// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.Configure <CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddTransient <TokenAuthorizationProvider>();
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
services.AddAuthentication("Bearer").AddJwtBearer(options =>
{
options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters()
{
IssuerSigningKey = TokenAuthorizationProvider.CreateSecurityKey(),
ValidIssuer = TokenAuthorizationProvider.Issuer,
ValidAudience = TokenAuthorizationProvider.Audience
};
});
services.AddAuthorization(options =>
{
AuthorizationPolicyBuilder builder = new AuthorizationPolicyBuilder("Bearer");
options.AddPolicy("SessionToken", builder.RequireAuthenticatedUser().Build());
});
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddCors(options =>
{
options.AddPolicy("LocalAzure",
builder =>
{
builder.WithOrigins("http://localhost",
"http://<App Service URL>")
.WithMethods("GET");
});
});
services.AddTransient <TokenAuthorizationProvider>();
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Latest).AddRazorRuntimeCompilation();
services.AddSingleton <ICosmosDbService>(InitializeCosmosClientInstanceAsync(Configuration.GetSection("CosmosDb")).GetAwaiter().GetResult());
services.AddAuthentication("Bearer").AddJwtBearer(options =>
{
options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters()
{
IssuerSigningKey = TokenAuthorizationProvider.CreateSecurityKey(),
ValidIssuer = TokenAuthorizationProvider.Issuer,
ValidAudience = TokenAuthorizationProvider.Audience
};
});
services.AddAuthorization(options =>
{
AuthorizationPolicyBuilder builder = new AuthorizationPolicyBuilder("Bearer");
options.AddPolicy("SessionToken", builder.RequireAuthenticatedUser().Build());
});
}
public bool CheckRoleResource(string resId)
{
var token = this.Request.GetQueryString("token");
var userInfo = new TokenAuthorizationProvider().GetAuthorizationInfo(token);
if (userInfo == null)
{
return(false);
}
if (userInfo.RoleId == 1)
{
return(true);
}
return(userInfo.AuthorisedResources.Contains(resId.Trim()));
}
public OrdersController(TokenAuthorizationProvider provider, ICosmosDbService cosmosDbService)
{
this.provider = provider;
_cosmosDbService = cosmosDbService;
}
public HomeController(TokenAuthorizationProvider provider)
{
this.provider = provider;
}
