public static IContainer Configure(WsFederationPluginOptions options, InternalConfiguration internalConfig)
{
if (internalConfig == null) throw new ArgumentNullException("internalConfig");
if (options == null) throw new ArgumentNullException("options");
var factory = options.Factory;
factory.Validate();
var builder = new ContainerBuilder();
// mandatory from factory
builder.Register(factory.CoreSettings);
builder.Register(factory.UserService);
builder.Register(factory.RelyingPartyService);
builder.Register(factory.WsFederationSettings);
// validators
builder.RegisterType<SignInValidator>().AsSelf();
// processors
builder.RegisterType<SignInResponseGenerator>().AsSelf();
builder.RegisterType<MetadataResponseGenerator>().AsSelf();
// general services
builder.RegisterType<CookieMiddlewareTrackingCookieService>().As<ITrackingCookieService>();
builder.RegisterInstance(options).AsSelf();
builder.RegisterInstance(internalConfig).AsSelf();
// load core controller
builder.RegisterApiControllers(typeof(WsFederationController).Assembly);
return builder.Build();
}
public static string GetRedirectUrl(SignInMessage message, HttpRequestMessage request, CoreSettings settings, InternalConfiguration internalConfig)
{
var result = new LoginResult(message, request, settings, internalConfig, internalConfig.LoginPageUrl);
var response = result.Execute();
return response.Headers.Location.AbsoluteUri;
}
public LoginResult(SignInMessage message, HttpRequestMessage request, CoreSettings settings, InternalConfiguration internalConfig)
{
_message = message;
_settings = settings;
_request = request;
_internalConfig = internalConfig;
}
public static IAppBuilder UseIdentityServerCore(this IAppBuilder app, IdentityServerCoreOptions options)
{
if (options == null) throw new ArgumentNullException("options");
var internalConfig = new InternalConfiguration();
var settings = options.Factory.CoreSettings();
if (settings.DataProtector == null)
{
var provider = app.GetDataProtectionProvider();
if (provider == null)
{
provider = new DpapiDataProtectionProvider("idsrv3");
}
internalConfig.DataProtector = new HostDataProtector(provider);
}
else
{
internalConfig.DataProtector = settings.DataProtector;
}
// thank you Microsoft for the clean syntax
JwtSecurityTokenHandler.InboundClaimTypeMap = ClaimMappings.None;
JwtSecurityTokenHandler.OutboundClaimTypeMap = ClaimMappings.None;
app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = Constants.PrimaryAuthenticationType });
app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = Constants.ExternalAuthenticationType, AuthenticationMode = AuthenticationMode.Passive });
app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = Constants.PartialSignInAuthenticationType, AuthenticationMode = AuthenticationMode.Passive });
if (options.AdditionalIdentityProviderConfiguration != null)
{
options.AdditionalIdentityProviderConfiguration(app, Constants.ExternalAuthenticationType);
}
if (options.PluginConfiguration != null)
{
options.PluginConfiguration(app, internalConfig.PluginConfiguration);
}
app.UseFileServer(new FileServerOptions
{
RequestPath = new PathString("/assets"),
FileSystem = new EmbeddedResourceFileSystem(typeof(Constants).Assembly, "Thinktecture.IdentityServer.Core.Assets")
});
app.UseStageMarker(PipelineStage.MapHandler);
app.UseFileServer(new FileServerOptions
{
RequestPath = new PathString("/assets/libs/fonts"),
FileSystem = new EmbeddedResourceFileSystem(typeof(Constants).Assembly, "Thinktecture.IdentityServer.Core.Assets.libs.bootstrap.fonts")
});
app.UseStageMarker(PipelineStage.MapHandler);
app.Use<AutofacContainerMiddleware>(AutofacConfig.Configure(options, internalConfig));
Microsoft.Owin.Infrastructure.SignatureConversions.AddConversions(app);
app.UseWebApi(WebApiConfig.Configure(options));
return app;
}
public LoginResult(SignInMessage message, HttpRequestMessage request, CoreSettings settings, InternalConfiguration internalConfig, string loginPageUrl = "")
{
_message = message;
_settings = settings;
_request = request;
_internalConfig = internalConfig;
_loginPageUrl = loginPageUrl;
}
public AuthenticationController(IUserService userService, CoreSettings settings, IExternalClaimsFilter externalClaimsFilter, AuthenticationOptions authenticationOptions, InternalConfiguration internalConfiguration)
{
_userService = userService;
_settings = settings;
_externalClaimsFilter = externalClaimsFilter;
_authenticationOptions = authenticationOptions;
_internalConfiguration = internalConfiguration;
}
public static IAppBuilder UseWsFederationPlugin(this IAppBuilder app, WsFederationPluginOptions options)
{
if (options == null) throw new ArgumentNullException("options");
options.Validate();
var internalConfig = new InternalConfiguration();
// todo hacky!
internalConfig.LoginPageUrl = options.LoginPageUrl;
var settings = options.Factory.CoreSettings();
// todo - need a better solution for data protection
if (settings.DataProtector == null)
{
var provider = app.GetDataProtectionProvider();
if (provider == null)
{
provider = new DpapiDataProtectionProvider("idsrv3");
}
var funcProtector = new FuncDataProtector(
(data, entropy) =>
{
var protector = provider.Create(entropy);
return protector.Protect(data);
},
(data, entropy) =>
{
var protector = provider.Create(entropy);
return protector.Unprotect(data);
});
internalConfig.DataProtector = funcProtector;
}
else
{
internalConfig.DataProtector = settings.DataProtector;
}
app.Map(options.MapPath, wsfedApp =>
{
wsfedApp.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = WsFederationPluginOptions.CookieName,
AuthenticationMode = AuthenticationMode.Passive
});
wsfedApp.Use<AutofacContainerMiddleware>(AutofacConfig.Configure(options, internalConfig));
Microsoft.Owin.Infrastructure.SignatureConversions.AddConversions(app);
wsfedApp.UseWebApi(WebApiConfig.Configure());
});
// todo
//options.Configuration.AddSignOutCallbackUrl("/wsfed/signout");
return app;
}
public AuthenticationController(ILogger logger, IUserService userService, CoreSettings settings, IExternalClaimsFilter externalClaimsFilter, AuthenticationOptions authenticationOptions, InternalConfiguration internalConfiguration)
{
this.logger = logger;
this.userService = userService;
this.settings = settings;
this.externalClaimsFilter = externalClaimsFilter;
this.authenticationOptions = authenticationOptions;
this.internalConfiguration = internalConfiguration;
}
public WsFederationController(CoreSettings settings, IUserService users, SignInValidator validator, SignInResponseGenerator signInResponseGenerator, MetadataResponseGenerator metadataResponseGenerator, ITrackingCookieService cookies, InternalConfiguration internalConfig, WsFederationPluginOptions wsFedOptions)
{
_settings = settings;
_internalConfig = internalConfig;
_wsfedOptions = wsFedOptions;
_validator = validator;
_signInResponseGenerator = signInResponseGenerator;
_metadataResponseGenerator = metadataResponseGenerator;
_cookies = cookies;
}
public WsFederationController(CoreSettings settings, IUserService users, ILogger logger, SignInValidator validator, SignInResponseGenerator signInResponseGenerator, MetadataResponseGenerator metadataResponseGenerator, ICookieService cookies, InternalConfiguration internalConfig)
{
_settings = settings;
_logger = logger;
_internalConfig = internalConfig;
_validator = validator;
_signInResponseGenerator = signInResponseGenerator;
_metadataResponseGenerator = metadataResponseGenerator;
_cookies = cookies;
}
public AuthorizeEndpointController(
AuthorizeRequestValidator validator,
AuthorizeResponseGenerator responseGenerator,
AuthorizeInteractionResponseGenerator interactionGenerator,
CoreSettings settings,
InternalConfiguration internalConfiguration)
{
_settings = settings;
_internalConfiguration = internalConfiguration;
_responseGenerator = responseGenerator;
_interactionGenerator = interactionGenerator;
_validator = validator;
}
public static IContainer Configure(IdentityServerCoreOptions options, InternalConfiguration internalConfig)
{
if (options == null)
{
throw new ArgumentNullException("options");
}
if (options.Factory == null)
{
throw new InvalidOperationException("null factory");
}
if (internalConfig == null)
{
throw new ArgumentNullException("internalConfig");
}
IdentityServerServiceFactory fact = options.Factory;
fact.Validate();
var builder = new ContainerBuilder();
builder.RegisterInstance(internalConfig).AsSelf();
// mandatory from factory
builder.Register(ctx => fact.AuthorizationCodeStore()).As <IAuthorizationCodeStore>();
builder.Register(ctx => fact.CoreSettings()).As <CoreSettings>();
builder.Register(ctx => fact.TokenHandleStore()).As <ITokenHandleStore>();
builder.Register(ctx => fact.UserService()).As <IUserService>();
builder.Register(ctx => fact.ScopeService()).As <IScopeService>();
builder.Register(ctx => fact.ClientService()).As <IClientService>();
builder.Register(ctx => fact.ConsentService()).As <IConsentService>();
// optional from factory
if (fact.Logger != null)
{
builder.Register(ctx => fact.Logger()).As <ILogger>();
}
else
{
builder.RegisterType <TraceLogger>().As <ILogger>();
}
if (fact.ClaimsProvider != null)
{
builder.Register(ctx => fact.ClaimsProvider()).As <IClaimsProvider>();
}
else
{
builder.RegisterType <DefaultClaimsProvider>().As <IClaimsProvider>();
}
if (fact.TokenService != null)
{
builder.Register(ctx => fact.TokenService()).As <ITokenService>();
}
else
{
builder.RegisterType <DefaultTokenService>().As <ITokenService>();
}
if (fact.CustomRequestValidator != null)
{
builder.Register(ctx => fact.CustomRequestValidator()).As <ICustomRequestValidator>();
}
else
{
builder.RegisterType <DefaultCustomRequestValidator>().As <ICustomRequestValidator>();
}
if (fact.AssertionGrantValidator != null)
{
builder.Register(ctx => fact.AssertionGrantValidator()).As <IAssertionGrantValidator>();
}
else
{
builder.RegisterType <DefaultAssertionGrantValidator>().As <IAssertionGrantValidator>();
}
if (fact.ExternalClaimsFilter != null)
{
builder.Register(ctx => fact.ExternalClaimsFilter()).As <IExternalClaimsFilter>();
}
else
{
builder.RegisterType <DefaultExternalClaimsFilter>().As <IExternalClaimsFilter>();
}
// validators
builder.RegisterType <TokenRequestValidator>();
builder.RegisterType <AuthorizeRequestValidator>();
builder.RegisterType <ClientValidator>();
builder.RegisterType <TokenValidator>();
// processors
builder.RegisterType <TokenResponseGenerator>();
builder.RegisterType <AuthorizeResponseGenerator>();
builder.RegisterType <AuthorizeInteractionResponseGenerator>();
builder.RegisterType <UserInfoResponseGenerator>();
// for authentication
var authenticationOptions = options.AuthenticationOptions ?? new AuthenticationOptions();
builder.RegisterInstance(authenticationOptions).AsSelf();
// load core controller
builder.RegisterApiControllers(typeof(AuthorizeEndpointController).Assembly);
// plugin configuration
var pluginDepencies = internalConfig.PluginDependencies;
if (pluginDepencies != null)
{
if (pluginDepencies.ApiControllerAssemblies != null)
{
foreach (var asm in pluginDepencies.ApiControllerAssemblies)
{
builder.RegisterApiControllers(asm);
}
}
if (pluginDepencies.Types != null)
{
foreach (var type in pluginDepencies.Types)
{
if (type.Value == null)
{
builder.RegisterType(type.Key);
}
else
{
builder.RegisterType(type.Key).As(type.Value);
}
}
}
if (pluginDepencies.Factories != null)
{
foreach (var factory in pluginDepencies.Factories)
{
builder.Register(ctx => factory.Value()).As(factory.Key);
}
}
}
return(builder.Build());
}
public static IContainer Configure(IdentityServerCoreOptions options, InternalConfiguration internalConfig)
{
if (options == null) throw new ArgumentNullException("options");
if (options.Factory == null) throw new InvalidOperationException("null factory");
if (internalConfig == null) throw new ArgumentNullException("internalConfig");
IdentityServerServiceFactory fact = options.Factory;
fact.Validate();
var builder = new ContainerBuilder();
builder.RegisterInstance(internalConfig).AsSelf();
// mandatory from factory
builder.Register(ctx => fact.AuthorizationCodeStore()).As<IAuthorizationCodeStore>();
builder.Register(ctx => fact.CoreSettings()).As<CoreSettings>();
builder.Register(ctx => fact.TokenHandleStore()).As<ITokenHandleStore>();
builder.Register(ctx => fact.UserService()).As<IUserService>();
builder.Register(ctx => fact.ScopeService()).As<IScopeService>();
builder.Register(ctx => fact.ClientService()).As<IClientService>();
builder.Register(ctx => fact.ConsentService()).As<IConsentService>();
// optional from factory
if (fact.ClaimsProvider != null)
{
builder.Register(ctx => fact.ClaimsProvider()).As<IClaimsProvider>();
}
else
{
builder.RegisterType<DefaultClaimsProvider>().As<IClaimsProvider>();
}
if (fact.TokenService != null)
{
builder.Register(ctx => fact.TokenService()).As<ITokenService>();
}
else
{
builder.RegisterType<DefaultTokenService>().As<ITokenService>();
}
if (fact.CustomRequestValidator != null)
{
builder.Register(ctx => fact.CustomRequestValidator()).As<ICustomRequestValidator>();
}
else
{
builder.RegisterType<DefaultCustomRequestValidator>().As<ICustomRequestValidator>();
}
if (fact.AssertionGrantValidator != null)
{
builder.Register(ctx => fact.AssertionGrantValidator()).As<IAssertionGrantValidator>();
}
else
{
builder.RegisterType<DefaultAssertionGrantValidator>().As<IAssertionGrantValidator>();
}
if (fact.ExternalClaimsFilter != null)
{
builder.Register(ctx => fact.ExternalClaimsFilter()).As<IExternalClaimsFilter>();
}
else
{
builder.RegisterType<DefaultExternalClaimsFilter>().As<IExternalClaimsFilter>();
}
if (fact.CustomTokenValidator != null)
{
builder.Register(ctx => fact.CustomTokenValidator()).As<ICustomTokenValidator>();
}
else
{
builder.RegisterType<DefaultCustomTokenValidator>().As<ICustomTokenValidator>();
}
// validators
builder.RegisterType<TokenRequestValidator>();
builder.RegisterType<AuthorizeRequestValidator>();
builder.RegisterType<ClientValidator>();
builder.RegisterType<TokenValidator>();
// processors
builder.RegisterType<TokenResponseGenerator>();
builder.RegisterType<AuthorizeResponseGenerator>();
builder.RegisterType<AuthorizeInteractionResponseGenerator>();
builder.RegisterType<UserInfoResponseGenerator>();
// general services
builder.RegisterType<CookieMiddlewareTrackingCookieService>().As<ITrackingCookieService>();
// for authentication
var authenticationOptions = options.AuthenticationOptions ?? new AuthenticationOptions();
builder.RegisterInstance(authenticationOptions).AsSelf();
// load core controller
builder.RegisterApiControllers(typeof(AuthorizeEndpointController).Assembly);
// plugin configuration
var pluginConfiguration = internalConfig.PluginConfiguration;
if (pluginConfiguration != null)
{
if (pluginConfiguration.ApiControllerAssemblies != null)
{
foreach (var asm in pluginConfiguration.ApiControllerAssemblies)
{
builder.RegisterApiControllers(asm);
}
}
if (pluginConfiguration.Types != null)
{
foreach (var type in pluginConfiguration.Types)
{
if (type.Value == null)
{
builder.RegisterType(type.Key);
}
else
{
builder.RegisterType(type.Key).As(type.Value);
}
}
}
if (pluginConfiguration.Factories != null)
{
foreach (var factory in pluginConfiguration.Factories)
{
builder.Register(ctx => factory.Value()).As(factory.Key);
}
}
if (pluginConfiguration.Instances != null)
{
foreach (var instance in pluginConfiguration.Instances)
{
builder.RegisterInstance(instance).AsSelf();
}
}
}
return builder.Build();
}
public static IContainer Configure(IdentityServerOptions options, InternalConfiguration internalConfig)
{
if (options == null) throw new ArgumentNullException("options");
if (options.Factory == null) throw new InvalidOperationException("null factory");
if (internalConfig == null) throw new ArgumentNullException("internalConfig");
IdentityServerServiceFactory fact = options.Factory;
fact.Validate();
var builder = new ContainerBuilder();
builder.RegisterInstance(internalConfig).AsSelf();
// mandatory from factory
builder.Register(fact.UserService);
builder.Register(fact.ScopeService);
builder.Register(fact.ClientService);
builder.Register(fact.CoreSettings);
// optional from factory
if (fact.AuthorizationCodeStore != null)
{
builder.Register(fact.AuthorizationCodeStore);
}
else
{
var inmemCodeStore = new InMemoryAuthorizationCodeStore();
builder.RegisterInstance(inmemCodeStore).As<IAuthorizationCodeStore>();
}
if (fact.TokenHandleStore != null)
{
builder.Register(fact.TokenHandleStore);
}
else
{
var inmemTokenHandleStore = new InMemoryTokenHandleStore();
builder.RegisterInstance(inmemTokenHandleStore).As<ITokenHandleStore>();
}
if (fact.RefreshTokenStore != null)
{
builder.Register(fact.RefreshTokenStore);
}
else
{
var inmemRefreshTokenStore = new InMemoryRefreshTokenStore();
builder.RegisterInstance(inmemRefreshTokenStore).As<IRefreshTokenStore>();
}
if (fact.ConsentService != null)
{
builder.Register(fact.ConsentService);
}
else
{
var inmemConsentService = new InMemoryConsentService();
builder.RegisterInstance(inmemConsentService).As<IConsentService>();
}
if (fact.ClaimsProvider != null)
{
builder.Register(fact.ClaimsProvider);
}
else
{
builder.RegisterType<DefaultClaimsProvider>().As<IClaimsProvider>();
}
if (fact.TokenService != null)
{
builder.Register(fact.TokenService);
}
else
{
builder.RegisterType<DefaultTokenService>().As<ITokenService>();
}
if (fact.RefreshTokenService != null)
{
builder.Register(fact.RefreshTokenService);
}
else
{
builder.RegisterType<DefaultRefreshTokenService>().As<IRefreshTokenService>();
}
if (fact.TokenSigningService != null)
{
builder.Register(fact.TokenSigningService);
}
else
{
builder.RegisterType<DefaultTokenSigningService>().As<ITokenSigningService>();
}
if (fact.CustomRequestValidator != null)
{
builder.Register(fact.CustomRequestValidator);
}
else
{
builder.RegisterType<DefaultCustomRequestValidator>().As<ICustomRequestValidator>();
}
if (fact.AssertionGrantValidator != null)
{
builder.Register(fact.AssertionGrantValidator);
}
else
{
builder.RegisterType<DefaultAssertionGrantValidator>().As<IAssertionGrantValidator>();
}
if (fact.ExternalClaimsFilter != null)
{
builder.Register(fact.ExternalClaimsFilter);
}
else
{
builder.RegisterType<DefaultExternalClaimsFilter>().As<IExternalClaimsFilter>();
}
if (fact.CustomTokenValidator != null)
{
builder.Register(fact.CustomTokenValidator);
}
else
{
builder.RegisterType<DefaultCustomTokenValidator>().As<ICustomTokenValidator>();
}
// validators
builder.RegisterType<TokenRequestValidator>();
builder.RegisterType<AuthorizeRequestValidator>();
builder.RegisterType<ClientValidator>();
builder.RegisterType<TokenValidator>();
// processors
builder.RegisterType<TokenResponseGenerator>();
builder.RegisterType<AuthorizeResponseGenerator>();
builder.RegisterType<AuthorizeInteractionResponseGenerator>();
builder.RegisterType<UserInfoResponseGenerator>();
// general services
builder.RegisterType<CookieMiddlewareTrackingCookieService>().As<ITrackingCookieService>();
// for authentication
var authenticationOptions = options.AuthenticationOptions ?? new AuthenticationOptions();
builder.RegisterInstance(authenticationOptions).AsSelf();
// load core controller
builder.RegisterApiControllers(typeof(AuthorizeEndpointController).Assembly);
// add any additional dependencies from hosting application
foreach(var registration in fact.Registrations)
{
builder.Register(registration);
}
return builder.Build();
}
