Ejemplo n.º 1
0
        public void Configuration(IAppBuilder app)
        {
            app.Map(string.Empty, idsrvApp =>
            {
                Log.Logger = new LoggerConfiguration()
                             .MinimumLevel.Debug()
                             .WriteTo.Trace()
                             .CreateLogger();

                var idServerServiceFactory = new IdentityServerServiceFactory()
                                             .UseInMemoryClients(Clients.Get())
                                             .UseInMemoryScopes(IdentityScopes.Get())
                                             .UseInMemoryUsers(Users.Get());

                var corsPolicyService = new DefaultCorsPolicyService()
                {
                    AllowAll = true
                };

                idServerServiceFactory.CorsPolicyService = new
                                                           Registration <IdentityServer3.Core.Services.ICorsPolicyService>(corsPolicyService);

                var options = new IdentityServerOptions
                {
                    Factory               = idServerServiceFactory,
                    SiteName              = "Security Token Service",
                    IssuerUri             = Constants.IssuerUri,
                    PublicOrigin          = Constants.Origin,
                    SigningCertificate    = LoadCertificate(),
                    AuthenticationOptions = new AuthenticationOptions
                    {
                        EnablePostSignOutAutoRedirect = true,
                        PostSignOutAutoRedirectDelay  = 5
                    },
                    LoggingOptions = new LoggingOptions()
                    {
                        WebApiDiagnosticsIsVerbose = true,
                        EnableWebApiDiagnostics    = true,
                        EnableKatanaLogging        = true,
                        EnableHttpLogging          = true
                    }
                };

                idsrvApp.UseIdentityServer(options);
            });
        }
Ejemplo n.º 2
0
        public void Configuration(IAppBuilder app)
        {
            AntiForgeryConfig.UniqueClaimTypeIdentifier = Constants.ClaimTypes.Subject;
            JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary <string, string>();

            Common.Logging.Logger.Initialize(HostingEnvironment.ApplicationPhysicalPath + "errorLog.config");

            app.MapSignalR();

            app.Map(
                pathMatch: "/identity",
                configuration: idsrvApp =>
            {
                idsrvApp.UseIdentityServer(
                    new IdentityServerOptions
                {
                    SiteName           = "Embedded IdentityServer",
                    SigningCertificate = LoadCertificate(),

                    Factory = new IdentityServerServiceFactory()
                              .UseInMemoryUsers(IdentityUsers.Get())
                              .UseInMemoryClients(IdentityClients.Get())
                              .UseInMemoryScopes(IdentityScopes.Get()),

                    AuthenticationOptions = new IdentityServer3.Core.Configuration.AuthenticationOptions
                    {
                        IdentityProviders = ConfigureIdentityProviders
                    }
                });
            });

            app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                AuthenticationType = "Cookies"
            });

            app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
            {
                Authority    = "https://localhost:44392/identity",
                ClientId     = "mvc",
                Scope        = "openid profile roles sampleApi",
                RedirectUri  = "https://localhost:44392/",
                ResponseType = "id_token token",

                SignInAsAuthenticationType = "Cookies",
                UseTokenLifetime           = false,

                Notifications = new OpenIdConnectAuthenticationNotifications
                {
                    SecurityTokenValidated = async n =>
                    {
                        // create new identity and set name and role claim type
                        var nid = new ClaimsIdentity(
                            n.AuthenticationTicket.Identity.AuthenticationType,
                            Constants.ClaimTypes.GivenName,
                            Constants.ClaimTypes.Role);

                        // get userinfo data
                        var userInfoClient = new UserInfoClient(n.Options.Authority + "/connect/userinfo");

                        var userInfo = await userInfoClient.GetAsync(n.ProtocolMessage.AccessToken);
                        userInfo.Claims.ToList().ForEach(ui => nid.AddClaim(new Claim(ui.Type, ui.Value)));

                        nid.AddClaim(new Claim("id_token", n.ProtocolMessage.IdToken));

                        // add access token for sample API
                        nid.AddClaim(new Claim("access_token", n.ProtocolMessage.AccessToken));

                        // keep track of access token expiration
                        nid.AddClaim(new Claim("expires_at", DateTimeOffset.Now.AddSeconds(int.Parse(n.ProtocolMessage.ExpiresIn)).ToString()));

                        // add some other app specific claim
                        ////nid.AddClaim(new Claim("app_specific", "some data"));

                        n.AuthenticationTicket = new AuthenticationTicket(
                            nid,
                            n.AuthenticationTicket.Properties);
                    },
                    RedirectToIdentityProvider = n =>
                    {
                        if (n.ProtocolMessage.RequestType == OpenIdConnectRequestType.LogoutRequest)
                        {
                            var idTokenHint = n.OwinContext.Authentication.User.FindFirst("id_token");

                            if (idTokenHint != null)
                            {
                                n.ProtocolMessage.IdTokenHint = idTokenHint.Value;
                            }
                        }

                        return(Task.FromResult(0));
                    }
                }
            });
        }