// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
// Configure the UserManager
public void ConfigureAuth(IAppBuilder app)
{
app.CreatePerOwinContext <ApplicationUserManager>(ApplicationUserManager.Create);
// Enable the application to use a cookie to store information for the signed in user
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity = ApplicationCookieIdentityValidator.OnValidateIdentity(
validateInterval: TimeSpan.FromMinutes(0),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
}
});
// Use a cookie to temporarily store information about a user logging in with a third party login provider
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
// Uncomment the following lines to enable logging in with third party login providers
//app.UseMicrosoftAccountAuthentication(
// clientId: "",
// clientSecret: "");
//app.UseTwitterAuthentication(
// consumerKey: "",
// consumerSecret: "");
//app.UseFacebookAuthentication(
// appId: "",
// appSecret: "");
//app.UseGoogleAuthentication();
}
public void ConfigureAuth(IAppBuilder app)
{
// Configure the db context, user manager and signin manager to use a single instance per request
app.CreatePerOwinContext(() => DependencyResolver.Current.GetService <ApplicationUserManager>());
// Enable the application to use a cookie to store information for the signed in user
// and to use a cookie to temporarily store information about a user logging in with a third party login provider
// Configure the sign in cookie
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
//OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
// validateInterval: TimeSpan.FromMinutes(30),
// regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
OnValidateIdentity = ApplicationCookieIdentityValidator.OnValidateIdentity(
validateInterval: TimeSpan.FromMinutes(0),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
}
});
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
// Enables the application to temporarily store user information when they are verifying the second factor in the two-factor authentication process.
app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(5));
// Enables the application to remember the second login verification factor such as phone or email.
// Once you check this option, your second step of verification during the login process will be remembered on the device where you logged in from.
// This is similar to the RememberMe option when you log in.
app.UseTwoFactorRememberBrowserCookie(DefaultAuthenticationTypes.TwoFactorRememberBrowserCookie);
// Uncomment the following lines to enable logging in with third party login providers
//app.UseMicrosoftAccountAuthentication(
// clientId: "",
// clientSecret: "");
//app.UseTwitterAuthentication(
// consumerKey: "",
// consumerSecret: "");
//app.UseFacebookAuthentication(
// appId: "",
// appSecret: "");
//app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions()
//{
// ClientId = "",
// ClientSecret = ""
//});
}
public static void EnableCookieAuthentication(IAppBuilder app)
{
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Accounts/Login"),
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
//OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
// validateInterval: TimeSpan.FromMinutes(30),
// regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
OnValidateIdentity = ApplicationCookieIdentityValidator.OnValidateIdentity(
validateInterval: TimeSpan.FromMinutes(0),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
}
});
}
public void ConfigureAuth(IAppBuilder app)
{
/// Configurando as Intancias do Idenity no momento em que a aplicacao
/// for iniciada. ** Note que e necessario esta funcionalidade para que
/// o Identity funcione na Aplicacao.
app.CreatePerOwinContext(IdentityContext.Create);
app.CreatePerOwinContext <ApplicationUserManager>(ApplicationUserManager.Create);
app.CreatePerOwinContext <ApplicationRoleManager>(ApplicationRoleManager.Create);
app.CreatePerOwinContext <ApplicationSignInManager>(ApplicationSignInManager.Create);
/// Configurando o modo de autenticacao usada pelo Identity
/// ** Note que no 'provider' usado o validateInterval para ser
/// validado a cada request, garantindo caso houver uma mudança
/// de permissao ou senha do usuario seja aplicada na proxima
/// requisicao do usuario.
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationMode = AuthenticationMode.Active,
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString(StringContantsWebsite.URI_LOGIN),
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity = ApplicationCookieIdentityValidator.OnValidateIdentity(
validateInterval: TimeSpan.FromMinutes(10),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager)),
OnApplyRedirect = context =>
{
/// Verificando se deve ser redirecionado o contexto caso não seja via WebApi
if (!context.Request.Path.StartsWithSegments(new PathString("/" + StringContantsWebsite.URI_WEBAPI)))
{
context.Response.Redirect(context.RedirectUri);
}
}
}
});
}
// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
public void ConfigureAuth(IAppBuilder app)
{
// Configure the user manager single instance per request
app.CreatePerOwinContext(() => DependencyResolver.Current.GetService <ApplicationUserManager>());
// Enable the application to use a cookie to store information for the signed in user
// and to use a cookie to temporarily store information about a user logging in with a third party login provider
// Configure the sign in cookie
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
//OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
// validateInterval: TimeSpan.FromMinutes(30),
// regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
OnValidateIdentity = ApplicationCookieIdentityValidator.OnValidateIdentity(
validateInterval: TimeSpan.FromMinutes(0),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
}
});
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
// Enables the application to temporarily store user information when they are verifying the second factor in the two-factor authentication process.
app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(5));
// Enables the application to remember the second login verification factor such as phone or email.
// Once you check this option, your second step of verification during the login process will be remembered on the device where you logged in from.
// This is similar to the RememberMe option when you log in.
app.UseTwoFactorRememberBrowserCookie(DefaultAuthenticationTypes.TwoFactorRememberBrowserCookie);
// Uncomment the following lines to enable logging in with third party login providers
//app.UseMicrosoftAccountAuthentication(
// clientId: "SEU ID",
// clientSecret: "SEU TOKEN");
//app.UseTwitterAuthentication(
// consumerKey: "SEU ID",
// consumerSecret: "SEU TOKEN");
//app.UseGoogleAuthentication(
// clientId: "SEU ID",
// clientSecret: "SEU TOKEN");
var face = new FacebookAuthenticationOptions
{
AppId = "SEU ID",
AppSecret = "SEU TOKEN"
};
face.Scope.Add("email");
face.Scope.Add("publish_actions");
face.Scope.Add("basic_info");
face.Provider = new FacebookAuthenticationProvider()
{
OnAuthenticated = (context) =>
{
context.Identity.AddClaim(new Claim("urn:facebook:access_token", context.AccessToken, XmlSchemaString, "Facebook"));
foreach (var x in context.User)
{
var claimType = string.Format("urn:facebook:{0}", x.Key);
string claimValue = x.Value.ToString();
if (!context.Identity.HasClaim(claimType, claimValue))
{
context.Identity.AddClaim(new Claim(claimType, claimValue, XmlSchemaString, "Facebook"));
}
}
return(Task.FromResult(0));
}
};
face.SignInAsAuthenticationType = DefaultAuthenticationTypes.ExternalCookie;
app.UseFacebookAuthentication(face);
}
public void Configuration(IAppBuilder app)
{
var config = System.Web.Http.GlobalConfiguration.Configuration;
config.Formatters.JsonFormatter.SerializerSettings.NullValueHandling =
Newtonsoft.Json.NullValueHandling.Ignore;
config.CacheOutputConfiguration().RegisterCacheOutputProvider(() => new CustomCacheProvider());
config.CacheOutputConfiguration().RegisterDefaultCacheKeyGeneratorProvider(() => new CustomCacheKeyGenerator());
ConfigureServices(app, config);
BundleConfig.RegisterBundles(BundleTable.Bundles);
System.Web.Http.GlobalConfiguration.Configuration.Formatters.JsonFormatter.SerializerSettings.NullValueHandling =
Newtonsoft.Json.NullValueHandling.Ignore;
app.CreatePerOwinContext(MiniSessionManager.Create);
app.CreatePerOwinContext <UserManager>(UserManager.Create);
app.CreatePerOwinContext(() =>
{
var signInManager = new SignInManager <IdentityUser, string>(
HttpContext.Current.GetOwinContext().GetUserManager <UserManager>(),
HttpContext.Current.GetOwinContext().Authentication
);
return(signInManager);
});
System.Web.Http.GlobalConfiguration.Configure(ThrottleConfig.Register);
System.Web.Http.GlobalConfiguration.Configure(APIRegistryConfig.Register);
int cookieValidationIntervalInSeconds = 1;
try
{
cookieValidationIntervalInSeconds = int.Parse(ConfigurationManager.AppSettings["AuthenticationCookieValidationIntervalInSeconds"]);
}
catch (Exception e)
{
log4net.LogManager.GetLogger("CookieValidationInterval").Error("Could not parse Cookie Validation Interval Setting! Using default...", e);
}
// Retrieve Session Storage cache settings, to sync with authentication cookie
var authenticationCookineExpirationTimeout = TimeSpan.FromMinutes(20);
//var authenticationCookineSlidingExpiration = true;
try
{
var cacheConfig = CacheFactory.FromConfiguration <object>(CacheManager.Core.ConfigurationBuilder.LoadConfiguration("SessionStateStorage"));
var sessionCacheHandle = cacheConfig.CacheHandles.FirstOrDefault();
authenticationCookineExpirationTimeout = sessionCacheHandle.Configuration.ExpirationTimeout;
//authenticationCookineSlidingExpiration = sessionCacheHandle.Configuration.ExpirationMode == ExpirationMode.Sliding;
}
catch (Exception e)
{
log4net.LogManager.GetLogger("SessionStateStorage").Error("Could not retrieve cache configuration for Session Storage!", e);
}
log4net.LogManager.GetLogger("AuthenticationCookie").Info($"Authentication Cookie Timeout: {authenticationCookineExpirationTimeout.Minutes} minute(s)");
//log4net.LogManager.GetLogger("AuthenticationCookie").Info($"Authentication Cookie Sliding Expiration Enabled: {authenticationCookineSlidingExpiration}");
app.UseCookieAuthentication(
new CookieAuthenticationOptions
{
CookieName = ConfigurationManager.AppSettings["AuthenticationCookieName"],
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
ExpireTimeSpan = authenticationCookineExpirationTimeout,
//SlidingExpiration = authenticationCookineSlidingExpiration, // Sliding expiration is always what happens despite this setting
LoginPath = new PathString("/SignInPage/Load"),
ReturnUrlParameter = "returnUrl",
Provider = new CookieAuthenticationProvider
{
OnApplyRedirect = context =>
{
log4net.LogManager.GetLogger("CookieAuthenticationProvider").Error("REDIRECTING!!!");
},
OnValidateIdentity = ApplicationCookieIdentityValidator.OnValidateIdentity(validateInterval: TimeSpan.FromSeconds(cookieValidationIntervalInSeconds)),
OnException = context => log4net.LogManager.GetLogger("IdentityLogger").DebugFormat("CookieAuthenticationProvider Error for req: {0}", context.Request.Path)
},
});
app.UseBasicAuthentication(new BasicAuthenticationOptions("", (id, secret) =>
{
try
{
if (!IdentityHelper.ValidateUser(id, secret))
{
return(Task.FromResult <IEnumerable <Claim> >(null));
}
var user = IdentityHelper.GetUserManager().FindByName(id);
if (user == null)
{
return(Task.FromResult <IEnumerable <Claim> >(new List <Claim>()));
}
var claims = user.User.Permissions.Select(p => new Claim(ClaimTypes.Permission, p.Name)).ToList();
claims.Add(new Claim(System.Security.Claims.ClaimTypes.Name, user.UserName));
if (!string.IsNullOrWhiteSpace(user.User.Email))
{
claims.Add(new Claim(System.Security.Claims.ClaimTypes.Email, user.User.Email));
}
var userRoles = user.User.Roles.Select(r => new Claim(System.Security.Claims.ClaimTypes.Role, r.Name));
claims.AddRange(userRoles);
return(Task.FromResult <IEnumerable <Claim> >(claims));
}
catch (Exception e)
{
log4net.LogManager.GetLogger("BasicAuthentication.CredentialValidationFunction").Error("Error validating identity!", e);
return(Task.FromResult <IEnumerable <Claim> >(null));
}
}));
if (!string.IsNullOrWhiteSpace(ConfigurationManager.AppSettings["idsrv:authority"]))
{
var options = new IdentityServerBearerTokenAuthenticationOptions
{
Authority = ConfigurationManager.AppSettings["idsrv:authority"]
};
if (!string.IsNullOrWhiteSpace(ConfigurationManager.AppSettings["idsrv:scopes"]))
{
options.RequiredScopes = ConfigurationManager.AppSettings["idsrv:scopes"].Split(' ');
}
if (!string.IsNullOrWhiteSpace(ConfigurationManager.AppSettings["idsrv:clientid"]) &&
!string.IsNullOrWhiteSpace(ConfigurationManager.AppSettings["idsrv:clientsecret"]))
{
options.ClientId = ConfigurationManager.AppSettings["idsrv:clientid"];
options.ClientSecret = ConfigurationManager.AppSettings["idsrv:clientsecret"];
}
app.UseIdentityServerBearerTokenAuthentication(options);
}
else
{
// Configure the application for OAuth based flow
var PublicClientId = "self";
var OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/OAuth/Token"),
Provider = new zAppDev.DotNet.Framework.Identity.AppOAuthProvider(PublicClientId),
AuthorizeEndpointPath = new PathString("/OAuth/Account/ExternalLogin"),
AccessTokenExpireTimeSpan = TimeSpan.FromHours(4),
AllowInsecureHttp = true // Don't do this in production ONLY FOR DEVELOPING: ALLOW INSECURE HTTP!
};
// Enable the application to use bearer tokens to authenticate users
app.UseOAuthBearerTokens(OAuthOptions);
}
Microsoft.AspNet.SignalR.GlobalHost.DependencyResolver.Register(typeof(Newtonsoft.Json.JsonSerializer), () =>
{
return(Newtonsoft.Json.JsonSerializer.Create(new Newtonsoft.Json.JsonSerializerSettings
{
NullValueHandling = Newtonsoft.Json.NullValueHandling.Ignore,
ReferenceLoopHandling = Newtonsoft.Json.ReferenceLoopHandling.Ignore,
ContractResolver = new zAppDev.DotNet.Framework.Utilities.NHibernateContractResolver()
}));
});
app.MapSignalR();
zAppDev.DotNet.Framework.Identity.IdentityHelper.AllowMultipleSessionsPerUser = true;
zAppDev.DotNet.Framework.Identity.IdentityHelper.AdminCanResetPassword = false;
DSS3_LogisticsPoolingForUrbanDistribution.DatabaseSeeder databaseSeeder = new DSS3_LogisticsPoolingForUrbanDistribution.DatabaseSeeder();
databaseSeeder.UpdateAuthorizationTables();
ConfigeAuditTrailManager();
ServiceLocator.Current.GetInstance <zAppDev.DotNet.Framework.Workflow.ScheduleManager>();
ServiceLocator.Current.GetInstance <zAppDev.DotNet.Framework.Workflow.WorkflowManager>()
.Init(typeof(DSS3_LogisticsPoolingForUrbanDistribution.DAL.Repository).Assembly);
DSS3_LogisticsPoolingForUrbanDistribution.Hubs.EventsHub.RaiseApplicationStart();
zAppDev.DotNet.Framework.Mvc.FileHelper.ClearTempData();
}
