public CreateAdminHost(ISemanticLog log, IServiceProvider serviceProvider, IOptions <MyIdentityOptions> identityOptions) : base(log) { this.serviceProvider = serviceProvider; this.identityOptions = identityOptions.Value; }
public AccountController( IUserService userService, IOptions <MyIdentityOptions> identityOptions) { this.identityOptions = identityOptions.Value; this.userService = userService; }
public AuthController(UserManager <AppUser> users, RoleManager <IdentityRole> roles, MyIdentityOptions options, SignInManager <AppUser> signIn) { _users = users; _roles = roles; _options = options; _signIn = signIn; }
public AccountController( IUserService userService, IOptions <MyIdentityOptions> identityOptions, IIdentityServerInteractionService interactions) { this.identityOptions = identityOptions.Value; this.interactions = interactions; this.userService = userService; }
public ProfileController( IOptions <MyIdentityOptions> identityOptions, IUserPictureStore userPictureStore, IUserService userService, IAssetThumbnailGenerator assetThumbnailGenerator) { this.identityOptions = identityOptions.Value; this.userPictureStore = userPictureStore; this.userService = userService; this.assetThumbnailGenerator = assetThumbnailGenerator; }
public AccountController( IUserService userService, IUrlGenerator urlGenerator, IOptions <MyIdentityOptions> identityOptions, ISemanticLog log, IIdentityServerInteractionService interactions) { this.identityOptions = identityOptions.Value; this.interactions = interactions; this.urlGenerator = urlGenerator; this.userService = userService; this.log = log; }
public SetupController( IAssetStore assetStore, IOptions <MyUIOptions> uiOptions, IOptions <MyIdentityOptions> identityOptions, IUrlGenerator urlGenerator, IUserService userService) { this.assetStore = assetStore; this.identityOptions = identityOptions.Value; this.uiOptions = uiOptions.Value; this.urlGenerator = urlGenerator; this.userService = userService; }
public ProfileController( SignInManager <IdentityUser> signInManager, IUserPictureStore userPictureStore, IUserService userService, IAssetThumbnailGenerator assetThumbnailGenerator, IOptions <MyIdentityOptions> identityOptions) { this.signInManager = signInManager; this.identityOptions = identityOptions.Value; this.userPictureStore = userPictureStore; this.userService = userService; this.assetThumbnailGenerator = assetThumbnailGenerator; }
public AccountController( SignInManager <IdentityUser> signInManager, UserManager <IdentityUser> userManager, IUserFactory userFactory, IUserEvents userEvents, IOptions <MyIdentityOptions> identityOptions, ISemanticLog log, IIdentityServerInteractionService interactions) { this.log = log; this.userEvents = userEvents; this.userManager = userManager; this.userFactory = userFactory; this.interactions = interactions; this.identityOptions = identityOptions.Value; this.signInManager = signInManager; }
public static AuthenticationBuilder AddSquidexExternalOdic(this AuthenticationBuilder authBuilder, MyIdentityOptions identityOptions) { if (identityOptions.IsOidcConfigured()) { var displayName = !string.IsNullOrWhiteSpace(identityOptions.OidcName) ? identityOptions.OidcName : OpenIdConnectDefaults.DisplayName; authBuilder.AddOpenIdConnect("ExternalOidc", displayName, options => { options.Authority = identityOptions.OidcAuthority; options.ClientId = identityOptions.OidcClient; options.ClientSecret = identityOptions.OidcSecret; options.RequireHttpsMetadata = false; options.Events = new OidcHandler(identityOptions); if (identityOptions.OidcScopes != null) { foreach (var scope in identityOptions.OidcScopes) { options.Scope.Add(scope); } } }); } return(authBuilder); }
public static AuthenticationBuilder AddSquidexExternalMicrosoftAuthentication(this AuthenticationBuilder authBuilder, MyIdentityOptions identityOptions) { if (identityOptions.IsMicrosoftAuthConfigured()) { authBuilder.AddMicrosoftAccount(options => { options.ClientId = identityOptions.MicrosoftClient; options.ClientSecret = identityOptions.MicrosoftSecret; options.Events = new MicrosoftHandler(); }); } return(authBuilder); }
public static AuthenticationBuilder AddMyIdentityServerAuthentication(this AuthenticationBuilder authBuilder, MyIdentityOptions identityOptions, IConfiguration config) { var apiScope = Constants.ApiScope; var urlsOptions = config.GetSection("urls").Get <UrlsOptions>(); if (!string.IsNullOrWhiteSpace(urlsOptions.BaseUrl)) { string apiAuthorityUrl; if (!string.IsNullOrWhiteSpace(identityOptions.AuthorityUrl)) { apiAuthorityUrl = identityOptions.AuthorityUrl.BuildFullUrl(Constants.IdentityServerPrefix); } else { apiAuthorityUrl = urlsOptions.BuildUrl(Constants.IdentityServerPrefix); } authBuilder.AddIdentityServerAuthentication(options => { options.Authority = apiAuthorityUrl; options.ApiName = apiScope; options.ApiSecret = null; options.RequireHttpsMetadata = identityOptions.RequiresHttps; }); authBuilder.AddOpenIdConnect(options => { options.Authority = apiAuthorityUrl; options.ClientId = Constants.InternalClientId; options.ClientSecret = Constants.InternalClientSecret; options.RequireHttpsMetadata = identityOptions.RequiresHttps; options.SaveTokens = true; options.Scope.Add(Constants.PermissionsScope); options.Scope.Add(Constants.ProfileScope); options.Scope.Add(Constants.RoleScope); options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme; }); } return(authBuilder); }
public static AuthenticationBuilder AddSquidexExternalGithubAuthentication(this AuthenticationBuilder authBuilder, MyIdentityOptions identityOptions) { if (identityOptions.IsGithubAuthConfigured()) { authBuilder.AddGitHub(options => { options.ClientId = identityOptions.GithubClient; options.ClientSecret = identityOptions.GithubSecret; options.Events = new GithubHandler(); }); } return(authBuilder); }
private static IEnumerable <Client> CreateStaticClients(UrlsOptions urlsOptions, MyIdentityOptions identityOptions) { var frontendId = Constants.FrontendClient; yield return(new Client { ClientId = frontendId, ClientName = frontendId, RedirectUris = new List <string> { urlsOptions.BuildUrl("login;"), urlsOptions.BuildUrl("client-callback-silent", false), urlsOptions.BuildUrl("client-callback-popup", false) }, PostLogoutRedirectUris = new List <string> { urlsOptions.BuildUrl("logout", false) }, AllowAccessTokensViaBrowser = true, AllowedGrantTypes = GrantTypes.Implicit, AllowedScopes = new List <string> { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Profile, IdentityServerConstants.StandardScopes.Email, Constants.ApiScope, Constants.PermissionsScope, Constants.ProfileScope, Constants.RoleScope }, RequireConsent = false }); var internalClient = Constants.InternalClientId; yield return(new Client { ClientId = internalClient, ClientName = internalClient, ClientSecrets = new List <Secret> { new Secret(Constants.InternalClientSecret) }, RedirectUris = new List <string> { urlsOptions.BuildUrl($"{Constants.PortalPrefix}/signin-internal", false), urlsOptions.BuildUrl($"{Constants.OrleansPrefix}/signin-internal", false) }, AccessTokenLifetime = (int)TimeSpan.FromDays(30).TotalSeconds, AllowedGrantTypes = GrantTypes.ImplicitAndClientCredentials, AllowedScopes = new List <string> { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Profile, IdentityServerConstants.StandardScopes.Email, Constants.ApiScope, Constants.PermissionsScope, Constants.ProfileScope, Constants.RoleScope }, RequireConsent = false }); if (identityOptions.IsAdminClientConfigured()) { var id = identityOptions.AdminClientId; yield return(new Client { ClientId = id, ClientName = id, ClientSecrets = new List <Secret> { new Secret(identityOptions.AdminClientSecret.Sha256()) }, AccessTokenLifetime = (int)TimeSpan.FromDays(30).TotalSeconds, AllowedGrantTypes = GrantTypes.ClientCredentials, AllowedScopes = new List <string> { Constants.ApiScope, Constants.RoleScope, Constants.PermissionsScope }, Claims = new List <Claim> { new Claim(SquidexClaimTypes.Permissions, Permissions.All) } }); } }
public static async Task SeedDatabase(IServiceProvider serviceProvider, MyIdentityOptions options, UniAccomodationDbContext context) { // If there are no users, seed the database if (!context.Users.Any()) { UserManager <ApplicationUser> userManager = serviceProvider.GetRequiredService <UserManager <ApplicationUser> >(); RoleManager <IdentityRole> roleManager = serviceProvider.GetRequiredService <RoleManager <IdentityRole> >(); // 1. Create roles //Users if (!await roleManager.RoleExistsAsync("User")) { await roleManager.CreateAsync(new IdentityRole("User")); } //Landlords if (!await roleManager.RoleExistsAsync("Landlord")) { await roleManager.CreateAsync(new IdentityRole("Landlord")); } //Admins if (!await roleManager.RoleExistsAsync("Admin")) { await roleManager.CreateAsync(new IdentityRole("Admin")); } // 2. Create Admin account string username = options.AdminUser.Name; string email = options.AdminUser.Email; string password = options.AdminUser.Password; string role = options.AdminUser.Role; if (await userManager.FindByNameAsync(username) == null) { if (await roleManager.FindByNameAsync(role) == null) { await roleManager.CreateAsync(new IdentityRole(role)); } AccomodationOfficer admin = new AccomodationOfficer { UserName = username, Email = email }; IdentityResult result = await userManager.CreateAsync(admin, password); if (result.Succeeded) { await userManager.AddToRoleAsync(admin, role); } } // 3. Create some Landlords foreach (var lnd in options.Landlords) { var landlord = new Landlord() { UserName = lnd.Name, Email = lnd.Email }; IdentityResult result = await userManager.CreateAsync(landlord, lnd.Password); if (result.Succeeded) { await userManager.AddToRoleAsync(landlord, "Landlord"); // 4. Create some adverts for each landlord foreach (var adv in lnd.Adverts) { var advert = new Advert() { Title = adv.Title, Description = adv.Description, MonthlyPrice = adv.MonthlyPrice, Landlord = landlord }; context.Adverts.Add(advert); } context.SaveChanges(); } } } }
public static AuthenticationBuilder AddMyGoogleAuthentication(this AuthenticationBuilder authBuilder, MyIdentityOptions identityOptions) { if (identityOptions.IsGoogleAuthConfigured()) { authBuilder.AddGoogle(options => { options.ClientId = identityOptions.GoogleClient; options.ClientSecret = identityOptions.GoogleSecret; options.Events = new GoogleHandler(); }); } return(authBuilder); }
public static AuthenticationBuilder AddMyExternalOdic(this AuthenticationBuilder authBuilder, MyIdentityOptions identityOptions) { if (identityOptions.IsOidcConfigured()) { var displayName = !string.IsNullOrWhiteSpace(identityOptions.OidcName) ? identityOptions.OidcName : OpenIdConnectDefaults.DisplayName; authBuilder.AddOpenIdConnect("ExternalOidc", displayName, options => { options.Authority = identityOptions.OidcAuthority; options.ClientId = identityOptions.OidcClient; options.ClientSecret = identityOptions.OidcSecret; options.Scope.Add(Constants.EmailScope); options.Scope.Add(Constants.PermissionsScope); options.RequireHttpsMetadata = false; }); } return(authBuilder); }
public static AuthenticationBuilder AddSquidexIdentityServerAuthentication(this AuthenticationBuilder authBuilder, MyIdentityOptions identityOptions, IConfiguration config) { var apiScope = Constants.ApiScope; var urlsOptions = config.GetSection("urls").Get <UrlsOptions>(); if (!string.IsNullOrWhiteSpace(urlsOptions.BaseUrl)) { string apiAuthorityUrl; if (!string.IsNullOrWhiteSpace(identityOptions.AuthorityUrl)) { apiAuthorityUrl = identityOptions.AuthorityUrl.BuildFullUrl(Constants.IdentityServerPrefix); } else { apiAuthorityUrl = urlsOptions.BuildUrl(Constants.IdentityServerPrefix); } authBuilder.AddIdentityServerAuthentication(options => { options.Authority = apiAuthorityUrl; options.ApiName = apiScope; options.ApiSecret = null; options.RequireHttpsMetadata = identityOptions.RequiresHttps; options.SupportedTokens = SupportedTokens.Jwt; var fromHeader = TokenRetrieval.FromAuthorizationHeader(); var fromQuery = TokenRetrieval.FromQueryString(); options.TokenRetriever = request => { var result = fromHeader(request) ?? fromQuery(request); return(result); }; }); authBuilder.AddOpenIdConnect(options => { options.Authority = apiAuthorityUrl; options.ClientId = Constants.InternalClientId; options.ClientSecret = Constants.InternalClientSecret; options.CallbackPath = "/signin-internal"; options.RequireHttpsMetadata = identityOptions.RequiresHttps; options.SaveTokens = true; options.Scope.Add(Constants.PermissionsScope); options.Scope.Add(Constants.ProfileScope); options.Scope.Add(Constants.RoleScope); options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme; }); } return(authBuilder); }
public CreateAdminInitializer(IServiceProvider serviceProvider, IOptions <MyIdentityOptions> identityOptions) { this.serviceProvider = serviceProvider; this.identityOptions = identityOptions.Value; }
public static AuthenticationBuilder AddSquidexExternalMicrosoftAuthentication(this AuthenticationBuilder authBuilder, MyIdentityOptions identityOptions) { if (identityOptions.IsMicrosoftAuthConfigured()) { authBuilder.AddMicrosoftAccount(options => { options.ClientId = identityOptions.MicrosoftClient; options.ClientSecret = identityOptions.MicrosoftSecret; options.Events = new MicrosoftHandler(); var tenantId = identityOptions.MicrosoftTenant; if (!string.IsNullOrEmpty(tenantId)) { var resource = "https://graph.microsoft.com"; options.AuthorizationEndpoint = $"https://login.microsoftonline.com/{tenantId}/oauth2/authorize?resource={resource}"; options.TokenEndpoint = $"https://login.microsoftonline.com/{tenantId}/oauth2/token?resource={resource}"; } }); } return(authBuilder); }
public static AuthenticationBuilder AddSquidexIdentityServerAuthentication(this AuthenticationBuilder authBuilder, MyIdentityOptions identityOptions, IConfiguration config) { if (!string.IsNullOrWhiteSpace(identityOptions.AuthorityUrl)) { var apiAuthorityUrl = identityOptions.AuthorityUrl; authBuilder.AddOpenIdConnect(options => { options.Authority = apiAuthorityUrl; options.ClientId = Constants.InternalClientId; options.ClientSecret = Constants.InternalClientSecret; options.CallbackPath = "/signin-internal"; options.RequireHttpsMetadata = identityOptions.RequiresHttps; options.SaveTokens = true; options.Scope.Add(Constants.PermissionsScope); options.Scope.Add(Constants.ProfileScope); options.Scope.Add(Constants.RoleScope); options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme; }); } else { authBuilder.AddLocalApi(Constants.ApiSecurityScheme, options => { options.ExpectedScope = Constants.ApiScope; }); } return(authBuilder); }
public OidcHandler(MyIdentityOptions options) { this.options = options; }
public static AuthenticationBuilder AddSquidexExternalOdic(this AuthenticationBuilder authBuilder, MyIdentityOptions identityOptions) { if (identityOptions.IsOidcConfigured()) { var displayName = !string.IsNullOrWhiteSpace(identityOptions.OidcName) ? identityOptions.OidcName : OpenIdConnectDefaults.DisplayName; authBuilder.AddOpenIdConnect("ExternalOidc", displayName, options => { options.Authority = identityOptions.OidcAuthority; options.ClientId = identityOptions.OidcClient; options.ClientSecret = identityOptions.OidcSecret; options.RequireHttpsMetadata = identityOptions.RequiresHttps; options.Events = new OidcHandler(identityOptions); if (!string.IsNullOrEmpty(identityOptions.OidcMetadataAddress)) { options.MetadataAddress = identityOptions.OidcMetadataAddress; } if (!string.IsNullOrEmpty(identityOptions.OidcResponseType)) { options.ResponseType = identityOptions.OidcResponseType; } options.GetClaimsFromUserInfoEndpoint = identityOptions.OidcGetClaimsFromUserInfoEndpoint; if (identityOptions.OidcScopes != null) { foreach (var scope in identityOptions.OidcScopes) { options.Scope.Add(scope); } } }); } return(authBuilder); }
public static AuthenticationBuilder AddSquidexIdentityServerAuthentication(this AuthenticationBuilder authBuilder, MyIdentityOptions identityOptions, IConfiguration config) { var useCustomAuthorityUrl = !string.IsNullOrWhiteSpace(identityOptions.AuthorityUrl); if (useCustomAuthorityUrl) { const string ExternalIdentityServerSchema = nameof(ExternalIdentityServerSchema); authBuilder.AddOpenIdConnect(ExternalIdentityServerSchema, options => { options.Authority = identityOptions.AuthorityUrl; options.Scope.Add(Scopes.Email); options.Scope.Add(Scopes.Profile); options.Scope.Add(Constants.ScopePermissions); options.Scope.Add(Constants.ScopeApi); }); authBuilder.AddPolicyScheme(Constants.ApiSecurityScheme, Constants.ApiSecurityScheme, options => { options.ForwardDefaultSelector = context => ExternalIdentityServerSchema; }); } else { authBuilder.AddPolicyScheme(Constants.ApiSecurityScheme, Constants.ApiSecurityScheme, options => { options.ForwardDefaultSelector = _ => OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme; }); } authBuilder.AddOpenIdConnect(); authBuilder.Services.AddOptions <OpenIdConnectOptions>(OpenIdConnectDefaults.AuthenticationScheme) .Configure <IUrlGenerator>((options, urlGenerator) => { if (!string.IsNullOrWhiteSpace(identityOptions.AuthorityUrl)) { options.Authority = identityOptions.AuthorityUrl; } else { options.Authority = urlGenerator.BuildUrl(Constants.PrefixIdentityServer, false); } options.ClientId = Constants.ClientInternalId; options.ClientSecret = Constants.ClientInternalSecret; options.CallbackPath = "/signin-internal"; options.RequireHttpsMetadata = identityOptions.RequiresHttps; options.SaveTokens = true; options.Scope.Add(Scopes.Email); options.Scope.Add(Scopes.Profile); options.Scope.Add(Constants.ScopePermissions); options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme; }); return(authBuilder); }
public static AuthenticationBuilder AddSquidexIdentityServerAuthentication(this AuthenticationBuilder authBuilder, MyIdentityOptions identityOptions, IConfiguration config) { var apiAuthorityUrl = identityOptions.AuthorityUrl; var useCustomAuthorityUrl = !string.IsNullOrWhiteSpace(apiAuthorityUrl); if (!useCustomAuthorityUrl) { var urlsOptions = config.GetSection("urls").Get <UrlsOptions>(); apiAuthorityUrl = urlsOptions.BuildUrl(Constants.IdentityServerPrefix); } var apiScope = Constants.ApiScope; if (useCustomAuthorityUrl) { authBuilder.AddIdentityServerAuthentication(options => { options.Authority = apiAuthorityUrl; options.ApiName = apiScope; options.ApiSecret = null; options.RequireHttpsMetadata = identityOptions.RequiresHttps; options.SupportedTokens = SupportedTokens.Jwt; }); } else { authBuilder.AddLocalApi(options => { options.ExpectedScope = apiScope; }); } authBuilder.AddOpenIdConnect(options => { options.Authority = apiAuthorityUrl; options.ClientId = Constants.InternalClientId; options.ClientSecret = Constants.InternalClientSecret; options.CallbackPath = "/signin-internal"; options.RequireHttpsMetadata = identityOptions.RequiresHttps; options.SaveTokens = true; options.Scope.Add(Constants.PermissionsScope); options.Scope.Add(Constants.ProfileScope); options.Scope.Add(Constants.RoleScope); options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme; }); authBuilder.AddPolicyScheme(Constants.ApiSecurityScheme, Constants.ApiSecurityScheme, options => { options.ForwardDefaultSelector = context => { if (useCustomAuthorityUrl) { return(IdentityServerAuthenticationDefaults.AuthenticationScheme); } return(IdentityServerConstants.LocalApi.PolicyName); }; }); return(authBuilder); }
public Startup(IConfiguration configuration) { Configuration = configuration; _idenityOptions = Configuration.GetSection("IdentityOptions").Get <MyIdentityOptions>(); _databaseOptions = Configuration.GetSection("DatabaseOptions").Get <DatabaseOptions>(); }