Exemple #1
0
 public HttpPeer(string hostAndPort, HttpClient httpClient, IBaseUrlFinder finder, IInternalConfiguration config, IIdentityServerConfiguration identityServerConfiguration)
 {
     _identityServerConfiguration = identityServerConfiguration;
     _config                 = config;
     Id                      = hostAndPort;
     _hostAndPort            = hostAndPort;
     _httpClient             = httpClient;
     _jsonSerializerSettings = new JsonSerializerSettings()
     {
         TypeNameHandling = TypeNameHandling.All
     };
     _baseSchemeUrlAndPort = finder.Find();
 }
Exemple #2
0
 public HttpPeer(string hostAndPort, HttpClient httpClient, IWebHostBuilder builder, IOcelotConfiguration config, IIdentityServerConfiguration identityServerConfiguration)
 {
     _identityServerConfiguration = identityServerConfiguration;
     _config                 = config;
     Id                      = hostAndPort;
     _hostAndPort            = hostAndPort;
     _httpClient             = httpClient;
     _jsonSerializerSettings = new JsonSerializerSettings()
     {
         TypeNameHandling = TypeNameHandling.All
     };
     _baseSchemeUrlAndPort = builder.GetSetting(WebHostDefaults.ServerUrlsKey);
 }
 private static List <Client> Client(IIdentityServerConfiguration identityServerConfiguration)
 {
     return(new List <Client>
     {
         new Client
         {
             ClientId = identityServerConfiguration.ApiName,
             AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
             ClientSecrets = new List <Secret> {
                 new Secret(identityServerConfiguration.ApiSecret.Sha256())
             },
             AllowedScopes = { identityServerConfiguration.ApiName }
         }
     });
 }
Exemple #4
0
 private List <Client> Client(IIdentityServerConfiguration identityServerConfiguration)
 {
     return(new List <Client>
     {
         new Client
         {
             ClientId = identityServerConfiguration.ApiName,
             AllowedGrantTypes = GrantTypes.ClientCredentials,
             ClientSecrets = new List <Secret> {
                 new Secret(identityServerConfiguration.ApiSecret.Sha256())
             },
             AllowedScopes = { identityServerConfiguration.ApiName }
         }
     });
 }
 private static List <ApiResource> Resources(IIdentityServerConfiguration identityServerConfiguration)
 {
     return(new List <ApiResource>
     {
         new ApiResource(identityServerConfiguration.ApiName, identityServerConfiguration.ApiName)
         {
             ApiSecrets = new List <Secret>
             {
                 new Secret
                 {
                     Value = identityServerConfiguration.ApiSecret.Sha256()
                 }
             }
         }
     });
 }
Exemple #6
0
        public FilePeersProvider(IOptions <FilePeers> options, IBaseUrlFinder finder, IOcelotConfigurationProvider provider, IIdentityServerConfiguration identityServerConfig)
        {
            _identityServerConfig = identityServerConfig;
            _provider             = provider;
            _finder  = finder;
            _options = options;
            _peers   = new List <IPeer>();
            //todo - sort out async nonsense..
            var config = _provider.Get().GetAwaiter().GetResult();

            foreach (var item in _options.Value.Peers)
            {
                var httpClient = new HttpClient();
                //todo what if this errors?
                var httpPeer = new HttpPeer(item.HostAndPort, httpClient, _finder, config.Data, _identityServerConfig);
                _peers.Add(httpPeer);
            }
        }
        public FilePeersProvider(IOptions <FilePeers> options, IBaseUrlFinder finder, IInternalConfigurationRepository repo, IIdentityServerConfiguration identityServerConfig)
        {
            _identityServerConfig = identityServerConfig;
            _repo    = repo;
            _finder  = finder;
            _options = options;
            _peers   = new List <IPeer>();

            var config = _repo.Get();

            foreach (var item in _options.Value.Peers)
            {
                var httpClient = new HttpClient();

                //todo what if this errors?
                var httpPeer = new HttpPeer(item.HostAndPort, httpClient, _finder, config.Data, _identityServerConfig);
                _peers.Add(httpPeer);
            }
        }
        private static void AddIdentityServer(IIdentityServerConfiguration identityServerConfiguration, IAdministrationPath adminPath, IOcelotBuilder builder, IConfiguration configuration)
        {
            builder.Services.TryAddSingleton <IIdentityServerConfiguration>(identityServerConfiguration);
            var identityServerBuilder = builder.Services
                                        .AddIdentityServer(o =>
            {
                o.IssuerUri = "Ocelot";
                o.EmitStaticAudienceClaim = true;
            })
                                        .AddInMemoryApiScopes(ApiScopes(identityServerConfiguration))
                                        .AddInMemoryApiResources(Resources(identityServerConfiguration))
                                        .AddInMemoryClients(Client(identityServerConfiguration));

            var urlFinder            = new BaseUrlFinder(configuration);
            var baseSchemeUrlAndPort = urlFinder.Find();

            JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();

            builder.Services
            .AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
            .AddJwtBearer("Bearer", options =>
            {
                options.Authority            = baseSchemeUrlAndPort + adminPath.Path;
                options.RequireHttpsMetadata = identityServerConfiguration.RequireHttps;

                options.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidateAudience = false,
                };
            });

            //todo - refactor naming..
            if (string.IsNullOrEmpty(identityServerConfiguration.CredentialsSigningCertificateLocation) || string.IsNullOrEmpty(identityServerConfiguration.CredentialsSigningCertificatePassword))
            {
                identityServerBuilder.AddDeveloperSigningCredential();
            }
            else
            {
                //todo - refactor so calls method?
                var cert = new X509Certificate2(identityServerConfiguration.CredentialsSigningCertificateLocation, identityServerConfiguration.CredentialsSigningCertificatePassword, X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.Exportable);
                identityServerBuilder.AddSigningCredential(cert);
            }
        }
        private static void AddIdentityServer(this IServiceCollection services, IIdentityServerConfiguration identityServerConfiguration, IConfigurationRoot configurationRoot)
        {
            services.TryAddSingleton <IIdentityServerConfiguration>(identityServerConfiguration);
            services.TryAddSingleton <IHashMatcher, HashMatcher>();
            var identityServerBuilder = services
                                        .AddIdentityServer(o => {
                o.IssuerUri = "Ocelot";
            })
                                        .AddInMemoryApiResources(Resources(identityServerConfiguration))
                                        .AddInMemoryClients(Client(identityServerConfiguration))
                                        .AddResourceOwnerValidator <OcelotResourceOwnerPasswordValidator>();

            //todo - refactor a method so we know why this is happening
            var whb                  = services.First(x => x.ServiceType == typeof(IWebHostBuilder));
            var urlFinder            = new BaseUrlFinder((IWebHostBuilder)whb.ImplementationInstance);
            var baseSchemeUrlAndPort = urlFinder.Find();

            JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();

            services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
            .AddIdentityServerAuthentication(o =>
            {
                var adminPath          = configurationRoot.GetValue("GlobalConfiguration:AdministrationPath", string.Empty);
                o.Authority            = baseSchemeUrlAndPort + adminPath;
                o.ApiName              = identityServerConfiguration.ApiName;
                o.RequireHttpsMetadata = identityServerConfiguration.RequireHttps;
                o.SupportedTokens      = SupportedTokens.Both;
                o.ApiSecret            = identityServerConfiguration.ApiSecret;
            });

            //todo - refactor naming..
            if (string.IsNullOrEmpty(identityServerConfiguration.CredentialsSigningCertificateLocation) || string.IsNullOrEmpty(identityServerConfiguration.CredentialsSigningCertificatePassword))
            {
                identityServerBuilder.AddDeveloperSigningCredential();
            }
            else
            {
                //todo - refactor so calls method?
                var cert = new X509Certificate2(identityServerConfiguration.CredentialsSigningCertificateLocation, identityServerConfiguration.CredentialsSigningCertificatePassword);
                identityServerBuilder.AddSigningCredential(cert);
            }
        }
Exemple #10
0
        private void AddIdentityServer(IIdentityServerConfiguration identityServerConfiguration, IAdministrationPath adminPath)
        {
            _services.TryAddSingleton <IIdentityServerConfiguration>(identityServerConfiguration);
            _services.TryAddSingleton <IHashMatcher, HashMatcher>();
            var identityServerBuilder = _services
                                        .AddIdentityServer(o => {
                o.IssuerUri = "Ocelot";
            })
                                        .AddInMemoryApiResources(Resources(identityServerConfiguration))
                                        .AddInMemoryClients(Client(identityServerConfiguration));

            var urlFinder            = new BaseUrlFinder(_configurationRoot);
            var baseSchemeUrlAndPort = urlFinder.Find();

            JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();


            _services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
            .AddIdentityServerAuthentication(o =>
            {
                o.Authority            = baseSchemeUrlAndPort + adminPath.Path;
                o.ApiName              = identityServerConfiguration.ApiName;
                o.RequireHttpsMetadata = identityServerConfiguration.RequireHttps;
                o.SupportedTokens      = SupportedTokens.Both;
                o.ApiSecret            = identityServerConfiguration.ApiSecret;
            });

            //todo - refactor naming..
            if (string.IsNullOrEmpty(identityServerConfiguration.CredentialsSigningCertificateLocation) || string.IsNullOrEmpty(identityServerConfiguration.CredentialsSigningCertificatePassword))
            {
                identityServerBuilder.AddDeveloperSigningCredential();
            }
            else
            {
                //todo - refactor so calls method?
                var cert = new X509Certificate2(identityServerConfiguration.CredentialsSigningCertificateLocation, identityServerConfiguration.CredentialsSigningCertificatePassword);
                identityServerBuilder.AddSigningCredential(cert);
            }
        }
 private static IEnumerable <ApiScope> ApiScopes(IIdentityServerConfiguration identityServerConfiguration)
 {
     return(identityServerConfiguration.AllowedScopes.Select(s => new ApiScope(s)));
 }
Exemple #12
0
 public OcelotResourceOwnerPasswordValidator(IHashMatcher matcher, IIdentityServerConfiguration identityServerConfiguration)
 {
     _identityServerConfiguration = identityServerConfiguration;
     _matcher = matcher;
 }