public static IIdentityServerBuilder AddIdentityServer(this IServiceCollection services, Action<IdentityServerOptions> setupAction = null)
{
services.AddAuthentication();
var options = new IdentityServerOptions();
if (setupAction != null)
{
setupAction(options);
}
services.AddInstance(options);
services.AddTransient<IdentityServerContext>();
services.AddEndpoints(options.Endpoints);
services.AddCoreValidators();
services.AddPluggableValidators();
services.AddResponseGenerators();
services.AddSecretParsers();
services.AddSecretValidators();
services.AddInMemoryTransientStores();
services.AddCoreServices();
services.AddHostServices();
return new IdentityServerBuilder(services);
}
/// <summary>
/// Adds authentication services to the specified <see cref="IServiceCollection" />.
/// </summary>
/// <param name="services">The <see cref="IServiceCollection" /> to add services to.</param>
/// <param name="configureOptions">An action delegate to configure the provided <see cref="SharedAuthenticationOptions"/>.</param>
/// <returns>A reference to this instance after the operation has completed.</returns>
public static IServiceCollection AddAuthentication(this IServiceCollection services, Action<SharedAuthenticationOptions> configureOptions)
{
if (services == null)
{
throw new ArgumentNullException(nameof(services));
}
if (configureOptions == null)
{
throw new ArgumentNullException(nameof(configureOptions));
}
services.Configure(configureOptions);
return services.AddAuthentication();
}
public static IdentityBuilder AddJwtBearerIdentity(
this IServiceCollection services,
Action<IdentityOptions> setupAction,
Action<JwtBearerIdentityOptions> jwtBearerSetupAction)
{
// Services used by identity
services.AddOptions();
services.AddAuthentication();
// Hosting doesn't add IHttpContextAccessor by default
services.TryAddSingleton<IHttpContextAccessor, HttpContextAccessor>();
// Identity services
services.TryAddSingleton<IdentityMarkerService>();
services.TryAddScoped<IUserValidator<User>, UserValidator<User>>();
services.TryAddScoped<IPasswordValidator<User>, PasswordValidator<User>>();
services.TryAddScoped<IPasswordHasher<User>, PasswordHasher<User>>();
services.TryAddScoped<ILookupNormalizer, UpperInvariantLookupNormalizer>();
services.TryAddScoped<IRoleValidator<Role>, RoleValidator<Role>>();
// No interface for the error describer so we can add errors without rev'ing the interface
services.TryAddScoped<IdentityErrorDescriber>();
services.TryAddScoped<ISecurityStampValidator, SecurityStampValidator<User>>();
services.TryAddScoped<IUserClaimsPrincipalFactory<User>, UserClaimsPrincipalFactory<User, Role>>();
services.TryAddScoped<UserManager<User>, UserManager<User>>();
services.TryAddScoped<JwtBearerSignInManager, JwtBearerSignInManager>();
services.TryAddScoped<RoleManager<Role>, RoleManager<Role>>();
if(setupAction != null)
{
services.Configure(setupAction);
}
if(jwtBearerSetupAction != null)
{
services.Configure(jwtBearerSetupAction);
}
return new IdentityBuilder(typeof(User), typeof(Role), services);
}
public static IIdentityServerBuilder AddIdentityServer(this IServiceCollection services, IdentityServerOptions options)
{
services.AddSingleton(options);
services.AddAuthentication();
services.AddTransient<IdentityServerContext>();
services.AddEndpoints(options.Endpoints);
services.AddCoreValidators();
services.AddPluggableValidators();
services.AddResponseGenerators();
services.AddSecretParsers();
services.AddSecretValidators();
services.AddInMemoryTransientStores();
services.AddCoreServices();
services.AddHostServices();
return new IdentityServerBuilder(services);
}
public static IdentityBuilder AddCloudscribeIdentity(
this IServiceCollection services,
Action<IdentityOptions> setupAction = null
)
{
services.AddSingleton<IOptions<IdentityOptions>, SiteIdentityOptionsResolver>();
// Services used by identity
services.TryAddScoped<IUserClaimsPrincipalFactory<SiteUser>, SiteUserClaimsPrincipalFactory<SiteUser, SiteRole>>();
services.TryAddScoped<IPasswordHasher<SiteUser>, SitePasswordHasher<SiteUser>>();
services.TryAddScoped<SiteSignInManager<SiteUser>, SiteSignInManager<SiteUser>>();
services.TryAddSingleton<SiteAuthCookieValidator, SiteAuthCookieValidator>();
services.TryAddScoped<SiteCookieAuthenticationEvents, SiteCookieAuthenticationEvents>();
services.AddSingleton<IAntiforgeryTokenStore, SiteAntiforgeryTokenStore>();
services.AddAuthentication(options =>
{
// This is the Default value for ExternalCookieAuthenticationScheme
options.SignInScheme = new IdentityCookieOptions().ExternalCookieAuthenticationScheme;
});
// Hosting doesn't add IHttpContextAccessor by default
services.TryAddSingleton<IHttpContextAccessor, HttpContextAccessor>();
// Identity services
services.TryAddSingleton<IdentityMarkerService>();
services.TryAddScoped<IUserValidator<SiteUser>, UserValidator<SiteUser>>();
services.TryAddScoped<IPasswordValidator<SiteUser>, PasswordValidator<SiteUser>>();
//services.TryAddScoped<IPasswordHasher<SiteUser>, PasswordHasher<SiteUser>>();
services.TryAddScoped<ILookupNormalizer, UpperInvariantLookupNormalizer>();
services.TryAddScoped<IRoleValidator<SiteRole>, RoleValidator<SiteRole>>();
// No interface for the error describer so we can add errors without rev'ing the interface
services.TryAddScoped<IdentityErrorDescriber>();
services.TryAddScoped<ISecurityStampValidator, SecurityStampValidator<SiteUser>>();
//services.TryAddScoped<IUserClaimsPrincipalFactory<SiteUser>, UserClaimsPrincipalFactory<SiteUser, SiteRole>>();
//services.TryAddScoped<UserManager<SiteUser>, UserManager<SiteUser>>();
//services.TryAddScoped<SignInManager<SiteUser>, SignInManager<SiteUser>>();
//services.TryAddScoped<RoleManager<SiteRole>, RoleManager<SiteRole>>();
services.TryAddScoped<ICustomClaimProvider, DoNothingCustomClaimProvider>();
if (setupAction != null)
{
services.Configure(setupAction);
}
var builder = new IdentityBuilder(typeof(SiteUser), typeof(SiteRole), services);
builder.AddUserStore<UserStore<SiteUser>>()
.AddRoleStore<RoleStore<SiteRole>>()
.AddUserManager<SiteUserManager<SiteUser>>()
.AddRoleManager<SiteRoleManager<SiteRole>>()
;
var dataProtectionProviderType = typeof(DataProtectorTokenProvider<SiteUser>);
var phoneNumberProviderType = typeof(PhoneNumberTokenProvider<SiteUser>);
var emailTokenProviderType = typeof(EmailTokenProvider<SiteUser>);
services.Configure<TokenOptions>(options =>
{
options.ProviderMap[TokenOptions.DefaultProvider] = new TokenProviderDescriptor(dataProtectionProviderType);
options.ProviderMap[TokenOptions.DefaultEmailProvider] = new TokenProviderDescriptor(emailTokenProviderType);
options.ProviderMap[TokenOptions.DefaultPhoneProvider] = new TokenProviderDescriptor(phoneNumberProviderType);
});
services.TryAddTransient(dataProtectionProviderType);
services.TryAddTransient(emailTokenProviderType);
services.TryAddTransient(phoneNumberProviderType);
services.TryAddScoped<IIdentityServerIntegration, NotIntegratedIdentityServerIntegration>();
return builder;
//return services;
}
public static IServiceCollection AddExternalCookieAuthentication(this IServiceCollection services) {
return services.AddAuthentication(options => {
options.SignInScheme = new IdentityCookieOptions().ExternalCookieAuthenticationScheme;
});
}
public static void AddFormsAuthentication(this IServiceCollection services)
{
services.AddAuthentication();
services.AddIdentity<ApplicationUser, IdentityRole>(
options =>
{
options.Cookies.ApplicationCookie.AutomaticAuthenticate = true;
options.Cookies.ApplicationCookie.AutomaticChallenge = true;
options.Cookies.ApplicationCookieAuthenticationScheme = "ApplicationCookie";
options.Cookies.ApplicationCookie.AuthenticationScheme = IdentityCookieOptions.ApplicationCookieAuthenticationType = "ApplicationCookie";
options.Cookies.ApplicationCookie.LoginPath = new PathString("/User/Login");
options.Cookies.ApplicationCookie.LogoutPath = new PathString("/User/Logout");
options.Cookies.ApplicationCookie.ExpireTimeSpan = TimeSpan.FromMinutes(5);
options.Cookies.ApplicationCookie.ReturnUrlParameter = CookieAuthenticationDefaults.ReturnUrlParameter;
options.Cookies.ApplicationCookie.SlidingExpiration = true;
options.Cookies.ApplicationCookie.CookieHttpOnly = true;
options.Cookies.ApplicationCookie.CookieSecure = CookieSecureOption.SameAsRequest;
options.Cookies.ApplicationCookie.SystemClock = new SystemClock();
options.Cookies.ApplicationCookie.Events = new CookieAuthenticationEvents();
options.Cookies.ApplicationCookie.CookieName = "TBMMNet";
options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(10);
options.Lockout.MaxFailedAccessAttempts = 10;
options.Lockout.AllowedForNewUsers = false;
})
.AddUserStore<IdentityUserStore<ApplicationUser>>()
.AddRoleStore<IdentityRoleStore<IdentityRole>>()
.AddDefaultTokenProviders();
}
