/// <summary> /// Extension method to configure IdentityServer in the hosting application. /// </summary> /// <param name="app">The application.</param> /// <param name="options">The <see cref="IdentityServer3.Core.Configuration.IdentityServerOptions"/>.</param> /// <returns></returns> /// <exception cref="System.ArgumentNullException"> /// app /// or /// options /// </exception> public static IAppBuilder UseIdentityServer(this IAppBuilder app, IdentityServerOptions options) { if (app == null) throw new ArgumentNullException("app"); if (options == null) throw new ArgumentNullException("options"); options.Validate(); // turn off weird claim mappings for JWTs JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary<string, string>(); JwtSecurityTokenHandler.OutboundClaimTypeMap = new Dictionary<string, string>(); if (options.RequireSsl) { app.Use<RequireSslMiddleware>(); } if (options.LoggingOptions.EnableKatanaLogging) { app.SetLoggerFactory(new LibLogKatanaLoggerFactory()); } app.ConfigureRequestId(); options.ProtocolLogoutUrls.Add(Constants.RoutePaths.Oidc.EndSessionCallback); app.ConfigureDataProtectionProvider(options); app.ConfigureIdentityServerBaseUrl(options.PublicOrigin); app.ConfigureIdentityServerIssuer(options); var container = AutofacConfig.Configure(options); app.UseAutofacMiddleware(container); app.UseCors(); app.ConfigureCookieAuthentication(options.AuthenticationOptions.CookieOptions, options.DataProtector); if (options.AuthenticationOptions.IdentityProviders != null) { options.AuthenticationOptions.IdentityProviders(app, Constants.ExternalAuthenticationType); } app.UseEmbeddedFileServer(); if (options.PluginConfiguration != null) { options.PluginConfiguration(app, options); } app.ConfigureHttpLogging(options.LoggingOptions); SignatureConversions.AddConversions(app); var httpConfig = WebApiConfig.Configure(options, container); app.UseAutofacWebApi(httpConfig); app.UseWebApi(httpConfig); using (var child = container.CreateScopeWithEmptyOwinContext()) { var eventSvc = child.Resolve<IEventService>(); // TODO -- perhaps use AsyncHelper instead? DoStartupDiagnosticsAsync(options, eventSvc).Wait(); } return app; }
/// <summary> /// Extension method to configure IdentityServer in the hosting application. /// </summary> /// <param name="app">The application.</param> /// <param name="options">The <see cref="IdentityServer3.Core.Configuration.IdentityServerOptions"/>.</param> /// <returns></returns> /// <exception cref="System.ArgumentNullException"> /// app /// or /// options /// </exception> public static IAppBuilder UseIdentityServer(this IAppBuilder app, IdentityServerOptions options) { if (app == null) throw new ArgumentNullException("app"); if (options == null) throw new ArgumentNullException("options"); options.Validate(); // turn off weird claim mappings for JWTs JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary<string, string>(); JwtSecurityTokenHandler.OutboundClaimTypeMap = new Dictionary<string, string>(); if (options.RequireSsl) { app.Use<RequireSslMiddleware>(); } if (options.LoggingOptions.EnableKatanaLogging) { app.SetLoggerFactory(new LibLogKatanaLoggerFactory()); } app.UseEmbeddedFileServer(); app.ConfigureRequestId(); app.ConfigureDataProtectionProvider(options); app.ConfigureIdentityServerBaseUrl(options.PublicOrigin); app.ConfigureIdentityServerIssuer(options); // this needs to be earlier than the autofac middleware so anything is disposed and re-initialized // if we send the request back into the pipeline to render the logged out page app.ConfigureRenderLoggedOutPage(); var container = AutofacConfig.Configure(options); app.UseAutofacMiddleware(container); app.UseCors(); app.ConfigureCookieAuthentication(options.AuthenticationOptions.CookieOptions, options.DataProtector); // this needs to be before external middleware app.ConfigureSignOutMessageCookie(); if (options.PluginConfiguration != null) { options.PluginConfiguration(app, options); } if (options.AuthenticationOptions.IdentityProviders != null) { options.AuthenticationOptions.IdentityProviders(app, Constants.ExternalAuthenticationType); } app.ConfigureHttpLogging(options.LoggingOptions); SignatureConversions.AddConversions(app); var httpConfig = WebApiConfig.Configure(options, container); app.UseAutofacWebApi(httpConfig); app.UseWebApi(httpConfig); using (var child = container.CreateScopeWithEmptyOwinContext()) { var eventSvc = child.Resolve<IEventService>(); // TODO -- perhaps use AsyncHelper instead? DoStartupDiagnosticsAsync(options, eventSvc).Wait(); } return app; }
public static IAppBuilder UseCustomIdentityServer(this IAppBuilder app) { // uncomment to enable HSTS headers for the host // see: https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security //app.UseHsts(); app.Map("/core", coreApp => { var factory = new IdentityServerServiceFactory() .UseInMemoryUsers(Users.Get()) .UseInMemoryClients(Clients.Get()) .UseInMemoryScopes(Scopes.Get()); factory.AddCustomGrantValidators(); factory.AddCustomTokenResponseGenerator(); factory.ConfigureClientStoreCache(); factory.ConfigureScopeStoreCache(); factory.ConfigureUserServiceCache(); var idsrvOptions = new IdentityServerOptions { Factory = factory, SigningCertificate = Cert.Load(), Endpoints = new EndpointOptions { // replaced by the introspection endpoint in v2.2 EnableAccessTokenValidationEndpoint = false }, AuthenticationOptions = new AuthenticationOptions { IdentityProviders = ConfigureIdentityProviders //EnablePostSignOutAutoRedirect = true }, NotBeforeLeeway = TimeSpan.FromMinutes(1) //LoggingOptions = new LoggingOptions //{ // EnableKatanaLogging = true //}, //EventsOptions = new EventsOptions //{ // RaiseFailureEvents = true, // RaiseInformationEvents = true, // RaiseSuccessEvents = true, // RaiseErrorEvents = true //} }; //START CUSTOM IdentityServer coreApp.Use<RequireSslMiddleware>(); idsrvOptions.Validate(); // turn off weird claim mappings for JWTs JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary<string, string>(); JwtSecurityTokenHandler.OutboundClaimTypeMap = new Dictionary<string, string>(); if (idsrvOptions.LoggingOptions.EnableKatanaLogging) { coreApp.SetLoggerFactory(new LibLogKatanaLoggerFactory()); } coreApp.UseEmbeddedFileServer(); coreApp.ConfigureRequestId(); coreApp.ConfigureDataProtectionProvider(idsrvOptions); coreApp.ConfigureIdentityServerBaseUrl(idsrvOptions.PublicOrigin); coreApp.ConfigureIdentityServerIssuer(idsrvOptions); // this needs to be earlier than the autofac middleware so anything is disposed and re-initialized // if we send the request back into the pipeline to render the logged out page coreApp.ConfigureRenderLoggedOutPage(); var container = AutofacConfig.Configure(idsrvOptions); coreApp.UseAutofacMiddleware(container); coreApp.UseCors(container.Resolve<ICorsPolicyService>()); coreApp.ConfigureCookieAuthentication(idsrvOptions.AuthenticationOptions.CookieOptions, idsrvOptions.DataProtector); // this needs to be before external middleware coreApp.ConfigureSignOutMessageCookie(); if (idsrvOptions.PluginConfiguration != null) { idsrvOptions.PluginConfiguration(coreApp, idsrvOptions); } if (idsrvOptions.AuthenticationOptions.IdentityProviders != null) { idsrvOptions.AuthenticationOptions.IdentityProviders(coreApp, Constants.ExternalAuthenticationType); } coreApp.ConfigureHttpLogging(idsrvOptions.LoggingOptions); SignatureConversions.AddConversions(coreApp); var httpConfig = WebApiConfig.Configure(idsrvOptions, container); coreApp.UseAutofacWebApi(httpConfig); coreApp.UseWebApi(httpConfig); //using (var child = container.CreateScopeWithEmptyOwinContext()) //{ // var eventSvc = child.Resolve<IEventService>(); // // TODO -- perhaps use AsyncHelper instead? // DoStartupDiagnosticsAsync(options, eventSvc).Wait(); //} }); return app; }