/// <summary>
/// Adds the IdentityServer API endpoints to MVC.
/// </summary>
/// <param name="mvcBuilder">An interface for configuring MVC services.</param>
/// <param name="configureAction">Configuration options for IdentityServer API feature.</param>
public static IMvcBuilder AddIdentityServerApiEndpoints(this IMvcBuilder mvcBuilder, Action <IdentityServerApiEndpointsOptions> configureAction = null)
{
mvcBuilder.ConfigureApplicationPartManager(x => x.FeatureProviders.Add(new IdentityServerApiFeatureProvider()));
var services = mvcBuilder.Services;
var serviceProvider = services.BuildServiceProvider();
var configuration = serviceProvider.GetRequiredService <IConfiguration>();
var apiEndpointsOptions = new IdentityServerApiEndpointsOptions {
Services = services
};
// Initialize default options.
configureAction?.Invoke(apiEndpointsOptions);
apiEndpointsOptions.Services = null;
services.AddDistributedMemoryCache();
// Configure options for CacheResourceFilter.
services.Configure <CacheResourceFilterOptions>(options => options.DisableCache = apiEndpointsOptions.DisableCache);
// Invoke action provided by developer to override default options.
services.AddSingleton(apiEndpointsOptions);
services.AddIndiceServices(configuration);
services.AddTransient <IEventService, EventService>();
// Register validation filters.
services.AddScoped <CreateClaimTypeRequestValidationFilter>();
services.AddScoped <CreateRoleRequestValidationFilter>();
// Add authorization policies that are used by the IdentityServer API.
services.AddAuthorization(authOptions => {
authOptions.AddPolicy(IdentityServerApi.Scope, policy => {
policy.AddAuthenticationSchemes(IdentityServerApi.AuthenticationScheme)
.RequireAuthenticatedUser();
});
authOptions.AddPolicy(IdentityServerApi.SubScopes.Users, policy => {
policy.AddAuthenticationSchemes(IdentityServerApi.AuthenticationScheme)
.RequireAuthenticatedUser()
.RequireAssertion(x => x.User.HasClaim(JwtClaimTypes.Scope, IdentityServerApi.SubScopes.Users) && (x.User.IsAdmin() || x.User.IsSystemClient()));
});
authOptions.AddPolicy(IdentityServerApi.SubScopes.Clients, policy => {
policy.AddAuthenticationSchemes(IdentityServerApi.AuthenticationScheme)
.RequireAuthenticatedUser()
.RequireAssertion(x => x.User.HasClaim(JwtClaimTypes.Scope, IdentityServerApi.SubScopes.Clients) && (x.User.IsAdmin() || x.User.IsSystemClient()));
});
authOptions.AddPolicy(IdentityServerApi.Admin, policy => {
policy.AddAuthenticationSchemes(IdentityServerApi.AuthenticationScheme)
.RequireAuthenticatedUser()
.RequireAssertion(x => x.User.HasClaim(JwtClaimTypes.Scope, IdentityServerApi.Scope) && (x.User.IsAdmin() || x.User.IsSystemClient()));
});
});
// Configure antiforgery token options.
services.Configure <AntiforgeryOptions>(options => {
options.HeaderName = CustomHeaderNames.AntiforgeryHeaderName;
});
// Try register the extended version of UserManager<User>.
services.TryAddScoped <ExtendedUserManager <User> >();
services.TryAddScoped <IdentityMessageDescriber>();
// Register the authentication handler, using a custom scheme name, for local APIs.
services.AddAuthentication()
.AddLocalApi(IdentityServerApi.AuthenticationScheme, options => {
options.ExpectedScope = IdentityServerApi.Scope;
});
return(mvcBuilder);
}
/// <summary>
/// Creates an instance of <see cref="ClientsController"/>.
/// </summary>
/// <param name="configurationDbContext">Abstraction for the configuration context.</param>
/// <param name="generalSettings">Applications general settings.</param>
/// <param name="eventService">Models the event mechanism used to raise events inside the IdentityServer API.</param>
/// <param name="apiEndpointsOptions">Options for configuring the IdentityServer API feature.</param>
public ClientsController(
ExtendedConfigurationDbContext configurationDbContext,
IOptionsSnapshot <GeneralSettings> generalSettings,
IEventService eventService,
IdentityServerApiEndpointsOptions apiEndpointsOptions
)
{
_configurationDbContext = configurationDbContext ?? throw new ArgumentNullException(nameof(configurationDbContext));
_generalSettings = generalSettings?.Value ?? throw new ArgumentNullException(nameof(generalSettings));
_eventService = eventService ?? throw new ArgumentNullException(nameof(eventService));
_apiEndpointsOptions = apiEndpointsOptions ?? throw new ArgumentNullException(nameof(apiEndpointsOptions));
}
/// <summary>
/// Creates an instance of <see cref="UsersController"/>.
/// </summary>
/// <param name="userManager">Provides the APIs for managing user in a persistence store.</param>
/// <param name="roleManager">Provides the APIs for managing roles in a persistence store.</param>
/// <param name="dbContext">Class for the Entity Framework database context used for identity.</param>
/// <param name="persistedGrantService">Implements persisted grant logic.</param>
/// <param name="clientStore">Retrieval of client configuration.</param>
/// <param name="apiEndpointsOptions">Options for configuring the IdentityServer API feature.</param>
/// <param name="eventService">Models the event mechanism used to raise events inside the IdentityServer API.</param>
/// <param name="generalSettings">General settings for an ASP.NET Core application.</param>
/// <param name="localizer">Represents an <see cref="IStringLocalizer"/> that provides strings for <see cref="UsersController"/>.</param>
public UsersController(ExtendedUserManager <User> userManager, RoleManager <Role> roleManager, ExtendedIdentityDbContext <User, Role> dbContext, IPersistedGrantService persistedGrantService,
IClientStore clientStore, IdentityServerApiEndpointsOptions apiEndpointsOptions, IEventService eventService, IOptions <GeneralSettings> generalSettings, IStringLocalizer <UsersController> localizer)
{
_userManager = userManager ?? throw new ArgumentNullException(nameof(userManager));
_roleManager = roleManager ?? throw new ArgumentNullException(nameof(roleManager));
_dbContext = dbContext ?? throw new ArgumentNullException(nameof(dbContext));
_persistedGrantService = persistedGrantService ?? throw new ArgumentNullException(nameof(persistedGrantService));
_clientStore = clientStore ?? throw new ArgumentNullException(nameof(clientStore));
_apiEndpointsOptions = apiEndpointsOptions ?? throw new ArgumentNullException(nameof(apiEndpointsOptions));
_eventService = eventService ?? throw new ArgumentNullException(nameof(eventService));
_generalSettings = generalSettings?.Value ?? throw new ArgumentNullException(nameof(generalSettings));
_localizer = localizer ?? throw new ArgumentNullException(nameof(localizer));
}
public MyAccountController(ExtendedUserManager <User> userManager, IOptions <GeneralSettings> generalSettings, IOptionsSnapshot <IdentityOptions> identityOptions,
IdentityServerApiEndpointsOptions identityServerApiEndpointsOptions, IEventService eventService, ISmsService smsService, IEmailService emailService,
MessageDescriber messageDescriber, ExtendedIdentityDbContext <User, Role> dbContext)
{
_userManager = userManager ?? throw new ArgumentNullException(nameof(userManager));
_generalSettings = generalSettings?.Value ?? throw new ArgumentNullException(nameof(generalSettings));
_identityOptions = identityOptions?.Value ?? throw new ArgumentNullException(nameof(identityOptions));
_identityServerApiEndpointsOptions = identityServerApiEndpointsOptions ?? throw new ArgumentNullException(nameof(identityServerApiEndpointsOptions));
_eventService = eventService ?? throw new ArgumentNullException(nameof(eventService));
_messageDescriber = messageDescriber ?? throw new ArgumentNullException(nameof(messageDescriber));
_dbContext = dbContext ?? throw new ArgumentNullException(nameof(dbContext));
_smsService = smsService;
_emailService = emailService;
}
/// <summary>
/// Registers the <see cref="DbContext"/> to be used by the Identity system.
/// </summary>
/// <param name="options">Options for configuring the IdentityServer API feature.</param>
/// <param name="configureAction">Configuration for <see cref="ExtendedIdentityDbContext{TUser, TRole}"/>.</param>
public static void AddDbContext(this IdentityServerApiEndpointsOptions options, Action <IdentityDbContextOptions> configureAction)
{
var dbContextOptions = new IdentityDbContextOptions();
configureAction?.Invoke(dbContextOptions);
options.Services.AddSingleton(dbContextOptions);
if (dbContextOptions.ResolveDbContextOptions != null)
{
options.Services.AddDbContext <ExtendedIdentityDbContext <User, Role> >(dbContextOptions.ResolveDbContextOptions);
}
else
{
options.Services.AddDbContext <ExtendedIdentityDbContext <User, Role> >(dbContextOptions.ConfigureDbContext);
}
options.Services.AddTransient <Func <ExtendedIdentityDbContext <User, Role> > >(provider => provider.GetService <ExtendedIdentityDbContext <User, Role> >);
}
public MyAccountController(
ExtendedIdentityDbContext <User, Role> dbContext,
ExtendedUserManager <User> userManager,
IConfiguration configuration,
IdentityServerApiEndpointsOptions identityServerApiEndpointsOptions,
IEmailService emailService,
IEventService eventService,
IOptions <GeneralSettings> generalSettings,
IOptionsSnapshot <IdentityOptions> identityOptions,
ISmsServiceFactory smsServiceFactory
)
{
_configuration = configuration ?? throw new ArgumentNullException(nameof(configuration));
_dbContext = dbContext ?? throw new ArgumentNullException(nameof(dbContext));
_emailService = emailService;
_eventService = eventService ?? throw new ArgumentNullException(nameof(eventService));
_generalSettings = generalSettings?.Value ?? throw new ArgumentNullException(nameof(generalSettings));
_identityOptions = identityOptions?.Value ?? throw new ArgumentNullException(nameof(identityOptions));
_identityServerApiEndpointsOptions = identityServerApiEndpointsOptions ?? throw new ArgumentNullException(nameof(identityServerApiEndpointsOptions));
_smsServiceFactory = smsServiceFactory ?? throw new ArgumentNullException(nameof(smsServiceFactory));
_userManager = userManager ?? throw new ArgumentNullException(nameof(userManager));
}
/// <summary>
/// Creates a new instance of <see cref="ExtendedIdentityDbContext{TUser, TRole}"/>.
/// </summary>
/// <param name="dbContextOptions">The options to be used by a <see cref="DbContext"/>.</param>
/// <param name="options">Options for configuring the IdentityServer API feature.</param>
/// <param name="webHostEnvironment">Provides information about the web hosting environment an application is running in.</param>
public ExtendedIdentityDbContext(DbContextOptions <ExtendedIdentityDbContext <TUser, TRole> > dbContextOptions, IdentityServerApiEndpointsOptions options,
IWebHostEnvironment webHostEnvironment) : base(dbContextOptions)
{
if (Database.EnsureCreated() && webHostEnvironment.IsDevelopment())
{
if (options.UseInitialData)
{
this.Seed();
}
this.Seed(options.InitialUsers);
}
}
/// <summary>
/// Registers an implementation of <see cref="IIdentityServerApiEventHandler{TEvent}"/> for the specified event type.
/// </summary>
/// <typeparam name="TEvent">The type of the event to handler.</typeparam>
/// <typeparam name="TEventHandler">The handler to user for the specified event.</typeparam>
/// <param name="options">Options for configuring the IdentityServer API feature.</param>
public static IdentityServerApiEndpointsOptions AddEventHandler <TEvent, TEventHandler>(this IdentityServerApiEndpointsOptions options)
where TEvent : IIdentityServerApiEvent
where TEventHandler : class, IIdentityServerApiEventHandler <TEvent>
{
options.Services.AddTransient(typeof(IIdentityServerApiEventHandler <TEvent>), typeof(TEventHandler));
return(options);
}
