public static void UseIdentityServer(this IApplicationBuilder app, IApplicationEnvironment env, ILoggerFactory loggerFactory, EnvConfig config, StoreSettings idSvrStoreSettings)
{
var usrSrv = new Registration <IUserService, MembershipRebootUserService>();
var idSvcFactory = new ServiceFactory(usrSrv, idSvrStoreSettings)
{
ViewService = new Registration <IViewService>(typeof(CustomViewService))
};
idSvcFactory.ConfigureCustomUserService(config.DB.MembershipReboot, env, loggerFactory, config);
idSvcFactory.Register(new Registration <IApplicationEnvironment>(env));
idSvcFactory.Register(
new Registration <DefaultUserAccountServiceContainer>(resolver =>
new DefaultUserAccountServiceContainer
{
Service = new UserAccountService <HierarchicalUserAccount>(
MembershipRebootConfigFactory.GetDefaultConfig(env, loggerFactory, config),
resolver.Resolve <IUserAccountRepository <HierarchicalUserAccount> >())
}
)
);
X509Certificate2 secondarySigningCertificate = null;
if (!string.IsNullOrWhiteSpace(config.Cert.JwksSecondaryCertStoreName) && !string.IsNullOrWhiteSpace(config.Cert.JwksSecondaryCertThumbprint))
{
secondarySigningCertificate = Crypto.Certificate.Get(config.DataProtection.CertStoreName, config.DataProtection.CertThumbprint);
}
var options = new IdentityServerOptions
{
SiteName = config.AppName,
PublicOrigin = config.Uri.IssuerUri,
SigningCertificate = Crypto.Certificate.Get(config.Cert.JwksCertStoreName, config.Cert.JwksCertThumbprint),
SecondarySigningCertificate = secondarySigningCertificate,
IssuerUri = config.Uri.IssuerUri,
RequireSsl = true,
LoggingOptions = new LoggingOptions()
{
EnableHttpLogging = true,
EnableKatanaLogging = config.IsDebug,
EnableWebApiDiagnostics = config.IsDebug,
WebApiDiagnosticsIsVerbose = config.IsDebug
},
Endpoints = new EndpointOptions()
{
EnableCspReportEndpoint = true
},
Factory = idSvcFactory,
AuthenticationOptions = new IdentityServer3.Core.Configuration.AuthenticationOptions()
{
EnableLocalLogin = true,
EnableLoginHint = true,
RememberLastUsername = false,
CookieOptions = new CookieOptions()
{
ExpireTimeSpan = new TimeSpan(10, 0, 0),
IsPersistent = false,
SlidingExpiration = false,
AllowRememberMe = true,
RememberMeDuration = new TimeSpan(30, 0, 0, 0)
},
EnableSignOutPrompt = true,
EnablePostSignOutAutoRedirect = true,
SignInMessageThreshold = 5
},
CspOptions = new CspOptions()
{
Enabled = true,
ScriptSrc = config.Csp.ScriptSrc,
StyleSrc = config.Csp.StyleSrc,
FontSrc = config.Csp.FontSrc
},
EnableWelcomePage = false
};
app.UseOwin(addToPipeline =>
{
addToPipeline(next =>
{
var builder = new Microsoft.Owin.Builder.AppBuilder();
var provider = app.ApplicationServices.GetService <Microsoft.AspNet.DataProtection.IDataProtectionProvider>();
builder.Properties["security.DataProtectionProvider"] = new DataProtectionProviderDelegate(purposes =>
{
var dataProtection = provider.CreateProtector(String.Join(",", purposes));
return(new DataProtectionTuple(dataProtection.Protect, dataProtection.Unprotect));
});
builder.UseIdentityServer(options);
var appFunc = builder.Build(typeof(Func <IDictionary <string, object>, Task>)) as Func <IDictionary <string, object>, Task>;
return(appFunc);
});
});
}