// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc(o =>
{
o.Filters.Add(typeof(GlobalExceptionFilter)); //注入全局异常过滤
}).SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
#region Swagger
services.AddMiniProfiler(options =>
{
options.RouteBasePath = "/profiler";//注意这个路径要和下边 index.html 脚本配置中的一致,
(options.Storage as MemoryCacheStorage).CacheDuration = TimeSpan.FromMinutes(10);
}
);
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new OpenApiInfo
{
Version = "v0.1.0",
Title = "Element.API",
Description = "框架说明文档",
});
var basePaths = ApplicationEnvironment.ApplicationBasePath;
var xmlPath = Path.Combine(basePaths, "ElemntUI.Api.xml"); //这个就是刚刚配置的xml文件名
c.IncludeXmlComments(xmlPath, true); //默认的第二个参数是false,这个是controller的注释,记得修改
c.AddSecurityDefinition("oauth2", new OpenApiSecurityScheme
{
Description = "JWT授权(数据将在请求头中进行传输) 直接在下框中输入Bearer {token}(注意两者之间是一个空格)\"",
Name = "Authorization", //jwt默认的参数名称
In = ParameterLocation.Header, //jwt默认存放Authorization信息的位置(请求头中)
Type = SecuritySchemeType.ApiKey
});
});
#endregion
#region 配置跨域
services.AddCors(c =>
{
c.AddPolicy("LimitRequests", policy =>
{
// 支持多个域名端口,注意端口号后不要带/斜杆:比如localhost:8000/,是错的
// 注意,http://127.0.0.1:1818 和 http://localhost:1818 是不一样的,尽量写两个
policy
.WithOrigins("http://127.0.0.1:1818", "http://localhost:8080", "http://localhost:8021"
, "http://localhost:8081", "http://localhost:1818"
, "http://localhost:9001", "http://localhost:1090"
, "http://localhost:5000", "http://localhost:5001"
)
.AllowAnyHeader()//Ensures that the policy allows any header.
.AllowAnyMethod();
});
});
#endregion
#region 授权认证
//services.AddSingleton<IJwtInterface, JwtHelpers>(); //注入jwt
services.AddScoped <IAuthorizationHandler, MustRoleHandle>();
services.AddAuthorization(options =>
{
options.AddPolicy(Permissions.Name,
policy => policy.Requirements.Add(new PolicyRole(ClaimTypes.Role, true))
);
});
#endregion
#region 给予权限,访问API
var audienceConfig = Configuration.GetSection("Audience");
var symmetricKeyAsBase64 = audienceConfig["Secret"];
var keyByteArray = Encoding.ASCII.GetBytes(symmetricKeyAsBase64);
var signingKey = new SymmetricSecurityKey(keyByteArray);
var tokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = signingKey, //还是从 appsettings.json 拿到的
ValidateIssuer = true,
ValidIssuer = audienceConfig["Issuer"], //发行人
ValidateAudience = true,
ValidAudience = audienceConfig["Audience"],//订阅人
ValidateLifetime = true,
ClockSkew = TimeSpan.Zero,
RequireExpirationTime = true
};
services.AddAuthentication(o =>
{
o.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
o.DefaultChallengeScheme = nameof(ApiResponseHandler);
o.DefaultForbidScheme = nameof(ApiResponseHandler);
})
.AddJwtBearer(o =>
{
o.TokenValidationParameters = tokenValidationParameters;
})
.AddScheme <AuthenticationSchemeOptions, ApiResponseHandler>(nameof(ApiResponseHandler), o =>
{
});
#endregion
NativeInjectorBootStrapper.InitServices(services);
}