public static IIdentityServerBuilder AddCustomIdentityServerServices(IServiceCollection services, IWebHostEnvironment env, GlobalSettings globalSettings) { services.AddTransient <IAuthorizationCodeStore, AuthorizationCodeStore>(); var issuerUri = new Uri(globalSettings.BaseServiceUri.InternalIdentity); var identityServerBuilder = services .AddIdentityServer(options => { options.Endpoints.EnableIntrospectionEndpoint = false; options.Endpoints.EnableEndSessionEndpoint = false; options.Endpoints.EnableUserInfoEndpoint = false; options.Endpoints.EnableCheckSessionEndpoint = false; options.Endpoints.EnableTokenRevocationEndpoint = false; options.IssuerUri = $"{issuerUri.Scheme}://{issuerUri.Host}"; options.Caching.ClientStoreExpiration = new TimeSpan(0, 5, 0); if (env.IsDevelopment()) { options.Authentication.CookieSameSiteMode = Microsoft.AspNetCore.Http.SameSiteMode.Unspecified; } }) .AddInMemoryCaching() .AddInMemoryApiResources(ApiResources.GetApiResources()) .AddInMemoryApiScopes(ApiScopes.GetApiScopes()) .AddClientStoreCache <ClientStore>() .AddCustomTokenRequestValidator <CustomTokenRequestValidator>() .AddProfileService <ProfileService>() .AddResourceOwnerValidator <ResourceOwnerPasswordValidator>() .AddPersistedGrantStore <PersistedGrantStore>() .AddClientStore <ClientStore>() .AddIdentityServerCertificate(env, globalSettings); services.AddTransient <ICorsPolicyService, CustomCorsPolicyService>(); return(identityServerBuilder); }
public void ConfigureServices(IServiceCollection services) { //MVC required because we will be serving some pages from identityserver services.AddMvc(option => option.EnableEndpointRouting = false); // SameSite problems: https://www.thinktecture.com/en/identity/samesite/prepare-your-identityserver/ services.ConfigureNonBreakingSameSiteCookies(); //register the IdentityServer services in DI and in-memory store for runtime state. (development-only) services.AddIdentityServer() //create temporary key material for signing tokens. Replace by persistent key material for production scenarios. .AddDeveloperSigningCredential() .AddInMemoryApiScopes(ApiScopes.GetApiScopes()) .AddInMemoryApiResources(ApiResources.GetApiResources()) .AddInMemoryClients(Clients.GetClients()) .AddTestUsers(Users.GetUsers()) .AddInMemoryApiResources(ApiResources.GetApiResources()) // adding api resources .AddInMemoryIdentityResources(IdentityResources.GetIdentityResources()); // <-- adding identity resources }