public static IIdentityServiceBuilder AddSigningCertificates(
this IIdentityServiceBuilder builder,
IEnumerable <X509Certificate2> certificates)
{
foreach (var certificate in certificates)
{
builder.AddSigningCertificate(certificate);
}
return(builder);
}
public static IIdentityServiceBuilder AddIdentityServiceExtensions(this IIdentityServiceBuilder builder)
{
builder.Services.AddSingleton <IAuthorizationResponseParameterProvider, ClientInfoProvider>();
builder.Services.AddSingleton <ITokenResponseParameterProvider, ClientInfoProvider>();
builder.Services.Configure <IdentityServiceOptions>(options =>
{
AddContextClaims(options.IdTokenOptions.ContextClaims);
AddContextClaims(options.AccessTokenOptions.ContextClaims);
});
return(builder);
}
public static IIdentityServiceBuilder AddKeyVault(this IIdentityServiceBuilder builder)
{
if (builder == null)
{
throw new ArgumentNullException(nameof(builder));
}
var services = builder.Services;
services.TryAddEnumerable(ServiceDescriptor.Singleton <IConfigureOptions <KeyVaultSigningCredentialsSourceOptions>, DefaultSetup>());
services.TryAddSingleton <ISigningCredentialsSource, KeyVaultSigningCredentialSource>();
return(builder);
}
public static IIdentityServiceBuilder AddSigningCertificate(this IIdentityServiceBuilder builder, Func <X509Certificate2> func)
{
var cert = func();
if (cert == null)
{
return(builder);
}
else
{
return(builder.AddSigningCertificate(cert));
}
}
public static IIdentityServiceBuilder DisableDeveloperCertificate(this IIdentityServiceBuilder builder)
{
var services = builder.Services;
foreach (var service in services.ToList())
{
if (service.ImplementationType == typeof(DeveloperCertificateSigningCredentialsSource))
{
services.Remove(service);
}
}
return(builder);
}
public static IIdentityServiceBuilder AddSigningCertificates(
this IIdentityServiceBuilder builder,
Func <IEnumerable <X509Certificate2> > certificatesLoader)
{
builder.Services.Configure <IdentityServiceOptions>(o =>
{
var certificates = certificatesLoader();
foreach (var certificate in certificates)
{
var algorithm = CryptographyHelpers.FindAlgorithm(certificate);
o.SigningKeys.Add(new SigningCredentials(new X509SecurityKey(certificate), algorithm));
}
});
return(builder);
}
public static IIdentityServiceBuilder AddSigningCertificate(
this IIdentityServiceBuilder builder,
X509Certificate2 certificate)
{
CryptographyHelpers.ValidateRsaKeyLength(certificate);
var key = new X509SecurityKey(certificate);
builder.Services.Configure <IdentityServiceOptions>(
options =>
{
var algorithm = CryptographyHelpers.FindAlgorithm(certificate);
options.SigningKeys.Add(new SigningCredentials(key, algorithm));
});
return(builder);
}
public static IIdentityServiceBuilder AddKeyVault(this IIdentityServiceBuilder builder, Action <KeyVaultSigningCredentialsSourceOptions> configure)
{
if (builder == null)
{
throw new ArgumentNullException(nameof(builder));
}
if (configure == null)
{
throw new ArgumentNullException(nameof(configure));
}
builder.Services.Configure(configure);
builder.Services.TryAddSingleton <ISigningCredentialsSource, KeyVaultSigningCredentialSource>();
return(builder);
}
public static IIdentityServiceBuilder AddEntityFrameworkStores <TContext>(this IIdentityServiceBuilder builder)
where TContext : DbContext
{
var identityBuilder = new IdentityBuilder(builder.UserType, builder.RoleType, builder.Services);
identityBuilder.AddEntityFrameworkStores <TContext>();
var services = builder.Services;
var applicationType = FindGenericBaseType(builder.ApplicationType, typeof(IdentityServiceApplication <, , , ,>));
var userType = FindGenericBaseType(builder.UserType, typeof(IdentityUser <>));
services.AddTransient(
typeof(IApplicationStore <>).MakeGenericType(builder.ApplicationType),
typeof(ApplicationStore <, , , , , ,>).MakeGenericType(
builder.ApplicationType,
applicationType.GenericTypeArguments[2],
applicationType.GenericTypeArguments[3],
applicationType.GenericTypeArguments[4],
typeof(TContext),
applicationType.GenericTypeArguments[0],
userType.GenericTypeArguments[0]));
return(builder);
}
public static IIdentityServiceBuilder AddClientInfoBinding(this IIdentityServiceBuilder builder)
{
builder.Services.AddSingleton <IAuthorizationResponseParameterProvider, ClientInfoProvider>();
builder.Services.AddSingleton <ITokenResponseParameterProvider, ClientInfoProvider>();
return(builder);
}
