// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddMvc() .SetCompatibilityVersion(CompatibilityVersion.Version_2_1) .AddJsonOptions(Options => { Options.SerializerSettings.Formatting = Formatting.Indented; }); services.AddCors(); var connectionString = SentinelConfiguration.GetConnectionString(this.Configuration); services.AddDbContext <AppUserContext>(options => options.UseSqlServer(connectionString)); services.AddDbContext <LogMessageContext>(options => options.UseSqlServer(connectionString)); services.AddDbContext <LeaderboardContext>(options => options.UseSqlServer(connectionString)); var _signingKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(SentinelConfiguration.GetSecretKey(Configuration))); services.AddSingleton <IJwtFactory, JwtFactory>(); // jwt wire up // Get options from app settings var jwtAppSettingOptions = Configuration.GetSection(nameof(JwtIssuerOptions)); // Configure JwtIssuerOptions services.Configure <JwtIssuerOptions>(options => { options.Issuer = jwtAppSettingOptions[nameof(JwtIssuerOptions.Issuer)]; options.Audience = jwtAppSettingOptions[nameof(JwtIssuerOptions.Audience)]; options.SigningCredentials = new SigningCredentials(_signingKey, SecurityAlgorithms.HmacSha256); }); var tokenValidationParameters = new TokenValidationParameters { ValidateIssuer = true, ValidIssuer = jwtAppSettingOptions[nameof(JwtIssuerOptions.Issuer)], ValidateAudience = true, ValidAudience = jwtAppSettingOptions[nameof(JwtIssuerOptions.Audience)], ValidateIssuerSigningKey = true, IssuerSigningKey = _signingKey, RequireExpirationTime = false, ValidateLifetime = true, ClockSkew = TimeSpan.Zero }; services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }).AddJwtBearer(configureOptions => { configureOptions.ClaimsIssuer = jwtAppSettingOptions[nameof(JwtIssuerOptions.Issuer)]; configureOptions.TokenValidationParameters = tokenValidationParameters; configureOptions.SaveToken = true; }); // api user claim policy services.AddAuthorization(options => { options.AddPolicy("ApiUser", policy => policy.RequireClaim(Constants.Strings.JwtClaimIdentifiers.Rol, Constants.Strings.JwtClaims.ApiAccess)); }); // add identity var builder = services.AddIdentityCore <AppUser>(o => { // configure identity options o.Password.RequireDigit = false; o.Password.RequireLowercase = false; o.Password.RequireUppercase = false; o.Password.RequireNonAlphanumeric = false; o.Password.RequiredLength = 6; }); builder = new IdentityBuilder(builder.UserType, typeof(IdentityRole), builder.Services); builder.AddEntityFrameworkStores <AppUserContext>().AddDefaultTokenProviders(); services.AddAutoMapper(); services.AddMvc().AddFluentValidation(fv => fv.RegisterValidatorsFromAssemblyContaining <Startup>()); }