public static void UseIdentityAdmin(this IAppBuilder app, IdentityAdminOptions options) { if (app == null) { throw new ArgumentNullException("app"); } if (options == null) { throw new ArgumentNullException("config"); } app.SetLoggerFactory(new LibLogLoggerFactory()); Logger.Info("Starting IdentityAdmin configuration"); options.Validate(); app.Use(async(ctx, next) => { if (!ctx.Request.Scheme.Equals("https", StringComparison.OrdinalIgnoreCase) && options.AdminSecurityConfiguration.RequireSsl) { ctx.Response.Write("HTTPS required"); } else { await next(); } }); var container = AutofacConfig.Configure(options); app.Use <AutofacContainerMiddleware>(container); if (!options.DisableSecurity) { options.AdminSecurityConfiguration.Configure(app); } if (!options.DisableUserInterface) { app.UseFileServer(new FileServerOptions { RequestPath = new PathString("/assets"), FileSystem = new EmbeddedResourceFileSystem(typeof(IdentityAdminAppBuilderExtensions).Assembly, "IdentityAdmin.Assets") }); app.UseFileServer(new FileServerOptions { RequestPath = new PathString("/assets/libs/fonts"), FileSystem = new EmbeddedResourceFileSystem(typeof(IdentityAdminAppBuilderExtensions).Assembly, "IdentityAdmin.Assets.Content.fonts") }); app.UseStageMarker(PipelineStage.MapHandler); } SignatureConversions.AddConversions(app); app.UseWebApi(WebApiConfig.Configure(options)); app.UseStageMarker(PipelineStage.MapHandler); // clears out the OWIN logger factory so we don't recieve other hosting related logs app.Properties["server.LoggerFactory"] = null; }
public static void UseIdentityManager(this IAppBuilder app, IdentityManagerOptions options) { if (app == null) { throw new ArgumentNullException("app"); } if (options == null) { throw new ArgumentNullException("config"); } options.Validate(); JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary <string, string>(); var container = AutofacConfig.Configure(options); app.Use <AutofacContainerMiddleware>(container); if (options.SecurityMode == SecurityMode.LocalMachine) { var local = new LocalAuthenticationOptions(options.AdminRoleName); app.Use <LocalAuthenticationMiddleware>(local); } else if (options.SecurityMode == SecurityMode.OAuth2) { var jwtParams = new System.IdentityModel.Tokens.TokenValidationParameters { NameClaimType = options.OAuth2Configuration.NameClaimType, RoleClaimType = options.OAuth2Configuration.RoleClaimType, ValidAudience = options.OAuth2Configuration.Audience, ValidIssuer = options.OAuth2Configuration.Issuer, }; if (options.OAuth2Configuration.SigningCert != null) { jwtParams.IssuerSigningToken = new X509SecurityToken(options.OAuth2Configuration.SigningCert); } else { var bytes = Convert.FromBase64String(options.OAuth2Configuration.SigningKey); jwtParams.IssuerSigningToken = new BinarySecretSecurityToken(bytes); } app.UseJwtBearerAuthentication(new JwtBearerAuthenticationOptions { TokenValidationParameters = jwtParams }); app.RequireScopes(new ScopeValidationOptions { AllowAnonymousAccess = true, Scopes = new string[] { options.OAuth2Configuration.Scope } }); if (options.OAuth2Configuration.ClaimsTransformation != null) { app.Use(async(ctx, next) => { var user = ctx.Authentication.User; if (user != null) { user = options.OAuth2Configuration.ClaimsTransformation(user); ctx.Authentication.User = user; } await next(); }); } } if (!options.DisableUserInterface) { app.UseFileServer(new FileServerOptions { RequestPath = new PathString("/assets"), FileSystem = new EmbeddedResourceFileSystem(typeof(IdentityManagerAppBuilderExtensions).Assembly, "Thinktecture.IdentityManager.Assets") }); app.UseFileServer(new FileServerOptions { RequestPath = new PathString("/assets/libs/fonts"), FileSystem = new EmbeddedResourceFileSystem(typeof(IdentityManagerAppBuilderExtensions).Assembly, "Thinktecture.IdentityManager.Assets.Content.fonts") }); app.UseStageMarker(PipelineStage.MapHandler); } SignatureConversions.AddConversions(app); app.UseWebApi(WebApiConfig.Configure(options)); app.UseStageMarker(PipelineStage.MapHandler); }
/// <summary> /// Extension method to configure IdentityServer in the hosting application. /// </summary> /// <param name="app">The application.</param> /// <param name="options">The <see cref="IdentityServerOptions"/>.</param> /// <returns></returns> /// <exception cref="ArgumentNullException"> /// app /// or /// options /// </exception> public static IAppBuilder UseIdentityServer(this IAppBuilder app, IdentityServerOptions options) { if (app == null) { throw new ArgumentNullException("app"); } if (options == null) { throw new ArgumentNullException("options"); } options.Validate(); JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear(); JwtSecurityTokenHandler.DefaultOutboundClaimTypeMap.Clear(); if (options.RequireSsl) { app.Use <RequireSslMiddleware>(); } if (options.LoggingOptions.EnableKatanaLogging) { app.SetLoggerFactory(new LibLogKatanaLoggerFactory()); } app.UseEmbeddedFileServer(); app.ConfigureRequestId(); app.ConfigureDataProtectionProvider(options); app.ConfigureIdentityServerBaseUrl(options.PublicOrigin); app.ConfigureIdentityServerIssuer(options); app.ConfigureRequestBodyBuffer(); // this needs to be earlier than the autofac middleware so anything is disposed and re-initialized // if we send the request back into the pipeline to render the logged out page app.ConfigureRenderLoggedOutPage(); var container = AutofacConfig.Configure(options); app.UseAutofacMiddleware(container); app.UseCors(); app.ConfigureCookieAuthentication(options.AuthenticationOptions.CookieOptions, options.DataProtector); // this needs to be before external middleware app.ConfigureSignOutMessageCookie(); if (options.PluginConfiguration != null) { options.PluginConfiguration(app, options); } if (options.AuthenticationOptions.IdentityProviders != null) { options.AuthenticationOptions.IdentityProviders(app, Constants.ExternalAuthenticationType); } app.ConfigureHttpLogging(options.LoggingOptions); SignatureConversions.AddConversions(app); var httpConfig = WebApiConfig.Configure(options, container); app.UseAutofacWebApi(httpConfig); app.UseWebApi(httpConfig); using (var child = container.CreateScopeWithEmptyOwinContext()) { var eventSvc = child.Resolve <IEventService>(); // TODO -- perhaps use AsyncHelper instead? DoStartupDiagnosticsAsync(options, eventSvc).Wait(); } return(app); }
public static IAppBuilder UseIdentityServerCore(this IAppBuilder app, IdentityServerCoreOptions options) { if (options == null) { throw new ArgumentNullException("options"); } var internalConfig = new InternalConfiguration(); var settings = options.Factory.CoreSettings(); if (settings.DataProtector == null) { internalConfig.DataProtector = new HostDataProtector(app.GetDataProtectionProvider()); } else { internalConfig.DataProtector = settings.DataProtector; } // thank you Microsoft for the clean syntax JwtSecurityTokenHandler.InboundClaimTypeMap = ClaimMappings.None; JwtSecurityTokenHandler.OutboundClaimTypeMap = ClaimMappings.None; app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = Constants.PrimaryAuthenticationType }); app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = Constants.ExternalAuthenticationType, AuthenticationMode = AuthenticationMode.Passive }); app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = Constants.PartialSignInAuthenticationType, AuthenticationMode = AuthenticationMode.Passive }); if (options.AdditionalIdentityProviderConfiguration != null) { options.AdditionalIdentityProviderConfiguration(app, Constants.ExternalAuthenticationType); } if (options.PluginConfiguration != null) { options.PluginConfiguration(app, internalConfig.PluginDependencies); } app.UseFileServer(new FileServerOptions { RequestPath = new PathString("/assets"), FileSystem = new EmbeddedResourceFileSystem(typeof(Constants).Assembly, "Thinktecture.IdentityServer.Core.Assets") }); app.UseStageMarker(PipelineStage.MapHandler); app.UseFileServer(new FileServerOptions { RequestPath = new PathString("/assets/libs/fonts"), FileSystem = new EmbeddedResourceFileSystem(typeof(Constants).Assembly, "Thinktecture.IdentityServer.Core.Assets.libs.bootstrap.fonts") }); app.UseStageMarker(PipelineStage.MapHandler); app.Use <AutofacContainerMiddleware>(AutofacConfig.Configure(options, internalConfig)); Microsoft.Owin.Infrastructure.SignatureConversions.AddConversions(app); app.UseWebApi(WebApiConfig.Configure(options)); return(app); }