public BarService( IConnection conn, IConfiguration config, SecurityOptions securityOptions) : base(conn, config, securityOptions) { var bangChannel = conn.CreateModel(); var bangQueue = $"bang-bar-reply-{Guid.NewGuid().ToString()}"; bangChannel.QueueDeclare(bangQueue); _bangClient = new RpcClient( bangChannel, new PublishOptions(config["RabbitMQ:Services:Bang"]), new ConsumeOptions(bangQueue), new JsonFormatOptions()); var fibChannel = conn.CreateModel(); var fibQueue = $"fib-bar-reply-{Guid.NewGuid().ToString()}"; fibChannel.QueueDeclare(fibQueue); _fibClient = new RpcClient( fibChannel, new PublishOptions(config["RabbitMQ:Services:Fib"]), new ConsumeOptions(fibQueue), new JsonFormatOptions()); }
public DailyTaskAppService( ILogger <DailyTaskAppService> logger, IOptionsMonitor <Dictionary <string, int> > dicOptions, IAccountDomainService loginDomainService, IVideoDomainService videoDomainService, IDonateCoinDomainService donateCoinDomainService, IMangaDomainService mangaDomainService, ILiveDomainService liveDomainService, IVipPrivilegeDomainService vipPrivilegeDomainService, IChargeDomainService chargeDomainService, IOptionsMonitor <SecurityOptions> securityOptions, IOptionsMonitor <DailyTaskOptions> dailyTaskOptions, ICoinDomainService coinDomainService ) { _logger = logger; _expDic = dicOptions.Get(Constants.OptionsNames.ExpDictionaryName); _loginDomainService = loginDomainService; _videoDomainService = videoDomainService; _donateCoinDomainService = donateCoinDomainService; _mangaDomainService = mangaDomainService; _liveDomainService = liveDomainService; _vipPrivilegeDomainService = vipPrivilegeDomainService; _chargeDomainService = chargeDomainService; _dailyTaskOptions = dailyTaskOptions.CurrentValue; _coinDomainService = coinDomainService; _securityOptions = securityOptions.CurrentValue; }
public BangService( IConnection conn, IConfiguration config, SecurityOptions securityOptions) : base(conn, config, securityOptions) { }
public static IServiceCollection SetupAuthorization( this IServiceCollection services, IConfiguration configuration) { // configure jwt authentication SecurityOptions appSettings = configuration .GetSection(nameof(SecurityOptions)) .Get <SecurityOptions>(); byte[] key = Encoding.ASCII.GetBytes(appSettings.SecretKey); services .AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(x => { x.RequireHttpsMetadata = false; x.SaveToken = true; x.TokenValidationParameters = new TokenValidationParameters { ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(key), ValidateIssuer = false, ValidateAudience = false, ValidateLifetime = true }; }); return(services); }
/// <summary> /// Initializes a new instance of the <see cref="ConfigureSwaggerGenOptions"/> class. /// </summary> /// <param name="provider">The <see cref="IApiVersionDescriptionProvider">provider</see> used to generate Swagger documents.</param> public ConfigureSwaggerGenOptions( IApiVersionDescriptionProvider apiVersionDescriptionProvider, IHttpClientFactory httpClientFactory, IOptions <OpenApiInfo> apiInfoAccessor, IOptions <SecurityOptions> swaggerUIClientSettings, IAssemblyMarkerTypes assemblyMarkerTypes, IWebHostEnvironment environment) { _apiVersionDescriptionProvider = apiVersionDescriptionProvider ?? throw new ArgumentNullException(nameof(apiVersionDescriptionProvider)); _httpClientFactory = httpClientFactory ?? throw new ArgumentNullException(nameof(httpClientFactory)); _assemblyMarkerTypes = assemblyMarkerTypes ?? throw new ArgumentNullException(nameof(assemblyMarkerTypes)); _apiInfo = apiInfoAccessor.Value ?? throw new ArgumentNullException(nameof(apiInfoAccessor)); if (string.IsNullOrWhiteSpace(_apiInfo?.Title)) { throw new InvalidOperationException("No API information (such as title etc.) has been passed." + "Maybe it is missing from the configuration file or not registered in the dependency injection container."); } _swaggerUIClientSettings = swaggerUIClientSettings.Value ?? throw new ArgumentNullException(nameof(swaggerUIClientSettings)); // We don't ensure that valid JWT information (such as Authority etc.) has been passed at this stage. // If it has not, we simply won't configure the Swagger UI to authenticate endpoint calls. bool isDevelopmentEnvironment = environment.IsDevelopment(); if (_swaggerUIClientSettings.Jwt is null && !isDevelopmentEnvironment) { throw new InvalidOperationException("No JWT information (such as Authority etc.) has been passed. Maybe it is missing from the configuration file or not registered in the dependency injection container."); } }
public BackgroundJobHelper(IWebHostEnvironment env, AppDBContext context, IOptions <SecurityOptions> securityOptions, IEmailService emailService) { _env = env; _context = context; _securityOptions = securityOptions.Value; _emailService = emailService; }
public void Start() { // create a new ManualResetEvent. This will be used to make the main application // thread wait until the full server reply has been received. m_ResetEvent = new ManualResetEvent(false); // initialize the security options SecurityOptions options = new SecurityOptions( SecureProtocol.Ssl3 | SecureProtocol.Tls1, // use SSL3 or TLS1 null, // do not use client authentication ConnectionEnd.Client, // this is the client side CredentialVerification.None, // do not check the certificate -- this should not be used in a real-life application :-) null, // not used with automatic certificate verification "www.microsoft.com", // this is the common name of the Microsoft web server SecurityFlags.Default, // use the default security flags SslAlgorithms.SECURE_CIPHERS, // only use secure ciphers null); // do not process certificate requests. try { // create the securesocket with the specified security options m_Socket = new SecureSocket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp, options); // resolve www.microsoft.com IPEndPoint endpoint = new IPEndPoint(Dns.Resolve("www.microsoft.com").AddressList[0], 443); // start connecting to www.microsoft.com m_Socket.BeginConnect(endpoint, new AsyncCallback(this.OnConnect), null); // wait until the entire web page has been received m_ResetEvent.WaitOne(); // close the SecureSocket m_Socket.Close(); } catch { OnError("Could not connect to the website"); } }
/// <summary> /// Creates an HTTPS socket binding to the specified port /// </summary> /// <param name="options"></param> /// <returns></returns> public virtual AdkSocketBinding CreateHttpsListener(SecurityOptions options) { AdkSSLAcceptSocket socket = new AdkSSLAcceptSocket(options); AdkSocketBinding binding = new AdkSocketBinding(socket); return(binding); }
// iterator to scan next channel page private void ScanNextPage() { for (; ;) { if (_scanChannels == null || _scanChannelsCurrent > _scanChannels.Length - 1) // array starts at 0 { FinishScanning(Status.Success); return; } UInt32 channels = (UInt32)_scanChannels[_scanChannelsCurrent]; UInt32 page = (channels >> 27); channels &= 0x07FFFFFF; // remove page _scanChannelsCurrent++; if (channels != 0) // skip empty pages { SecurityOptions so = new SecurityOptions(); so.SecurityLevel = SecurityLevelIdentifier.None; // FIXME: how to select scanDuration? byte scanDuration = 5; _net.Mac.ScanRequest(ScanType.ActiveScan, channels, scanDuration, (byte)page, so, HandlerScanResult); return; } } }
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory) { loggerFactory.AddConsole(Configuration.GetSection("Logging")); loggerFactory.AddDebug(); app.UseCors(builder => builder .AllowAnyOrigin() .AllowAnyMethod() .AllowAnyHeader()); app.UseResponseCompression(); var securityOptions = new SecurityOptions(); Configuration.GetSection("Security").Bind(securityOptions); app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions { Authority = securityOptions.Authority, AllowedScopes = securityOptions.AllowedScopes, RequireHttpsMetadata = securityOptions.RequireHttpsMetadata }); app.UseMvc(); }
public ApiFileShareController(IWebHostEnvironment env, AppDBContext context, IOptions <SecurityOptions> securityOptions, IEmailService emailService) { _env = env; _context = context; _securityOptions = securityOptions.Value; _emailService = emailService; }
public void should_create_security_config() { var ipAllowedList = new List <string>() { "127.0.0.1", "192.168.1.1" }; var ipBlockedList = new List <string>() { "127.0.0.1", "192.168.1.1" }; var fileReRoute = new FileReRoute { SecurityOptions = new FileSecurityOptions() { IPAllowedList = ipAllowedList, IPBlockedList = ipBlockedList } }; var expected = new SecurityOptions(ipAllowedList, ipBlockedList); this.Given(x => x.GivenThe(fileReRoute)) .When(x => x.WhenICreate()) .Then(x => x.ThenTheResultIs(expected)) .BDDfy(); }
private void ConnectClient(SecureProtocol protocol) { lock (this) { if (connected) { throw new Exception("Connection with IRC server already opened."); } Debug.WriteLineIf(Rfc2812Util.IrcTrace.TraceInfo, "[" + Thread.CurrentThread.Name + "] Connection::Connect()"); SecurityOptions options = new SecurityOptions(protocol); options.Certificate = null; options.Entity = ConnectionEnd.Client; options.VerificationType = CredentialVerification.None; options.Flags = SecurityFlags.Default; options.AllowedAlgorithms = SslAlgorithms.SECURE_CIPHERS; client = new SecureTcpClient(options); client.Connect(connectionArgs.Hostname, connectionArgs.Port); connected = true; writer = new StreamWriter(client.GetStream(), TextEncoding); writer.AutoFlush = true; reader = new StreamReader(client.GetStream(), TextEncoding); socketListenThread = new Thread(new ThreadStart(ReceiveIRCMessages)); socketListenThread.Name = Name; socketListenThread.Start(); sender.RegisterConnection(connectionArgs); } }
public static IServiceCollection AddAuthorizationPolicies(this IServiceCollection services, Action <SecurityOptions> configureAction = null) { var options = new SecurityOptions(); configureAction?.Invoke(options); services.AddAuthorization(x => { x.AddPolicy(Policies.CreatePeople, p => { p.RequireClaimExtended(services, options, options.Claims.PermissionClaim, Permissions.CreatePeople); }); x.AddPolicy(Policies.RetrievePeople, p => { p.RequireClaimExtended(services, options, options.Claims.PermissionClaim, Permissions.RetrievePeople); }); x.AddPolicy(Policies.UpdatePeople, p => { p.RequireClaimExtended(services, options, options.Claims.PermissionClaim, Permissions.UpdatePeople); }); x.AddPolicy(Policies.DeletePeople, p => { p.RequireClaimExtended(services, options, options.Claims.PermissionClaim, Permissions.DeletePeople); }); }); return(services); }
/// <summary> /// Create a new scopde domain service instance /// </summary> /// <param name="authenticatedUser">Authenticated user object</param> /// <param name="uow">Unit of Work object</param> /// <param name="repository">User repository service</param> /// <param name="credentialRepository">Credential repository service</param> /// <param name="tokenRepository">User credential token repository service</param> /// <param name="scopeRepository">Scope repository</param> /// <param name="roleRepository">Role repository</param> /// <param name="securityOptions">Security options configuration</param> /// <param name="credentialOptions">Credential options configuration</param> /// <param name="localizer">Language string localizer</param> public UserDomainService ( IAuthenticatedUser authenticatedUser, IUnitOfWork uow, IUserRepository repository, IUserCredentialRepository credentialRepository, IUserCredentialTokenRepository tokenRepository, IScopeRepository scopeRepository, IRoleRepository roleRepository, IOptions <SecurityOptions> securityOptions, IOptions <CredentialOptions> credentialOptions, IStringLocalizer <UserDomainService> localizer ) : base(repository, authenticatedUser) { _uow = uow; _repository = repository; _credentialRepository = credentialRepository; _tokenRepository = tokenRepository; _scopeRepository = scopeRepository; _roleRepository = roleRepository; _securityOptions = securityOptions?.Value; _credentialOptions = credentialOptions?.Value; _localizer = localizer; }
public static void AddAuthentication(this IServiceCollection services, SecurityOptions options) { _signing = _signing ?? BuildSigningCredentials(options); _encrypting = _encrypting ?? BuildEncryptingCredentials(options); services .AddAuthentication(x => { x.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; x.DefaultSignInScheme = JwtBearerDefaults.AuthenticationScheme; x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(x => { x.TokenValidationParameters = BuildTokenValidationParameters(options); #if DEBUG x.IncludeErrorDetails = true; x.RequireHttpsMetadata = false; #else x.IncludeErrorDetails = false; x.RequireHttpsMetadata = true; #endif }) .AddCookie(cfg => cfg.SlidingExpiration = true); }
public async Task <Response> Security(DownstreamContext context) { IPAddress clientIp = context.HttpContext.Connection.RemoteIpAddress; SecurityOptions securityOptions = context.DownstreamReRoute.SecurityOptions; if (securityOptions == null) { return(new OkResponse()); } if (securityOptions.IPBlockedList != null) { if (securityOptions.IPBlockedList.Exists(f => f == clientIp.ToString())) { var error = new UnauthenticatedError($" This request rejects access to {clientIp.ToString()} IP"); return(new ErrorResponse(error)); } } if (securityOptions.IPAllowedList != null && securityOptions.IPAllowedList.Count > 0) { if (!securityOptions.IPAllowedList.Exists(f => f == clientIp.ToString())) { var error = new UnauthenticatedError($"{clientIp.ToString()} does not allow access, the request is invalid"); return(new ErrorResponse(error)); } } return(await Task.FromResult(new OkResponse())); }
public void StartRequest( UInt16 panId, Byte logicalChannel, Byte channelPage, UInt16 startTime, byte beaconOrder, byte superframeOrder, bool panCoordinator, bool batteryLifeExtension, bool coordRealignment, SecurityOptions coordRealignSecutiryOptions, SecurityOptions beaconSecurityOptions, StartConfirmHandler handler) { TaskStartRequest task = new TaskStartRequest( panId, logicalChannel, channelPage, startTime, beaconOrder, superframeOrder, panCoordinator, batteryLifeExtension, coordRealignment, coordRealignSecutiryOptions, beaconSecurityOptions, handler); if (!_taskQueue.Add(task) && handler != null) { handler.Invoke(this, MacEnum.Congested); } }
public ServerOptions Secured(string certExec, string certExecArgs, string serverCertThumbprint, X509Certificate2 clientCert) { if (certExec == null) { throw new ArgumentNullException(nameof(certExec)); } if (certExecArgs == null) { throw new ArgumentNullException(nameof(certExecArgs)); } if (serverCertThumbprint == null) { throw new ArgumentNullException(nameof(serverCertThumbprint)); } if (clientCert == null) { throw new ArgumentNullException(nameof(clientCert)); } if (Security != null) { throw new InvalidOperationException("The security has already been setup for this ServerOptions object"); } Security = new SecurityOptions { ClientCertificate = clientCert, CertificateExec = certExec, CertificateArguments = certExecArgs, ServerCertificateThumbprint = serverCertThumbprint }; return(this); }
public void DataRequest( MacAddressingMode srcAddrMode, MacAddress dstAddr, UInt16 dstPanId, ref Frame msdu, Byte msduHandle, TxOptions options, SecurityOptions securityOptions, DataConfirmHandler handler) { TaskDataRequest task = new TaskDataRequest( srcAddrMode, dstAddr, dstPanId, msdu, msduHandle, options, securityOptions, handler); if (!_taskQueue.Add(task)) { Frame.Release(ref msdu); if (handler != null) { handler.Invoke(this, msduHandle, MacEnum.Congested); } } msdu = null; // in any case, remove frame ownership from caller }
public RolesAuthorizationRequirementExtended(SecurityOptions options, IEnumerable <string> allowedRoles) { Guard.AgainstNullArgument(nameof(options), options); Guard.AgainstNullArgument(nameof(allowedRoles), allowedRoles); _options = options; AllowedRoles = allowedRoles ?? throw new ArgumentNullException(nameof(allowedRoles)); }
public AccountController(AppDBContext context, IOptions <SecurityOptions> securityOptions, IEmailService emailService, IOptions <JwtIssuerOptions> jwtOptions) { _context = context; _securityOptions = securityOptions.Value; _emailService = emailService; _jwtOptions = jwtOptions.Value; }
/// <summary> /// Prepare request /// </summary> /// <param name="options">Options to security connection</param> /// <param name="requestMethod">Request method to execute</param> /// <param name="handler">Handler name used in solr request</param> /// <param name="data">Data to execute</param> /// <returns>WebRequest read to execute</returns> private WebRequest Prepare(SecurityOptions options, string requestMethod, string handler, string data) { var baseUrl = $"{this.HostAddress}/{handler}"; var encoding = new UTF8Encoding(); var bytes = encoding.GetBytes(data); var request = WebRequest.Create(baseUrl); if (options.AuthenticationType == AuthenticationType.Basic) { var encoded = Convert.ToBase64String(Encoding.GetEncoding("ISO-8859-1").GetBytes(options.UserName + ":" + options.Password)); request.Headers[HttpRequestHeader.Authorization] = "Basic " + encoded; } request.Method = requestMethod; request.ContentType = "application/json"; request.ContentLength = bytes.Length; var stream = request.GetRequestStream(); stream.Write(bytes, 0, bytes.Length); stream.Close(); return(request); }
public CompatibilityLayer(SocketController controller, SecurityOptions options) { m_Buffer = new byte[0]; m_MinVersion = GetMinProtocol(options.Protocol); m_MaxVersion = GetMaxProtocol(options.Protocol); if (m_MinVersion.GetVersionInt() == 30) // SSL 3.0 { if (options.Entity == ConnectionEnd.Client) { m_MinLayer = new RecordLayer(controller, new Ssl3ClientHandshakeLayer(null, options)); } else { m_MinLayer = new RecordLayer(controller, new Ssl3ServerHandshakeLayer(null, options)); } } else // TLS 1.0 { if (options.Entity == ConnectionEnd.Client) { m_MinLayer = new RecordLayer(controller, new Tls1ClientHandshakeLayer(null, options)); } else { m_MinLayer = new RecordLayer(controller, new Tls1ServerHandshakeLayer(null, options)); } } m_MinLayer.HandshakeLayer.RecordLayer = m_MinLayer; m_Options = options; }
public TaskStartRequest( UInt16 panId, Byte logicalChannel, Byte channelPage, UInt16 startTime, byte beaconOrder, byte superframeOrder, bool panCoordinator, bool batteryLifeExtension, bool coordRealignment, SecurityOptions coordRealignSecutiryOptions, SecurityOptions beaconSecurityOptions, StartConfirmHandler handler) : base(TaskType.StartRequest) { this.panId = panId; this.logicalChannel = logicalChannel; this.channelPage = channelPage; this.startTime = startTime; this.beaconOrder = beaconOrder; this.superframeOrder = superframeOrder; this.panCoordinator = panCoordinator; this.batteryLifeExtension = batteryLifeExtension; this.coordRealignment = coordRealignment; this.coordRealignSecutiryOptions = coordRealignSecutiryOptions; this.beaconSecurityOptions = beaconSecurityOptions; this.handler = handler; }
public static void AddJwtAuthentication(this IServiceCollection services, IConfiguration configuration) { var securityOptions = new SecurityOptions(); configuration.GetSection("Security").Bind(securityOptions); services.AddAuthentication(x => { x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(x => { x.RequireHttpsMetadata = false; x.SaveToken = true; x.TokenValidationParameters = new TokenValidationParameters { ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(securityOptions.JwtSigningKey)), ValidateIssuer = true, ValidateAudience = true, ClockSkew = TimeSpan.FromMinutes(5), ValidAudience = securityOptions.Audience, ValidIssuer = securityOptions.Issuer }; }); }
public void Execute(IServiceCollection serviceCollection, IServiceProvider serviceProvider) { SecurityOptions securityOptions = serviceProvider.GetService <IOptions <SecurityOptions> >()?.Value; if (securityOptions.EnableAuthentication) { serviceCollection.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme) .AddCookie(options => { options.AccessDeniedPath = securityOptions.AccessDeniedPath; options.LoginPath = securityOptions.LoginPath; options.LogoutPath = securityOptions.LogoutPath; options.ReturnUrlParameter = securityOptions.ReturnUrlParameter; options.ExpireTimeSpan = TimeSpan.FromDays(7); } ); } else { serviceCollection.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme) .AddCookie(options => { options.AccessDeniedPath = "/backend/account/accessdenied"; options.LoginPath = "/backend/account/signin"; options.LogoutPath = "/backend/account/signout"; options.ReturnUrlParameter = "next"; options.ExpireTimeSpan = TimeSpan.FromDays(7); } ); } }
public SocketController(SecureSocket parent, Socket socket, SecurityOptions options) { m_Parent = parent; m_Socket = socket; m_IsDisposed = false; m_ActiveSend = null; m_ActiveReceive = null; m_DecryptedBuffer = new XBuffer(); m_ToSendList = new ArrayList(2); m_SentList = new ArrayList(2); m_ReceiveBuffer = new byte[m_ReceiveBufferLength]; m_Compatibility = new CompatibilityLayer(this, options); // m_RecordLayer = new RecordLayer(this, options); try { m_Socket.BeginReceive(m_ReceiveBuffer, 0, m_ReceiveBufferLength, SocketFlags.None, new AsyncCallback(this.OnReceive), null); } catch (Exception e) { CloseConnection(e); } if (options.Entity == ConnectionEnd.Client) { // byte[] hello = m_RecordLayer.GetControlBytes(ControlType.ClientHello); byte[] hello = m_Compatibility.GetClientHello(); BeginSend(hello, 0, hello.Length, null, DataType.ProtocolData); } }
private static TokenValidationParameters BuildTokenValidationParameters(SecurityOptions options) { if (options.Tokens.Encrypt) { return(new TokenValidationParameters { ValidateIssuerSigningKey = false, ValidIssuer = options.Tokens.Issuer, ValidateLifetime = true, ValidateAudience = true, ValidAudience = options.Tokens.Audience, RequireSignedTokens = false, TokenDecryptionKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(options.Tokens.Key)), ClockSkew = TimeSpan.FromSeconds(options.Tokens.ClockSkewSeconds), RoleClaimType = options.Claims.RoleClaim, NameClaimType = options.Claims.UserNameClaim }); } return(new TokenValidationParameters { ValidateIssuerSigningKey = true, ValidIssuer = options.Tokens.Issuer, ValidateLifetime = true, ValidateAudience = true, ValidAudience = options.Tokens.Audience, RequireSignedTokens = true, IssuerSigningKey = _signing.Key, ClockSkew = TimeSpan.FromSeconds(options.Tokens.ClockSkewSeconds), RoleClaimType = options.Claims.RoleClaim, NameClaimType = options.Claims.UserNameClaim }); }
public void Connect(string hostname, int port, bool ssl) { try { Host = hostname; Port = port; Ssl = ssl; var protocol = ssl ? SecureProtocol.Tls1 | SecureProtocol.Ssl3 : SecureProtocol.None; SecurityOptions options = new SecurityOptions(protocol); options.Certificate = null; options.Entity = ConnectionEnd.Client; options.CommonName = hostname; options.VerificationType = CredentialVerification.Auto; options.Flags = SecurityFlags.Default; options.AllowedAlgorithms = SslAlgorithms.SECURE_CIPHERS; //_Connection = new TcpClient(hostname, port); _Connection = new SecureTcpClient(hostname, port, options); _Stream = _Connection.GetStream(); _Reader = new StreamReader(_Stream, System.Text.Encoding.Default); string info = _Reader.ReadLine(); OnConnected(info); IsConnected = true; Host = hostname; } catch (Exception) { IsConnected = false; throw; } }
public static IApplicationBuilder UseSecurity(this IApplicationBuilder app, SecurityOptions securityOptions) { app.UseOAuthBearerAuthentication(options => { options.AutomaticAuthentication = true; options.Authority = securityOptions.Authority; //TODO: avoid errors in the futre? github.com/aspnet-contrib/AspNet.Security.OpenIdConnect.Server/issues/94#issuecomment-118359248 options.TokenValidationParameters.ValidateAudience = false; }); app.UseOpenIdConnectServer(options => { options.AuthenticationScheme = OpenIdConnectDefaults.AuthenticationScheme; if (!securityOptions.IsMonoEnvironment) { var rsaCryptoServiceProvider = new RSACryptoServiceProvider(2048); var rsaParameters = rsaCryptoServiceProvider.ExportParameters(true); options.UseKey(new RsaSecurityKey(rsaParameters)); } else { var temp = typeof(IApplicationBuilder).GetTypeInfo().Assembly; options.UseCertificate(typeof(IApplicationBuilder).GetTypeInfo().Assembly, "ASP5.Template.Web.Certificate.pfx", "Owin.Security.OpenIdConnect.Server"); } options.ApplicationCanDisplayErrors = true; options.AllowInsecureHttp = true; options.Issuer = new Uri(securityOptions.Authority); options.TokenEndpointPath = new PathString("/token"); options.AuthorizationEndpointPath = PathString.Empty; options.AccessTokenLifetime = securityOptions.TokenLifeTime; options.ValidationEndpointPath = PathString.Empty; options.Provider = new DefaultAuthorizationProvider(); }); return app; }
public SocketController(SecureSocket parent, Socket socket, SecurityOptions options) { this.m_Parent = parent; this.m_Socket = socket; this.m_IsDisposed = false; this.m_ActiveSend = null; this.m_ActiveReceive = null; this.m_DecryptedBuffer = new XBuffer(); this.m_ToSendList = new ArrayList(2); this.m_SentList = new ArrayList(2); this.m_ReceiveBuffer = new byte[m_ReceiveBufferLength]; this.m_End = options.Entity; this.OnConnectionClose += parent.ConnectionCloseHandler; this.m_Compatibility = new CompatibilityLayer(this, options); }
public ServerHandshakeLayer(RecordLayer recordLayer, SecurityOptions options) : base(recordLayer, options) { }