Add User Profile Menu for OpenID Connect login #3443
Conversation
tlmii
requested review from
JamesNK,
drewnoakes,
mitchdenny,
adamint and
kvenkatrajan
| /// </summary> | ||
| /// <param name="text">The string to shorten</param> | ||
| /// <param name="maxLength">The max length of the result</param> | ||
| public static string TrimMiddle(this string text, int maxLength) |
There was a problem hiding this comment.
This hasn't been used for a while, so I deleted it and the unit test cases.
| FooterLink=""> | ||
| <HeaderTemplate> | ||
| <FluentStack VerticalAlignment="VerticalAlignment.Center"> | ||
| <FluentLabel>OpenID Connect</FluentLabel> |
There was a problem hiding this comment.
This is what I referenced in one of the TODOs in the description. We can:
- Leave it as-is
- Set it to something else constant
- Set it to something else constant and localize it
- Figure out some way to get an appropriate value from an IdP
- Remove it altogether
There was a problem hiding this comment.
Another option is just to remove the text. I think it's pretty clear what the popup means in context:
| ::deep.layout > header fluent-button[appearance=stealth]:not(:hover)::part(control), | ||
| ::deep.layout > header fluent-anchor[appearance=stealth]:not(:hover)::part(control), | ||
| ::deep.layout > header fluent-anchor[appearance=stealth].logo::part(control), | ||
| ::deep.layout > header > .header-gutters > fluent-button[appearance=stealth]:not(:hover)::part(control), |
There was a problem hiding this comment.
Made a bunch of these header styles more specific to the elements we were trying to impact so they wouldn't change the style of things within the FluentProfileMenu
| if (string.IsNullOrWhiteSpace(_name)) | ||
| { | ||
| // Make sure there's always a name, even if that name is a placeholder | ||
| _name = Loc[nameof(Login.AuthorizedUser)]; |
There was a problem hiding this comment.
Open to suggestions on what, if anything, we should display in this case. I've seen this type of placeholder before so I went with it for now.
Can we update to "Signed in as:" Or "Profile" for now? @leslierichardson95 thoughts? |
|
Looks wonderful by the way - great job 👍 |
@kvenkatrajan I like "Signed in as:". |
|
|
||
| namespace Aspire.Dashboard.Extensions; | ||
|
|
||
| public static class ClaimsIdentityExtensions |
Updated:
Sign Out being on the same line as "Signed in as:" feels a little off to me now. But it still makes more sense than what was there before I think. |
|
FYI the browser token auth uses |
|
What are we doing around authorization? |
We have #808 tracking this. |
Switched to "Logged in as:" If we can't find a way to pull the name of the IdP from somewhere, maybe we can make it an option. I'd like that better than this (and it'd be consistent with Teams, Azure Portal, etc). But I don't want to hold this PR up for that. |
|
808 seemed related to project templates? |
|
Ah its 808 on the other board: https://github.com/dotnet/aspire-private-planning/issues/808 |
Co-authored-by: Drew Noakes <[email protected]>
Co-authored-by: Drew Noakes <[email protected]>
Co-authored-by: Drew Noakes <[email protected]>
tlmii
force-pushed
the
dev/login-details
branch
from
8452f61
to
222bedd
Compare
Co-authored-by: Drew Noakes <[email protected]>
|
/backport to release/8.0 |
|
Started backporting to release/8.0: https://github.com/dotnet/aspire/actions/runs/8632467352 |
At some point during development of dotnet#3443 the configuration key was changed and these error messages were missed.
At some point during development of #3443 the configuration key was changed and these error messages were missed.
Resolves #3194
Resolves #3197
FluentProfileMenuto the upper-right of the site header when the user is authenticated with OpenID Connect.Dashboard:Frontend:OpenIdConnect:NameClaimTypeandDashboard:Frontend:OpenIdConnect:UsernameClaimTypeto allow for customization of which claims determine the values displayed in the profile menuA couple screenshots:
TODO:
post_logout_redirect_uriis passed butid_token_hintis not, which they consider an error even though the spec doesn't appear to).Note: Testing this PR will require you to use your own Idp since this will only appear with OpenID Connect auth enabled. If you want to test it with TestShop (or other playground apps) you'll also need to disable the automatic setting of the authmode. Easiest way I could find to do that was to comment out this line:
aspire/src/Aspire.Hosting/Dashboard/DashboardLifecycleHook.cs
Line 126 in 29e2b57
But maybe there's a better way.
Microsoft Reviewers: Open in CodeFlow