Nest OpenIdConnect options under Frontend

src/Aspire.Dashboard/Components/Controls/UserProfile.razor.cs

@@ -48,14 +48,14 @@ protected override async Task OnParametersSetAsync()
             if (claimsIdentity?.IsAuthenticated == true)
             {
                 _showUserProfileMenu = true;
-                _name = claimsIdentity.FindFirst(DashboardOptions.CurrentValue.OpenIdConnect.GetNameClaimTypes());
+                _name = claimsIdentity.FindFirst(DashboardOptions.CurrentValue.Frontend.OpenIdConnect.GetNameClaimTypes());
                 if (string.IsNullOrWhiteSpace(_name))
                 {
                     // Make sure there's always a name, even if that name is a placeholder
                     _name = Loc[nameof(Login.AuthorizedUser)];
                 }
 
-                _username = claimsIdentity.FindFirst(DashboardOptions.CurrentValue.OpenIdConnect.GetUsernameClaimTypes());
+                _username = claimsIdentity.FindFirst(DashboardOptions.CurrentValue.Frontend.OpenIdConnect.GetUsernameClaimTypes());
                 _initials = _name.GetInitials();
             }
             else

src/Aspire.Dashboard/Configuration/DashboardOptions.cs

@@ -16,7 +16,6 @@ public sealed class DashboardOptions
     public FrontendOptions Frontend { get; set; } = new FrontendOptions();
     public ResourceServiceClientOptions ResourceServiceClient { get; set; } = new ResourceServiceClientOptions();
     public TelemetryLimitOptions TelemetryLimits { get; set; } = new TelemetryLimitOptions();
-    public OpenIdConnectOptions OpenIdConnect { get; set; } = new OpenIdConnectOptions();
 }
 
 // Don't set values after validating/parsing options.
@@ -115,6 +114,7 @@ public sealed class FrontendOptions
     public string? EndpointUrls { get; set; }
     public FrontendAuthMode? AuthMode { get; set; }
     public string? BrowserToken { get; set; }
+    public OpenIdConnectOptions OpenIdConnect { get; set; } = new OpenIdConnectOptions();
 
     public byte[]? GetBrowserTokenBytes() => _browserTokenBytes;
 

src/Aspire.Dashboard/Configuration/ValidateDashboardOptions.cs

@@ -100,7 +100,7 @@ public ValidateOptionsResult Validate(string? name, DashboardOptions options)
             }
         }
 
-        if (!options.OpenIdConnect.TryParseOptions(out var messages))
+        if (!options.Frontend.OpenIdConnect.TryParseOptions(out var messages))
         {
             errorMessages.AddRange(messages);
         }

src/Aspire.Dashboard/README.md

@@ -57,8 +57,8 @@ Set `Dashboard:Frontend:AuthMode` to `OpenIdConnect`, then add the following con
 - `Authentication:Schemes:OpenIdConnect:ClientId` Identity of the relying party (RP)
 - `Authentication:Schemes:OpenIdConnect:ClientSecret` A secret that only the real RP would know
 - Other properties of [`OpenIdConnectOptions`](https://learn.microsoft.com/dotnet/api/microsoft.aspnetcore.builder.openidconnectoptions) specified in configuration container `Authentication:Schemes:OpenIdConnect:*`
-- `Dashboard:OpenIdConnect:NameClaimType` specifies the claim type(s) that should be used to display the authenticated user's full name. Can be a single claim type or a comma-delimited list of claim types. Defaults to `name`.
-- `Dashboard:OpenIdConnect:UsernameClaimType` specifies the claim type(s) that should be used to display the authenticated user's username. Can be a single claim type or a comma-delimited list of claim types. Defaults to `preferred_username`.
+- `Dashboard:Frontend:OpenIdConnect:NameClaimType` specifies the claim type(s) that should be used to display the authenticated user's full name. Can be a single claim type or a comma-delimited list of claim types. Defaults to `name`.
+- `Dashboard:Frontend:OpenIdConnect:UsernameClaimType` specifies the claim type(s) that should be used to display the authenticated user's username. Can be a single claim type or a comma-delimited list of claim types. Defaults to `preferred_username`.
 
 ### OTLP authentication