public AnonymousAccessTokenProvider( IDistributedCache distributedCache, IDiscoveryCache discoveryCache, HttpClient httpClient, IdentitySetting identitySetting) { _distributedCache = distributedCache; _discoveryCache = discoveryCache; _httpClient = httpClient; _identitySetting = identitySetting; Key += Environment.GetEnvironmentVariable("COMPUTERNAME"); }
public static void AddCustomIdentity(this IServiceCollection service, IdentitySetting identitySetting) { service.AddIdentity <AppUsers, AppRole>(option => { option.Password.RequireDigit = identitySetting.PasswordRequireDigit; option.Password.RequiredLength = identitySetting.PasswordRequiredLength; option.Password.RequireNonAlphanumeric = identitySetting.PasswordRequireNonAlphanumic; option.Password.RequireUppercase = identitySetting.PasswordRequireUppercase; option.Password.RequireLowercase = identitySetting.PasswordRequireLowercase; option.User.RequireUniqueEmail = identitySetting.RequireUniqueEmail; option.Lockout.MaxFailedAccessAttempts = identitySetting.MaxFailedAccessAttempts; option.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(identitySetting.DefaultLockoutTimeSpan); }); }
public RegisterService(ILogger <RegisterService> logger, IApiGatewayProxy apiGatewayProxy, IdentitySetting identitySetting, IRestClient restClient, IPortalCryptoAlgorithm portalCryptoAlgorithm, PortalSetting portalSetting) { _logger = logger; _identitySetting = identitySetting; _apiGatewayProxy = apiGatewayProxy; _restClient = restClient; _portalCryptoAlgorithm = portalCryptoAlgorithm; _portalSetting = portalSetting; }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { // Settings var cmsEndpoints = new CmsEndpoints(); Configuration.Bind("CmsEndpoints", cmsEndpoints); services.AddSingleton(cmsEndpoints); _portalSettings = new PortalSetting(); Configuration.Bind("PortalSettings", _portalSettings); services.AddSingleton(_portalSettings); var identitySetting = new IdentitySetting(); Configuration.Bind("Identity", identitySetting); services.AddSingleton(identitySetting); var heartbeatSetting = new HeartbeatSetting(); Configuration.Bind("HeartBeatSettings", heartbeatSetting); services.AddSingleton(heartbeatSetting); var verifoneSetting = new VerifoneSetting(); Configuration.Bind("Verifone", verifoneSetting); services.AddSingleton(verifoneSetting); var contactUsSetting = new ContactUsSetting { QueryAreas = new List <string>() }; Configuration.Bind("ContactUs", contactUsSetting); services.AddSingleton(contactUsSetting); var callbackSetting = new CallbackSetting(); Configuration.Bind("Callback", callbackSetting); services.AddSingleton(callbackSetting); var encryptionSetting = new EncryptionSetting(); Configuration.Bind("Encryption", encryptionSetting); services.AddSingleton(encryptionSetting); var openWrksSetting = new OpenWrksSetting(); Configuration.Bind("OpenWrksSetting", openWrksSetting); services.AddSingleton(openWrksSetting); var contentSecurityPolicyHeadersSetting = new ContentSecurityPolicyHeaderSetting(); Configuration.Bind("ContentSecurityPolicyHeader", contentSecurityPolicyHeadersSetting); services.AddSingleton(contentSecurityPolicyHeadersSetting); SetupThreadPoolForRedis(); services.Configure <CookiePolicyOptions>(options => { // This lambda determines whether user consent for non-essential cookies is needed for a given request. options.CheckConsentNeeded = context => false; options.MinimumSameSitePolicy = SameSiteMode.None; }); // This is where the application state will be stored. services.AddStackExchangeRedisCache(options => { options.Configuration = _portalSettings.RedisConfiguration; }); // Data protection var redis = ConnectionMultiplexer.Connect(_portalSettings.RedisConfiguration); services.AddDataProtection() .PersistKeysToStackExchangeRedis(redis, "FinancialPortal-DataProtection-Keys"); services.AddHttpClient(); services.AddHttpContextAccessor(); services.AddAutoMapper(typeof(Startup)); services.AddCors(options => { options.AddDefaultPolicy(builder => { builder.SetIsOriginAllowedToAllowWildcardSubdomains(); }); }); services.AddSession(options => { // Since there are no link between the User's token and Session, setting this idle time out to an hour. options.IdleTimeout = TimeSpan.FromMinutes(20); options.Cookie.HttpOnly = true; if (!_hostingEnvironment.IsDevelopment()) { // On a non development environment we should be using HTTPS and hence cookies will demand https. options.Cookie.SecurePolicy = CookieSecurePolicy.None; } // Make the session cookie essential options.Cookie.IsEssential = true; }); services.AddMvc(options => { if (!_hostingEnvironment.IsDevelopment()) { options.RequireHttpsPermanent = true; } // Following code forces all actions in the controller to be secure by the default auth scheme. // Actions or Controller marked with AllowAnonymous will trigger auth scheme. var policy = new AuthorizationPolicyBuilder() .RequireAuthenticatedUser() .Build(); options.Filters.Add(new AuthorizeFilter(policy)); options.Filters.Add(typeof(SecurityHeadersAttribute)); options.Filters.Add(typeof(LoggingAsyncActionFilter)); options.Filters.Add(typeof(ExceptionLoggerFilter)); options.ModelBindingMessageProvider .SetAttemptedValueIsInvalidAccessor((value, displayName) => displayName.Contains("date of birth", StringComparison.CurrentCultureIgnoreCase) ? "Please enter your date of birth in the format DD/MM/YYYY" : $"The value '{WebUtility.HtmlEncode(WebUtility.UrlEncode(value))}' is not valid for {displayName}."); }) .SetCompatibilityVersion(CompatibilityVersion.Version_2_2) .AddFluentValidation(fv => { fv.RegisterValidatorsFromAssemblyContaining <AmendDirectDebitVmValidator>(); fv.ConfigureClientsideValidation(clientSideValidation => { clientSideValidation.Add(typeof(RequiredIfValidator), (context, rule, validator) => new RequiredIfClientValidator(rule, validator)); }); }); services.AddOpenIdConnectAuth(new OpenIdAuthOptions { AuthorityEndpoint = identitySetting.Authority, // NO slash at the end ClientId = identitySetting.ClientId, ClientSecret = identitySetting.ClientSecret, Scopes = identitySetting.Scopes, ScopeId = identitySetting.ScopeId, ScopeSecret = identitySetting.ScopeSecret, RequireHttpsMetadata = false, RedisConfiguration = _portalSettings.RedisConfiguration, TokenType = identitySetting.TokenType }); services.AddAutoMapper(AppDomain.CurrentDomain.GetAssemblies()); // Licenses AsposeLicense.SetLicenseFromFile("Aspose.Total.lic"); // PDF services.AddScoped <ITemplateProvider, EmbeddedTemplateProvider>(); services.AddScoped(typeof(IPdfGenerator <>), typeof(AsposePdfGenerator <>)); services.AddHttpContextAccessor(); services.AddTransient <TracingHandler>(); services.AddHttpClient <InternalIdentityTokenHandler>(); services.AddHttpClient <OpenWrksIdentityTokenHandler>(); services.AddHttpClient(); services.AddHttpClient <IRestClient, RestClient>() .AddHttpMessageHandler <TracingHandler>() .AddHttpMessageHandler <InternalIdentityTokenHandler>(); services.AddHttpClient("openwrks") .AddHttpMessageHandler <TracingHandler>() .AddHttpMessageHandler <OpenWrksIdentityTokenHandler>(); services.AddScoped <IPortalCryptoAlgorithm, PortalCryptoAlgorithm>(); services.AddScoped <IDistributedTokenProvider, DistributedTokenProvider>(); services.AddTransient <IUnreadDocumentsService, UnreadDocumentsService>(); services.AddScoped <IAccountsService, AccountsService>(); services.AddScoped <IMapperHelper, MapperHelper>(); services.AddHttpClient <IAnonymousAccessTokenProvider, AnonymousAccessTokenProvider>(); services.AddServiceMappings(_loggerFactory, Configuration); services.AddProcessMappings(_loggerFactory, Configuration); services.AddProxyMappings(_loggerFactory, _portalSettings); }