public static PasswordlessLoginBuilder AddOpenIdAuthority(this PasswordlessLoginBuilder builder, IConfiguration configuration) { if (builder == null) { throw new ArgumentNullException(nameof(builder)); } if (configuration == null) { throw new ArgumentNullException(nameof(configuration)); } var hostingConfig = new HostingConfig(); configuration.Bind(OpenIdAuthorityConstants.ConfigurationSections.Hosting, hostingConfig); builder.Services.AddSingleton(hostingConfig); var appConfigs = configuration.GetAppConfigs(); var appService = new DefaultApplicationService(appConfigs); builder.Services.TryAddSingleton <IApplicationService>(appService); var clients = AppConfigHelper.GetClientsFromAppConfig(appConfigs); var apps = AppConfigHelper.GetAppsFromClients(clients); var appStore = new InMemoryAppStore(apps); builder.Services.TryAddSingleton <IAppStore>(appStore); var idScopeConfig = configuration.GetSection(OpenIdAuthorityConstants.ConfigurationSections.IdScopes).Get <List <IdScopeConfig> >() ?? new List <IdScopeConfig>(); var idScopes = idScopeConfig.Select(x => new IdentityResource(x.Name, x.IncludeClaimTypes) { Required = x.Required }).ToList(); idScopes.AddRange(new List <IdentityResource>() { new IdentityResources.OpenId(), new IdentityResources.Profile(), new IdentityResources.Email(), new IdentityResources.Phone(), new IdentityResources.Address(), }); var apiConfigs = configuration.GetSection(OpenIdAuthorityConstants.ConfigurationSections.Apis).Get <List <ApiConfig> >() ?? new List <ApiConfig>(); var apiResources = apiConfigs.Select(x => new ApiResource(x.Url, x.IncludeClaimTypes) { ApiSecrets = x.Secrets?.ToList()?.Select(y => new Secret(y.Sha256())).ToList(), Scopes = x.Scopes?.ToList()?.Select(y => new Scope(y)).ToList() }).ToList(); builder.Services.AddTransient <ISignInService, OpenIdAuthoritySignInService>(); // NOTE: This must replace the service registered by PasswordlessLogin builder.Services.TryAddTransient <SimpleIAM.PasswordlessLogin.Services.Password.IReadOnlyPasswordService, SimpleIAM.PasswordlessLogin.Services.Password.DefaultPasswordService>(); builder.Services.TryAddTransient <IResourceOwnerPasswordValidator, ResourceOwnerPasswordValidator>(); builder.Services.AddIdentityServer(options => { options.UserInteraction.LoginUrl = builder.Options.Urls.SignIn; options.UserInteraction.LogoutUrl = builder.Options.Urls.SignOut; options.UserInteraction.LogoutIdParameter = OpenIdAuthorityConstants.Configuration.LogoutIdParameter; options.UserInteraction.ErrorUrl = builder.Options.Urls.Error; options.Authentication.CookieLifetime = TimeSpan.FromMinutes(builder.Options.DefaultSessionLengthMinutes); }) .AddDeveloperSigningCredential() //todo: replace .AddInMemoryApiResources(apiResources) .AddInMemoryClients(clients) .AddProfileService <ProfileService>() .AddInMemoryIdentityResources(idScopes); builder.Services.AddSingleton <IConfigureOptions <CookieAuthenticationOptions>, ReconfigureCookieOptions>(); return(builder); }
public static IServiceCollection AddOpenIdAuthority(this IServiceCollection services, IConfiguration configuration) { if (services == null) { throw new ArgumentNullException(nameof(services)); } var idProviderConfig = new IdProviderConfig(); configuration.Bind("IdProvider", idProviderConfig); services.AddSingleton(idProviderConfig); var hostingConfig = new HostingConfig(); configuration.Bind("Hosting", hostingConfig); services.AddSingleton(hostingConfig); var clientConfigs = configuration.GetSection("Apps").Get <List <ClientAppConfig> >() ?? new List <ClientAppConfig>(); var clients = ClientConfigHelper.GetClientsFromConfig(clientConfigs); var apps = ClientConfigHelper.GetAppsFromClients(clients); var appStore = new InMemoryAppStore(apps); services.AddSingleton <IAppStore>(appStore); var idScopeConfig = configuration.GetSection("IdScopes").Get <List <IdScopeConfig> >() ?? new List <IdScopeConfig>(); var idScopes = idScopeConfig.Select(x => new IdentityResource(x.Name, x.DisplayName ?? x.Name, x.ClaimTypes) { Required = x.Required }).ToList(); idScopes.AddRange(new List <IdentityResource>() { new IdentityResources.OpenId(), new IdentityResources.Profile(), new IdentityResources.Email(), new IdentityResources.Phone(), new IdentityResources.Address(), }); var connection = configuration.GetConnectionString("OpenIdAuthority"); services.AddDbContext <OpenIdAuthorityDbContext>(options => options.UseSqlServer(connection)); services.AddTransient <IOneTimeCodeStore, DbOneTimeCodeStore>(); services.AddTransient <IOneTimeCodeService, OneTimeCodeService>(); services.AddTransient <IUserStore, DbUserStore>(); services.AddTransient <IMessageService, MessageService>(); services.AddIdentityServer(options => { options.UserInteraction.LoginUrl = "/signin"; options.UserInteraction.LogoutUrl = "/signout"; options.UserInteraction.LogoutIdParameter = "id"; options.UserInteraction.ErrorUrl = "/error"; options.Authentication.CookieLifetime = TimeSpan.FromMinutes(idProviderConfig.DefaultSessionLengthMinutes); }) .AddDeveloperSigningCredential() //todo: replace .AddInMemoryClients(clients) .AddProfileService <ProfileService>() .AddInMemoryIdentityResources(idScopes); var smtpConfig = new SmtpConfig(); configuration.Bind("Mail:Smtp", smtpConfig); services.AddSingleton(smtpConfig); services.AddTransient <IEmailService, SmtpEmailService>(); var emailTemplates = ProcessEmailTemplates.GetTemplatesFromMailConfig(configuration.GetSection("Mail")); services.AddSingleton(emailTemplates); services.AddTransient <IEmailTemplateService, EmailTemplateService>(); services.AddSingleton <IPasswordHashService>(new AspNetIdentityPasswordHashService(10000)); services.AddTransient <IPasswordHashStore, DbPasswordHashStore>(); services.AddTransient <IPasswordService, DefaultPasswordService>(); services.AddTransient <AuthenticateOrchestrator>(); services.AddTransient <UserOrchestrator>(); services.AddEmbeddedViews(); services.AddSingleton <IHttpContextAccessor, HttpContextAccessor>(); // IUrlHelper services.AddSingleton <IActionContextAccessor, ActionContextAccessor>(); services.AddScoped <IUrlHelper>(x => { var actionContext = x.GetRequiredService <IActionContextAccessor>().ActionContext; var factory = x.GetRequiredService <IUrlHelperFactory>(); return(factory.GetUrlHelper(actionContext)); }); var allowedOrigins = clients.SelectMany(x => x.AllowedCorsOrigins).Distinct().ToArray(); if (allowedOrigins.Length > 0) { services.AddCors(options => { options.AddPolicy("CorsPolicy", builder => builder .WithOrigins(allowedOrigins) .AllowAnyMethod() .AllowAnyHeader() .AllowCredentials()); }); } services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1); services.AddSingleton <ITempDataProvider, CookieTempDataProvider>(); return(services); }