public async Task <string> GetToken(string subjectId, string deviceId, string secret) { var request = new TokenCreationRequest(); var identityUser = new IdentityServerUser(subjectId); identityUser.DisplayName = deviceId; identityUser.AuthenticationTime = System.DateTime.UtcNow; identityUser.IdentityProvider = IdentityServerConstants.LocalIdentityProvider; request.Subject = identityUser.CreatePrincipal(); request.IncludeAllIdentityClaims = true; request.ValidatedRequest = new ValidatedRequest(); request.ValidatedRequest.Subject = request.Subject; request.ValidatedRequest.SetClient(new Client() { ClientId = deviceId, AllowedGrantTypes = GrantTypes.ClientCredentials, ClientSecrets = { new Secret(secret.Sha256()) } }); request.Resources = new Resources(IdentityServerConfig.GetIdentityResources(), IdentityServerConfig.GetApiResources()); request.ValidatedRequest.Options = _options; request.ValidatedRequest.ClientClaims = identityUser.AdditionalClaims; var token = await _tokenService.CreateAccessTokenAsync(request); var tokenValue = await _tokenService.CreateSecurityTokenAsync(token); return(tokenValue); }
public void ConfigureServices(IServiceCollection services) { var identityServerSettings = _config.GetSection(IdentityServerSettings.SectionName); var identityServerUri = identityServerSettings.GetValue <string>(nameof(IdentityServerSettings.Uri)); services.AddOptions(); services.Configure <IdentityServerSettings>(identityServerSettings); services.AddControllers(); services.AddIdentityServer() .AddDeveloperSigningCredential() .AddInMemoryApiResources(IdentityServerConfig.GetApiResources()) .AddInMemoryClients(IdentityServerConfig.GetClients()); services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddIdentityServerAuthentication(options => { options.Authority = identityServerUri; options.RequireHttpsMetadata = false; options.ApiName = IdentityServerConfig.MyClientId; }); services.AddAuthorization(); services.AddHttpClient(); services.AddResponseCompression(); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { // Add DB context services.AddDbContext <ApplicationDbContext>(options => options.UseSqlite(Configuration.GetConnectionString("DefaultConnection"))); // Add Identity services.AddIdentity <ApplicationUser, IdentityRole>() .AddEntityFrameworkStores <ApplicationDbContext>() .AddDefaultTokenProviders(); // Add IdentityServer services.AddIdentityServer(/*options => * { * options.Events.RaiseSuccessEvents = true; * options.Events.RaiseFailureEvents = true; * options.Events.RaiseErrorEvents = true; * }*/) .AddTemporarySigningCredential() .AddInMemoryIdentityResources(IdentityServerConfig.GetIdentityResources()) .AddInMemoryApiResources(IdentityServerConfig.GetApiResources()) .AddInMemoryClients(IdentityServerConfig.GetClients()) .AddAspNetIdentity <ApplicationUser>(); // Add framework services. services.AddMvc(); }
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IWebHostEnvironment env, ILogger <Startup> logger) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } IdentityServerConfig config = Configuration .GetSection("IdentityServer").Get <IdentityServerConfig>(); //app.UseHttpsRedirection(); logger.LogWarning("Variables de IS4 " + JsonConvert.SerializeObject(config)); app.UseRouting(); app.UseMetricServer(); //Enviar trazas HTTP app.UseHttpMetrics(); app.UseAuthorization(); app.UseEndpoints(endpoints => { endpoints.MapControllers(); }); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { string valor = Configuration.GetValue <string>("UrlApiCliente"); ///logger.LogError("Llego UrlApiCliente " + valor); IdentityServerConfig config = Configuration .GetSection("IdentityServer").Get <IdentityServerConfig>(); services.Configure <IdentityServerConfig> (Configuration.GetSection("IdentityServer")); //Usado para poder generar los Transient dinamicamente services.TryAddSingleton <IHttpContextAccessor, HttpContextAccessor>(); services.AddTransient <ITokenAdapter, TokenAdapter>(); services.AddTransient <ICustomerServices>(serviceProvider => { var context = serviceProvider.GetRequiredService <IHttpContextAccessor>().HttpContext; var header = context.Request.Headers["protocol"]; if (string.IsNullOrEmpty(header) || header == "http") { return(new CustomerHttpServices (serviceProvider.GetService <IConfiguration>())); } else { return(new CustomerGrpcServices( serviceProvider.GetService <ITokenAdapter>(), serviceProvider.GetService <IConfiguration>() )); } }); services.AddControllers(); }
public override object ReadJson(JsonReader reader, Type objectType, object existingValue, JsonSerializer serializer) { var jsonObject = JObject.Load(reader); var setting = default(IAuthenticationConfig); if (jsonObject["Provider"] != null) { switch (jsonObject["Provider"].Value <string>()) { case "Jwt": setting = new JwtConfig( jsonObject["Authority"].Value <string>(), jsonObject["Audience"].Value <string>()); break; default: setting = new IdentityServerConfig( jsonObject["ProviderRootUrl"].Value <string>(), jsonObject["ApiName"].Value <string>(), jsonObject["RequireHttps"].Value <bool>(), jsonObject["ApiSecret"].Value <string>()); break; } } else { setting = new IdentityServerConfig(string.Empty, string.Empty, false, string.Empty); } serializer.Populate(jsonObject.CreateReader(), setting); return(setting); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services .AddIdentityServer(options => // 注册IdentityServer4 { options.Events.RaiseErrorEvents = true; options.Events.RaiseInformationEvents = true; options.Events.RaiseFailureEvents = true; options.Events.RaiseSuccessEvents = true; }) // 注册IdentityServer4 .AddDeveloperSigningCredential() // 采用开发者凭证 .AddInMemoryApiResources(IdentityServerConfig.GetApiResources()) // 添加Api资源 .AddInMemoryClients(IdentityServerConfig.GetClients()) // 添加客户端 .AddInMemoryIdentityResources(IdentityServerConfig.GetIdentityResources()); // 添加身份资源 // .AddResourceOwnerValidator<MyResourceOwnerValidator>(); //.AddTestUsers(new List<IdentityServer4.Test.TestUser>() // 添加测试用户 //{ // new IdentityServer4.Test.TestUser () // { // Username = "******", // Password = "******", // SubjectId = "999" // } //}); // 注册服务发现服务 //services.AddConsulServiceDiscovery(); services.AddControllers(); }
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure( IApplicationBuilder app, IWebHostEnvironment env, ILogger <Startup> logger) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } IdentityServerConfig config = Configuration .GetSection("IdentityServer").Get <IdentityServerConfig>(); logger.LogWarning("Llego IdentityServer " + Newtonsoft.Json.JsonConvert.SerializeObject(config)); //app.UseHttpsRedirection(); app.UseRouting(); app.UseAuthentication(); app.UseAuthorization(); app.UseEndpoints(endpoints => { endpoints.MapGrpcService <BancaServerGrpc>(); endpoints.MapControllers().RequireAuthorization("Apiscope"); }); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { IdentityServerConfig identityConfig = Configuration.GetSection("IdentityServer").Get <IdentityServerConfig>(); string cadena = Configuration.GetValue <string>("ConnectionStrings:BDCliente"); services.AddDbContext <ClienteContext>(options => { options.UseSqlServer(cadena); }); services.AddScoped <IClienteServices, ClienteServices>(); services.AddScoped <ICuentaServices, CuentaServices>(); services.AddControllers(); services.AddGrpc(); services.AddAuthentication("Bearer") .AddJwtBearer("Bearer", options => { options.Authority = identityConfig.UrlServer; options.RequireHttpsMetadata = false; options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters { ValidateAudience = false, ValidateIssuer = false }; }); services.AddAuthorization(opt => { opt.AddPolicy("Apiscope", pol => { pol.RequireAuthenticatedUser(); pol.RequireClaim("scope", identityConfig.ResourceId); }); }); }
public UsersService(UserManager <User> userManager, IOptions <IdentityServerConfig> config, IHttpClientFactory httpClientFactory) { _userManager = userManager; _client = httpClientFactory.CreateClient(); _config = config.Value; }
public IServiceProvider ConfigureServices(IServiceCollection services) { // MVC services.AddMvc( options => options.Filters.Add(new AutoValidateAntiforgeryTokenAttribute()) ); IdentityRegistrar.Register(services); services.AddIdentityServer() .AddDeveloperSigningCredential() .AddInMemoryIdentityResources(IdentityServerConfig.GetIdentityResources()) .AddInMemoryApiResources(IdentityServerConfig.GetApiResources()) .AddInMemoryClients(IdentityServerConfig.GetClients()) .AddAbpPersistedGrants <IAbpPersistedGrantDbContext>() .AddAbpIdentityServer <User>();; AuthConfigurer.Configure(services, _appConfiguration); services.AddScoped <IWebResourceManager, WebResourceManager>(); #if FEATURE_SIGNALR_ASPNETCORE services.AddSignalR(); #endif // Configure Abp and Dependency Injection return(services.AddAbp <ArkiaIdentityWebMvcModule>( // Configure Log4Net logging options => options.IocManager.IocContainer.AddFacility <LoggingFacility>( f => f.UseAbpLog4Net().WithConfig("log4net.config") ) )); }
public static void AddCustomIdentityServer(this IServiceCollection serviceCollection, IConfiguration configuration, IWebHostEnvironment environment) { var builder = serviceCollection.AddIdentityServer() .AddInMemoryIdentityResources(IdentityServerConfig.GetIdentityResources()) .AddInMemoryApiResources(IdentityServerConfig.GetApis()) .AddInMemoryApiScopes(IdentityServerConfig.GetApiScopes()) .AddInMemoryClients(IdentityServerConfig.GetClients()) .AddInMemoryPersistedGrants() .AddInMemoryCaching() .AddProfileService <ProfileService>(); if (environment.IsDevelopment()) { builder.AddDeveloperSigningCredential(); } else { builder.AddSigningCredential(new X509Certificate2( configuration.GetValue <string>("IdentityServer:Certificates:Path"), configuration.GetValue <string>("IdentityServer:Certificates:Secret"))); } serviceCollection.AddTransient <IResourceOwnerPasswordValidator, ResourceOwnerPasswordValidator>(); serviceCollection.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme) .AddIdentityServerAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme, x => { x.Authority = configuration.GetValue <string>("IdentityServer:Authority"); x.ApiName = configuration.GetValue <string>("IdentityServer:ApiName"); x.RequireHttpsMetadata = configuration.GetValue <bool>("IdentityServer:RequireHttpsMetadata"); x.RoleClaimType = ClaimTypes.Role; }); }
private void InitializeDatabase(IApplicationBuilder app) { var clientUrls = new Dictionary <string, string> { ["Mvc"] = Configuration["ClientUrl:Mvc"], ["Admin"] = Configuration["ClientUrl:Admin"], }; using (var serviceScope = app.ApplicationServices.GetService <IServiceScopeFactory>().CreateScope()) { serviceScope.ServiceProvider.GetRequiredService <PersistedGrantDbContext>().Database.Migrate(); var context = serviceScope.ServiceProvider.GetRequiredService <ConfigurationDbContext>(); context.Database.Migrate(); if (!context.Clients.Any()) { foreach (var client in IdentityServerConfig.Clients(clientUrls)) { context.Clients.Add(client.ToEntity()); } context.SaveChanges(); } if (!context.IdentityResources.Any()) { foreach (var resource in IdentityServerConfig.Ids) { context.IdentityResources.Add(resource.ToEntity()); } context.SaveChanges(); } if (!context.ApiResources.Any()) { foreach (var resource in IdentityServerConfig.Apis) { context.ApiResources.Add(resource.ToEntity()); } context.SaveChanges(); } if (!context.ApiScopes.Any()) { foreach (var resource in IdentityServerConfig.ApiScopes) { context.ApiScopes.Add(resource.ToEntity()); } context.SaveChanges(); } } }
// This method gets called by the runtime. Use this method to add services to the container. // For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940 public void ConfigureServices(IServiceCollection services) { services.AddControllersWithViews(); services.AddDbContext <CosmosContext>( options => { options.UseSqlServer( Configuration.GetConnectionString("CosmosContextConnection")); }); services.AddIdentity <CosmosUser, CosmosRole>() .AddEntityFrameworkStores <CosmosContext>() .AddDefaultTokenProviders(); services.AddOptions(); services.Configure <AppSettings>(Configuration); var defaultSigning = Configuration["SigningCertificate:Default"]; if (defaultSigning == null || defaultSigning == "true") { services.AddIdentityServer(options => { options.PublicOrigin = Configuration["BaseUrls:Sts"]; //Info: For load balancing scenarios options.Events.RaiseErrorEvents = true; options.Events.RaiseInformationEvents = true; options.Events.RaiseFailureEvents = true; options.Events.RaiseSuccessEvents = true; }) .AddDeveloperSigningCredential() // Info: During Dev --> use dev cert .AddInMemoryIdentityResources(IdentityServerConfig.GetIdentityResources()) .AddInMemoryApiResources(IdentityServerConfig.GetApiResources()) .AddAspNetIdentity <CosmosUser>() .AddProfileService <CosmosProfileService>() .AddClientStore <CosmosClientStore>(); } else { services.AddIdentityServer(options => options.PublicOrigin = Configuration["BaseUrls:Sts"]) // For load balancing scenarios .AddSigningCredential(IdentityServerConfig.GetSigningCertificate(Configuration["SigningCertificate:Name"], Configuration["SigningCertificate:Password"])) .AddInMemoryIdentityResources(IdentityServerConfig.GetIdentityResources()) .AddInMemoryApiResources(IdentityServerConfig.GetApiResources()) .AddAspNetIdentity <CosmosUser>() .AddProfileService <CosmosProfileService>() .AddClientStore <CosmosClientStore>(); } services.AddScoped <IProfileService, CosmosProfileService>(); services.AddSingleton <IClientStore, CosmosClientStore>(); services.AddCors(); //Info: The below are load balancing scenarios services.Configure <ForwardedHeadersOptions>(options => { options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto; options.RequireHeaderSymmetry = false; options.KnownNetworks.Clear(); options.KnownProxies.Clear(); }); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddIdentityServer() .AddDeveloperSigningCredential() .AddInMemoryApiResources(IdentityServerConfig.GetApiResources()) //配置资源 .AddInMemoryClients(IdentityServerConfig.GetClients()); //配置客户端 services.AddMvc(); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddIdentityServer() //配置id4(跟物业说我现在需要给顾客分配钥匙) .AddInMemoryApiResources(IdentityServerConfig.GetApiResources()) //配置允许请求的api(告诉物业我家里的哪些东西可以让顾客使用) .AddInMemoryClients(IdentityServerConfig.GetClients()) //配置允许哪些client请求(告诉物业满足什么条件的顾客才可以拿到我家的钥匙) .AddDeveloperSigningCredential(); services.AddControllers(); }
public static void AddIdentityServerCustom(this IServiceCollection services, IConfiguration configuration) { var clientUrls = new Dictionary <string, string> { ["Mvc"] = configuration["ClientUrl:Mvc"], ["Admin"] = configuration["ClientUrl:Admin"], }; var connectionString = configuration.GetConnectionString("ApplicationConnection"); var assembly = typeof(Startup).Assembly.GetName().Name; services.AddIdentity <IdentityUser, IdentityRole>(options => { options.Password.RequireDigit = false; options.Password.RequiredLength = 6; options.Password.RequireNonAlphanumeric = false; options.Password.RequireUppercase = false; }) .AddEntityFrameworkStores <ApplicationDbContext>() .AddDefaultTokenProviders(); services.ConfigureApplicationCookie(config => { // config.Cookie.Name = "server"; config.LoginPath = "/Auth/Login"; config.LogoutPath = "/Auth/Logout"; }); services.AddIdentityServer(options => { options.Events.RaiseErrorEvents = true; options.Events.RaiseInformationEvents = true; options.Events.RaiseFailureEvents = true; options.Events.RaiseSuccessEvents = true; }) .AddAspNetIdentity <IdentityUser>() // .AddConfigurationStore(options => // { // options.ConfigureDbContext = b => b.UseSqlServer(connectionString, // sql => sql.MigrationsAssembly(assembly)); // }) // .AddOperationalStore(options => // { // options.ConfigureDbContext = b => // b.UseSqlServer(connectionString, sql => // sql.MigrationsAssembly(assembly)); // }) .AddProfileService <ProfileService>() .AddInMemoryIdentityResources(IdentityServerConfig.Ids) .AddInMemoryApiResources(IdentityServerConfig.Apis) .AddInMemoryClients(IdentityServerConfig.Clients(clientUrls)) .AddInMemoryApiScopes(IdentityServerConfig.ApiScopes) .AddDeveloperSigningCredential(); // .AddTestUsers(TestUsers.Users) }
public UserService( IUserStore <T> userStore, IPasswordHasher <T> passwordHasher, IOptions <IdentityServerConfig> options) { _userStore = userStore; _passwordHasher = passwordHasher; _options = options.Value; }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddCors(); services.AddIdentityServer() .AddDeveloperSigningCredential() .AddInMemoryClients(IdentityServerConfig.GetClients()) .AddInMemoryApiResources(IdentityServerConfig.GetApiResources()) .AddInMemoryIdentityResources(IdentityServerConfig.GetIdentityResources()) .AddTestUsers(IdentityServerConfig.GetUsers()); }
public static IApplicationBuilder UseIdentityServerConfigs(this IApplicationBuilder app) { using var serviceScope = app.ApplicationServices.GetService <IServiceScopeFactory>().CreateScope(); var context = serviceScope.ServiceProvider.GetRequiredService <ConfigurationDbContext>(); IdentityServerConfig.SaveIdentityResources(context); IdentityServerConfig.SaveApis(context); IdentityServerConfig.SaveClients(context); return(app); }
public void Configuration(IAppBuilder app) { //var fileName = $@"{AppDomain.CurrentDomain.BaseDirectory}Logging\\Log.txt"; //Log.Logger = new LoggerConfiguration() // .WriteTo.RollingFile(fileName) // .CreateLogger(); IdentityServerConfig.ConfigureIdentityServer(app); }
public IEnumerable <User> GetUsers() { return (IdentityServerConfig.GetUsers().Select(o => new User { Email = o.Claims.Single(claim => claim.Type == "email").Value, Id = o.Subject, UserName = o.Username })); }
// This method gets called by the runtime. Use this method to add services to the container. // For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940 public void ConfigureServices(IServiceCollection services) { services.AddIdentityServer() .AddDeveloperSigningCredential() .AddInMemoryIdentityResources(IdentityServerConfig.GetIdentityResourceResources()) .AddInMemoryApiResources(IdentityServerConfig.GetApiResources()) .AddInMemoryClients(IdentityServerConfig.GetClients()) .AddResourceOwnerValidator <ResourceOwnerPasswordValidator>() .AddProfileService <ProfileService>(); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddControllersWithViews(); // configure identity server with in-memory stores, keys, clients and scopes services.AddIdentityServer() .AddDeveloperSigningCredential() .AddInMemoryIdentityResources(IdentityServerConfig.GetIdentityResources()) .AddInMemoryClients(IdentityServerConfig.GetClients()) .AddTestUsers(IdentityServerConfig.GetUsers()); }
public static IHost MigrateDatabase(this IHost host) { using (var scope = host.Services.CreateScope()) { scope.ServiceProvider .GetRequiredService <PersistedGrantDbContext>() .Database .Migrate(); using (var context = scope.ServiceProvider .GetRequiredService <ConfigurationDbContext>()) { try { context.Database.Migrate(); if (!context.Clients.Any()) { foreach (var client in IdentityServerConfig.GetClients()) { context.Clients.Add(client.ToEntity()); } context.SaveChanges(); } if (!context.IdentityResources.Any()) { foreach (var resource in IdentityServerConfig.GetIdentityResources()) { context.IdentityResources.Add(resource.ToEntity()); } context.SaveChanges(); } if (!context.ApiResources.Any()) { foreach (var apiScope in IdentityServerConfig.GetApiResources()) { context.ApiResources.Add(apiScope.ToEntity()); } context.SaveChanges(); } } catch (Exception ex) { //Log errors or do anything you think it's needed throw; } } } return(host); }
public static void AddIdentityServerConfig(this IServiceCollection services, AuthSettings authSettings) { services.AddIdentityServer(options => { options.Events.RaiseErrorEvents = true; // options.Events.RaiseFailureEvents = true; options.Events.RaiseInformationEvents = true; options.Events.RaiseSuccessEvents = true; options.UserInteraction.LoginUrl = $"{authSettings.Authority}/auth/login"; options.UserInteraction.LogoutUrl = $"{authSettings.Authority}/auth/logout"; options.IssuerUri = authSettings.Authority; }) .AddDeveloperSigningCredential() .AddJwtBearerClientAuthentication() .AddInMemoryIdentityResources(IdentityServerConfig.GetIdentityResources()) .AddInMemoryApiResources(IdentityServerConfig.GetApiResources()) .AddInMemoryApiScopes(IdentityServerConfig.GetScopes()) .AddInMemoryClients(authSettings.Clients) .AddAspNetIdentity <User>(); services.AddAuthentication() .AddIdentityServerAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme, options => { options.Authority = authSettings.Authority; options.SaveToken = true; options.RequireHttpsMetadata = false; if (!authSettings.MetadataAddress.IsEmpty()) { options.MetadataAddress = authSettings.MetadataAddress; } options.TokenValidationParameters = new TokenValidationParameters { ValidateAudience = false, ValidateIssuerSigningKey = false, ValidateIssuer = false, NameClaimType = "name", RoleClaimType = "role" }; }, null) .AddGoogle(options => { options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme; options.ClientId = authSettings.GoogleSettings.ClientId; options.ClientSecret = authSettings.GoogleSettings.ClientSecret; }); services.AddAuthorization(); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { // configure identity server with in-memory stores, keys, clients and scopes services.AddIdentityServer() .AddDeveloperSigningCredential() .AddInMemoryIdentityResources(IdentityServerConfig.GetIdentityResources()) // 身份资源 .AddInMemoryApiResources(IdentityServerConfig.GetApiResources()) // api资源 .AddInMemoryClients(IdentityServerConfig.GetClients()) // Client资源 //.AddTestUsers(IdentityServerConfig.GetUsers()) // 测试用户数据 .AddResourceOwnerValidator <ResourceOwnerPasswordValidator>() // 校验器 .AddProfileService <ProfileService>(); // }
public void ConfigureServices(IServiceCollection services) { if (NancyWebAppConfig.IdentityServerEnabled) { services .AddIdentityServer() .AddTemporarySigningCredential() .AddInMemoryApiResources(IdentityServerConfig.GetApiResources()) .AddInMemoryClients(IdentityServerConfig.GetClients()) .AddInMemoryUsers(IdentityServerConfig.GetUsers()); } }
public static void RegisterAccountDependencies(this IServiceCollection services, IConfiguration configuration, bool isProduction) { services.AddIdentity <ApplicationUser, IdentityRole>() .AddEntityFrameworkStores <IdentityContext>() .AddDefaultTokenProviders(); var builder = services.AddIdentityServer(options => { options.IssuerUri = "null"; options.UserInteraction.LoginUrl = "/Accounts/SignIn"; options.UserInteraction.LogoutUrl = "/Accounts/SignOut"; options.Events.RaiseErrorEvents = true; options.Events.RaiseInformationEvents = true; options.Events.RaiseFailureEvents = true; options.Events.RaiseSuccessEvents = true; }) .AddInMemoryIdentityResources(IdentityServerConfig.Ids) .AddInMemoryApiScopes(IdentityServerConfig.ApiScopes) .AddInMemoryApiResources(IdentityServerConfig.Apis) .AddInMemoryClients(IdentityServerConfig.GetClients(configuration)) .AddAspNetIdentity <ApplicationUser>(); builder.Services.AddScoped <IProfileService, ProfileService>(); if (isProduction) { var client = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(async(authority, resource, scope) => { var context = new AuthenticationContext(authority); var credentials = new ClientCredential(configuration.GetValue <string>("AzureKeyVaultClientId"), configuration.GetValue <string>("AzureKeyVaultClientSecret")); var authenticationResult = await context.AcquireTokenAsync(resource, credentials); return(authenticationResult.AccessToken); })); builder.AddSigningCredential(new X509Certificate2(Convert.FromBase64String(client.GetSecretAsync(configuration.GetValue <string>("AzureKeyVaultGiuruIdentityServer4Certificate")).Result.Value), configuration.GetValue <string>("AzureKeyVaultGiuruIdentityServer4CertificatePassword"))); } else { builder.AddDeveloperSigningCredential(); } services.AddAuthentication() .AddIdentityServerAuthentication("IsToken", options => { options.Authority = configuration.GetValue <string>("IdentityUrl"); options.RequireHttpsMetadata = false; options.ApiName = AccountConstants.ApiNames.All; }); services.AddScoped <IUserService, UserService>(); services.AddScoped <IAppSecretRepository, AppSecretRepository>(); }
public static IServiceCollection ConfigureIdentityServer(this IServiceCollection services) { var hostingEnviroment = services.BuildServiceProvider().GetService <IHostingEnvironment>(); services .AddIdentityServer() .AddSigningCredential(new X509Certificate2(Path.Combine(hostingEnviroment.ContentRootPath, "Certs", "certificadocore.pfx"))) .AddInMemoryApiResources(IdentityServerConfig.GetApiResources()) .AddInMemoryClients(IdentityServerConfig.GetClients()) .AddAspNetIdentity <Usuario>() .AddCustomUserStore(); return(services); }