}

inspiration/Ablera.Serdica.Authentication/Models/ProxyResult.cs

@@ -0,0 +1,15 @@
+using System.Collections.Generic;
+using System.Net;
+using System.Text.Json.Nodes;
+
+namespace Ablera.Serdica.Authentication.Models;
+
+public sealed class ProxyResult
+{
+    public HttpStatusCode StatusCode { get; init; } = HttpStatusCode.OK;
+    public JsonNode? Data { get; init; } // null ⇒ no body
+    public IDictionary<string, string>? Errors { get; init; }
+    public string? TraceId { get; init; }
+    public string? Title { get; init; }
+    public string? Type { get; init; }
+}