public static void ConfigureClientContext(this ModelBuilder modelBuilder, ConfigurationStoreOptions storeOptions)
{
if (!string.IsNullOrWhiteSpace(storeOptions.DefaultSchema))
{
modelBuilder.HasDefaultSchema(storeOptions.DefaultSchema);
}
modelBuilder.Entity <Client>(client =>
{
client.ToTable(storeOptions.Client);
client.HasKey(x => x.Id);
client.Property(x => x.ClientId).HasMaxLength(200).IsRequired();
client.Property(x => x.ProtocolType).HasMaxLength(200).IsRequired();
client.Property(x => x.ClientName).HasMaxLength(200);
client.Property(x => x.ClientUri).HasMaxLength(2000);
client.HasIndex(x => x.ClientId).IsUnique();
client.HasMany(x => x.AllowedGrantTypes).WithOne(x => x.Client).IsRequired().OnDelete(DeleteBehavior.Cascade);
client.HasMany(x => x.RedirectUris).WithOne(x => x.Client).IsRequired().OnDelete(DeleteBehavior.Cascade);
client.HasMany(x => x.PostLogoutRedirectUris).WithOne(x => x.Client).IsRequired().OnDelete(DeleteBehavior.Cascade);
client.HasMany(x => x.AllowedScopes).WithOne(x => x.Client).IsRequired().OnDelete(DeleteBehavior.Cascade);
client.HasMany(x => x.ClientSecrets).WithOne(x => x.Client).IsRequired().OnDelete(DeleteBehavior.Cascade);
client.HasMany(x => x.Claims).WithOne(x => x.Client).IsRequired().OnDelete(DeleteBehavior.Cascade);
client.HasMany(x => x.IdentityProviderRestrictions).WithOne(x => x.Client).IsRequired().OnDelete(DeleteBehavior.Cascade);
client.HasMany(x => x.AllowedCorsOrigins).WithOne(x => x.Client).IsRequired().OnDelete(DeleteBehavior.Cascade);
});
modelBuilder.Entity <ClientGrantType>(grantType =>
{
grantType.ToTable(storeOptions.ClientGrantType);
grantType.Property(x => x.GrantType).HasMaxLength(250).IsRequired();
});
modelBuilder.Entity <ClientRedirectUri>(redirectUri =>
{
redirectUri.ToTable(storeOptions.ClientRedirectUri);
redirectUri.Property(x => x.RedirectUri).HasMaxLength(2000).IsRequired();
});
modelBuilder.Entity <ClientPostLogoutRedirectUri>(postLogoutRedirectUri =>
{
postLogoutRedirectUri.ToTable(storeOptions.ClientPostLogoutRedirectUri);
postLogoutRedirectUri.Property(x => x.PostLogoutRedirectUri).HasMaxLength(2000).IsRequired();
});
modelBuilder.Entity <ClientScope>(scope =>
{
scope.ToTable(storeOptions.ClientScopes);
scope.Property(x => x.Scope).HasMaxLength(200).IsRequired();
});
modelBuilder.Entity <ClientSecret>(secret =>
{
secret.ToTable(storeOptions.ClientSecret);
secret.Property(x => x.Value).HasMaxLength(2000).IsRequired();
secret.Property(x => x.Type).HasMaxLength(250);
secret.Property(x => x.Description).HasMaxLength(2000);
});
modelBuilder.Entity <ClientClaim>(claim =>
{
claim.ToTable(storeOptions.ClientClaim);
claim.Property(x => x.Type).HasMaxLength(250).IsRequired();
claim.Property(x => x.Value).HasMaxLength(250).IsRequired();
});
modelBuilder.Entity <ClientIdPRestriction>(idPRestriction =>
{
idPRestriction.ToTable(storeOptions.ClientIdPRestriction);
idPRestriction.Property(x => x.Provider).HasMaxLength(200).IsRequired();
});
modelBuilder.Entity <ClientCorsOrigin>(corsOrigin =>
{
corsOrigin.ToTable(storeOptions.ClientCorsOrigin);
corsOrigin.Property(x => x.Origin).HasMaxLength(150).IsRequired();
});
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddControllers();
var configurationOptions = new ConfigurationStoreOptions
{
ConfigureDbContext = builder =>
{
builder.UseSqlServer("Data Source=.;Initial Catalog=Identity;Integrated Security=true;");
}
};
var configurationBuilder = new DbContextOptionsBuilder <ConfigurationDbContext>().UseSqlServer("Data Source=.;Initial Catalog=Identity;Integrated Security=true;");
services.AddSingleton(configurationOptions);
services.AddSingleton(configurationBuilder.Options);
services.AddIdentityServer(options =>
{
options.IssuerUri = "https://localhost:5001/identityserver";
options.Events.RaiseSuccessEvents = true;
options.Events.RaiseFailureEvents = true;
options.Events.RaiseErrorEvents = true;
options.Events.RaiseInformationEvents = true;
options.Discovery = new DiscoveryOptions
{
ShowClaims = true,
ShowEndpoints = true,
ShowGrantTypes = true,
ShowIdentityScopes = true,
ShowKeySet = true,
ShowResponseModes = true,
ShowResponseTypes = true,
ShowTokenEndpointAuthenticationMethods = true,
};
options.Csp = new CspOptions
{
AddDeprecatedHeader = options.Csp.AddDeprecatedHeader,
Level = options.Csp.Level
};
options.Authentication = new AuthenticationOptions
{
};
options.UserInteraction = new UserInteractionOptions
{
};
options.Caching = new CachingOptions
{
};
options.Cors = new CorsOptions
{
};
options.Endpoints = new EndpointsOptions
{
};
options.InputLengthRestrictions = new InputLengthRestrictions
{
};
options.AccessTokenJwtType = "JWT";
})
.AddDeveloperSigningCredential()
.AddOperationalStore(options =>
{
options.ConfigureDbContext = builder => builder.UseSqlServer("Data Source=.;Initial Catalog=Identity;Integrated Security=true;");
options.EnableTokenCleanup = true;
options.TokenCleanupInterval = (int)TimeSpan.FromMinutes(5).TotalSeconds;
})
.AddConfigurationStore(options =>
{
options.ConfigureDbContext = builder => builder.UseSqlServer("Data Source=.;Initial Catalog=Identity;Integrated Security=true;");
});
}
void SetupConfigurationStore(ConfigurationStoreOptions options)
{
options.ConfigureDbContext =
b => b.UseSqlServer(Configuration["Data:AppDb:ConnectionString"],
sql => sql.MigrationsAssembly(migrationsAssembly));
}
public static void ConfigureResourcesContext(this ModelBuilder modelBuilder, ConfigurationStoreOptions storeOptions)
{
if (!string.IsNullOrWhiteSpace(storeOptions.DefaultSchema))
{
modelBuilder.HasDefaultSchema(storeOptions.DefaultSchema);
}
modelBuilder.Entity <IdentityResource>(identityResource =>
{
identityResource.ToTable(storeOptions.IdentityResource).HasKey(x => x.Id);
identityResource.Property(x => x.Name).HasMaxLength(200).IsRequired();
identityResource.Property(x => x.DisplayName).HasMaxLength(200);
identityResource.Property(x => x.Description).HasMaxLength(1000);
identityResource.HasIndex(x => x.Name).IsUnique();
identityResource.HasMany(x => x.UserClaims).WithOne(x => x.IdentityResource).IsRequired().OnDelete(DeleteBehavior.Cascade);
});
modelBuilder.Entity <IdentityClaim>(claim =>
{
claim.ToTable(storeOptions.IdentityClaim).HasKey(x => x.Id);
claim.Property(x => x.Type).HasMaxLength(200).IsRequired();
});
modelBuilder.Entity <ApiResource>(apiResource =>
{
apiResource.ToTable(storeOptions.ApiResource).HasKey(x => x.Id);
apiResource.Property(x => x.Name).HasMaxLength(200).IsRequired();
apiResource.Property(x => x.DisplayName).HasMaxLength(200);
apiResource.Property(x => x.Description).HasMaxLength(1000);
apiResource.HasIndex(x => x.Name).IsUnique();
apiResource.HasMany(x => x.Secrets).WithOne(x => x.ApiResource).IsRequired().OnDelete(DeleteBehavior.Cascade);
apiResource.HasMany(x => x.Scopes).WithOne(x => x.ApiResource).IsRequired().OnDelete(DeleteBehavior.Cascade);
apiResource.HasMany(x => x.UserClaims).WithOne(x => x.ApiResource).IsRequired().OnDelete(DeleteBehavior.Cascade);
});
modelBuilder.Entity <ApiSecret>(apiSecret =>
{
apiSecret.ToTable(storeOptions.ApiSecret).HasKey(x => x.Id);
apiSecret.Property(x => x.Description).HasMaxLength(1000);
apiSecret.Property(x => x.Value).HasMaxLength(2000);
apiSecret.Property(x => x.Type).HasMaxLength(250);
});
modelBuilder.Entity <ApiResourceClaim>(apiClaim =>
{
apiClaim.ToTable(storeOptions.ApiClaim).HasKey(x => x.Id);
apiClaim.Property(x => x.Type).HasMaxLength(200).IsRequired();
});
modelBuilder.Entity <ApiScope>(apiScope =>
{
apiScope.ToTable(storeOptions.ApiScope).HasKey(x => x.Id);
apiScope.Property(x => x.Name).HasMaxLength(200).IsRequired();
apiScope.Property(x => x.DisplayName).HasMaxLength(200);
apiScope.Property(x => x.Description).HasMaxLength(1000);
apiScope.HasIndex(x => x.Name).IsUnique();
apiScope.HasMany(x => x.UserClaims).WithOne(x => x.ApiScope).IsRequired().OnDelete(DeleteBehavior.Cascade);
});
modelBuilder.Entity <ApiScopeClaim>(apiScopeClaim =>
{
apiScopeClaim.ToTable(storeOptions.ApiScopeClaim).HasKey(x => x.Id);
apiScopeClaim.Property(x => x.Type).HasMaxLength(200).IsRequired();
});
}
public CustomContext(DbContextOptions <CustomContext> dbOptions, ConfigurationStoreOptions configStoreOptions, OperationalStoreOptions operStoreOptions)
: base(dbOptions)
{
_configStoreOptions = configStoreOptions;
_operStoreOptions = operStoreOptions;
}
public IdentityServerStoreOptionsProvider()
{
//Config your store options here.
ConfigurationStoreOptions = new ConfigurationStoreOptions();
OperationalStoreOptions = new OperationalStoreOptions();
}
protected override void OnModelCreating(ModelBuilder builder)
{
base.OnModelCreating(builder);
// Customize the ASP.NET Identity model and override the defaults if needed.
// For example, you can rename the ASP.NET Identity table names and more.
// Add your customizations after calling base.OnModelCreating(builder);
var configurationStoreOptions = new ConfigurationStoreOptions();
builder.ConfigureClientContext(configurationStoreOptions);
builder.ConfigureResourcesContext(configurationStoreOptions);
var operationalStoreOptions = new OperationalStoreOptions();
builder.ConfigurePersistedGrantContext(operationalStoreOptions);
var tenantStoreOptions = new TenantStoreOptions();
builder.ConfigureTenantContext <ApplicationTenant, ObjectId>(tenantStoreOptions);
var tenantReferenceOptions = new TenantReferenceOptions();
builder.HasTenancy <string>(tenantReferenceOptions, out _tenancyModelState);
builder.Entity <ApplicationTenant>(b =>
{
b.Property(t => t.DisplayName).HasMaxLength(256);
});
// Configure properties on User (ASP.NET Core Identity).
builder.Entity <ApplicationUser>(b =>
{
// Add multi-tenancy support to entity.
b.HasTenancy(() => _tenancyContext.Tenant.Id, _tenancyModelState, hasIndex: false);
// Remove unique index on NormalizedUserName.
b.HasIndex(u => u.NormalizedUserName).HasName("UserNameIndex").IsUnique(false);
// Add unique index on TenantId and NormalizedUserName.
b.HasIndex(tenantReferenceOptions.ReferenceName, nameof(ApplicationUser.NormalizedUserName))
.HasName("TenantUserNameIndex").IsUnique();
});
// Configure properties on Role (ASP.NET Core Identity).
builder.Entity <ApplicationRole>(b =>
{
// Add multi-tenancy support to entity.
b.HasTenancy(() => _tenancyContext.Tenant.Id, _tenancyModelState, hasIndex: false);
// Remove unique index on NormalizedName.
b.HasIndex(r => r.NormalizedName).HasName("RoleNameIndex").IsUnique(false);
// Add unique index on TenantId and NormalizedName.
b.HasIndex(tenantReferenceOptions.ReferenceName, nameof(ApplicationRole.NormalizedName))
.HasName("TenantRoleNameIndex").IsUnique();
});
builder.Entity <Client>(b =>
{
b.HasTenancy(() => _tenancyContext.Tenant.Id, _tenancyModelState, hasIndex: false);
b.HasIndex(c => c.ClientId).IsUnique(false);
b.HasIndex(tenantReferenceOptions.ReferenceName, nameof(Client.ClientId)).IsUnique();
});
builder.Entity <IdentityResource>(b =>
{
b.HasTenancy(() => _tenancyContext.Tenant.Id, _tenancyModelState, hasIndex: false);
b.HasIndex(r => r.Id).IsUnique(false);
b.HasIndex(tenantReferenceOptions.ReferenceName, nameof(IdentityResource.Id)).IsUnique();
});
builder.Entity <ApiResource>(b =>
{
b.HasTenancy(() => _tenancyContext.Tenant.Id, _tenancyModelState, hasIndex: false);
b.HasIndex(r => r.Id).IsUnique(false);
b.HasIndex(tenantReferenceOptions.ReferenceName, nameof(ApiResource.Id)).IsUnique();
});
builder.Entity <ApiScope>(b =>
{
b.HasTenancy(() => _tenancyContext.Tenant.Id, _tenancyModelState, hasIndex: false);
b.HasIndex(s => s).IsUnique(false);
b.HasIndex(tenantReferenceOptions.ReferenceName, nameof(ApiScope)).IsUnique();
});
builder.Entity <PersistedGrant>(b =>
{
b.HasTenancy(() => _tenancyContext.Tenant.Id, _tenancyModelState, indexNameFormat: $"IX_{nameof(PersistedGrant)}_{{0}}");
});
builder.Entity <IdentityServer4.EntityFramework.Entities.DeviceFlowCodes>(b =>
{
b.HasTenancy(() => _tenancyContext.Tenant.Id, _tenancyModelState, hasIndex: false);
b.HasIndex(c => c.DeviceCode).IsUnique(false);
b.HasIndex(tenantReferenceOptions.ReferenceName, nameof(IdentityServer4.EntityFramework.Entities.DeviceFlowCodes.DeviceCode)).IsUnique();
});
}
public ApplicationDbContext(DbContextOptions <ApplicationDbContext> options, ConfigurationStoreOptions configurationStoreOptions, OperationalStoreOptions persistedGrantStoreOptions)
: base(options)
{
_configurationStoreOptions = configurationStoreOptions;
_persistedGrantStoreOptions = persistedGrantStoreOptions;
}
/// <summary>
/// Configures the resources context.
/// </summary>
/// <param name="modelBuilder">The model builder.</param>
/// <param name="storeOptions">The store options.</param>
public static void ConfigureResourcesContext(this ModelBuilder modelBuilder, ConfigurationStoreOptions storeOptions)
{
if (!string.IsNullOrWhiteSpace(storeOptions.DefaultSchema))
{
modelBuilder.HasDefaultSchema(storeOptions.DefaultSchema);
}
modelBuilder.Entity <IdentityResource>(identityResource =>
{
identityResource.ToTable(storeOptions.IdentityResource).HasKey(x => x.Id);
identityResource.Property(x => x.Name).HasMaxLength(200).IsRequired();
identityResource.Property(x => x.DisplayName).HasMaxLength(200);
identityResource.Property(x => x.Description).HasMaxLength(1000);
identityResource.HasIndex(x => x.Name).IsUnique();
identityResource.HasMany(x => x.UserClaims).WithOne(x => x.IdentityResource).HasForeignKey(x => x.IdentityResourceId).IsRequired().OnDelete(DeleteBehavior.Cascade);
identityResource.HasMany(x => x.Properties).WithOne(x => x.IdentityResource).HasForeignKey(x => x.IdentityResourceId).IsRequired().OnDelete(DeleteBehavior.Cascade);
});
modelBuilder.Entity <IdentityResourceClaim>(claim =>
{
claim.ToTable(storeOptions.IdentityResourceClaim).HasKey(x => x.Id);
claim.Property(x => x.Type).HasMaxLength(200).IsRequired();
});
modelBuilder.Entity <IdentityResourceProperty>(property =>
{
property.ToTable(storeOptions.IdentityResourceProperty);
property.Property(x => x.Key).HasMaxLength(250).IsRequired();
property.Property(x => x.Value).HasMaxLength(2000).IsRequired();
});
modelBuilder.Entity <ApiResource>(apiResource =>
{
apiResource.ToTable(storeOptions.ApiResource).HasKey(x => x.Id);
apiResource.Property(x => x.Name).HasMaxLength(200).IsRequired();
apiResource.Property(x => x.DisplayName).HasMaxLength(200);
apiResource.Property(x => x.Description).HasMaxLength(1000);
apiResource.Property(x => x.AllowedAccessTokenSigningAlgorithms).HasMaxLength(100);
apiResource.HasIndex(x => x.Name).IsUnique();
apiResource.HasMany(x => x.Secrets).WithOne(x => x.ApiResource).HasForeignKey(x => x.ApiResourceId).IsRequired().OnDelete(DeleteBehavior.Cascade);
apiResource.HasMany(x => x.Scopes).WithOne(x => x.ApiResource).HasForeignKey(x => x.ApiResourceId).IsRequired().OnDelete(DeleteBehavior.Cascade);
apiResource.HasMany(x => x.UserClaims).WithOne(x => x.ApiResource).HasForeignKey(x => x.ApiResourceId).IsRequired().OnDelete(DeleteBehavior.Cascade);
apiResource.HasMany(x => x.Properties).WithOne(x => x.ApiResource).HasForeignKey(x => x.ApiResourceId).IsRequired().OnDelete(DeleteBehavior.Cascade);
});
modelBuilder.Entity <ApiResourceSecret>(apiSecret =>
{
apiSecret.ToTable(storeOptions.ApiResourceSecret).HasKey(x => x.Id);
apiSecret.Property(x => x.Description).HasMaxLength(1000);
apiSecret.Property(x => x.Value).HasMaxLength(4000).IsRequired();
apiSecret.Property(x => x.Type).HasMaxLength(250).IsRequired();
});
modelBuilder.Entity <ApiResourceClaim>(apiClaim =>
{
apiClaim.ToTable(storeOptions.ApiResourceClaim).HasKey(x => x.Id);
apiClaim.Property(x => x.Type).HasMaxLength(200).IsRequired();
});
modelBuilder.Entity <ApiResourceScope>((System.Action <EntityTypeBuilder <ApiResourceScope> >)(apiScope =>
{
apiScope.ToTable((TableConfiguration)storeOptions.ApiResourceScope).HasKey(x => x.Id);
apiScope.Property(x => x.Scope).HasMaxLength(200).IsRequired();
}));
modelBuilder.Entity <ApiResourceProperty>(property =>
{
property.ToTable(storeOptions.ApiResourceProperty);
property.Property(x => x.Key).HasMaxLength(250).IsRequired();
property.Property(x => x.Value).HasMaxLength(2000).IsRequired();
});
modelBuilder.Entity <ApiScope>(scope =>
{
scope.ToTable(storeOptions.ApiScope).HasKey(x => x.Id);
scope.Property(x => x.Name).HasMaxLength(200).IsRequired();
scope.Property(x => x.DisplayName).HasMaxLength(200);
scope.Property(x => x.Description).HasMaxLength(1000);
scope.HasIndex(x => x.Name).IsUnique();
scope.HasMany(x => x.UserClaims).WithOne(x => x.Scope).HasForeignKey(x => x.ScopeId).IsRequired().OnDelete(DeleteBehavior.Cascade);
});
modelBuilder.Entity <ApiScopeClaim>(scopeClaim =>
{
scopeClaim.ToTable(storeOptions.ApiScopeClaim).HasKey(x => x.Id);
scopeClaim.Property(x => x.Type).HasMaxLength(200).IsRequired();
});
modelBuilder.Entity <ApiScopeProperty>(property =>
{
property.ToTable(storeOptions.ApiScopeProperty).HasKey(x => x.Id);
property.Property(x => x.Key).HasMaxLength(250).IsRequired();
property.Property(x => x.Value).HasMaxLength(2000).IsRequired();
});
}
public IDSContext(DbContextOptions <IDSContext> options, ConfigurationStoreOptions configurationStoreOptions, OperationalStoreOptions operationalStoreOptions) : base(options)
{
this.configurationStoreOptions = configurationStoreOptions;
this.operationalStoreOptions = operationalStoreOptions;
}
/// <summary>
/// Configures the client context.
/// </summary>
/// <param name="modelBuilder">The model builder.</param>
/// <param name="storeOptions">The store options.</param>
public static void ConfigureClientContext(this ModelBuilder modelBuilder, ConfigurationStoreOptions storeOptions)
{
if (!string.IsNullOrWhiteSpace(storeOptions.DefaultSchema))
{
modelBuilder.HasDefaultSchema(storeOptions.DefaultSchema);
}
modelBuilder.Entity <Client>(client =>
{
client.ToTable(storeOptions.Client);
client.HasKey(x => x.Id);
client.Property(x => x.ClientId).HasMaxLength(200).IsRequired();
client.Property(x => x.ProtocolType).HasMaxLength(200).IsRequired();
client.Property(x => x.ClientName).HasMaxLength(200);
client.Property(x => x.ClientUri).HasMaxLength(2000);
client.Property(x => x.LogoUri).HasMaxLength(2000);
client.Property(x => x.Description).HasMaxLength(1000);
client.Property(x => x.FrontChannelLogoutUri).HasMaxLength(2000);
client.Property(x => x.BackChannelLogoutUri).HasMaxLength(2000);
client.Property(x => x.ClientClaimsPrefix).HasMaxLength(200);
client.Property(x => x.PairWiseSubjectSalt).HasMaxLength(200);
client.Property(x => x.UserCodeType).HasMaxLength(100);
client.Property(x => x.AllowedIdentityTokenSigningAlgorithms).HasMaxLength(100);
client.Property(x => x.TenantId).HasMaxLength(450).IsRequired();
client.HasIndex(x => new { x.ClientId, x.TenantId }).IsUnique();
client.HasMany(x => x.AllowedGrantTypes).WithOne(x => x.Client).HasForeignKey(x => x.ClientId).IsRequired().OnDelete(DeleteBehavior.Cascade);
client.HasMany(x => x.RedirectUris).WithOne(x => x.Client).HasForeignKey(x => x.ClientId).IsRequired().OnDelete(DeleteBehavior.Cascade);
client.HasMany(x => x.PostLogoutRedirectUris).WithOne(x => x.Client).HasForeignKey(x => x.ClientId).IsRequired().OnDelete(DeleteBehavior.Cascade);
client.HasMany(x => x.AllowedScopes).WithOne(x => x.Client).HasForeignKey(x => x.ClientId).IsRequired().OnDelete(DeleteBehavior.Cascade);
client.HasMany(x => x.ClientSecrets).WithOne(x => x.Client).HasForeignKey(x => x.ClientId).IsRequired().OnDelete(DeleteBehavior.Cascade);
client.HasMany(x => x.Claims).WithOne(x => x.Client).HasForeignKey(x => x.ClientId).IsRequired().OnDelete(DeleteBehavior.Cascade);
client.HasMany(x => x.IdentityProviderRestrictions).WithOne(x => x.Client).HasForeignKey(x => x.ClientId).IsRequired().OnDelete(DeleteBehavior.Cascade);
client.HasMany(x => x.AllowedCorsOrigins).WithOne(x => x.Client).HasForeignKey(x => x.ClientId).IsRequired().OnDelete(DeleteBehavior.Cascade);
client.HasMany(x => x.Properties).WithOne(x => x.Client).HasForeignKey(x => x.ClientId).IsRequired().OnDelete(DeleteBehavior.Cascade);
});
modelBuilder.Entity <ClientGrantType>(grantType =>
{
grantType.ToTable(storeOptions.ClientGrantType);
grantType.Property(x => x.GrantType).HasMaxLength(250).IsRequired();
});
modelBuilder.Entity <ClientRedirectUri>(redirectUri =>
{
redirectUri.ToTable(storeOptions.ClientRedirectUri);
redirectUri.Property(x => x.RedirectUri).HasMaxLength(2000).IsRequired();
});
modelBuilder.Entity <ClientPostLogoutRedirectUri>(postLogoutRedirectUri =>
{
postLogoutRedirectUri.ToTable(storeOptions.ClientPostLogoutRedirectUri);
postLogoutRedirectUri.Property(x => x.PostLogoutRedirectUri).HasMaxLength(2000).IsRequired();
});
modelBuilder.Entity <ClientScope>(scope =>
{
scope.ToTable(storeOptions.ClientScopes);
scope.Property(x => x.Scope).HasMaxLength(200).IsRequired();
});
modelBuilder.Entity <ClientSecret>(secret =>
{
secret.ToTable(storeOptions.ClientSecret);
secret.Property(x => x.Value).HasMaxLength(4000).IsRequired();
secret.Property(x => x.Type).HasMaxLength(250).IsRequired();
secret.Property(x => x.Description).HasMaxLength(2000);
});
modelBuilder.Entity <ClientClaim>(claim =>
{
claim.ToTable(storeOptions.ClientClaim);
claim.Property(x => x.Type).HasMaxLength(250).IsRequired();
claim.Property(x => x.Value).HasMaxLength(250).IsRequired();
});
modelBuilder.Entity <ClientIdPRestriction>(idPRestriction =>
{
idPRestriction.ToTable(storeOptions.ClientIdPRestriction);
idPRestriction.Property(x => x.Provider).HasMaxLength(200).IsRequired();
});
modelBuilder.Entity <ClientCorsOrigin>(corsOrigin =>
{
corsOrigin.ToTable(storeOptions.ClientCorsOrigin);
corsOrigin.Property(x => x.Origin).HasMaxLength(150).IsRequired();
});
modelBuilder.Entity <ClientProperty>(property =>
{
property.ToTable(storeOptions.ClientProperty);
property.Property(x => x.Key).HasMaxLength(250).IsRequired();
property.Property(x => x.Value).HasMaxLength(2000).IsRequired();
});
}
public ConfigurationDbContext(DbContextOptions <ConfigurationDbContext> options, ConfigurationStoreOptions storeOptions)
: base(options)
{
if (storeOptions == null)
{
throw new ArgumentNullException(nameof(storeOptions));
}
this._storeOptions = storeOptions;
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
try
{
services.AddCertificateManager();
services.AddSingleton <ICryptoServices, CertificateCryptoServices>();
//Register the Permission policy handlers
services.AddSingleton <IAuthorizationPolicyProvider, AuthorizationPolicyProvider>();
services.AddSingleton <IAuthorizationHandler, PermissionHandler>();
services.AddSingleton <IEmailSender, NullEmailSender>();
var mapperOneToOne = MapperConfigurationBuilder.BuidOneToOneMapper;
var mapperIgnoreBase = MapperConfigurationBuilder.BuidIgnoreBaseMapper;
services.AddSingleton <IInputModelMapperAccessor>(new InputModelMapperAccessor
{
MapperOneToOne = mapperOneToOne,
MapperIgnoreBase = mapperIgnoreBase
});
services.AddPasswordGenerator();
services.AddSingleton <IHttpContextAccessor, HttpContextAccessor>();
services.AddSingleton <IPagingHelper, PagingHelper>();
services.Configure <IdentityServerDefaultOptions>(Configuration.GetSection("IdentityServerDefaultOptions"));
var appOptions = Configuration
.GetSection("AppOptions")
.Get <AppOptions>();
services.Configure <AppOptions>(Configuration.GetSection("AppOptions"));
services.Configure <EntityFrameworkConnectionOptions>(Configuration.GetSection("EntityFrameworkConnectionOptions"));
services.Configure <CertificatesOptions>(Configuration.GetSection("CertificatesOptions"));
services.AddScoped <ISessionTenantAccessor, SessionTenantAccessor>();
services.AddTransient <ISigninManager, DefaultSigninManager>();
// services.AddScoped<IUserClaimsPrincipalFactory<IdentityUser>, SeedSessionClaimsPrincipalFactory>();
services.AddScoped <IUserClaimsPrincipalFactory <IdentityUser>, FluffyBunnyAdminPermissionsClaimsPrincipalFactory>();
services.AddCors(options => options.AddPolicy("CorsPolicy",
builder =>
{
builder.AllowAnyMethod()
.AllowAnyHeader()
.AllowAnyOrigin();
}));
// set forward header keys to be the same value as request's header keys
// so that redirect URIs and other security policies work correctly.
var aspNETCORE_FORWARDEDHEADERS_ENABLED = string.Equals(Environment.GetEnvironmentVariable("ASPNETCORE_FORWARDEDHEADERS_ENABLED"), "true", StringComparison.OrdinalIgnoreCase);
if (aspNETCORE_FORWARDEDHEADERS_ENABLED)
{
//To forward the scheme from the proxy in non-IIS scenarios
services.Configure <ForwardedHeadersOptions>(options =>
{
options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
// Only loopback proxies are allowed by default.
// Clear that restriction because forwarders are enabled by explicit
// configuration.
options.KnownNetworks.Clear();
options.KnownProxies.Clear();
});
}
switch (appOptions.DatabaseType)
{
default:
services.AddInMemoryDbContextOptionsProvider();
break;
case AppOptions.DatabaseTypes.Postgres:
services.AddPostgresDbContextOptionsProvider();
break;
case AppOptions.DatabaseTypes.SqlServer:
services.AddSingleton <IMigrationsAssemblyProvider, SqlServerMigrationsAssemblyProvider>();
services.AddSqlServerDbContextOptionsProvider();
break;
}
services.AddDbContextTenantServices();
var options = new ConfigurationStoreOptions();
services.AddSingleton(options);
var operationalStoreOptions = new OperationalStoreOptions
{
EnableTokenCleanup = true
};
services.AddSingleton(operationalStoreOptions);
services.AddDatabaseDeveloperPageExceptionFilter();
services.AddDbContext <ApplicationDbContext>(config =>
{
// for in memory database
config.UseInMemoryDatabase("InMemoryIdentityDatabase");
});
services.AddIdentity <IdentityUser, IdentityRole>()
.AddEntityFrameworkStores <ApplicationDbContext>()
.AddDefaultTokenProviders();
services.AddAuthentication <IdentityUser>(Configuration);
services.AddScoped <IExternalLoginContext, ExternalLoginContext>();
services.AddControllers();
IMvcBuilder builder = services.AddRazorPages();
if (HostingEnvironment.IsDevelopment())
{
builder.AddRazorRuntimeCompilation();
}
//*************************************************
//*********** COOKIE Start ************************
//*************************************************
services.Configure <CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.ConfigureExternalCookie(config =>
{
config.Cookie.SameSite = SameSiteMode.None;
});
services.ConfigureApplicationCookie(options =>
{
options.Cookie.SameSite = SameSiteMode.None;
options.Cookie.SecurePolicy = CookieSecurePolicy.Always;
options.ExpireTimeSpan = TimeSpan.FromSeconds(appOptions.AuthAndSessionCookies.TTL);
options.SlidingExpiration = true;
options.Cookie.Name = $"{Configuration["applicationName"]}.AspNetCore.Identity.Application";
options.LoginPath = $"/Identity/Account/Login";
options.LogoutPath = $"/Identity/Account/Logout";
options.AccessDeniedPath = $"/Identity/Account/AccessDenied";
options.Events = new CookieAuthenticationEvents()
{
OnRedirectToLogin = (ctx) =>
{
if (ctx.Request.Path.StartsWithSegments("/api") && ctx.Response.StatusCode == StatusCodes.Status200OK)
{
ctx.Response.StatusCode = StatusCodes.Status401Unauthorized;
return(Task.CompletedTask);
}
ctx.Response.Redirect(ctx.RedirectUri);
return(Task.CompletedTask);
},
OnRedirectToAccessDenied = (ctx) =>
{
if (ctx.Request.Path.StartsWithSegments("/api") && ctx.Response.StatusCode == StatusCodes.Status200OK)
{
ctx.Response.StatusCode = StatusCodes.Status403Forbidden;
return(Task.CompletedTask);
}
ctx.Response.Redirect(ctx.RedirectUri);
return(Task.CompletedTask);
}
};
});
//*************************************************
//*********** COOKIE END **************************
//*************************************************
// Adds a default in-memory implementation of IDistributedCache.
services.AddDistributedMemoryCache();
services.AddSession(options =>
{
options.Cookie.IsEssential = true;
options.Cookie.Name = $"{Configuration["applicationName"]}.Session";
// Set a short timeout for easy testing.
options.IdleTimeout = TimeSpan.FromSeconds(appOptions.AuthAndSessionCookies.TTL);
options.Cookie.HttpOnly = true;
options.Cookie.SameSite = SameSiteMode.None;
options.Cookie.SecurePolicy = CookieSecurePolicy.Always;
});
}
catch (Exception ex)
{
_deferedException = ex;
}
}
protected override IdentityManagementContext GetContext(DbContextOptions <IdentityManagementContext> options)
{
var storeOptions = new ConfigurationStoreOptions();
return(new IdentityManagementContext(options, storeOptions, new NonPersistingChangeTrackerAuditing()));
}
/// <summary>
/// Configures the resources context.
/// </summary>
/// <param name="modelBuilder">The model builder.</param>
/// <param name="storeOptions">The store options.</param>
public static void ConfigureResourcesContext(this ModelBuilder modelBuilder, ConfigurationStoreOptions storeOptions)
{
if (!string.IsNullOrWhiteSpace(storeOptions.DefaultSchema))
{
modelBuilder.HasDefaultSchema(storeOptions.DefaultSchema);
}
//modelBuilder.Entity<IdentityResource>(identityResource =>
//{
// identityResource.ToTable(storeOptions.IdentityResource).HasKey(x => x.Id);
// identityResource.Property(x => x.Name).HasMaxLength(200).IsRequired();
// identityResource.Property(x => x.DisplayName).HasMaxLength(200);
// identityResource.Property(x => x.Description).HasMaxLength(1000);
// identityResource.HasIndex(x => x.Name).IsUnique();
// identityResource.HasMany(x => x.UserClaims).WithOne(x => x.IdentityResource).HasForeignKey(x => x.IdentityResourceId).IsRequired().OnDelete(DeleteBehavior.Cascade);
// identityResource.HasMany(x => x.Properties).WithOne(x => x.IdentityResource).HasForeignKey(x => x.IdentityResourceId).IsRequired().OnDelete(DeleteBehavior.Cascade);
//});
//modelBuilder.Entity<IdentityClaim>(claim =>
//{
// claim.ToTable(storeOptions.IdentityClaim).HasKey(x => x.Id);
// claim.Property(x => x.Type).HasMaxLength(200).IsRequired();
//});
//modelBuilder.Entity<IdentityResourceProperty>(property =>
//{
// property.ToTable(storeOptions.IdentityResourceProperty);
// property.Property(x => x.Key).HasMaxLength(250).IsRequired();
// property.Property(x => x.Value).HasMaxLength(2000).IsRequired();
//});
modelBuilder.Entity <ApiEntity>(apiResource =>
{
apiResource.ToTable(storeOptions.ApiResource).HasKey(x => x.ApiId);
apiResource.Property(x => x.Nombre).HasMaxLength(200).IsRequired();
apiResource.Property(x => x.NombreMostrar).HasMaxLength(200);
apiResource.Property(x => x.Descripcion).HasMaxLength(1000);
apiResource.HasIndex(x => x.Nombre).IsUnique();
apiResource.HasMany(x => x.Secretos).WithOne(x => x.Api).HasForeignKey(x => x.ApiId).IsRequired().OnDelete(DeleteBehavior.Cascade);
apiResource.HasMany(x => x.Alcances).WithOne(x => x.Api).HasForeignKey(x => x.ApiId).IsRequired().OnDelete(DeleteBehavior.Cascade);
//apiResource.HasMany(x => x.USERCLAIMS).WithOne(x => x.ApiResource).HasForeignKey(x => x.ApiResourceId).IsRequired().OnDelete(DeleteBehavior.Cascade);
//apiResource.HasMany(x => x.PROPIEDADES).WithOne(x => x.ApiResource).HasForeignKey(x => x.ApiResourceId).IsRequired().OnDelete(DeleteBehavior.Cascade);
});
modelBuilder.Entity <ApiSecretoEntity>(apiSecret =>
{
apiSecret.ToTable(storeOptions.ApiSecret).HasKey(x => x.SecretoId);
apiSecret.Property(x => x.Descripcion).HasMaxLength(1000);
apiSecret.Property(x => x.Valor).HasMaxLength(4000).IsRequired();
apiSecret.Property(x => x.Tipo).HasMaxLength(250).IsRequired();
});
//modelBuilder.Entity<ApiResourceClaim>(apiClaim =>
//{
// apiClaim.ToTable(storeOptions.ApiClaim).HasKey(x => x.Id);
// apiClaim.Property(x => x.Type).HasMaxLength(200).IsRequired();
//});
modelBuilder.Entity <ApiAlcanceEntity>(apiScope =>
{
apiScope.ToTable(storeOptions.ApiScope).HasKey(x => x.ApiAlcanceId);
apiScope.Property(x => x.Nombre).HasMaxLength(200).IsRequired();
apiScope.Property(x => x.NombreMostrar).HasMaxLength(200);
apiScope.Property(x => x.Descripcion).HasMaxLength(1000);
apiScope.HasIndex(x => x.Nombre).IsUnique();
//apiScope.HasMany(x => x.UserClaims).WithOne(x => x.ApiScope).HasForeignKey(x => x.ApiScopeId).IsRequired().OnDelete(DeleteBehavior.Cascade);
});
//modelBuilder.Entity<ApiScopeClaim>(apiScopeClaim =>
//{
// apiScopeClaim.ToTable(storeOptions.ApiScopeClaim).HasKey(x => x.Id);
// apiScopeClaim.Property(x => x.Type).HasMaxLength(200).IsRequired();
//});
//modelBuilder.Entity<ApiResourceProperty>(property =>
//{
// property.ToTable(storeOptions.ApiResourceProperty);
// property.Property(x => x.Key).HasMaxLength(250).IsRequired();
// property.Property(x => x.Value).HasMaxLength(2000).IsRequired();
//});
}
/// <summary>
/// Initializes a new instance of the <see cref="ConfigurationDbContext"/> class.
/// </summary>
/// <param name="options">The options.</param>
/// <param name="storeOptions">The store options.</param>
/// <exception cref="ArgumentNullException">storeOptions</exception>
public ConfigurationDbContext(DbContextOptions <ConfigurationDbContext> options, ConfigurationStoreOptions storeOptions)
: base(options, storeOptions)
{
}
/// <summary>
/// Configures the client context.
/// </summary>
/// <param name="modelBuilder">The model builder.</param>
/// <param name="storeOptions">The store options.</param>
public static void ConfigureClientContext(this ModelBuilder modelBuilder, ConfigurationStoreOptions storeOptions)
{
if (!string.IsNullOrWhiteSpace(storeOptions.DefaultSchema))
{
modelBuilder.HasDefaultSchema(storeOptions.DefaultSchema);
}
modelBuilder.Entity <ClienteEntity>(client =>
{
client.ToTable(storeOptions.Client).HasKey(x => x.ClienteId);
client.Property(x => x.ClienteIdDescripcion).HasMaxLength(200).IsRequired();
client.Property(x => x.TipoProtocolo).HasMaxLength(200).IsRequired();
client.Property(x => x.NombreCiente).HasMaxLength(200);
client.Property(x => x.ClienteUrl).HasMaxLength(2000);
client.Property(x => x.LogoUri).HasMaxLength(2000);
client.Property(x => x.Descripcion).HasMaxLength(1000);
client.Property(x => x.FrontChannelLogoutUri).HasMaxLength(2000);
client.Property(x => x.BackChannelLogoutUri).HasMaxLength(2000);
client.Property(x => x.ClientClaimsPrefix).HasMaxLength(200);
client.Property(x => x.PairWiseSubjectSalt).HasMaxLength(200);
client.Property(x => x.UserCodeType).HasMaxLength(100);
client.HasIndex(x => x.ClienteIdDescripcion).IsUnique();
client.HasMany(x => x.TiposConcesionesHabilitadas).WithOne(x => x.Cliente).HasForeignKey(x => x.ClienteId).IsRequired().OnDelete(DeleteBehavior.Cascade);
client.HasMany(x => x.ClienteRedirigirUris).WithOne(x => x.Cliente).HasForeignKey(x => x.ClienteId).IsRequired().OnDelete(DeleteBehavior.Cascade);
client.HasMany(x => x.ClienteRedirigirCerrarSesionUris).WithOne(x => x.Cliente).HasForeignKey(x => x.ClienteId).IsRequired().OnDelete(DeleteBehavior.Cascade);
client.HasMany(x => x.AllowedScopes).WithOne(x => x.Cliente).HasForeignKey(x => x.ClienteId).IsRequired().OnDelete(DeleteBehavior.Cascade);
client.HasMany(x => x.ClienteSecretos).WithOne(x => x.Cliente).HasForeignKey(x => x.ClienteId).IsRequired().OnDelete(DeleteBehavior.Cascade);
//client.HasMany(x => x.Claims).WithOne(x => x.Client).HasForeignKey(x => x.ClientId).IsRequired().OnDelete(DeleteBehavior.Cascade);
//client.HasMany(x => x.IdentityProviderRestrictions).WithOne(x => x.Client).HasForeignKey(x => x.ClientId).IsRequired().OnDelete(DeleteBehavior.Cascade);
client.HasMany(x => x.AllowedCorsOrigins).WithOne(x => x.Cliente).HasForeignKey(x => x.ClienteId).IsRequired().OnDelete(DeleteBehavior.Cascade);
//client.HasMany(x => x.Properties).WithOne(x => x.Client).HasForeignKey(x => x.ClientId).IsRequired().OnDelete(DeleteBehavior.Cascade);
});
modelBuilder.Entity <ClienteTipoConcesionEntity>(grantType =>
{
grantType.ToTable(storeOptions.ClientGrantType).HasKey(x => x.ClienteTipoConcesionId);
grantType.Property(x => x.TipoConcesion).HasMaxLength(250).IsRequired();
});
modelBuilder.Entity <ClienteUrlRedirigirEntity>(redirectUri =>
{
redirectUri.ToTable(storeOptions.ClientRedirectUri).HasKey(x => x.ClienteUrlRedirigirId);
redirectUri.Property(x => x.Url).HasMaxLength(2000).IsRequired();
});
modelBuilder.Entity <ClienteUrlRedirigirCerrarSesionEntity>(postLogoutRedirectUri =>
{
postLogoutRedirectUri.ToTable(storeOptions.ClientPostLogoutRedirectUri).HasKey(x => x.ClienteUrlRedirigirCerrarSesionId);
postLogoutRedirectUri.Property(x => x.Url).HasMaxLength(2000).IsRequired();
});
modelBuilder.Entity <ClienteAlcanceEntity>(scope =>
{
scope.ToTable(storeOptions.ClientScopes).HasKey(x => x.ClienteAlcanceId);
scope.Property(x => x.Alcance).HasMaxLength(200).IsRequired();
});
modelBuilder.Entity <ClienteSecretoEntity>(secret =>
{
secret.ToTable(storeOptions.ClientSecret).HasKey(x => x.SecretoId);
secret.Property(x => x.Valor).HasMaxLength(4000).IsRequired();
secret.Property(x => x.Tipo).HasMaxLength(250).IsRequired();
secret.Property(x => x.Descripcion).HasMaxLength(2000);
});
//modelBuilder.Entity<ClientClaim>(claim =>
//{
// claim.ToTable(storeOptions.ClientClaim);
// claim.Property(x => x.Type).HasMaxLength(250).IsRequired();
// claim.Property(x => x.Value).HasMaxLength(250).IsRequired();
//});
//modelBuilder.Entity<ClientIdPRestriction>(idPRestriction =>
//{
// idPRestriction.ToTable(storeOptions.ClientIdPRestriction);
// idPRestriction.Property(x => x.Provider).HasMaxLength(200).IsRequired();
//});
modelBuilder.Entity <ClienteOrigenCruzadoEntity>(corsOrigin =>
{
corsOrigin.ToTable(storeOptions.ClientCorsOrigin).HasKey(x => x.ClienteOrigenCruzadoId);
corsOrigin.Property(x => x.Origen).HasMaxLength(150).IsRequired();
});
//modelBuilder.Entity<ClientProperty>(property =>
//{
// property.ToTable(storeOptions.ClientProperty);
// property.Property(x => x.Key).HasMaxLength(250).IsRequired();
// property.Property(x => x.Value).HasMaxLength(2000).IsRequired();
//});
}
public IdentityServerConfigurationDbContext(DbContextOptions <IdentityServerConfigurationDbContext> options, ConfigurationStoreOptions storeOptions)
: base(options, storeOptions)
{
}
//public ApplicationDbContext(DbContextOptions<ApplicationDbContext> options)
// : base(options)
//{
//}
public ApplicationDbContext(DbContextOptions options,
ConfigurationStoreOptions configurationStoreOptions, OperationalStoreOptions operationalStoreOptions,
IConfiguration configuration) : base(options, configurationStoreOptions, operationalStoreOptions)
{
_configuration = configuration;
}
