Merge pull request #149 from DuendeSoftware/joe/revert-bad-v6

Revert "Add PAR sample"

IdentityServer/v6/Basics/IdentityServer/src/Clients.cs

@@ -139,37 +139,6 @@ public static class Clients
                     AllowOfflineAccess = true,
                     AllowedScopes = { "openid", "profile", "scope1", "scope2" }
                 },
-
-                ///////////////////////////////////////////
-                // MVC PAR Sample
-                //////////////////////////////////////////
-                new Client
-                {
-                    ClientId = "mvc.par",
-                    ClientName = "MVC PAR Client",
-
-                    ClientSecrets =
-                    {
-                        new Secret("secret".Sha256())
-                    },
-
-                    RequireRequestObject = false,
-
-                    AllowedGrantTypes = GrantTypes.Code,
-
-                    RequirePushedAuthorization = true,
-
-                    // Note that redirect uris are optional for PAR clients when the
-                    // AllowUnregisteredPushedRedirectUris flag is enabled
-                    // RedirectUris = { "https://localhost:44300/signin-oidc" },
-
-                    FrontChannelLogoutUri = "https://localhost:44300/signout-oidc",
-                    PostLogoutRedirectUris = { "https://localhost:44300/signout-callback-oidc" },
-
-                    AllowOfflineAccess = true,
-
-                    AllowedScopes = { "openid", "profile", "scope1", "scope2" }
-                },
             };
     }
 }

IdentityServer/v6/Basics/IdentityServer/src/IdentityServerHost.csproj

@@ -1,11 +1,11 @@
-<Project Sdk="Microsoft.NET.Sdk.Web">
+<Project Sdk="Microsoft.NET.Sdk.Web">
 
   <PropertyGroup>
-    <TargetFramework>net8.0</TargetFramework>
+    <TargetFramework>net6.0</TargetFramework>
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Duende.IdentityServer" Version="7.0.0-preview.2" />
+    <PackageReference Include="Duende.IdentityServer" Version="6.0.0" />
     <PackageReference Include="Serilog.AspNetCore" Version="4.1.0" />
   </ItemGroup>
 

IdentityServer/v6/Basics/IdentityServer/src/Pages/SecurityHeadersAttribute.cs

@@ -2,7 +2,6 @@
 // See LICENSE in the project root for license information.
 
 
-using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc.Filters;
 using Microsoft.AspNetCore.Mvc.RazorPages;
 
@@ -18,13 +17,13 @@ public override void OnResultExecuting(ResultExecutingContext context)
             // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
             if (!context.HttpContext.Response.Headers.ContainsKey("X-Content-Type-Options"))
             {
-                context.HttpContext.Response.Headers.Append("X-Content-Type-Options", "nosniff");
+                context.HttpContext.Response.Headers.Add("X-Content-Type-Options", "nosniff");
             }
 
             // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
             if (!context.HttpContext.Response.Headers.ContainsKey("X-Frame-Options"))
             {
-                context.HttpContext.Response.Headers.Append("X-Frame-Options", "SAMEORIGIN");
+                context.HttpContext.Response.Headers.Add("X-Frame-Options", "SAMEORIGIN");
             }
 
             // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
@@ -37,19 +36,19 @@ public override void OnResultExecuting(ResultExecutingContext context)
             // once for standards compliant browsers
             if (!context.HttpContext.Response.Headers.ContainsKey("Content-Security-Policy"))
             {
-                context.HttpContext.Response.Headers.Append("Content-Security-Policy", csp);
+                context.HttpContext.Response.Headers.Add("Content-Security-Policy", csp);
             }
             // and once again for IE
             if (!context.HttpContext.Response.Headers.ContainsKey("X-Content-Security-Policy"))
             {
-                context.HttpContext.Response.Headers.Append("X-Content-Security-Policy", csp);
+                context.HttpContext.Response.Headers.Add("X-Content-Security-Policy", csp);
             }
 
             // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
             var referrer_policy = "no-referrer";
             if (!context.HttpContext.Response.Headers.ContainsKey("Referrer-Policy"))
             {
-                context.HttpContext.Response.Headers.Append("Referrer-Policy", referrer_policy);
+                context.HttpContext.Response.Headers.Add("Referrer-Policy", referrer_policy);
             }
         }
     }

IdentityServer/v6/Basics/IdentityServer/src/Startup.cs

@@ -35,7 +35,6 @@ public void ConfigureServices(IServiceCollection services)
 
                 // see https://docs.duendesoftware.com/identityserver/v6/fundamentals/resources/api_scopes
                 options.EmitStaticAudienceClaim = true;
-                options.PushedAuthorization.AllowUnregisteredPushedRedirectUris = true;
             })
                 .AddTestUsers(TestUsers.Users);