File: Program.cs
Web Access
Project: src\playground\keycloak\Keycloak.Web\Keycloak.Web.csproj (Keycloak.Web)
using System.IdentityModel.Tokens.Jwt;
using Keycloak.Web;
using Keycloak.Web.Components;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
using Microsoft.IdentityModel.Protocols.OpenIdConnect;
 
var builder = WebApplication.CreateBuilder(args);
 
// Add service defaults & Aspire components.
builder.AddServiceDefaults();
 
// Add services to the container.
builder.Services.AddRazorComponents()
    .AddInteractiveServerComponents();
 
builder.Services.AddOutputCache();
 
builder.Services.AddHttpContextAccessor()
                .AddTransient<AuthorizationHandler>();
 
builder.Services.AddHttpClient<WeatherApiClient>(client =>
    {
        // This URL uses "https+http://" to indicate HTTPS is preferred over HTTP.
        // Learn more about service discovery scheme resolution at https://aka.ms/dotnet/sdschemes.
        client.BaseAddress = new("https+http://apiservice");
    })
    .AddHttpMessageHandler<AuthorizationHandler>();
 
var oidcScheme = OpenIdConnectDefaults.AuthenticationScheme;
 
builder.Services.AddAuthentication(oidcScheme)
                .AddKeycloakOpenIdConnect("keycloak", realm: "WeatherShop", oidcScheme, options =>
                {
                    options.ClientId = "WeatherWeb";
                    options.ResponseType = OpenIdConnectResponseType.Code;
                    options.Scope.Add("weather:all");
                    options.RequireHttpsMetadata = false;
                    options.TokenValidationParameters.NameClaimType = JwtRegisteredClaimNames.Name;
                    options.SaveTokens = true;
                    options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                })
                .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme);
 
builder.Services.AddCascadingAuthenticationState();
 
var app = builder.Build();
 
if (!app.Environment.IsDevelopment())
{
    app.UseExceptionHandler("/Error", createScopeForErrors: true);
    // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
    app.UseHsts();
}
 
app.UseHttpsRedirection();
 
app.UseStaticFiles();
app.UseAntiforgery();
 
app.UseOutputCache();
 
app.MapRazorComponents<App>()
    .AddInteractiveServerRenderMode();
 
app.MapDefaultEndpoints();
app.MapLoginAndLogout();
 
app.Run();