Exemple #1
0
        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            // Add framework services.
            services.AddMvc();
            services.AddLogging();
            services.AddOptions();
            services.Configure <AuthenticationServerConfigurationModel>(GeneralConfiguration.GetSection("AuthConfig"));

            //We need to immediately resolve the authserver config options because we need them to regiter openiddict
            IOptions <AuthenticationServerConfigurationModel> authOptions = services.BuildServiceProvider()
                                                                            .GetService <IOptions <AuthenticationServerConfigurationModel> >();

            services.AddAuthentication();

            //Below is the OpenIddict registration
            //This is the recommended setup from the official Github: https://github.com/openiddict/openiddict-core
            services.AddIdentity <HaloLiveApplicationUser, HaloLiveApplicationRole>(options =>
            {
                //These disable the ridiculous requirements that the defauly password scheme has
                options.Password.RequireNonAlphanumeric = false;

                //For some reason I can't figure out how to get the JWT middleware to spit out sub claims
                //so we need to map the Identity to expect nameidentifier
                options.ClaimsIdentity.UserIdClaimType   = OpenIdConnectConstants.Claims.Subject;
                options.ClaimsIdentity.RoleClaimType     = OpenIdConnectConstants.Claims.Role;
                options.ClaimsIdentity.UserNameClaimType = OpenIdConnectConstants.Claims.Name;
            })
            .AddEntityFrameworkStores <HaloLiveAuthenticationDbContext, int>()
            .AddDefaultTokenProviders();

            services.AddDbContext <HaloLiveAuthenticationDbContext>(options =>
            {
                //TODO: Setup db options
                options.UseMySql(authOptions.Value.AuthenticationDatabaseString);
                options.UseOpenIddict <int>();
            });

            services.AddOpenIddict <int>(options =>
            {
                // Register the Entity Framework stores.
                options.AddEntityFrameworkCoreStores <HaloLiveAuthenticationDbContext>();

                //This will disable the https requirement if we're debugging or not in production/debug mode.
#if DEBUG || DEBUGBUILD
                options.DisableHttpsRequirement();
#endif
                // Register the ASP.NET Core MVC binder used by OpenIddict.
                // Note: if you don't call this method, you won't be able to
                // bind OpenIdConnectRequest or OpenIdConnectResponse parameters.
                options.AddMvcBinders();

                //This controller endpoint/action was specified in the HaloLive documentation: https://github.com/HaloLive/Documentation
                options.EnableTokenEndpoint(authOptions.Value.AuthenticationControllerEndpoint); // Enable the token endpoint (required to use the password flow).
                options.AllowPasswordFlow();                                                     // Allow client applications to use the grant_type=password flow.
                options.AllowRefreshTokenFlow();
                options.UseJsonWebTokens();
                //Loads the cert from the specified path
                options.AddSigningCertificate(X509Certificate2Loader.Create(authOptions.Value.JwtSigningX509Certificate2Path).Load());
            });
        }
        public static void Test_Loads_NonNull_Cert_On_Valid_Location()
        {
            //arrange
            X509Certificate2 cert = X509Certificate2Loader.Create(FilePathToCurrentTestDirectory("TestCert.pfx")).Load();

            //assert
            Assert.NotNull(cert);
        }
 public static void Test_Throws_On_Invalid_File()
 {
     Assert.Throws <InvalidOperationException>(() => X509Certificate2Loader.Create("nothing").Load());
 }