Ejemplos de TokenRetrieval en C# (CSharp)

Ejemplo n.º 1

        public static IServiceCollection AddAuthentication(this IServiceCollection services, IConfiguration configuration, IWebHostEnvironment env)
        {
            services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
            .AddIdentityServerAuthentication(options =>
            {
                options.Authority     = configuration.GetValue <string>("Identity:Authority");
                options.ApiName       = configuration.GetValue <string>("Identity:ApiResource");
                options.EnableCaching = true;
                options.CacheDuration = TimeSpan.FromMinutes(10);

                if (env.IsDevelopment())
                {
                    options.RequireHttpsMetadata     = false;
                    IdentityModelEventSource.ShowPII = true;
                }

                options.TokenRetriever = (request) =>
                {
                    var token = TokenRetrieval.FromAuthorizationHeader()(request);

                    if (string.IsNullOrEmpty(token))
                    {
                        token = TokenRetrieval.FromQueryString()(request);
                    }

                    return(token);
                };
            });

            services.AddAuthorization();

            return(services);
        }

Ejemplo n.º 2

        public static IServiceCollection ConfigureAuth(this IServiceCollection services, IConfiguration config)
        {
            AuthenticationSettings auth = config.GetSection("Authentication").Get <AuthenticationSettings>();

            services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
            .AddIdentityServerAuthentication(options =>
            {
                options.Authority       = auth.Authority;
                options.ApiName         = auth.Scope;
                options.EnableCaching   = true;
                options.CacheDuration   = TimeSpan.FromMinutes(auth.CacheInMinutes);
                options.SupportedTokens = SupportedTokens.Jwt;
                options.SaveToken       = true;

                options.TokenRetriever = new Func <HttpRequest, string>(req =>
                {
                    var fromHeader = TokenRetrieval.FromAuthorizationHeader();
                    var fromQuery  = TokenRetrieval.FromQueryString();
                    return(fromHeader(req) ?? fromQuery(req));
                });
            });

            services.AddAuthorization(options =>
            {
                options.FallbackPolicy = new AuthorizationPolicyBuilder()
                                         .RequireAuthenticatedUser()
                                         .Build();
            });
            return(services);
        }

Ejemplo n.º 3

        public void ConfigureServices(IServiceCollection services)
        {
            //services.Configure<CookiePolicyOptions>(options =>
            //{
            //    options.CheckConsentNeeded = context => true;
            //    options.MinimumSameSitePolicy = SameSiteMode.None;
            //});

            services.AddSignalR();

            services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);

            services
            .AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
            .AddIdentityServerAuthentication(options =>
            {
                options.Authority            = "https://localhost:5001";
                options.RequireHttpsMetadata = true;
                options.ApiName        = "signalr";
                options.NameClaimType  = "sub";
                options.TokenRetriever = new Func <HttpRequest, string>(req =>
                {
                    var fromHeader = TokenRetrieval.FromAuthorizationHeader();
                    var fromQuery  = TokenRetrieval.FromQueryString();
                    return(fromHeader(req) ?? fromQuery(req));
                });
            });
        }

Ejemplo n.º 4

        protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
        {
            var token = TokenRetrieval.FromAuthorizationHeader()(Context.Request);

            if (token == null)
            {
                return(AuthenticateResult.NoResult());
            }

            if (token.Length != LykkeTokenLength)
            {
                var result = await base.HandleAuthenticateAsync();

                return(result);
            }

            var principal = await _lykkePrincipal.GetCurrent();

            if (principal == null)
            {
                return(AuthenticateResult.NoResult());
            }

            var ticket = new AuthenticationTicket(principal, "Bearer");

            return(AuthenticateResult.Success(ticket));
        }

Ejemplo n.º 5

        public static void AddIdentityAuthenticationServices(
            this IServiceCollection services, GlobalSettings globalSettings, IHostingEnvironment environment,
            Action <AuthorizationOptions> addAuthorization)
        {
            services
            .AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
            .AddIdentityServerAuthentication(options =>
            {
                options.Authority            = globalSettings.BaseServiceUri.InternalIdentity;
                options.RequireHttpsMetadata = !environment.IsDevelopment() &&
                                               globalSettings.BaseServiceUri.InternalIdentity.StartsWith("https");
                options.TokenRetriever  = TokenRetrieval.FromAuthorizationHeaderOrQueryString();
                options.NameClaimType   = ClaimTypes.Email;
                options.SupportedTokens = SupportedTokens.Jwt;
            });

            if (addAuthorization != null)
            {
                services.AddAuthorization(config =>
                {
                    addAuthorization.Invoke(config);
                });
            }

            if (environment.IsDevelopment())
            {
                Microsoft.IdentityModel.Logging.IdentityModelEventSource.ShowPII = true;
            }
        }

Ejemplo n.º 6

        private void ConfigureAuthentication(IServiceCollection services)
        {
            JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();

            services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
            .AddIdentityServerAuthentication(options =>
            {
                options.Authority            = Configuration.GetValue <string>("RemoteNLogViewer:IdentityServer:Authority");
                options.ApiName              = Configuration.GetValue <string>("RemoteNLogViewer:IdentityServer:ApiName");
                options.SaveToken            = true;
                options.RequireHttpsMetadata = Configuration.GetValue <bool>("RemoteNLogViewer:IdentityServer:RequireHttpsMetadata");
                options.TokenRetriever       = request =>
                {
                    // This is necessary because SignalR sends the Token via QueryString
                    var accessToken = request.Query["access_token"];

                    if (!string.IsNullOrEmpty(accessToken))
                    {
                        return(TokenRetrieval.FromQueryString()(request));
                    }

                    accessToken = TokenRetrieval.FromAuthorizationHeader()(request);

                    return(accessToken);
                };
            });
        }

Ejemplo n.º 7

Archivo: Startup.cs Proyecto: cojocaru-dragos-alexandru/AspNet5IdentityServerAngularImplicitFlow

        public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
        {
            loggerFactory.AddConsole(Configuration.GetSection("Logging"));
            loggerFactory.AddDebug();

            app.UseIISPlatformHandler();

            app.UseCors("corsGlobalPolicy");

            app.UseStaticFiles();

            JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
            app.UseIdentityServerAuthentication(options =>
            {
                options.Authority   = "https://localhost:44345/";
                options.ScopeName   = "securedFiles";
                options.ScopeSecret = "securedFilesSecret";

                options.AutomaticAuthenticate = true;
                // required if you want to return a 403 and not a 401 for forbidden responses
                options.AutomaticChallenge = true;
                options.TokenRetriever     = TokenRetrieval.FromQueryString();
            });
            app.UseMvc();
        }

Ejemplo n.º 8

        private IdentityServerAuthenticationOptions GetIdentityOptions(IHostingEnvironment env)
        {
            var options = new IdentityServerAuthenticationOptions
            {
                AllowedScopes        = new string[] { "api" },
                RequireHttpsMetadata = env.IsProduction(),
                ApiName       = "api",
                NameClaimType = ClaimTypes.Email,
                // Version "2" until we retire the old jwt scheme and replace it with this one.
                AuthenticationScheme = "Bearer2",
                TokenRetriever       = TokenRetrieval.FromAuthorizationHeaderOrQueryString("Bearer2", "access_token2")
            };

            if (env.IsProduction())
            {
                options.Authority = "https://api.bitwarden.com";
            }
            else if (env.IsEnvironment("Preview"))
            {
                options.Authority = "https://preview-api.bitwarden.com";
            }
            else
            {
                options.Authority = "http://localhost:4000";
                //options.Authority = "http://169.254.80.80:4000"; // for VS Android Emulator
                //options.Authority = "http://192.168.1.8:4000"; // Desktop external
            }

            return(options);
        }

Ejemplo n.º 9

        private void ConfigureIdentityServerAuthenticationOptions(JwtBearerOptions options)
        {
            Configuration.GetSection("ApiAuthentication").Bind(options);
            if (Configuration.GetValue <bool>("DisableStrictSsl"))
            {
                options.BackchannelHttpHandler = new HttpClientHandler
                {
#pragma warning disable S4830 // Server certificates should be verified during SSL/TLS connections
                    ServerCertificateCustomValidationCallback = (message, cert, chain, policy) => true
#pragma warning restore S4830 // Server certificates should be verified during SSL/TLS connections
                };
            }

            options.Events = new JwtBearerEvents
            {
                OnMessageReceived = context =>
                {
                    var request     = context.HttpContext.Request;
                    var path        = request.Path;
                    var accessToken = TokenRetrieval.FromQueryString()(request);
                    if (path.StartsWithSegments("/providerhub") && !string.IsNullOrEmpty(accessToken))
                    {
                        context.Token = accessToken;
                        return(Task.CompletedTask);
                    }
                    var oneTimeToken = TokenRetrieval.FromQueryString("otk")(request);
                    if (!string.IsNullOrEmpty(oneTimeToken))
                    {
                        context.Token = request.HttpContext
                                        .RequestServices
                                        .GetRequiredService <IRetrieveOneTimeToken>()
                                        .GetOneTimeToken(oneTimeToken);
                    }
                    return(Task.CompletedTask);
                }
            };

            options.ForwardDefaultSelector = context =>
            {
                var authHeader = context.Request.Headers[HttpRequestHeader.Authorization.ToString()];
                if (string.IsNullOrEmpty(authHeader))
                {
                    return(null);
                }

                var parts = authHeader.First().Split(' ', StringSplitOptions.RemoveEmptyEntries);
                if (parts.Length != 2)
                {
                    return(null);
                }

                if (!parts[1].Contains("."))
                {
                    return("introspection");
                }

                return(null);
            };
        }

Ejemplo n.º 10

Archivo: CustomTokenRetriever.cs Proyecto: chidongyh2/MedlatecRevenueHomeSolutions

 public static Func <HttpRequest, string> FromHeaderAndQueryString(string headerScheme = "Bearer", string queryScheme = "access_token")
 {
     return((request) =>
     {
         var token = TokenRetrieval.FromAuthorizationHeader(headerScheme)(request);
         return !string.IsNullOrEmpty(token) ? token : TokenRetrieval.FromQueryString(queryScheme)(request);
     });
 }

Ejemplo n.º 11

Archivo: Startup.cs Proyecto: pain1309/Kimseiry

        public void ConfigureServices(IServiceCollection services)
        {
            services.AddSignalR();

            services.AddSingleton <IUserIdProvider, NameUserIdProvider>();

            services.AddMvc();

            services.AddIdentityServer()
            .AddDeveloperSigningCredential()
            .AddInMemoryClients(new[] {
                new Client {
                    ClientId          = "my-app",
                    ClientName        = "my-app",
                    ClientSecrets     = { new Secret("secret".Sha256()) },
                    AllowedScopes     = { "my-api" },
                    AllowedGrantTypes = GrantTypes.ResourceOwnerPassword
                }
            })
            .AddInMemoryApiResources(new[] {
                new ApiResource("my-api", "SignalR Test API")
            })
            .AddInMemoryIdentityResources(new List <IdentityResource> {
                new IdentityResources.OpenId(),
                new IdentityResources.Profile(),
                new IdentityResources.Email()
            })
            .AddInMemoryPersistedGrants()
            .AddTestUsers(new List <TestUser> {
                new TestUser {
                    SubjectId = "alice",
                    Username  = "******",
                    Password  = "******"
                },
                new TestUser {
                    SubjectId = "bob",
                    Username  = "******",
                    Password  = "******"
                }
            });

            services
            .AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
            .AddIdentityServerAuthentication(options =>
            {
                options.Authority            = "http://localhost:5000";
                options.RequireHttpsMetadata = false;
                options.ApiName        = "my-api";
                options.NameClaimType  = "sub";
                options.TokenRetriever = new Func <HttpRequest, string>(req =>
                {
                    var fromHeader = TokenRetrieval.FromAuthorizationHeader();
                    var fromQuery  = TokenRetrieval.FromQueryString();
                    return(fromHeader(req) ?? fromQuery(req));
                });
            });
        }

Ejemplo n.º 12

Archivo: Startup.cs Proyecto: nhi/react-hotchocolate-subscription

        // This method gets called by the runtime. Use this method to add services to the container.
        // For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940
        public void ConfigureServices(IServiceCollection services)
        {
            // Add the custom services like repositories etc ...
            services.AddSingleton <CharacterRepository>();
            services.AddSingleton <ReviewRepository>();

            services.AddScoped <WebSocketContext>();

            services.AddCors(options =>
            {
                options.AddPolicy(Cors,
                                  builder =>
                {
                    builder.WithOrigins("*")
                    .AllowAnyHeader()
                    .AllowAnyMethod();
                });
            });

            // Custom policy
            services.AddAuthorization();

            services
            .AddAuthentication(options => {
                options.DefaultScheme             = IdentityServerAuthenticationDefaults.AuthenticationScheme;
                options.DefaultAuthenticateScheme = IdentityServerAuthenticationDefaults.AuthenticationScheme;
            })
            .AddJwtBearer("Websockets", ctx => { })
            .AddIdentityServerAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme, options =>
            {
                options.ForwardDefaultSelector = context =>
                {
                    if (!context.Items.ContainsKey(AuthenticationSocketInterceptor.HTTP_CONTEXT_WEBSOCKET_AUTH_KEY) && context.Request.Headers.TryGetValue("Upgrade", out var value) && value.Count > 0 && value[0] is string stringValue && stringValue == "websocket")
                    {
                        return("Websockets");
                    }
                    return(IdentityServerAuthenticationDefaults.AuthenticationScheme);
                };
                options.TokenRetriever = new Func <HttpRequest, string>(req =>
                {
                    if (req.HttpContext.Items.TryGetValue(AuthenticationSocketInterceptor.HTTP_CONTEXT_WEBSOCKET_AUTH_KEY, out object token) && token is string stringToken)
                    {
                        return(stringToken);
                    }

                    var fromHeader   = TokenRetrieval.FromAuthorizationHeader();
                    var fromQuery    = TokenRetrieval.FromQueryString();   // Query string auth
                    string tokenHttp = fromHeader(req) ?? fromQuery(req);
                    return(tokenHttp);
                });

                options.Authority            = _config.Authentication.Authority;
                options.ApiName              = _config.Authentication.ApiName;
                options.RequireHttpsMetadata = false;
            });

Ejemplo n.º 13

        public static AuthenticationBuilder AddSquidexIdentityServerAuthentication(this AuthenticationBuilder authBuilder, MyIdentityOptions identityOptions, IConfiguration config)
        {
            var apiScope = Constants.ApiScope;

            var urlsOptions = config.GetSection("urls").Get <UrlsOptions>();

            if (!string.IsNullOrWhiteSpace(urlsOptions.BaseUrl))
            {
                string apiAuthorityUrl;

                if (!string.IsNullOrWhiteSpace(identityOptions.AuthorityUrl))
                {
                    apiAuthorityUrl = identityOptions.AuthorityUrl.BuildFullUrl(Constants.IdentityServerPrefix);
                }
                else
                {
                    apiAuthorityUrl = urlsOptions.BuildUrl(Constants.IdentityServerPrefix);
                }

                authBuilder.AddIdentityServerAuthentication(options =>
                {
                    options.Authority            = apiAuthorityUrl;
                    options.ApiName              = apiScope;
                    options.ApiSecret            = null;
                    options.RequireHttpsMetadata = identityOptions.RequiresHttps;
                    options.SupportedTokens      = SupportedTokens.Jwt;

                    var fromHeader = TokenRetrieval.FromAuthorizationHeader();
                    var fromQuery  = TokenRetrieval.FromQueryString();

                    options.TokenRetriever = request =>
                    {
                        var result = fromHeader(request) ?? fromQuery(request);

                        return(result);
                    };
                });

                authBuilder.AddOpenIdConnect(options =>
                {
                    options.Authority            = apiAuthorityUrl;
                    options.ClientId             = Constants.InternalClientId;
                    options.ClientSecret         = Constants.InternalClientSecret;
                    options.CallbackPath         = "/signin-internal";
                    options.RequireHttpsMetadata = identityOptions.RequiresHttps;
                    options.SaveTokens           = true;
                    options.Scope.Add(Constants.PermissionsScope);
                    options.Scope.Add(Constants.ProfileScope);
                    options.Scope.Add(Constants.RoleScope);
                    options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                });
            }

            return(authBuilder);
        }

Ejemplo n.º 14

Archivo: Startup.cs Proyecto: vienpt/TheIdServer

                static string tokenRetriever(HttpRequest request)
                {
                    var accessToken = TokenRetrieval.FromQueryString()(request);

                    var path = request.Path;
                    if (path.StartsWithSegments("/providerhub") && !string.IsNullOrEmpty(accessToken))
                    {
                        return(accessToken);
                    }
                    return(TokenRetrieval.FromAuthorizationHeader()(request));
                }

Ejemplo n.º 15

        public void ConfigureServices(IServiceCollection services)
        {
            services.Configure <OneSignal>(_config.GetSection("OneSignal"));
            services.Configure <AppSettings>(_config.GetSection("AppSettings"));

            services.AddSingleton(_oAuth.Routing);

            var connectionString = _config.GetConnectionString("DefaultConnection");

            services.AddTrickingRoyalDatabase(connectionString)
            .AddHangfireServices()
            .AddHangfire(options => options.UseSqlServerStorage(connectionString));

            services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
            .AddIdentityServerAuthentication(options =>
            {
                options.Authority            = _oAuth.Routing.Server;
                options.RequireHttpsMetadata = _env.IsProduction();

                options.ApiName   = _oAuth.Api.Name;
                options.ApiSecret = _oAuth.Api.ResourceSecret.Sha256();

                options.TokenRetriever = httpRequest =>
                {
                    var fromHeader = TokenRetrieval.FromAuthorizationHeader();
                    var fromQuery  = TokenRetrieval.FromQueryString();
                    return(fromHeader(httpRequest) ?? fromQuery(httpRequest));
                };
            });

            SetupCors(services);

            services.AddBattlesServices()
            .AddNotificationServices()
            .AddSubServices()
            .AddMediatR(typeof(GetUserQuery).GetTypeInfo().Assembly)
            .AddHttpClient("default",
                           config =>
            {
                config.DefaultRequestHeaders.Accept
                .Add(new MediaTypeWithQualityHeaderValue("application/json"));
            });


            var emailSettings = _config.GetSection(nameof(MailKitOptions)).Get <MailKitOptions>();

            services.AddMailKit(optionBuilder => { optionBuilder.UseMailKit(emailSettings); });

            services.AddHealthChecks();
            services.AddMvc();
        }

Ejemplo n.º 16

Archivo: Startup.cs Proyecto: xxf2103625/core

        public void ConfigureServices(IServiceCollection services)
        {
            // Options
            services.AddOptions();

            // Settings
            var globalSettings = services.AddGlobalSettingsServices(Configuration);

            // Repositories
            services.AddSqlServerRepositories(globalSettings);

            // Context
            services.AddScoped <CurrentContext>();

            // Identity
            services
            .AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
            .AddIdentityServerAuthentication(options =>
            {
                options.Authority            = globalSettings.BaseServiceUri.InternalIdentity;
                options.RequireHttpsMetadata = !Environment.IsDevelopment() &&
                                               globalSettings.BaseServiceUri.InternalIdentity.StartsWith("https");
                options.NameClaimType  = ClaimTypes.Email;
                options.TokenRetriever = TokenRetrieval.FromAuthorizationHeaderOrQueryString(
                    new string[] { "Bearer", "Bearer3" });
                options.SupportedTokens = SupportedTokens.Jwt;
            });

            services.AddAuthorization(config =>
            {
                config.AddPolicy("Application", policy =>
                {
                    policy.RequireAuthenticatedUser();
                    policy.RequireClaim(JwtClaimTypes.AuthenticationMethod, "Application");
                });
            });

            // Services
            services.AddScoped <IEventService, EventService>();
            if (!globalSettings.SelfHosted && CoreHelpers.SettingHasValue(globalSettings.Storage.ConnectionString))
            {
                services.AddSingleton <IEventWriteService, AzureQueueEventWriteService>();
            }
            else
            {
                services.AddSingleton <IEventWriteService, RepositoryEventWriteService>();
            }

            // Mvc
            services.AddMvc();
        }

Ejemplo n.º 17

Archivo: Startup.cs Proyecto: hognevevle/HC_Subscription_Auth

        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddCors(options =>
                             options.AddDefaultPolicy(builder =>
                                                      builder.SetIsOriginAllowed(_ => true)
                                                      .AllowAnyMethod()
                                                      .AllowAnyHeader()
                                                      .AllowCredentials())
                             );

            services.AddAuthentication(options =>
            {
                options.DefaultAuthenticateScheme = IdentityServerAuthenticationDefaults.AuthenticationScheme;
                options.DefaultChallengeScheme    = IdentityServerAuthenticationDefaults.AuthenticationScheme;
            })
            .AddJwtBearer("WebSockets", ctx => { })
            .AddIdentityServerAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme, options =>
            {
                options.Authority            = "https://localhost:5001"; //TODO: Make configurable
                options.ApiName              = "api1";                   //TODO: Change this to correct api name ind Config.cs for AutServer
                options.RequireHttpsMetadata = false;

                options.ForwardDefaultSelector = context =>
                {
                    if (!context.Items.ContainsKey(AuthenticationSocketInterceptor.HTTP_CONTEXT_WEBSOCKET_AUTH_KEY) &&
                        context.Request.Headers.TryGetValue("Upgrade", out var value) &&
                        value.Count > 0 &&
                        value[0] is string stringValue &&
                        stringValue == "websocket")
                    {
                        return("WebSockets");
                    }
                    return(JwtBearerDefaults.AuthenticationScheme);
                };

                options.TokenRetriever = new Func <HttpRequest, string>(req =>
                {
                    if (req.HttpContext.Items.TryGetValue(
                            AuthenticationSocketInterceptor.HTTP_CONTEXT_WEBSOCKET_AUTH_KEY,
                            out object token) &&
                        token is string stringToken)
                    {
                        return(stringToken);
                    }
                    var fromHeader = TokenRetrieval.FromAuthorizationHeader();
                    var fromQuery  = TokenRetrieval.FromQueryString();

                    return(fromHeader(req) ?? fromQuery(req));
                });
            });

Ejemplo n.º 18

Archivo: Startup.cs Proyecto: samjaninf/core

        private IdentityServerAuthenticationOptions GetIdentityOptions(IHostingEnvironment env,
                                                                       GlobalSettings globalSettings, string suffix)
        {
            var options = new IdentityServerAuthenticationOptions
            {
                Authority            = globalSettings.BaseServiceUri.InternalIdentity,
                AllowedScopes        = new string[] { "api", "api.push", "api.licensing" },
                RequireHttpsMetadata = !env.IsDevelopment() && globalSettings.BaseServiceUri.InternalIdentity.StartsWith("https"),
                NameClaimType        = ClaimTypes.Email,
                // Suffix until we retire the old jwt schemes.
                AuthenticationScheme = $"Bearer{suffix}",
                TokenRetriever       = TokenRetrieval.FromAuthorizationHeaderOrQueryString($"Bearer{suffix}", $"access_token{suffix}")
            };

            return(options);
        }

Ejemplo n.º 19

        public Task <string> GetRequestToken()
        {
            var request = _httpContextAccessor.HttpContext.Request;

            var token = TokenRetrieval.FromAuthorizationHeader()(request);

            if (string.IsNullOrWhiteSpace(token))
            {
                _logger.LogError("Token not found in header");
            }
            else
            {
                _logger.LogInformation("Token retrieved from header");
            }

            return(Task.FromResult(token));
        }

Ejemplo n.º 20

        public void ConfigureServices(IServiceCollection services)
        {
            // Options
            services.AddOptions();

            // Settings
            var globalSettings = services.AddGlobalSettingsServices(Configuration);

            // Repositories
            services.AddSqlServerRepositories(globalSettings);

            // Context
            services.AddScoped <CurrentContext>();

            // Identity
            services
            .AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
            .AddIdentityServerAuthentication(options =>
            {
                options.Authority            = globalSettings.BaseServiceUri.InternalIdentity;
                options.RequireHttpsMetadata = !Environment.IsDevelopment() &&
                                               globalSettings.BaseServiceUri.InternalIdentity.StartsWith("https");
                options.TokenRetriever  = TokenRetrieval.FromAuthorizationHeaderOrQueryString();
                options.NameClaimType   = ClaimTypes.Email;
                options.SupportedTokens = SupportedTokens.Jwt;
            });

            services.AddAuthorization(config =>
            {
                config.AddPolicy("Application", policy =>
                {
                    policy.RequireAuthenticatedUser();
                    policy.RequireClaim(JwtClaimTypes.AuthenticationMethod, "Application");
                });
            });

            // SignalR
            services.AddSignalR();
            services.AddSingleton <IUserIdProvider, SubjectUserIdProvider>();

            // Mvc
            services.AddMvc();

            // Hosted Services
            services.AddHostedService <AzureQueueHostedService>();
        }

Ejemplo n.º 21

Archivo: Startup.cs Proyecto: lsimopoulos/ShortLivedChat

        //private static Timer _timer;

        // This method gets called by the runtime. Use this method to add services to the container.
        // For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddCors();

            services
            .AddSignalR(options => { options.EnableDetailedErrors = true; })
            .AddMessagePackProtocol();

            services.AddMvcCore()
            .AddNewtonsoftJson()
            .AddAuthorization();


            services.AddIdentityServer(
                options =>
            {
                options.Events.RaiseErrorEvents       = true;
                options.Events.RaiseSuccessEvents     = true;
                options.Events.RaiseFailureEvents     = true;
                options.Events.RaiseInformationEvents = true;
            })
            .AddInMemoryApiResources(ISConfig.GetApiResources())
            .AddInMemoryApiScopes(ISConfig.GetApiScopes())
            .AddTestUsers(ISConfig.GetUsers())
            .AddInMemoryClients(ISConfig.GetClients())
            //.AddSigningCredential(Cert.Get("theCert.pfx", "somePassword"))
            .AddDeveloperSigningCredential();


            services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
            .AddIdentityServerAuthentication(options =>
            {
                options.Authority            = "https://localhost:5001/";
                options.RequireHttpsMetadata = true;
                options.ApiName        = "shortlivedchat";
                options.TokenRetriever = new Func <HttpRequest, string>(req =>
                {
                    var fromAuthorizationHeader = TokenRetrieval.FromAuthorizationHeader();
                    var fromQueryString         = TokenRetrieval.FromQueryString();
                    return(fromAuthorizationHeader(req) ?? fromQueryString(req));
                });
                IdentityModelEventSource.ShowPII = true;
            });
            services.AddSingleton <GroupsManager>();
        }

Ejemplo n.º 22

        private IdentityServerAuthenticationOptions GetIdentityOptions(IHostingEnvironment env,
                                                                       string authority, string suffix)
        {
            var options = new IdentityServerAuthenticationOptions
            {
                Authority            = authority,
                AllowedScopes        = new string[] { "api" },
                RequireHttpsMetadata = env.IsProduction(),
                ApiName       = "api",
                NameClaimType = ClaimTypes.Email,
                // Suffix until we retire the old jwt schemes.
                AuthenticationScheme = $"Bearer{suffix}",
                TokenRetriever       = TokenRetrieval.FromAuthorizationHeaderOrQueryString(
                    $"Bearer{suffix}", $"access_token{suffix}")
            };

            return(options);
        }

Ejemplo n.º 23

 static string tokenRetriever(HttpRequest request)
 {
     var path = request.Path;
     var accessToken = TokenRetrieval.FromQueryString()(request);
     if (path.StartsWithSegments("/providerhub") && !string.IsNullOrEmpty(accessToken))
     {
         return accessToken;
     }
     var oneTimeToken = TokenRetrieval.FromQueryString("otk")(request);
     if (!string.IsNullOrEmpty(oneTimeToken))
     {
         return request.HttpContext
         .RequestServices
         .GetRequiredService <IRetrieveOneTimeToken>()
         .GetOneTimeToken(oneTimeToken);
     }
     return TokenRetrieval.FromAuthorizationHeader()(request);
 }

Ejemplo n.º 24

Archivo: Startup.cs Proyecto: myrp-alexandre/simple-erp

        public IServiceProvider ConfigureServices(IServiceCollection services)
        {
            services.Configure <AppSettings>(Configuration);

            services.AddMvc(o =>
            {
                o.Filters.Add(new AuthorizeFilter());
            }).SetCompatibilityVersion(CompatibilityVersion.Version_2_2)
            .AddJsonOptions(options => options.SerializerSettings.ContractResolver = new DefaultContractResolver());
            services.AddSignalR();

            services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
            .AddIdentityServerAuthentication(options =>
            {
                options.Authority            = AppSettings.IDENTITY_HOST;
                options.RequireHttpsMetadata = false;
                options.ApiName        = AppSettings.API_NAME;
                options.TokenRetriever = new Func <HttpRequest, string>(req =>
                {
                    var fromHeader = TokenRetrieval.FromAuthorizationHeader();
                    var fromQuery  = TokenRetrieval.FromQueryString();
                    return(fromHeader(req) ?? fromQuery(req));
                });
            });

            services.AddDbContext <WebContext>(options =>
            {
                options.UseMySql(AppSettings.ConnectionString, mySqlOptionsAction: sqlOptions =>
                {
                    sqlOptions.ServerVersion(Version.Parse(AppSettings.MYSQL_VERSION), ServerType.MySql);
                    sqlOptions.EnableRetryOnFailure(maxRetryCount: 10, maxRetryDelay: TimeSpan.FromSeconds(30), errorNumbersToAdd: null);
                });
            }, ServiceLifetime.Scoped);

            AddApplicationServices(services);
            services.AddSingleton <IUserIdProvider, SignalrUserIdProvider>();

            var container = new ContainerBuilder();

            container.Populate(services);
            container.RegisterModule(new ServiceBusModule());
            return(new AutofacServiceProvider(container.Build()));
        }

Ejemplo n.º 25

Archivo: Startup.cs Proyecto: werddomain/SmartThermostat

        public void ConfigureServices(IServiceCollection services)
        {
            services.AddDbContext <Data.DeviceDataContext>(options =>
                                                           options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));

            services.AddMvcCore(options =>
            {
                options.RespectBrowserAcceptHeader = true; // false by default
            })
            .AddAuthorization()
            .AddApiExplorer()
            .AddJsonFormatters();

            services.AddCors();
            //https://github.com/RSuter/NSwag/wiki/AspNetCore-Middleware

            services.AddSwaggerDocument(c => {
                //c.DocumentName = $"{Config.General.WebsiteShortName}API";
                c.Description = "Api to access Smart devices";
            });
            services.AddAuthentication("Bearer")
            .AddIdentityServerAuthentication(options =>
            {
                options.Authority            = Config.Urls.OAuthUrl;
                options.RequireHttpsMetadata = Environment.IsDevelopment() ? false : true;


                options.ApiName        = Config.General.SmartHomeApiScope_Id;
                options.TokenRetriever = new Func <HttpRequest, string>(req =>
                {
                    var fromHeader = TokenRetrieval.FromAuthorizationHeader();
                    var fromQuery  = TokenRetrieval.FromQueryString();
                    return(fromHeader(req) ?? fromQuery(req));
                });
            });
            services.AddSignalR();
            //sub claim is used from the token for individual users

            services.AddSingleton <IUserIdProvider, UserProvider>();
            services.AddSingleton <IHttpContextAccessor, HttpContextAccessor>();
        }

Ejemplo n.º 26

        static Func <HttpRequest, string> GetTokenRetrievalOptions(IdentityAuthOptions options)
        {
            if (options.TokenRetrievalOptions == null)
            {
                return(TokenRetrieval.FromAuthorizationHeader());
            }

            switch (options.TokenRetrievalOptions.Source)
            {
            default:
            case TokenSource.FromAuthorizationHeader:
                if (string.IsNullOrWhiteSpace(options.TokenRetrievalOptions.NameOrSchema))
                {
                    options.TokenRetrievalOptions.NameOrSchema = "Bearer";
                }
                return(TokenRetrieval.FromAuthorizationHeader(options.TokenRetrievalOptions.NameOrSchema));

            case TokenSource.FromCustomHeader:
                if (string.IsNullOrWhiteSpace(options.TokenRetrievalOptions.NameOrSchema))
                {
                    options.TokenRetrievalOptions.NameOrSchema = "Bearer";
                }
                if (string.IsNullOrWhiteSpace(options.TokenRetrievalOptions.Header))
                {
                    options.TokenRetrievalOptions.Header = "Geone-OAuth2-IS4";
                }
                return(FromCustomHeader(options.TokenRetrievalOptions));

            case TokenSource.FromQueryString:
                if (string.IsNullOrWhiteSpace(options.TokenRetrievalOptions.NameOrSchema))
                {
                    options.TokenRetrievalOptions.NameOrSchema = "access_token";
                }
                return(TokenRetrieval.FromQueryString(options.TokenRetrievalOptions.NameOrSchema));
            }
        }

Ejemplo n.º 27

Archivo: GetSiteTemplate.cs Proyecto: ToddKlindt/powershell-1

        private void ExtractTemplate(XMLPnPSchemaVersion schema, string path, string packageName, ExtractConfiguration configuration)
        {
            CurrentWeb.EnsureProperty(w => w.Url);
            ProvisioningTemplateCreationInformation creationInformation = null;

            if (configuration != null)
            {
                creationInformation = configuration.ToCreationInformation(CurrentWeb);
            }
            else
            {
                creationInformation = new ProvisioningTemplateCreationInformation(CurrentWeb);
            }

            if (ParameterSpecified(nameof(Handlers)))
            {
                creationInformation.HandlersToProcess = Handlers;
            }
            if (ParameterSpecified(nameof(ExcludeHandlers)))
            {
                foreach (var handler in (Handlers[])Enum.GetValues(typeof(Handlers)))
                {
                    if (!ExcludeHandlers.Has(handler) && handler != Handlers.All)
                    {
                        Handlers = Handlers | handler;
                    }
                }
                creationInformation.HandlersToProcess = Handlers;
            }

            var extension = "";

            if (packageName != null)
            {
                if (packageName.IndexOf(".", StringComparison.Ordinal) > -1)
                {
                    extension = packageName.Substring(packageName.LastIndexOf(".", StringComparison.Ordinal)).ToLower();
                }
                else
                {
                    packageName += ".pnp";
                    extension    = ".pnp";
                }
            }

            var fileSystemConnector = new FileSystemConnector(path, "");

            if (extension == ".pnp")
            {
                creationInformation.FileConnector = new OpenXMLConnector(packageName, fileSystemConnector);
            }
            else if (extension == ".md")
            {
                creationInformation.FileConnector = fileSystemConnector;
            }
            else
            {
                creationInformation.FileConnector = fileSystemConnector;
            }
#pragma warning disable 618
            if (ParameterSpecified(nameof(PersistBrandingFiles)))
            {
                creationInformation.PersistBrandingFiles = PersistBrandingFiles;
            }
#pragma warning restore 618
            creationInformation.PersistPublishingFiles       = PersistPublishingFiles;
            creationInformation.IncludeNativePublishingFiles = IncludeNativePublishingFiles;
            if (ParameterSpecified(nameof(IncludeSiteGroups)))
            {
                creationInformation.IncludeSiteGroups = IncludeSiteGroups;
            }
            creationInformation.IncludeTermGroupsSecurity  = IncludeTermGroupsSecurity;
            creationInformation.IncludeSearchConfiguration = IncludeSearchConfiguration;
            if (ParameterSpecified(nameof(IncludeHiddenLists)))
            {
                creationInformation.IncludeHiddenLists = IncludeHiddenLists;
            }
            if (ParameterSpecified(nameof(IncludeAllPages)))
            {
                creationInformation.IncludeAllClientSidePages = IncludeAllPages;
            }
            creationInformation.SkipVersionCheck = SkipVersionCheck;
            if (ParameterSpecified(nameof(ContentTypeGroups)) && ContentTypeGroups != null)
            {
                creationInformation.ContentTypeGroupsToInclude = ContentTypeGroups.ToList();
            }
            creationInformation.PersistMultiLanguageResources = PersistMultiLanguageResources;
            if (extension == ".pnp")
            {
                // if file is of pnp format, persist all files
                creationInformation.PersistBrandingFiles          = true;
                creationInformation.PersistPublishingFiles        = true;
                creationInformation.PersistMultiLanguageResources = true;
            }
            if (!string.IsNullOrEmpty(ResourceFilePrefix))
            {
                creationInformation.ResourceFilePrefix = ResourceFilePrefix;
            }
            else
            {
                if (Out != null)
                {
                    FileInfo fileInfo = new FileInfo(Out);
                    var      prefix   = fileInfo.Name;
                    // strip extension, if there is any
                    var indexOfLastDot = prefix.LastIndexOf(".", StringComparison.Ordinal);
                    if (indexOfLastDot > -1)
                    {
                        prefix = prefix.Substring(0, indexOfLastDot);
                    }
                    creationInformation.ResourceFilePrefix = prefix;
                }
            }
            if (ExtensibilityHandlers != null)
            {
                creationInformation.ExtensibilityHandlers = ExtensibilityHandlers.ToList();
            }

#pragma warning disable CS0618 // Type or member is obsolete
            if (NoBaseTemplate)
            {
                creationInformation.BaseTemplate = null;
            }
            else
            {
                creationInformation.BaseTemplate = CurrentWeb.GetBaseTemplate();
            }
#pragma warning restore CS0618 // Type or member is obsolete

            creationInformation.ProgressDelegate = (message, step, total) =>
            {
                var percentage = Convert.ToInt32((100 / Convert.ToDouble(total)) * Convert.ToDouble(step));

                WriteProgress(new ProgressRecord(0, $"Extracting Template from {CurrentWeb.Url}", message)
                {
                    PercentComplete = percentage
                });
                WriteProgress(new ProgressRecord(1, " ", " ")
                {
                    RecordType = ProgressRecordType.Completed
                });
            };
            creationInformation.MessagesDelegate = (message, type) =>
            {
                switch (type)
                {
                case ProvisioningMessageType.Warning:
                {
                    WriteWarning(message);
                    break;
                }

                case ProvisioningMessageType.Progress:
                {
                    var activity = message;
                    if (message.IndexOf("|") > -1)
                    {
                        var messageSplitted = message.Split('|');
                        if (messageSplitted.Length == 4)
                        {
                            var current = double.Parse(messageSplitted[2]);
                            var total   = double.Parse(messageSplitted[3]);
                            subProgressRecord.RecordType        = ProgressRecordType.Processing;
                            subProgressRecord.Activity          = messageSplitted[0];
                            subProgressRecord.StatusDescription = messageSplitted[1];
                            subProgressRecord.PercentComplete   = Convert.ToInt32((100 / total) * current);
                            WriteProgress(subProgressRecord);
                        }
                        else
                        {
                            subProgressRecord.Activity          = "Processing";
                            subProgressRecord.RecordType        = ProgressRecordType.Processing;
                            subProgressRecord.StatusDescription = activity;
                            subProgressRecord.PercentComplete   = 0;
                            WriteProgress(subProgressRecord);
                        }
                    }
                    else
                    {
                        subProgressRecord.Activity          = "Processing";
                        subProgressRecord.RecordType        = ProgressRecordType.Processing;
                        subProgressRecord.StatusDescription = activity;
                        subProgressRecord.PercentComplete   = 0;
                        WriteProgress(subProgressRecord);
                    }
                    break;
                }

                case ProvisioningMessageType.Completed:
                {
                    WriteProgress(new ProgressRecord(1, message, " ")
                        {
                            RecordType = ProgressRecordType.Completed
                        });
                    break;
                }
                }
            };

            if (IncludeAllTermGroups)
            {
                creationInformation.IncludeAllTermGroups = true;
            }
            else
            {
                if (IncludeSiteCollectionTermGroup)
                {
                    creationInformation.IncludeSiteCollectionTermGroup = true;
                }
            }

            if (ParameterSpecified(nameof(ExcludeContentTypesFromSyndication)))
            {
                creationInformation.IncludeContentTypesFromSyndication = !ExcludeContentTypesFromSyndication.ToBool();
            }

            if (ListsToExtract != null && ListsToExtract.Count > 0)
            {
                creationInformation.ListsToExtract.AddRange(ListsToExtract);
            }
            ProvisioningTemplate template = null;
            using (var provisioningContext = new PnPProvisioningContext(async(resource, scope) =>
            {
                return(await TokenRetrieval.GetAccessTokenAsync(resource, scope));
                // if (resource.ToLower().StartsWith("https://"))
                // {
                //     var uri = new Uri(resource);
                //     resource = uri.Authority;
                // }
                // if (resource.ToLower().Contains(".sharepoint."))
                // {
                //     // SharePoint
                //     var authManager = PnPConnection.CurrentConnection.Context.GetContextSettings().AuthenticationManager;
                //     if (authManager != null)
                //     {
                //         var token = await authManager.GetAccessTokenAsync($"https://{resource}");
                //         if (token != null)
                //         {
                //             return token;
                //         }
                //     }
                // }

                // // Get Azure AD Token
                // if (PnPConnection.CurrentConnection != null)
                // {
                //     var graphAccessToken = await PnPConnection.CurrentConnection.TryGetAccessTokenAsync(Enums.TokenAudience.MicrosoftGraph);
                //     if (graphAccessToken != null)
                //     {
                //         // Authenticated using -Graph or using another way to retrieve the accesstoken with Connect-PnPOnline
                //         return graphAccessToken;
                //     }
                // }

                // if (PnPConnection.CurrentConnection.PSCredential != null)
                // {
                //     // Using normal credentials
                //     return await TokenHandler.AcquireTokenAsync(resource, null);
                // }
                // else
                // {
                //     // No token...
                //     if (resource.ToLower().Contains(".sharepoint."))
                //     {
                //         return null;
                //     }
                //     else
                //     {
                //         throw new PSInvalidOperationException($"Your template contains artifacts that require an access token for {resource}. Either connect with a clientid which the appropriate permissions, or use credentials with Connect-PnPOnline after providing consent to the PnP Management Shell application first by executing: Register-PnPManagementShellAccess. See https://pnp.github.io/powershell/articles/authentication.html");
                //     }
                // }
            }))
            {
                template = CurrentWeb.GetProvisioningTemplate(creationInformation);
            }
            // Set metadata for template, if any
            SetTemplateMetadata(template, TemplateDisplayName, TemplateImagePreviewUrl, TemplateProperties);

            if (!OutputInstance)
            {
                var formatter = ProvisioningHelper.GetFormatter(schema);

                if (extension == ".pnp")
                {
                    XMLTemplateProvider provider = new XMLOpenXMLTemplateProvider(
                        creationInformation.FileConnector as OpenXMLConnector);
                    var templateFileName = packageName.Substring(0, packageName.LastIndexOf(".", StringComparison.Ordinal)) + ".xml";

                    provider.SaveAs(template, templateFileName, formatter, TemplateProviderExtensions);
                }
                else if (extension == ".md")
                {
                    WriteWarning("The generation of a markdown report is work in progress, it will improve/grow with later releases.");
                    ITemplateFormatter mdFormatter = new MarkdownPnPFormatter();
                    using (var outputStream = mdFormatter.ToFormattedTemplate(template))
                    {
                        using (var fileStream = File.Create(Path.Combine(path, packageName)))
                        {
                            outputStream.Seek(0, SeekOrigin.Begin);
                            outputStream.CopyTo(fileStream);
                            fileStream.Close();
                        }
                    }
                }
                else
                {
                    if (Out != null)
                    {
                        XMLTemplateProvider provider = new XMLFileSystemTemplateProvider(path, "");
                        provider.SaveAs(template, Path.Combine(path, packageName), formatter, TemplateProviderExtensions);
                    }
                    else
                    {
                        var outputStream = formatter.ToFormattedTemplate(template);
                        var reader       = new StreamReader(outputStream);

                        WriteObject(reader.ReadToEnd());
                    }
                }
            }
            else
            {
                WriteObject(template);
            }
        }

Ejemplo n.º 28

 static TokenRetrieverService()
 {
     AuthHeaderTokenRetriever  = TokenRetrieval.FromAuthorizationHeader();
     QueryStringTokenRetriever = TokenRetrieval.FromQueryString();
 }

Ejemplo n.º 29

Archivo: Startup.cs Proyecto: StanislavChankov/Recruitment

        // This method gets called by the runtime. Use this method to add services to the container.
        public IServiceProvider ConfigureServices(IServiceCollection services)
        {
            services.AddTransient <IHttpContextAccessor, HttpContextAccessor>();
            services.AddSingleton <ICustomTokenRequestValidator, ClientCredentialsTokenRequestValidator>();
            services.AddTransient <IProfileService, IdentityProfileService>();
            AddIdentityDependencies(services);

            services.AddMemoryCache();

            services
            .AddIdentityServer()
            .AddDeveloperSigningCredential()
            .AddProfileService <IdentityProfileService>()
            .AddResourceOwnerValidator <ResourceOwnerPasswordValidator>()
            .AddCustomTokenRequestValidator <ClientCredentialsTokenRequestValidator>()
            .AddInMemoryCaching();

            services
            .AddCors(options => options.AddPolicy("AllowAll", p =>
                                                  p.AllowAnyOrigin()
                                                  .AllowAnyMethod()
                                                  .AllowAnyHeader()));

            services.AddAuthorizationHandler <ApiAuthorizationProvider>();

            services
            .AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
            .AddIdentityServerAuthentication(options =>
            {
                options.Authority            = Configuration[Constants.SETTINGS_KEY_IDENITY_URL];
                options.ApiName              = IdentityServerConstants.RECRUITMENT_API;
                options.ApiSecret            = IdentityServerConstants.RECRUITMENT_API_SECRET;
                options.RequireHttpsMetadata = false;
                options.RoleClaimType        = JwtClaimTypes.ClientId;
                options.SupportedTokens      = SupportedTokens.Both;
                options.TokenRetriever       = request =>
                {
                    string token = TokenRetrieval.FromAuthorizationHeader()(request);

                    if (string.IsNullOrWhiteSpace(token))
                    {
                        token = TokenRetrieval.FromQueryString()(request);
                    }

                    return(token);
                };
            });

            services
            .AddDbContextPool <ApplicationDbContext>(builder =>
            {
                builder.UseLoggerFactory(new LoggerFactory(new[] { new DebugLoggerProvider() }));
                builder.UseSqlServer(Configuration.GetConnectionString("LocalConnection"));
            });

            AddSwagger(services);

            services.AddAuthorization();

            services.AddMvc();

            services.AddAuthorizationHandler <AuthorizationProvider, RoleActions>();

            return(services.CreateDIProvider());
        }

Ejemplo n.º 30

Archivo: Startup.cs Proyecto: brucezhang80/core

        public void Configure(
            IApplicationBuilder app,
            IHostingEnvironment env,
            ILoggerFactory loggerFactory,
            IApplicationLifetime appLifetime,
            GlobalSettings globalSettings)
        {
            if (env.IsProduction())
            {
                Func <LogEvent, bool> serilogFilter = (e) =>
                {
                    var context = e.Properties["SourceContext"].ToString();
                    if (e.Exception != null && e.Exception.GetType() == typeof(SecurityTokenValidationException) || e.Exception.Message == "Bad security stamp.")
                    {
                        return(false);
                    }

                    if (context == typeof(IpRateLimitMiddleware).FullName && e.Level == LogEventLevel.Information)
                    {
                        return(true);
                    }

                    return(e.Level >= LogEventLevel.Error);
                };

                var serilog = new LoggerConfiguration()
                              .Enrich.FromLogContext()
                              .Filter.ByIncludingOnly(serilogFilter)
                              .WriteTo.AzureDocumentDB(new Uri(globalSettings.DocumentDb.Uri), globalSettings.DocumentDb.Key,
                                                       timeToLive: TimeSpan.FromDays(7))
                              .CreateLogger();

                loggerFactory.AddSerilog(serilog);
                appLifetime.ApplicationStopped.Register(Log.CloseAndFlush);
            }

            loggerFactory.AddDebug();

            // Rate limiting
            app.UseMiddleware <CustomIpRateLimitMiddleware>();

            // Add static files to the request pipeline.
            app.UseStaticFiles();

            // Add Cors
            app.UseCors("All");

            // Add IdentityServer to the request pipeline.
            app.UseIdentityServer();
            app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
            {
                AllowedScopes        = new string[] { "api" },
                Authority            = env.IsProduction() ? "https://api.bitwarden.com" : "http://localhost:4000",
                RequireHttpsMetadata = env.IsProduction(),
                ApiName       = "api",
                NameClaimType = ClaimTypes.Email,
                // Version "2" until we retire the old jwt scheme and replace it with this one.
                AuthenticationScheme = "Bearer2",
                TokenRetriever       = TokenRetrieval.FromAuthorizationHeaderOrQueryString("Bearer2", "access_token2")
            });

            // Add Jwt authentication to the request pipeline.
            app.UseJwtBearerIdentity();

            // Add current context
            app.UseMiddleware <CurrentContextMiddleware>();

            // Add MVC to the request pipeline.
            app.UseMvc();
        }