public static HttpConfiguration Configure(IdentityAdminOptions options)
{
if (options == null) throw new ArgumentNullException("idAdminConfig");
var config = new HttpConfiguration();
config.MessageHandlers.Insert(0, new KatanaDependencyResolver());
config.MapHttpAttributeRoutes();
if (!options.DisableUserInterface)
{
config.Routes.MapHttpRoute(Constants.RouteNames.Home,
"",
new { controller = "AdminPage", action = "Index" });
config.Routes.MapHttpRoute(Constants.RouteNames.Logout,
"logout",
new { controller = "AdminPage", action = "Logout" });
}
config.SuppressDefaultHostAuthentication();
if (!options.DisableSecurity)
{
config.Filters.Add(new HostAuthenticationAttribute(options.AdminSecurityConfiguration.BearerAuthenticationType));
config.Filters.Add(new AuthorizeAttribute() { Roles = options.AdminSecurityConfiguration.AdminRoleName });
}
config.Formatters.Remove(config.Formatters.XmlFormatter);
config.Formatters.Remove(config.Formatters.FormUrlEncodedFormatter);
config.Formatters.JsonFormatter.SerializerSettings.ContractResolver =
new Newtonsoft.Json.Serialization.CamelCasePropertyNamesContractResolver();
config.Services.Add(typeof(IExceptionLogger), new LogProviderExceptionLogger());
return config;
}
public static IContainer Configure(IdentityAdminOptions config)
{
if (config == null)
{
throw new ArgumentNullException("config");
}
var builder = new ContainerBuilder();
builder.RegisterInstance(config);
builder.Register(config.Factory.ClientService);
builder.Register(config.Factory.IdentityResourceService);
builder.Register(config.Factory.ApiResourceService);
builder.Register(c => new OwinEnvironmentService(c.Resolve <IOwinContext>()));
builder.RegisterApiControllers(typeof(AutofacConfig).Assembly);
foreach (var registration in config.Factory.Registrations)
{
builder.Register(registration, registration.Name);
}
var container = builder.Build();
return(container);
}
public EmbeddedHtmlResult(HttpRequestMessage request, string file, IdentityAdminOptions adminOptions)
{
var pathbase = request.GetOwinContext().Request.PathBase;
this.path = pathbase.Value;
this.file = file;
this.authorization_endpoint = pathbase + Constants.AuthorizePath;
this._adminOptions = adminOptions;
}
public static void UseIdentityAdmin(this IAppBuilder app, IdentityAdminOptions options)
{
if (app == null) throw new ArgumentNullException("app");
if (options == null) throw new ArgumentNullException("config");
app.SetLoggerFactory(new LibLogLoggerFactory());
Logger.Info("Starting IdentityAdmin configuration");
options.Validate();
app.Use(async (ctx, next) =>
{
if (!ctx.Request.Scheme.Equals("https", StringComparison.OrdinalIgnoreCase) &&
options.AdminSecurityConfiguration.RequireSsl)
{
ctx.Response.Write("HTTPS required");
}
else
{
await next();
}
});
var container = AutofacConfig.Configure(options);
app.Use<AutofacContainerMiddleware>(container);
if (!options.DisableSecurity)
{
options.AdminSecurityConfiguration.Configure(app);
}
if (!options.DisableUserInterface)
{
app.UseFileServer(new FileServerOptions
{
RequestPath = new PathString("/assets"),
FileSystem = new EmbeddedResourceFileSystem(typeof(IdentityAdminAppBuilderExtensions).Assembly, "IdentityAdmin.Assets")
});
app.UseFileServer(new FileServerOptions
{
RequestPath = new PathString("/assets/libs/fonts"),
FileSystem = new EmbeddedResourceFileSystem(typeof(IdentityAdminAppBuilderExtensions).Assembly, "IdentityAdmin.Assets.Content.fonts")
});
app.UseStageMarker(PipelineStage.MapHandler);
}
SignatureConversions.AddConversions(app);
app.UseWebApi(WebApiConfig.Configure(options));
app.UseStageMarker(PipelineStage.MapHandler);
// clears out the OWIN logger factory so we don't recieve other hosting related logs
app.Properties["server.LoggerFactory"] = null;
}
public static HttpConfiguration Configure(IdentityAdminOptions options)
{
if (options == null)
{
throw new ArgumentNullException("idAdminConfig");
}
var config = new HttpConfiguration();
config.MessageHandlers.Insert(0, new KatanaDependencyResolver());
config.MapHttpAttributeRoutes();
if (!options.DisableUserInterface)
{
config.Routes.MapHttpRoute(Constants.RouteNames.Home,
"",
new { controller = "AdminPage", action = "Index" });
config.Routes.MapHttpRoute(Constants.RouteNames.Logout,
"logout",
new { controller = "AdminPage", action = "Logout" });
}
config.SuppressDefaultHostAuthentication();
if (!options.DisableSecurity)
{
config.Filters.Add(new HostAuthenticationAttribute(options.AdminSecurityConfiguration.BearerAuthenticationType));
config.Filters.Add(new AuthorizeAttribute()
{
Roles = options.AdminSecurityConfiguration.AdminRoleName
});
}
config.Formatters.Remove(config.Formatters.XmlFormatter);
config.Formatters.Remove(config.Formatters.FormUrlEncodedFormatter);
config.Formatters.JsonFormatter.SerializerSettings.ContractResolver =
new Newtonsoft.Json.Serialization.CamelCasePropertyNamesContractResolver();
config.Services.Add(typeof(IExceptionLogger), new LogProviderExceptionLogger());
return(config);
}
public void Configuration(IAppBuilder appBuilder)
{
Log.Logger = new LoggerConfiguration()
.WriteTo.Trace(outputTemplate: "{Timestamp} [{Level}] ({Name}){NewLine} {Message}{NewLine}{Exception}")
.CreateLogger();
JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary<string, string>();
appBuilder.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = "Cookies",
LoginPath = new PathString("/Home/Login")
});
appBuilder.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
AuthenticationType = "oidc",
Authority = "https://localhost:44333",
ClientId = "idmgr_and_idadmin",
RedirectUri = "https://localhost:44333",
ResponseType = "id_token",
UseTokenLifetime = false,
Scope = "openid idmgr idAdmin",
SignInAsAuthenticationType = "Cookies",
Notifications = new OpenIdConnectAuthenticationNotifications
{
SecurityTokenValidated = n =>
{
n.AuthenticationTicket.Identity.AddClaim(new Claim("id_token", n.ProtocolMessage.IdToken));
return Task.FromResult(0);
},
RedirectToIdentityProvider = async n =>
{
if (n.ProtocolMessage.RequestType == Microsoft.IdentityModel.Protocols.OpenIdConnectRequestType.LogoutRequest)
{
var result = await n.OwinContext.Authentication.AuthenticateAsync("Cookies");
if (result != null)
{
var id_token = result.Identity.Claims.GetValue("id_token");
if (id_token != null)
{
n.ProtocolMessage.IdTokenHint = id_token;
n.ProtocolMessage.PostLogoutRedirectUri = "https://localhost:44333";
}
}
}
}
}
});
var connString = ConfigurationManager.ConnectionStrings["IdSvr3Config"].ConnectionString;
// Identity admin
appBuilder.Map("/adm", adminApp =>
{
var idAdminOptions = new IdentityAdminOptions
{
Factory = ConfigIdentityServerAdmin.Factory.Configure(connString),
AdminSecurityConfiguration = new IdentityAdmin.Configuration.AdminHostSecurityConfiguration()
{
HostAuthenticationType = IdentityAdmin.Constants.CookieAuthenticationType,
AdminRoleName = "IdentityServerAdmin",
NameClaimType = "name",
RoleClaimType = "role",
}
};
adminApp.UseIdentityAdmin(idAdminOptions);
});
//Identity manager
appBuilder.Map("/idm", adminApp =>
{
var idManagerOptions = new IdentityManagerOptions
{
Factory = ConfigIdentityManager.Factory.Configure(connString),
SecurityConfiguration = new HostSecurityConfiguration()
{
HostAuthenticationType = IdentityManager.Constants.CookieAuthenticationType,
AdminRoleName = "IdentityManagerAdmin",
NameClaimType = "name",
RoleClaimType = "role",
}
};
adminApp.UseIdentityManager(idManagerOptions);
});
// Identity server
appBuilder.Map("/ids", adminApp =>
{
var idsrvOptions = new IdentityServerOptions
{
Factory = ConfigIdentityServer.Factory.Configure(connString),
SigningCertificate = Certificate.Get(),
RequireSsl = true
};
appBuilder.UseIdentityServer(idsrvOptions);
});
}
public AdminPageController(IdentityAdminOptions identityAdminOptions)
{
if (identityAdminOptions == null) throw new ArgumentNullException("identityAdminOptions");
this._identityAdminOptions = identityAdminOptions;
}
public void Configuration(IAppBuilder app)
{
var options = new IdentityServerOptions
{
SiteName = "IdentityServer3 (RavenDB)",
SigningCertificate = Certificate.Get(),
Factory = Factory.Configure(),
RequireSsl = false
};
#region TEST
app.UseCookieAuthentication(new Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions { AuthenticationType = "Cookies", });
app.UseOpenIdConnectAuthentication(new Microsoft.Owin.Security.OpenIdConnect.OpenIdConnectAuthenticationOptions
{
AuthenticationType = "oidc",
Authority = "http://localhost:9921/core",
ClientId = "idAdmin",
RedirectUri = "http://localhost:9921",
ResponseType = "id_token",
UseTokenLifetime = false,
Scope = "openid idAdmin",
SignInAsAuthenticationType = "Cookies",
Notifications = new Microsoft.Owin.Security.OpenIdConnect.OpenIdConnectAuthenticationNotifications
{
SecurityTokenValidated = n =>
{
n.AuthenticationTicket.Identity.AddClaim(new Claim("id_token", n.ProtocolMessage.IdToken));
return Task.FromResult(0);
},
RedirectToIdentityProvider = async n =>
{
if (n.ProtocolMessage.RequestType == Microsoft.IdentityModel.Protocols.OpenIdConnectRequestType.LogoutRequest)
{
var result = await n.OwinContext.Authentication.AuthenticateAsync("Cookies");
if (result != null)
{
var id_token = result.Identity.Claims.GetValue("id_token");
if (id_token != null)
{
n.ProtocolMessage.IdTokenHint = id_token;
n.ProtocolMessage.PostLogoutRedirectUri = "http://localhost:9921/admin";
}
}
}
}
}
});
#endregion
app.Map(
"/core",
coreApp =>
{
coreApp.UseIdentityServer(options);
});
var adminFactory = new IdentityAdminServiceFactory
{
IdentityAdminService = new IdentityAdmin.Configuration.Registration<IIdentityAdminService>(new IdentityAdminService(Factory.RavenConfig.Store))
};
var adminOptions = new IdentityAdminOptions
{
Factory = adminFactory,
AdminSecurityConfiguration = new AdminHostSecurityConfiguration { HostAuthenticationType = "Cookies" }
};
adminOptions.AdminSecurityConfiguration.RequireSsl = false;
app.Map("/admin", adminApp =>
{
adminApp.UseIdentityAdmin(adminOptions);
});
}
