Beispiel #1
0
        /// <summary>
        /// Adds the IdentityServer API endpoints to MVC.
        /// </summary>
        /// <param name="mvcBuilder">An interface for configuring MVC services.</param>
        /// <param name="configureAction">Configuration options for IdentityServer API feature.</param>
        public static IMvcBuilder AddIdentityServerApiEndpoints(this IMvcBuilder mvcBuilder, Action <IdentityServerApiEndpointsOptions> configureAction = null)
        {
            mvcBuilder.ConfigureApplicationPartManager(x => x.FeatureProviders.Add(new IdentityServerApiFeatureProvider()));
            var services            = mvcBuilder.Services;
            var serviceProvider     = services.BuildServiceProvider();
            var configuration       = serviceProvider.GetRequiredService <IConfiguration>();
            var apiEndpointsOptions = new IdentityServerApiEndpointsOptions {
                Services = services
            };

            // Initialize default options.
            configureAction?.Invoke(apiEndpointsOptions);
            apiEndpointsOptions.Services = null;
            services.AddDistributedMemoryCache();
            // Configure options for CacheResourceFilter.
            services.Configure <CacheResourceFilterOptions>(options => options.DisableCache = apiEndpointsOptions.DisableCache);
            // Invoke action provided by developer to override default options.
            services.AddSingleton(apiEndpointsOptions);
            services.AddIndiceServices(configuration);
            services.AddTransient <IEventService, EventService>();
            // Register validation filters.
            services.AddScoped <CreateClaimTypeRequestValidationFilter>();
            services.AddScoped <CreateRoleRequestValidationFilter>();
            // Add authorization policies that are used by the IdentityServer API.
            services.AddAuthorization(authOptions => {
                authOptions.AddPolicy(IdentityServerApi.Scope, policy => {
                    policy.AddAuthenticationSchemes(IdentityServerApi.AuthenticationScheme)
                    .RequireAuthenticatedUser();
                });
                authOptions.AddPolicy(IdentityServerApi.SubScopes.Users, policy => {
                    policy.AddAuthenticationSchemes(IdentityServerApi.AuthenticationScheme)
                    .RequireAuthenticatedUser()
                    .RequireAssertion(x => x.User.HasClaim(JwtClaimTypes.Scope, IdentityServerApi.SubScopes.Users) && (x.User.IsAdmin() || x.User.IsSystemClient()));
                });
                authOptions.AddPolicy(IdentityServerApi.SubScopes.Clients, policy => {
                    policy.AddAuthenticationSchemes(IdentityServerApi.AuthenticationScheme)
                    .RequireAuthenticatedUser()
                    .RequireAssertion(x => x.User.HasClaim(JwtClaimTypes.Scope, IdentityServerApi.SubScopes.Clients) && (x.User.IsAdmin() || x.User.IsSystemClient()));
                });
                authOptions.AddPolicy(IdentityServerApi.Admin, policy => {
                    policy.AddAuthenticationSchemes(IdentityServerApi.AuthenticationScheme)
                    .RequireAuthenticatedUser()
                    .RequireAssertion(x => x.User.HasClaim(JwtClaimTypes.Scope, IdentityServerApi.Scope) && (x.User.IsAdmin() || x.User.IsSystemClient()));
                });
            });
            // Configure antiforgery token options.
            services.Configure <AntiforgeryOptions>(options => {
                options.HeaderName = CustomHeaderNames.AntiforgeryHeaderName;
            });
            // Try register the extended version of UserManager<User>.
            services.TryAddScoped <ExtendedUserManager <User> >();
            services.TryAddScoped <IdentityMessageDescriber>();
            // Register the authentication handler, using a custom scheme name, for local APIs.
            services.AddAuthentication()
            .AddLocalApi(IdentityServerApi.AuthenticationScheme, options => {
                options.ExpectedScope = IdentityServerApi.Scope;
            });
            return(mvcBuilder);
        }
Beispiel #2
0
 /// <summary>
 /// Creates an instance of <see cref="ClientsController"/>.
 /// </summary>
 /// <param name="configurationDbContext">Abstraction for the configuration context.</param>
 /// <param name="generalSettings">Applications general settings.</param>
 /// <param name="eventService">Models the event mechanism used to raise events inside the IdentityServer API.</param>
 /// <param name="apiEndpointsOptions">Options for configuring the IdentityServer API feature.</param>
 public ClientsController(
     ExtendedConfigurationDbContext configurationDbContext,
     IOptionsSnapshot <GeneralSettings> generalSettings,
     IEventService eventService,
     IdentityServerApiEndpointsOptions apiEndpointsOptions
     )
 {
     _configurationDbContext = configurationDbContext ?? throw new ArgumentNullException(nameof(configurationDbContext));
     _generalSettings        = generalSettings?.Value ?? throw new ArgumentNullException(nameof(generalSettings));
     _eventService           = eventService ?? throw new ArgumentNullException(nameof(eventService));
     _apiEndpointsOptions    = apiEndpointsOptions ?? throw new ArgumentNullException(nameof(apiEndpointsOptions));
 }
 /// <summary>
 /// Creates an instance of <see cref="UsersController"/>.
 /// </summary>
 /// <param name="userManager">Provides the APIs for managing user in a persistence store.</param>
 /// <param name="roleManager">Provides the APIs for managing roles in a persistence store.</param>
 /// <param name="dbContext">Class for the Entity Framework database context used for identity.</param>
 /// <param name="persistedGrantService">Implements persisted grant logic.</param>
 /// <param name="clientStore">Retrieval of client configuration.</param>
 /// <param name="apiEndpointsOptions">Options for configuring the IdentityServer API feature.</param>
 /// <param name="eventService">Models the event mechanism used to raise events inside the IdentityServer API.</param>
 /// <param name="generalSettings">General settings for an ASP.NET Core application.</param>
 /// <param name="localizer">Represents an <see cref="IStringLocalizer"/> that provides strings for <see cref="UsersController"/>.</param>
 public UsersController(ExtendedUserManager <User> userManager, RoleManager <Role> roleManager, ExtendedIdentityDbContext <User, Role> dbContext, IPersistedGrantService persistedGrantService,
                        IClientStore clientStore, IdentityServerApiEndpointsOptions apiEndpointsOptions, IEventService eventService, IOptions <GeneralSettings> generalSettings, IStringLocalizer <UsersController> localizer)
 {
     _userManager           = userManager ?? throw new ArgumentNullException(nameof(userManager));
     _roleManager           = roleManager ?? throw new ArgumentNullException(nameof(roleManager));
     _dbContext             = dbContext ?? throw new ArgumentNullException(nameof(dbContext));
     _persistedGrantService = persistedGrantService ?? throw new ArgumentNullException(nameof(persistedGrantService));
     _clientStore           = clientStore ?? throw new ArgumentNullException(nameof(clientStore));
     _apiEndpointsOptions   = apiEndpointsOptions ?? throw new ArgumentNullException(nameof(apiEndpointsOptions));
     _eventService          = eventService ?? throw new ArgumentNullException(nameof(eventService));
     _generalSettings       = generalSettings?.Value ?? throw new ArgumentNullException(nameof(generalSettings));
     _localizer             = localizer ?? throw new ArgumentNullException(nameof(localizer));
 }
Beispiel #4
0
 public MyAccountController(ExtendedUserManager <User> userManager, IOptions <GeneralSettings> generalSettings, IOptionsSnapshot <IdentityOptions> identityOptions,
                            IdentityServerApiEndpointsOptions identityServerApiEndpointsOptions, IEventService eventService, ISmsService smsService, IEmailService emailService,
                            MessageDescriber messageDescriber, ExtendedIdentityDbContext <User, Role> dbContext)
 {
     _userManager     = userManager ?? throw new ArgumentNullException(nameof(userManager));
     _generalSettings = generalSettings?.Value ?? throw new ArgumentNullException(nameof(generalSettings));
     _identityOptions = identityOptions?.Value ?? throw new ArgumentNullException(nameof(identityOptions));
     _identityServerApiEndpointsOptions = identityServerApiEndpointsOptions ?? throw new ArgumentNullException(nameof(identityServerApiEndpointsOptions));
     _eventService     = eventService ?? throw new ArgumentNullException(nameof(eventService));
     _messageDescriber = messageDescriber ?? throw new ArgumentNullException(nameof(messageDescriber));
     _dbContext        = dbContext ?? throw new ArgumentNullException(nameof(dbContext));
     _smsService       = smsService;
     _emailService     = emailService;
 }
Beispiel #5
0
        /// <summary>
        /// Registers the <see cref="DbContext"/> to be used by the Identity system.
        /// </summary>
        /// <param name="options">Options for configuring the IdentityServer API feature.</param>
        /// <param name="configureAction">Configuration for <see cref="ExtendedIdentityDbContext{TUser, TRole}"/>.</param>
        public static void AddDbContext(this IdentityServerApiEndpointsOptions options, Action <IdentityDbContextOptions> configureAction)
        {
            var dbContextOptions = new IdentityDbContextOptions();

            configureAction?.Invoke(dbContextOptions);
            options.Services.AddSingleton(dbContextOptions);
            if (dbContextOptions.ResolveDbContextOptions != null)
            {
                options.Services.AddDbContext <ExtendedIdentityDbContext <User, Role> >(dbContextOptions.ResolveDbContextOptions);
            }
            else
            {
                options.Services.AddDbContext <ExtendedIdentityDbContext <User, Role> >(dbContextOptions.ConfigureDbContext);
            }
            options.Services.AddTransient <Func <ExtendedIdentityDbContext <User, Role> > >(provider => provider.GetService <ExtendedIdentityDbContext <User, Role> >);
        }
Beispiel #6
0
 public MyAccountController(
     ExtendedIdentityDbContext <User, Role> dbContext,
     ExtendedUserManager <User> userManager,
     IConfiguration configuration,
     IdentityServerApiEndpointsOptions identityServerApiEndpointsOptions,
     IEmailService emailService,
     IEventService eventService,
     IOptions <GeneralSettings> generalSettings,
     IOptionsSnapshot <IdentityOptions> identityOptions,
     ISmsServiceFactory smsServiceFactory
     )
 {
     _configuration   = configuration ?? throw new ArgumentNullException(nameof(configuration));
     _dbContext       = dbContext ?? throw new ArgumentNullException(nameof(dbContext));
     _emailService    = emailService;
     _eventService    = eventService ?? throw new ArgumentNullException(nameof(eventService));
     _generalSettings = generalSettings?.Value ?? throw new ArgumentNullException(nameof(generalSettings));
     _identityOptions = identityOptions?.Value ?? throw new ArgumentNullException(nameof(identityOptions));
     _identityServerApiEndpointsOptions = identityServerApiEndpointsOptions ?? throw new ArgumentNullException(nameof(identityServerApiEndpointsOptions));
     _smsServiceFactory = smsServiceFactory ?? throw new ArgumentNullException(nameof(smsServiceFactory));
     _userManager       = userManager ?? throw new ArgumentNullException(nameof(userManager));
 }
 /// <summary>
 /// Creates a new instance of <see cref="ExtendedIdentityDbContext{TUser, TRole}"/>.
 /// </summary>
 /// <param name="dbContextOptions">The options to be used by a <see cref="DbContext"/>.</param>
 /// <param name="options">Options for configuring the IdentityServer API feature.</param>
 /// <param name="webHostEnvironment">Provides information about the web hosting environment an application is running in.</param>
 public ExtendedIdentityDbContext(DbContextOptions <ExtendedIdentityDbContext <TUser, TRole> > dbContextOptions, IdentityServerApiEndpointsOptions options,
                                  IWebHostEnvironment webHostEnvironment) : base(dbContextOptions)
 {
     if (Database.EnsureCreated() && webHostEnvironment.IsDevelopment())
     {
         if (options.UseInitialData)
         {
             this.Seed();
         }
         this.Seed(options.InitialUsers);
     }
 }
Beispiel #8
0
 /// <summary>
 /// Registers an implementation of <see cref="IIdentityServerApiEventHandler{TEvent}"/> for the specified event type.
 /// </summary>
 /// <typeparam name="TEvent">The type of the event to handler.</typeparam>
 /// <typeparam name="TEventHandler">The handler to user for the specified event.</typeparam>
 /// <param name="options">Options for configuring the IdentityServer API feature.</param>
 public static IdentityServerApiEndpointsOptions AddEventHandler <TEvent, TEventHandler>(this IdentityServerApiEndpointsOptions options)
     where TEvent : IIdentityServerApiEvent
     where TEventHandler : class, IIdentityServerApiEventHandler <TEvent>
 {
     options.Services.AddTransient(typeof(IIdentityServerApiEventHandler <TEvent>), typeof(TEventHandler));
     return(options);
 }