private static void ConfigureJwtBearer(IServiceCollection services, JwtBearerOptions config,
IdentityConfig identityConfig)
{
config.RequireHttpsMetadata = false;
config.SaveToken = false;
config.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateIssuerSigningKey = true,
ValidateLifetime = true,
ValidateActor = true,
ValidateAudience = true,
ValidIssuer = identityConfig.Issuer,
ValidAudiences = identityConfig.Audiences.ToArray(),
ClockSkew = TimeSpan.Zero,
IssuerSigningKeyResolver = (token, securityToken, kid, parameters) =>
{
// todo: I know this .Result is a very bad idea (converting from async to sync)
// however there's no other way to do this, signing key resolver doesn't have a
// async version of this method, they are looking into it though
// https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/issues/468
var key = services.BuildServiceProvider().GetRequiredService <IKeyResolver>()
.ResolveKey(kid).Result;
var pemReader = new PemReader(new MemoryStream(Encoding.UTF8.GetBytes(key)));
var publicKeyParameters = pemReader.ReadRsaKey();
return(new[] { new RsaSecurityKey(publicKeyParameters) });
}
};
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
var sqlConnection = Configuration.GetConnectionString("DefaultConnection");
services.AddDbContext <ApplicationDbContext>(options => options.UseSqlServer(sqlConnection));
services.AddIdentity <ApplicationUser, IdentityRole>(opts => {
opts.Password.RequireDigit = false;
opts.Password.RequiredLength = 4;
opts.Password.RequireNonAlphanumeric = false;
opts.Password.RequireUppercase = false;
opts.Password.RequireLowercase = false;
})
.AddEntityFrameworkStores <ApplicationDbContext>()
.AddDefaultTokenProviders();
services.AddIdentityServer()
.AddDeveloperSigningCredential()
.AddInMemoryIdentityResources(IdentityConfig.GetIdentityResources())
.AddInMemoryApiResources(IdentityConfig.GetApiResources())
.AddInMemoryClients(IdentityConfig.GetClients(
Configuration
))
.AddAspNetIdentity <ApplicationUser>()
.AddProfileService <ProfileService>();
services.AddMvc();
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.Configure <CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
IFreeSql freeSql = new FreeSql.FreeSqlBuilder()
.UseConnectionString(FreeSql.DataType.SqlServer, Configuration.GetConnectionString("meta"))
.Build();
services.AddSingleton(freeSql);
services.AddSingleton <IAdminService, AdminService>();
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
services.AddIdentityServer()
.AddDeveloperSigningCredential()
.AddInMemoryApiResources(IdentityConfig.GetApiResources())
.AddInMemoryIdentityResources(IdentityConfig.GetIdentityResources())
.AddInMemoryClients(IdentityConfig.GetClients());
//services.AddCors(options =>
//{
// // this defines a CORS policy called "default"
// options.AddPolicy("default", policy =>
// {
// policy.WithOrigins("*")
// .AllowAnyHeader()
// .AllowAnyMethod();
// });
//});
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
// configure identity server with in-memory stores, keys, clients and scopes
services.AddIdentityServer()
.AddTemporarySigningCredential()
.AddInMemoryIdentityResources(IdentityConfig.GetIdentityResources())
.AddInMemoryApiResources(IdentityConfig.GetApiResources())
.AddInMemoryClients(IdentityConfig.GetClients())
.AddTestUsers(IdentityConfig.GetUsers());
services.AddAuthorization(auth =>
{
auth.AddSecurity();
});
services.AddSingleton <IUserDataService, UserDataService>();
services.AddSingleton <IUserRepository, UserRepository>();
services.AddSingleton <IUserRoleRepository, UserRoleRepository>();
Action <AccountService.AccountServiceOptions> options = (opt =>
{
opt.AppDBConnection = Configuration["ConnectionStrings:DefaultConnection"];
});
services.Configure(options);
services.AddSingleton(resolver => resolver.GetRequiredService <IOptions <AccountService.AccountServiceOptions> >().Value);
services.AddMvc();
}
private void AddAuth(IServiceCollection services)
{
services.AddIdentityServer(options =>
{
options.UserInteraction.LoginUrl = "/Identity/Account/Login";
options.UserInteraction.LogoutUrl = "/Identity/Account/Logout";
})
.AddInMemoryIdentityResources(IdentityConfig.GetIdentityResources())
.AddInMemoryApiResources(IdentityConfig.GetApiResources())
.AddInMemoryApiScopes(IdentityConfig.GetApiScopes())
.AddInMemoryClients(IdentityConfig.GetClients(Configuration))
.AddInMemoryPersistedGrants()
.AddAspNetIdentity <User>()
.AddDeveloperSigningCredential();
services
.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
.AddJwtBearer(IdentityServerAuthenticationDefaults.AuthenticationScheme, options =>
{
options.Authority = Configuration.GetSection("IdentityServer").GetValue <string>("AuthorityUrl");
options.RequireHttpsMetadata = true;
options.Audience = "pzph.api";
options.SaveToken = true;
});
services.AddAuthorization(settings =>
{
settings.AddPolicy(
"user",
policy => policy.RequireAuthenticatedUser().RequireClaim("scope", "pzph.api"));
});
}
private void CreateAndLoginUser()
{
if (!IsValid)
{
return;
}
try
{
var user = new User(userName.Text);
var manager = new IdentityAuthenticationManagerSync();
if (manager.CreateAndSignInExternalUser(new HttpContextWrapper(Context), ProviderName, user))
{
IdentityConfig.RedirectToReturnUrl(Request.QueryString["ReturnUrl"], Response);
}
else
{
ModelState.AddModelError(String.Empty, "There was an error processing this request.");
return;
}
}
catch (IdentityException e)
{
ModelState.AddModelError("", e.Message);
}
}
public void InstallServices(IServiceCollection services, IConfiguration Configuration)
{
var identityBuilder = IdentityConfig.Builder(services);
identityBuilder = new IdentityBuilder(identityBuilder.UserType, typeof(IdentityRole <Guid>), identityBuilder.Services);
identityBuilder.AddEntityFrameworkStores <VecihiDbContext>().AddDefaultTokenProviders();
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
//CORS
services.ConfigureCors();
//EF
services.AddDbContext <ApplicationDbContext>(options =>
options.UseMySql(Configuration.GetConnectionString(DbConnection)));
//Adding ASP Identity
services.AddIdentity <ApplicationUser, IdentityRole>()
.AddEntityFrameworkStores <ApplicationDbContext>()
.AddDefaultTokenProviders();
//Identity Server
services.AddIdentityServer()
.AddDeveloperSigningCredential()
.AddInMemoryPersistedGrants()
.AddInMemoryIdentityResources(IdentityConfig.GetIdentityResources())
.AddInMemoryApiResources(IdentityConfig.GetApiResources())
.AddInMemoryClients(IdentityConfig.GetClients())
.AddAspNetIdentity <ApplicationUser>();
//identity server profile service
services.AddTransient <IProfileService, IdentityClaimsProfileService>();
//authentication JWT
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
// base-address of your identityserver
options.Authority = Configuration.GetValue <string>(AuthUrl);
// name of the API resource
options.Audience = Configuration.GetValue <string>(Key);
options.RequireHttpsMetadata = false;
});
//auto mapper
var mappingConfig = new MapperConfiguration(mc =>
{
mc.AddProfile(new AutoMapperProfile());
});
IMapper mapper = mappingConfig.CreateMapper();
services.AddSingleton(mapper);
//MVC
services.AddMvc()
.SetCompatibilityVersion(CompatibilityVersion.Version_2_2)
.AddJsonOptions(options =>
{
options.SerializerSettings.ContractResolver
= new Newtonsoft.Json.Serialization.DefaultContractResolver();
});;
}
private static void ConfigureIdentityOptions(IdentityOptions options, IdentityConfig config)
{
options.Password = config.PasswordRequirements;
options.Lockout = config.LockoutOptions.ToIdentityLockoutOptions();
options.User = config.UserOptions;
options.SignIn = config.SignInOptions;
}
private async Task CreateAndLoginUserAsync()
{
ClaimsIdentity id = await Context.GetExternalIdentity();
if (id == null)
{
ModelState.AddModelError(String.Empty, "There was an error processing this request.");
return;
}
try
{
var user = new User(userName.Text);
if (IdentityConfig.Users.Create(user))
{
IdentityConfig.Logins.Add(new UserLogin(user.Id, ProviderName, ProviderAccountKey));
Context.SignIn(user.Id, id.Claims, isPersistent: false);
IdentityConfig.RedirectToReturnUrl(Request.QueryString["ReturnUrl"], Response);
}
}
catch (DbEntityValidationException e)
{
ModelState.AddModelError("", e.EntityValidationErrors.First().ValidationErrors.First().ErrorMessage);
}
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddCors();
services.AddMvc()
.SetCompatibilityVersion(CompatibilityVersion.Version_3_0);
// Register the Swagger generator, defining 1 or more Swagger documents
SwaggerConfig.Register(services);
//For Getting current Context
HttpServiceCollectionExtensions.AddHttpContextAccessor(services);
//Register Identity
IdentityConfig.RegisterAppDatabase(services, Configuration);
IdentityConfig.Register(services, Configuration);
//Dependancy registraion
RegisterDependancyConfig.Register(services);
services.AddControllers();
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc();
services.AddAutoMapper(typeof(Startup));
Config config = GetConfig();
IdentityConfig identityConfig = config.Identity;
ConfigureLogging(config);
ConfigureAuthenticationOptions(services, identityConfig);
services.AddSingleton(typeof(Config), config);
services.AddSingleton(typeof(BaseEmailConfig), config.Email);
services.AddSingleton(typeof(IdentityConfig), config.Identity);
services.AddDbContextPool <ApplicationDbContext>(options =>
options
.UseSqlServer(config.ConnectionStrings.WebApiSampleDatabase)
.ConfigureWarnings(warnings => warnings.Throw(RelationalEventId.QueryClientEvaluationWarning)));
services.AddCors(o => o.AddPolicy("AllowAnyOrigin", builder =>
{
builder.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader();
}));
services.AddAuthorization(AddAuthorizationOptions);
ConfigureOwnDependencies(services);
}
private static void EnsureSeedData(ConfigurationDbContext context, UserManager <ApplicationUser> userManager)
{
if (!context.Clients.Any())
{
foreach (var client in IdentityConfig.GetClients().ToList())
{
context.Clients.Add(client.ToEntity());
}
context.SaveChanges();
//
foreach (var user in IdentityConfig.GetUsers())
{
userManager.CreateAsync(new ApplicationUser {
UserName = user.Username
}, user.Password);
}
}
if (!context.Scopes.Any())
{
foreach (var client in IdentityConfig.GetScopes().ToList())
{
context.Scopes.Add(client.ToEntity());
}
context.SaveChanges();
}
}
public TokenService(
IdentityConfig config,
IRepository <UserToken> tokenRepository)
{
_config = config;
_tokenRepository = tokenRepository;
}
private void InitializeDatabase(IApplicationBuilder app, IdentityConfig identityConfig, bool recreateDatabases = false)
{
using (var serviceScope = app.ApplicationServices.GetService <IServiceScopeFactory>().CreateScope())
{
var persistantGrantDb = serviceScope.ServiceProvider.GetRequiredService <PersistedGrantDbContext>().Database;
if (recreateDatabases)
{
persistantGrantDb.EnsureDeleted();
persistantGrantDb.Migrate();
}
var context = serviceScope.ServiceProvider.GetRequiredService <ConfigurationDbContext>();
if (recreateDatabases)
{
context.Database.EnsureDeleted();
context.Database.Migrate();
}
if (!context.ApiResources.Any())
{
context.ApiResources.AddRange(identityConfig.GetApiResources().Select(x => x.ToEntity()));
context.SaveChanges();
}
if (!context.Clients.Any())
{
context.Clients.AddRange(identityConfig.GetClients().Select(x => x.ToEntity()));
context.SaveChanges();
}
if (!context.IdentityResources.Any())
{
context.IdentityResources.AddRange(identityConfig.GetIdentityResources().Select(x => x.ToEntity()));
context.SaveChanges();
}
}
}
public void ConfigureServices(IServiceCollection services)
{
privateConfig.MapToPocoInService(services);
services.AddLogging();
services.AddTransient <IConfiguration>(provider => Configuration);
services.AddDbContext <ApplicationContext>(options => options.UseNpgsql(Configuration.GetConnectionString("PostgreSQL")));
services.AddDefaultIdentity <ApplicationUser>()
.AddRoles <IdentityRole>()
.AddEntityFrameworkStores <ApplicationContext>();
services.Configure <CertificatConfigModel>(Configuration.GetSection("Certificat"));
var certificatConfigModel = services.GetOption <CertificatConfigModel>();
var apiOptions = services.GetOption <ApiSettingModel>();
var clientOptions = services.GetOption <ClientSettingModel>();
var identityOptions = services.GetOption <IdetitySettingModel>();
var identities = IdentityConfig.GetIdentities(identityOptions.Identities);
var builder = services.AddIdentityServer()
.AddInMemoryIdentityResources(identities)
.AddInMemoryApiResources(ApiConfig.GetApis(apiOptions.Apies))
.AddInMemoryClients(ClientsConfig.GetClients(clientOptions))
.AddAspNetIdentity <ApplicationUser>()
.AddCertificat(Environment.IsDevelopment(), certificatConfigModel);
//.AddProfileService<CustomProfileService>();
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
}
private static async Task MainAsync()
{
Mapper.Initialize(cfg =>
{
cfg.AddProfile <IdentityServerProfile>();
});
IIdentityConfig config = new IdentityConfig(IdentityUri, GrandType, ClientId, ClientSecret, ApiName);
IIdentityDiscoveryService discoveryService = new IdentityDiscoveryService(config);
IIdentityTokenService tokenService = new IdentityTokenService(discoveryService, config);
IIdentityIntrospectionService introspectionService = new IdentityIntrospectionService(discoveryService, config);
IIdentityUserInfoService userInfoService = new IdentityUserInfoService(discoveryService);
var phone = "79159771817";
await tokenService.GetCode(phone);
Console.WriteLine("Code was sended, enter please");
var code = Console.ReadLine();
var token = await tokenService.GetToken(phone, code);
var refreshedToken = await tokenService.RefreshToken(token.RefreshToken);
var introspectionResponse = await introspectionService.IntrospectToken(refreshedToken.AccessToken);
var userInfo = await userInfoService.GetUserInfo(refreshedToken.AccessToken);
var t = "";
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddDbContext <IdentityServerDbContext>
(options => options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));
services.AddIdentity <ApplicationUser, IdentityRole>(opt =>
{
opt.Password.RequireDigit = false;
opt.Password.RequiredLength = 4;
opt.Password.RequireNonAlphanumeric = false;
opt.Password.RequireUppercase = false;
opt.Password.RequireLowercase = false;
})
.AddEntityFrameworkStores <IdentityServerDbContext>()
.AddDefaultTokenProviders();
services.AddIdentityServer()
.AddDeveloperSigningCredential()
.AddInMemoryIdentityResources(IdentityConfig.GetIdentityResources())
.AddInMemoryApiResources(IdentityConfig.GetApiResources())
.AddInMemoryClients(IdentityConfig.GetClients(Configuration))
.AddAspNetIdentity <ApplicationUser>();
//services.Configure<CookiePolicyOptions>(options =>
//{
// // This lambda determines whether user consent for non-essential cookies is needed for a given request.
// options.CheckConsentNeeded = context => true;
// options.MinimumSameSitePolicy = SameSiteMode.None;
//});
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
}
public UserAccessApiClient(HttpClient httpClient, IOptions <UrlsConfig> urlConfig,
IOptions <IdentityConfig> identityConfig, IExecutionContextAccessor executionContextAccessor)
{
_httpClient = httpClient;
_urls = urlConfig.Value;
_identity = identityConfig.Value;
_httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", executionContextAccessor.GetTokenAsync().Result);
}
public void Configuration(IAppBuilder app)
{
// TODO: NInject
var identityConfig = new IdentityConfig();
identityConfig.ConfigureAuth(app);
app.MapSignalR();
}
public void Application_Start(object sender, EventArgs e)
{
// Code that runs on application startup
AreaRegistration.RegisterAllAreas();
IdentityConfig.ConfigureIdentity();
GlobalConfiguration.Configure(WebApiConfig.Register);
RouteConfig.RegisterRoutes(RouteTable.Routes);
BundleConfig.RegisterBundles(BundleTable.Bundles);
}
public UserService(
IdentityConfig config,
IRepository <LoginHistoryItem> loginHistoryItemRepository,
IRepository <User> userRepository)
{
_config = config;
_loginHistoryItemRepository = loginHistoryItemRepository;
_userRepository = userRepository;
}
public IdentityLogic(ILogger <IdentityLogic> logger, IOptions <IdentityConfig> options)
{
Logger = logger;
_identityConfig = options.Value;
_httpClient = new HttpClient
{
DefaultRequestHeaders = { { "Appson-Identity-App-Id", "494AE7D7-BEB2-4490-A493-6ED9CFFE4AB3" } }
};
}
protected void Application_Start()
{
AreaRegistration.RegisterAllAreas();
IdentityConfig.ConfigureIdentity();
FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);
RouteConfig.RegisterRoutes(RouteTable.Routes);
BundleConfig.RegisterBundles(BundleTable.Bundles);
}
public AccountController(SignInManager <User> signInManager, UserManager <User> userManager,
IOptions <IdentityConfig> options, SmtpService smtpService, SmsService smsService)
{
this.signInManager = signInManager;
this.userManager = userManager;
this.smtpService = smtpService;
this.smsService = smsService;
identityConfig = options.Value;
}
/// <summary>
/// 添加IdentityServer认证
/// </summary>
/// <param name="services"></param>
/// <param name="configuration"></param>
/// <param name="environmentName">环境名称</param>
public static IServiceCollection AddIdentityServer <T>(this IServiceCollection services, IConfigurationSection section) where T : class, IResourceOwnerPasswordValidator
{
var apiResources = new List <ApiResource>();
var clients = new List <Client>();
if (section.Exists())
{
var idsOptions = section.Get <IdsOptions>();
if (idsOptions != null)
{
foreach (var item in idsOptions.IdsApiResources)
{
apiResources.Add(new ApiResource(item.Name, item.DisplayName));
}
foreach (var item in idsOptions.IdsClients)
{
var allowedScopes = new List <string>()
{
IdentityServerConstants.StandardScopes.OfflineAccess
};
foreach (var i in item.AllowedScopes)
{
allowedScopes.Add(i);
}
clients.Add(
new Client
{
ClientId = item.ClientId,
AllowAccessTokensViaBrowser = true,
ClientSecrets = new[] { new Secret("secret".Sha256()) },
AllowedGrantTypes = GetAllowedGrantTypes(item.GrantTypes),
AllowedScopes = allowedScopes,
AllowOfflineAccess = true,
AccessTokenLifetime = item.AccessTokenLifetime,
RefreshTokenExpiration = TokenExpiration.Sliding,
RefreshTokenUsage = TokenUsage.ReUse,
UpdateAccessTokenClaimsOnRefresh = false
});
}
}
}
services.AddIdentityServer()
.AddDeveloperSigningCredential()
.AddInMemoryIdentityResources(IdentityConfig.GetIdentityResourceResources())
.AddInMemoryApiResources(apiResources)
.AddInMemoryClients(clients)
.AddResourceOwnerValidator <T>()
.AddProfileService <ProfileService>();
services.TryAddSingleton <ILoginInfo, LoginInfo>();
return(services);
}
public void Configuration(IAppBuilder app)
{
IdentityConfig.SetupIdentity(app);
AutofacConfig.ConfigureContainer();
AreaRegistration.RegisterAllAreas();
FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);
RouteConfig.RegisterRoutes(RouteTable.Routes, app);
BundleConfig.RegisterBundles(BundleTable.Bundles);
ValidationConfiguration();
}
public void Configuration(IAppBuilder app)
{
var httpConfiguration = new HttpConfiguration();
WebApiConfig.Register(httpConfiguration);
RouteConfig.Register(httpConfiguration.Routes);
IdentityConfig.Register(app);
app.UseWebApi(httpConfiguration);
}
protected void Application_Start()
{
AreaRegistration.RegisterAllAreas();
IdentityConfig.ConfigureIdentity();
WebApiConfig.Register(GlobalConfiguration.Configuration);
FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);
RouteConfig.RegisterRoutes(RouteTable.Routes);
BundleConfig.RegisterBundles(BundleTable.Bundles);
FluentValidationModelValidatorProvider.Configure();
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddIdentityServer()
.AddDeveloperSigningCredential()
.AddInMemoryIdentityResources(IdentityConfig.GetIdentityResources())
.AddInMemoryApiResources(IdentityConfig.GetApiResources())
.AddInMemoryClients(IdentityConfig.GetClient())
.AddTestUsers(IdentityConfig.GetUsers());
services.AddMvc();
}
