コード例 #1
0
        void InitializeInMemoryIdentityServer(IAppBuilder app)
        {
            app.Map("/identity", identityServerApp =>
            {
                var factory = new IdentityServerServiceFactory();

                factory.UseInMemoryUsers(Users.Get());
                factory.UseInMemoryClients(Clients.Get());
                factory.UseInMemoryScopes(Scopes.Get());

                factory.ConfigureClientStoreCache();
                factory.ConfigureScopeStoreCache();
                factory.ConfigureUserServiceCache();

                var identityServerOptions = new IdentityServerOptions
                {
                    SiteName           = "Paradise Security Provider",
                    Factory            = factory,
                    SigningCertificate = Cert.Load(),

                    AuthenticationOptions = new IdentityServer3.Core.Configuration.AuthenticationOptions
                    {
                        IdentityProviders = ConfigureIdentityProviders,
                        EnableAutoCallbackForFederatedSignout = false
                    },
                };

                identityServerApp.UseIdentityServer(identityServerOptions);
            });
        }
コード例 #2
0
        public void Configuration(IAppBuilder app)
        {
            LogProvider.SetCurrentLogProvider(new DiagnosticsTraceLogProvider());

            // uncomment to enable HSTS headers for the host
            // see: https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security
            //app.UseHsts();

            app.Map("/core", coreApp =>
            {
                var factory = Factory.Create();

                var idsrvOptions = new IdentityServerOptions
                {
                    IssuerUri                     = "https://idsrv3.com",
                    SiteName                      = "Thinktecture IdentityServer v3 - preview 1",
                    SigningCertificate            = Cert.Load(),
                    CspReportEndpoint             = EndpointSettings.Enabled,
                    AccessTokenValidationEndpoint = EndpointSettings.Enabled,
                    PublicHostName                = "http://localhost:3333",
                    Factory = factory,
                    AdditionalIdentityProviderConfiguration = ConfigureAdditionalIdentityProviders,
                    CorsPolicy = CorsPolicy.AllowAll
                };
                coreApp.UseIdentityServer(idsrvOptions);
            });
        }
コード例 #3
0
        public static IAppBuilder UseIdentityServer(this IAppBuilder app)
        {
            // uncomment to enable HSTS headers for the host
            // see: https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security
            //app.UseHsts();

            app.Map("/core", coreApp =>
            {
                var factory = new IdentityServerServiceFactory()
                              .UseInMemoryUsers(Users.Get())
                              .UseInMemoryClients(Clients.Get())
                              .UseInMemoryScopes(Scopes.Get());

                factory.CustomGrantValidators.Add(
                    new Registration <ICustomGrantValidator>(typeof(CustomGrantValidator)));
                factory.CustomGrantValidators.Add(
                    new Registration <ICustomGrantValidator>(typeof(AnotherCustomGrantValidator)));

                factory.ConfigureClientStoreCache();
                factory.ConfigureScopeStoreCache();
                factory.ConfigureUserServiceCache();

                factory.TokenSigningService = new Registration <ITokenSigningService, EnhancedDefaultTokenSigningService>();

                var idsrvOptions = new IdentityServerOptions
                {
                    Factory            = factory,
                    SigningCertificate = Cert.Load(),

                    Endpoints = new EndpointOptions
                    {
                        // replaced by the introspection endpoint in v2.2
                        EnableAccessTokenValidationEndpoint = false
                    },

                    AuthenticationOptions = new AuthenticationOptions
                    {
                        IdentityProviders = ConfigureIdentityProviders,
                        //EnablePostSignOutAutoRedirect = true
                    },

                    //LoggingOptions = new LoggingOptions
                    //{
                    //    EnableKatanaLogging = true
                    //},

                    //EventsOptions = new EventsOptions
                    //{
                    //    RaiseFailureEvents = true,
                    //    RaiseInformationEvents = true,
                    //    RaiseSuccessEvents = true,
                    //    RaiseErrorEvents = true
                    //}
                };

                coreApp.UseIdentityServer(idsrvOptions);
            });

            return(app);
        }
コード例 #4
0
        public void Configuration(IAppBuilder app)
        {
            LogProvider.SetCurrentLogProvider(new DiagnosticsTraceLogProvider());

            app.Map("/idsrv", idSrvApp =>
            {
                var factory = InMemoryFactory.Create(
                    users: Users.Get(),
                    clients: Clients.Get(),
                    scopes: Scopes.Get());

                factory.ConfigureClientStoreCache();
                factory.ConfigureScopeStoreCache();
                factory.ConfigureUserServiceCache();

                var idsrvOptions = new IdentityServerOptions
                {
                    SiteName           = "ACME Identity Server",
                    IssuerUri          = "https://idsrv.acme.com",
                    Factory            = factory,
                    SigningCertificate = Cert.Load(),

                    CorsPolicy = CorsPolicy.AllowAll,
                };

                idSrvApp.UseIdentityServer(idsrvOptions);
            });
        }
コード例 #5
0
        public void Configuration(IAppBuilder app)
        {
            app.Map(
                "/core",
                coreApp =>
            {
                var factory =
                    new IdentityServerServiceFactory()
                    .UseInMemoryClients(Clients.Get())
                    .UseInMemoryScopes(Scopes.Get());

                factory.Register(new Registration <IdentityDbContext>());
                factory.Register(new Registration <UserStore <IdentityUser> >());
                factory.Register(new Registration <UserManager <IdentityUser, string> >(x => new UserManager <IdentityUser>(x.Resolve <UserStore <IdentityUser> >())));

                factory.UserService = new Registration <IUserService, AspNetIdentityUserService <IdentityUser, string> >();

                coreApp.UseIdentityServer(
                    new IdentityServerOptions
                {
                    SiteName           = "Standalone Identity Server",
                    SigningCertificate = Cert.Load(),
                    Factory            = factory,
                    RequireSsl         = true
                });
            });
        }
コード例 #6
0
        public void Configuration(IAppBuilder app)
        {
            LogProvider.SetCurrentLogProvider(new DiagnosticsTraceLogProvider());
            //LogProvider.SetCurrentLogProvider(new TraceSourceLogProvider());

            // uncomment to enable HSTS headers for the host
            // see: https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security
            //app.UseHsts();

            app.Map("/core", coreApp =>
            {
                var factory = Factory.Create();

                var idsrvOptions = new IdentityServerOptions
                {
                    IssuerUri          = "https://idsrv3.com",
                    SiteName           = "Thinktecture IdentityServer v3 - beta 2",
                    RequireSsl         = false,
                    SigningCertificate = Cert.Load(),
                    CspOptions         = new CspOptions {
                        ReportEndpoint = EndpointSettings.Enabled,
                    },
                    AccessTokenValidationEndpoint = EndpointSettings.Enabled,
                    Factory = factory,
                    AdditionalIdentityProviderConfiguration = ConfigureAdditionalIdentityProviders,
                    CorsPolicy = CorsPolicy.AllowAll,
                };
                coreApp.UseIdentityServer(idsrvOptions);
            });

            // only for showing the getting started index page
            app.UseStaticFiles();
        }
コード例 #7
0
        public void Configuration(IAppBuilder app)
        {
            Log.Logger = new LoggerConfiguration()
                         .ReadFrom.AppSettings()
                         .CreateLogger();


            app.Map(
                "/core",
                coreApp => {
                coreApp.UseIdentityServer(new IdentityServerOptions
                {
                    SiteName           = "Standalone Identity Server",
                    SigningCertificate = Cert.Load(),

                    Factory = new IdentityServerServiceFactory()
                              .UseInMemoryClients(Clients.Get())
                              .UseInMemoryScopes(Scopes.Get())
                              .UseInMemoryUsers(Users.Get()),
                    RequireSsl = true,
                    Endpoints  = new EndpointOptions
                    {
                        EnableAccessTokenValidationEndpoint = false
                    }
                });
            });
        }
コード例 #8
0
        public void Configuration(IAppBuilder app)
        {
            // this configures IdentityManager
            // we're using a Map just to test hosting not at the root
            app.Map("/idm", idm =>
            {
                LogProvider.SetCurrentLogProvider(new DiagnosticsTraceLogProvider());

                var factory = new IdentityManagerServiceFactory();

                var rand  = new System.Random();
                var users = Users.Get(rand.Next(5000, 20000));
                var roles = Roles.Get(rand.Next(15));

                factory.Register(new Registration <ICollection <InMemoryUser> >(users));
                factory.Register(new Registration <ICollection <InMemoryRole> >(roles));
                factory.IdentityManagerService = new Registration <IIdentityManagerService, InMemoryIdentityManagerService>();

                idm.UseIdentityManager(new IdentityManagerOptions
                {
                    Factory             = factory,
                    SecurityMode        = SecurityMode.LocalMachine,
                    OAuth2Configuration = new OAuth2Configuration
                    {
                        AuthorizationUrl     = "http://localhost:17457/ids/connect/authorize",
                        Issuer               = "https://idsrv3.com",
                        Audience             = "https://idsrv3.com/resources",
                        ClientId             = "idmgr",
                        SigningCert          = Cert.Load(),
                        Scope                = "idmgr",
                        ClaimsTransformation = user =>
                        {
                            if (user.IsInRole("Foo"))
                            {
                                ((ClaimsIdentity)user.Identity).AddClaim(new Claim("role", "IdentityManagerAdministrator"));
                            }

                            return(user);
                        },
                        //PersistToken = true,
                        //AutomaticallyRenewToken = true
                    }
                });
            });

            // this configures an embedded IdentityServer to act as an external authentication provider
            // when using IdentityManager in Token security mode. normally you'd configure this elsewhere.
            app.Map("/ids", ids =>
            {
                IdSvrConfig.Configure(ids);
            });

            // used to redirect to the main admin page visiting the root of the host
            app.Run(ctx =>
            {
                ctx.Response.Redirect("/idm/");
                return(System.Threading.Tasks.Task.FromResult(0));
            });
        }
コード例 #9
0
        public IdentityServerOptions GetServerOptions()
        {
            var factory = new IdentityServerServiceFactory();

            var knownClientStore = new KnownClientStore(identityManagerUri, identityAdminUri);

            factory.ClientStore = new Registration <IClientStore>(
                new CompositeClientStore(new IClientStore[]
            {
                new ClientStore(new ClientConfigurationDbContext("ClientsScopes")),          // TODO: get connection string name from config
                knownClientStore
            }));

            factory.ScopeStore = new Registration <IScopeStore>(
                new CompositeScopeStore(new IScopeStore[]
            {
                new ScopeStore(new ScopeConfigurationDbContext("ClientsScopes")),            // TODO: get connection string name from config
                new KnownScopeStore()
            }));

            factory.UserService = new Registration <IUserService>(
                new CompositeUserService(new IUserService[]
            {
                new ClaimsUserService(new NullClaimsService(), userService),
                new KnownUserService(this.adminUsername, this.adminPassword)
            }));

            factory.CorsPolicyService = new Registration <ICorsPolicyService>(
                new CompositeCorsPolicyService(new ICorsPolicyService[]
            {
                new ClientConfigurationCorsPolicyService(new ClientConfigurationDbContext("ClientsScopes")),         // TODO: get connection string name from config
                new InMemoryCorsPolicyService(knownClientStore.GetClients())
            }));
            //We can choose how to display the login screen
            LoadViewService(factory);

            return(new IdentityServerOptions
            {
                SiteName = "IdentityServer v3",
                SigningCertificate = Cert.Load(typeof(IOwinBootstrapper).Assembly, "Cert", "idsrv3test.pfx", "idsrv3test"),
                Endpoints = new EndpointOptions
                {
                    EnableCspReportEndpoint = true
                },
                AuthenticationOptions = new AuthenticationOptions
                {
                    IdentityProviders = externalIdentityProviderService.UseExternalIdentityProviders,
                    //Registration link on login page
                    LoginPageLinks = new LoginPageLink[]
                    {
                        new LoginPageLink {
                            Text = "Register", Href = "localregistration"
                        }
                    }
                },
                Factory = factory
            });
        }
コード例 #10
0
        public void Configuration(IAppBuilder app)
        {
            LogProvider.SetCurrentLogProvider(new DiagnosticsTraceLogProvider());
            //LogProvider.SetCurrentLogProvider(new TraceSourceLogProvider());

            // uncomment to enable HSTS headers for the host
            // see: https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security
            //app.UseHsts();

            app.Map("/core", coreApp =>
            {
                var factory = InMemoryFactory.Create(
                    users:   Users.Get(),
                    clients: Clients.Get(),
                    scopes:  Scopes.Get());

                factory.CustomGrantValidator =
                    new Registration <ICustomGrantValidator>(typeof(CustomGrantValidator));

                factory.ConfigureClientStoreCache();
                factory.ConfigureScopeStoreCache();
                factory.ConfigureUserServiceCache();

                var idsrvOptions = new IdentityServerOptions
                {
                    SiteName           = "Thinktecture IdentityServer v3",
                    Factory            = factory,
                    SigningCertificate = Cert.Load(),

                    CorsPolicy = CorsPolicy.AllowAll,

                    AuthenticationOptions = new AuthenticationOptions
                    {
                        IdentityProviders = ConfigureIdentityProviders,
                    },

                    DiagnosticsOptions = new LoggingOptions
                    {
                        EnableHttpLogging          = true,
                        EnableWebApiDiagnostics    = true,
                        IncludeSensitiveDataInLogs = true
                    },

                    EventsOptions = new EventsOptions
                    {
                        RaiseFailureEvents     = true,
                        RaiseInformationEvents = true,
                        RaiseSuccessEvents     = true,
                        RaiseErrorEvents       = true
                    }
                };

                coreApp.UseIdentityServer(idsrvOptions);
            });

            // only for showing the getting started index page
            app.UseStaticFiles();
        }
コード例 #11
0
        public void Configuration(IAppBuilder app)
        {
            // setup serilog to use diagnostics trace
            Log.Logger = new LoggerConfiguration()
                         .MinimumLevel.Debug()
                         .WriteTo.Trace()
                         .CreateLogger();

            // uncomment to enable HSTS headers for the host
            // see: https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security
            //app.UseHsts();

            app.Map("/core", coreApp =>
            {
                var factory = new IdentityServerServiceFactory()
                              .UseInMemoryUsers(Users.Get())
                              .UseInMemoryClients(Clients.Get())
                              .UseInMemoryScopes(Scopes.Get());

                factory.CustomGrantValidators.Add(
                    new Registration <ICustomGrantValidator>(typeof(CustomGrantValidator)));
                factory.CustomGrantValidators.Add(
                    new Registration <ICustomGrantValidator>(typeof(AnotherCustomGrantValidator)));

                factory.ConfigureClientStoreCache();
                factory.ConfigureScopeStoreCache();
                factory.ConfigureUserServiceCache();

                var idsrvOptions = new IdentityServerOptions
                {
                    Factory            = factory,
                    SigningCertificate = Cert.Load(),

                    AuthenticationOptions = new AuthenticationOptions
                    {
                        IdentityProviders = ConfigureIdentityProviders,
                        //EnablePostSignOutAutoRedirect = true
                    },

                    LoggingOptions = new LoggingOptions
                    {
                        EnableKatanaLogging = true
                    },

                    EventsOptions = new EventsOptions
                    {
                        RaiseFailureEvents     = true,
                        RaiseInformationEvents = true,
                        RaiseSuccessEvents     = true,
                        RaiseErrorEvents       = true
                    }
                };

                coreApp.UseIdentityServer(idsrvOptions);
            });
        }
コード例 #12
0
        public async Task <Client> FindClientByIdAsync(string clientId)
        {
            var clientsUri = $"admin-api/api/clients/{clientId}";

            //var cert = Cert.Load(StoreName.My, StoreLocation.CurrentUser, "b512d01195667dbc7c4222ec6fd563ac64e3d450");
            //var handler = new WebRequestHandler();
            //handler.ClientCertificates.Add(cert);

            // Retrieve an access token from the IdentityAdmin /authorize OAuth endpoint
            using (var client = new HttpClient())
            {
                client.BaseAddress = new Uri(this.identityAdminUri);
                client.DefaultRequestHeaders.Accept.Clear();
                client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));

                var cert = Cert.Load(typeof(IOwinBootstrapper).Assembly, "Cert", "idsrv3test.pfx", "idsrv3test");

                var tokenDescriptor = new SecurityTokenDescriptor
                {
                    Subject = new ClaimsIdentity(new Claim[]
                    {
                        new Claim("name", "idServer"),
                        new Claim("role", "IdentityAdminManager"),
                        new Claim("scope", "idadmin-api")
                    }),
                    TokenIssuerName    = "idServer",
                    AppliesToAddress   = this.identityAdminUri,
                    Lifetime           = new Lifetime(DateTime.Now, DateTime.Now.AddMinutes(10)),
                    SigningCredentials = new X509SigningCredentials(cert)
                };

                var tokenHandler  = new JwtSecurityTokenHandler();
                var securityToken = tokenHandler.CreateToken(tokenDescriptor);
                var accessToken   = tokenHandler.WriteToken(securityToken);

                var jwtParams = new TokenValidationParameters
                {
                    NameClaimType      = "name",
                    RoleClaimType      = "role",
                    ValidAudience      = this.identityAdminUri,
                    ValidIssuer        = "idServer",
                    IssuerSigningToken = new X509SecurityToken(cert)
                };

                SecurityToken validatedToken;
                tokenHandler.ValidateToken(accessToken, jwtParams, out validatedToken);

                client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);

                var response = await client.GetAsync(clientsUri);

                var str = await response.Content.ReadAsStringAsync();
            }

            return(null);
        }
コード例 #13
0
ファイル: Program.cs プロジェクト: rzepinskip/chefs-book
 public static IWebHost BuildWebHost(string[] args) =>
 WebHost.CreateDefaultBuilder(args)
 .UseKestrel(cfg =>
 {
     cfg.Listen(IPAddress.Any, Port, c => c.UseHttps(Cert.Load()));
 })
 .UseIISIntegration()
 .UseUrls($"https://*:{Port}")
 .UseStartup <Startup>()
 .Build();
コード例 #14
0
        public static IAppBuilder UseIdentityServer(this IAppBuilder app)
        {
            // uncomment to enable HSTS headers for the host
            // see: https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security
            //app.UseHsts();

            app.Map("/core", coreApp =>
            {
                var factory = new IdentityServerServiceFactory()
                              //.UseInMemoryUsers(Users.Get()) Fabio
                              .UseInMemoryClients(Clients.Get())
                              .UseInMemoryScopes(Scopes.Get());

                factory.AddCustomGrantValidators();
                factory.AddCustomTokenResponseGenerator();

                factory.ConfigureClientStoreCache();
                factory.ConfigureScopeStoreCache();
                //factory.ConfigureUserServiceCache(); Fabio

                // Fabio custom User on EF
                var userService           = new LocalRegistrationUserService();
                factory.UserService       = new Registration <IUserService>(resolver => userService);
                factory.CorsPolicyService = new Registration <ICorsPolicyService>(new DefaultCorsPolicyService {
                    AllowAll = true
                });


                var idsrvOptions = new IdentityServerOptions
                {
                    Factory            = factory,
                    SigningCertificate = Cert.Load(),
                    RequireSsl         = false,
                    Endpoints          = new EndpointOptions
                    {
                        // replaced by the introspection endpoint in v2.2
                        EnableAccessTokenValidationEndpoint = false
                    },

                    // Fabio inibito configurazione provider esterni (facebook, google, etc ...)
                    //AuthenticationOptions = new AuthenticationOptions
                    //{
                    //    IdentityProviders = ConfigureIdentityProviders,
                    //    EnableAutoCallbackForFederatedSignout = true
                    //},
                };

                coreApp.UseIdentityServer(idsrvOptions);
            });

            return(app);
        }
コード例 #15
0
        public void Configuration(IAppBuilder app)
        {
            Log.Logger = new LoggerConfiguration()
                         .MinimumLevel.Debug()
                         .WriteTo.Trace()
                         .CreateLogger();

            app.Map("/api", apiApp =>
            {
                var config = new HttpConfiguration();
                config.Services.Replace(typeof(IHttpControllerTypeResolver),
                                        new TypeResolver(typeof(IdentityController), typeof(TestController)));
                config.MapHttpAttributeRoutes();

                apiApp.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
                {
                    Authority      = "https://demo.identityserver.io",
                    ValidationMode = ValidationMode.ValidationEndpoint,
                    RequiredScopes = new[] { "api" },

                    DelayLoadMetadata = true
                });

                apiApp.UseWebApi(config);
            });


            var factory = new IdentityServerServiceFactory()
                          .UseInMemoryClients(Clients.Get())
                          .UseInMemoryScopes(Scopes.Get())
                          .UseInMemoryUsers(Users.Get());

            // turns off redirect URI validaiton - ONLY FOR DEMO PURPOSES
            factory.RedirectUriValidator = new Registration <IRedirectUriValidator, NopRedirectUriValidator>();

            var idsrvOptions = new IdentityServerOptions
            {
                SiteName           = "IdentityServer3 Demo",
                Factory            = factory,
                SigningCertificate = Cert.Load(),

                AuthenticationOptions = new AuthenticationOptions
                {
                    IdentityProviders = ConfigureIdentityProviders
                }
            };

            app.UseIdentityServer(idsrvOptions);
        }
コード例 #16
0
 public void Configuration(IAppBuilder app)
 {
     app.Map(
         "/core",
         coreApp =>
     {
         coreApp.UseIdentityServer(new IdentityServerOptions
         {
             SiteName           = "Standalone Identity Server",
             SigningCertificate = Cert.Load(),
             Factory            = InMemoryFactory.Create(Users.Get(), Clients.Get(), Scopes.Get()),
             RequireSsl         = true
         });
     });
 }
コード例 #17
0
        public static void Configuration(IAppBuilder app)
        {
            var idSrv = new IdentityServerStartup();

            idSrv.Configuration(app);

            JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary <string, string>();

            app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
            {
                ValidationMode    = ValidationMode.Local,
                IssuerName        = "https://idsrv.acme.com",
                IssuerCertificate = Cert.Load()
            });
        }
コード例 #18
0
        public static IAppBuilder UseIdentityServer(this IAppBuilder app)
        {
            // uncomment to enable HSTS headers for the host
            // see: https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security
            //app.UseHsts();

            app.Map("/core", coreApp =>
            {
                //var factory = new IdentityServerServiceFactory()
                //    .UseInMemoryUsers(Users.Get())
                //    .UseInMemoryClients(Clients.Get())
                //    .UseInMemoryScopes(Scopes.Get());



                var factory = new IdentityServerServiceFactory();

                var scopeStore      = new InMemoryScopeStore(Scopes.Get());
                factory.ScopeStore  = new Registration <IScopeStore>(scopeStore);
                var clientStore     = new InMemoryClientStore(Clients.Get());
                factory.ClientStore = new Registration <IClientStore>(clientStore);
                factory.UseInMemoryUsers(Users.Get());

                factory.CorsPolicyService = new Registration <ICorsPolicyService>(new DefaultCorsPolicyService {
                    AllowAll = true
                });

                factory.ConfigureClientStoreCache();
                factory.ConfigureScopeStoreCache();
                factory.ConfigureUserServiceCache();

                var idsrvOptions = new IdentityServerOptions
                {
                    Factory            = factory,
                    SigningCertificate = Cert.Load(),
                    RequireSsl         = false,

                    AuthenticationOptions = new AuthenticationOptions
                    {
                        IdentityProviders = ConfigureIdentityProviders,
                    },
                };

                coreApp.UseIdentityServer(idsrvOptions);
            });

            return(app);
        }
コード例 #19
0
        public static IAppBuilder UseIdentityServer(this IAppBuilder app)
        {
            // uncomment to enable HSTS headers for the host
            // see: https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security
            //app.UseHsts();

            app.Map("/core", coreApp =>
            {
                var factory = new IdentityServerServiceFactory()
                              .UseInMemoryClients(Clients.Get())
                              .UseInMemoryScopes(Scopes.Get());
                //.UseInMemoryUsers(Users.GetCustomUsers());

                //var userService = new Host.Configuration.Services.CustomUserService();
                //factory.UserService = new Registration<IUserService>(resolver => userService);
                factory.UserService = new Registration <IUserService, Host.Configuration.Services.CustomUserService>();

                factory.AddCustomGrantValidators();
                factory.AddCustomTokenResponseGenerator();

                factory.ConfigureClientStoreCache();
                factory.ConfigureScopeStoreCache();
                factory.ConfigureUserServiceCache();

                var idsrvOptions = new IdentityServerOptions
                {
                    Factory            = factory,
                    SigningCertificate = Cert.Load(),

                    Endpoints = new EndpointOptions
                    {
                        // replaced by the introspection endpoint in v2.2
                        EnableAccessTokenValidationEndpoint = false
                    }
                    //,

                    //AuthenticationOptions = new AuthenticationOptions
                    //{
                    //    IdentityProviders = ConfigureIdentityProviders,
                    //    EnableAutoCallbackForFederatedSignout = true
                    //},
                };

                coreApp.UseIdentityServer(idsrvOptions);
            });

            return(app);
        }
コード例 #20
0
ファイル: Startup.cs プロジェクト: valk01/IdentityServer4
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddAuthentication();

            var builder = services.AddIdentityServer(options =>
            {
                options.IssuerUri = "https://idsvr4";
            });

            builder.AddInMemoryClients(Clients.Get());
            builder.AddInMemoryScopes(Scopes.Get());
            builder.AddInMemoryUsers(Users.Get());
            builder.SetSigningCredential(Cert.Load());

            builder.AddCustomGrantValidator<CustomGrantValidator>();
            builder.AddCustomGrantValidator<CustomGrantValidator2>();
        }
コード例 #21
0
        public void Configuration(IAppBuilder app)
        {
            app.Map("/core", coreApp =>
            {
                var factory = Factory.Create();

                var opts = new IdentityServerOptions
                {
                    IssuerUri          = "https://idsrv3.com",
                    SiteName           = "Thinktecture IdentityServer v3 - preview 1",
                    SigningCertificate = Cert.Load(),
                    Factory            = factory,
                    PublicHostName     = "http://localhost:3333"
                };

                coreApp.UseIdentityServer(opts);
            });
        }
コード例 #22
0
ファイル: Modules.cs プロジェクト: mtinning/openidconnect
        private static void RegisterApiServices(IConfigurationService configService, ContainerBuilder builder)
        {
            var usersApiUri       = configService.GetSetting <string>("UsersApiUri", null);
            var identityServerUri = configService.GetSetting <string>("IdentityServerUri", null);

            builder.RegisterType <UsersApiUserService>().As <IUserService>()
            .WithParameter("usersApiUri", usersApiUri)
            .WithParameter("identityServerUri", identityServerUri);

            builder.RegisterType <X509SignedTokenProvider>()
            .WithParameter("cert", Cert.Load(typeof(IOwinBootstrapper).Assembly, "Cert", "idsrv3test.pfx", "idsrv3test"))
            .Named <ITokenProvider>("tokenProvider");

            builder.RegisterDecorator <ITokenProvider>(p => new CachingTokenProvider(p), "tokenProvider");

            builder.RegisterType <UsersApiIdentityManagerService>().As <IIdentityManagerService>()
            .WithParameter("usersApiUri", usersApiUri)
            .WithParameter("identityServerUri", identityServerUri);
        }
コード例 #23
0
 public void Configuration(IAppBuilder app)
 {
     app.Map(
         "/core",
         coreApp =>
     {
         coreApp.UseIdentityServer(
             new IdentityServerOptions
         {
             SiteName           = "Standalone Identity Server",
             SigningCertificate = Cert.Load(),
             Factory            =
                 new IdentityServerServiceFactory().UseInMemoryClients(Clients.Get())
                 .UseInMemoryScopes(Scopes.Get())
                 .UseInMemoryUsers(Users.Get()),
             RequireSsl          = true,
             PluginConfiguration = ConfigureWsFederation
         });
     });
 }
コード例 #24
0
        public void Configuration(IAppBuilder app)
        {
            LogProvider.SetCurrentLogProvider(new DiagnosticsTraceLogProvider());
            //LogProvider.SetCurrentLogProvider(new TraceSourceLogProvider());

            // uncomment to enable HSTS headers for the host
            // see: https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security
            //app.UseHsts();

            app.Map("/core", coreApp =>
            {
                var factory = InMemoryFactory.Create(
                    users:   Users.Get(),
                    clients: Clients.Get(),
                    scopes:  Scopes.Get());

                var idsrvOptions = new IdentityServerOptions
                {
                    IssuerUri          = "https://idsrv3.com",
                    SiteName           = "Thinktecture IdentityServer v3 - beta 3",
                    Factory            = factory,
                    SigningCertificate = Cert.Load(),

                    CorsPolicy = CorsPolicy.AllowAll,
                    CspOptions = new CspOptions
                    {
                        ReportEndpoint = EndpointSettings.Enabled,
                    },

                    AuthenticationOptions = new AuthenticationOptions
                    {
                        IdentityProviders = ConfigureIdentityProviders,
                    }
                };

                coreApp.UseIdentityServer(idsrvOptions);
            });

            // only for showing the getting started index page
            app.UseStaticFiles();
        }
コード例 #25
0
        public void Configuration(IAppBuilder app)
        {
            // this configures IdentityManager
            // we're using a Map just to test hosting not at the root
            app.Map("/idm", idm =>
            {
                var rand = new System.Random();
                var svc  = new InMemoryIdentityManagerService(Users.Get(rand.Next(5000, 20000)), Roles.Get(rand.Next(15)));
                idm.UseIdentityManager(new IdentityManagerConfiguration
                {
                    IdentityManagerFactory = () => svc,
                    SecurityMode           = SecurityMode.LocalMachine,
                    OAuth2Configuration    = new OAuth2Configuration
                    {
                        AuthorizationUrl = "http://localhost:17457/ids/connect/authorize",
                        Issuer           = "https://idsrv3.com",
                        Audience         = "https://idsrv3.com/resources",
                        ClientId         = "idmgr",
                        SigningCert      = Cert.Load(),
                        Scope            = "idmgr",
                        //PersistToken = true,
                        //AutomaticallyRenewToken = true
                    }
                });
            });

            // this configures an embedded IdentityServer to act as an external authentication provider
            // when using IdentityManager in Token security mode. normally you'd configure this elsewhere.
            app.Map("/ids", ids =>
            {
                IdSvrConfig.Configure(ids);
            });

            // used to redirect to the main admin page visiting the root of the host
            app.Run(ctx =>
            {
                ctx.Response.Redirect("/idm/");
                return(System.Threading.Tasks.Task.FromResult(0));
            });
        }
コード例 #26
0
 public void Configuration(IAppBuilder app)
 {
     app.Map(
         "/core",
         coreApp =>
     {
         coreApp.UseIdentityServer(new IdentityServerOptions
         {
             SiteName           = "Standalone Identity Server",
             SigningCertificate = Cert.Load(),
             Factory            =
                 new IdentityServerServiceFactory()
                 .UseInMemoryClients(Clients.Get())
                 .UseInMemoryScopes(Scopes.Get())
                 .UseInMemoryUsers(Users.Get()),
             RequireSsl            = true,
             AuthenticationOptions = new AuthenticationOptions {
                 EnablePostSignOutAutoRedirect = true
             }
         });
     });
 }
コード例 #27
0
        public void Configuration(IAppBuilder app)
        {
            app.Map(
                "/oauth/ls",
                coreApp =>
            {
                var inMem = new InMemoryCorsPolicyService(Clients.Get());

                var factory = new IdentityServerServiceFactory()
                              .UseInMemoryClients(Clients.Get())
                              .UseInMemoryScopes(Scopes.Get())
                              .UseInMemoryUsers(Users.Get());

                factory.CorsPolicyService = new Registration <ICorsPolicyService>(inMem);

                coreApp.UseIdentityServer(new IdentityServerOptions
                {
                    SiteName           = "Standalone Identity Server",
                    SigningCertificate = Cert.Load(),
                    Factory            = factory,
                    RequireSsl         = true,
                });
            });
        }
コード例 #28
0
        private AdminSecurityConfiguration GetSecurityConfiguration(bool useExternalAccessToken)
        {
            if (useExternalAccessToken)
            {
                return(new ExternalBearerTokenConfiguration()
                {
                    Audience = "https://localhost:44333/admin",     // TODO: get from config
                    Issuer = "idServer",
                    NameClaimType = "name",
                    RoleClaimType = "role",
                    AdminRoleName = "IdentityAdminManager",
                    SigningCert = Cert.Load(typeof(IOwinBootstrapper).Assembly, "Cert", "idsrv3test.pfx", "idsrv3test"),
                    Scope = "idadmin-api"
                });
            }

            return(new AdminHostSecurityConfiguration
            {
                HostAuthenticationType = "Cookies",
                NameClaimType = "name",
                RoleClaimType = "role",
                AdminRoleName = "IdentityAdminManager"
            });
        }
コード例 #29
0
        void InitializeDataStoreIdentityServer(IAppBuilder app)
        {
            app.Map("/identity", identityServerApp =>
            {
                var factory = new IdentityServerServiceFactory();

                var adminConfiguration = new EntityFrameworkServiceOptions
                {
                    ConnectionString = MyConstants.AdminConfig
                };

                factory.RegisterConfigurationServices(adminConfiguration);
                factory.RegisterOperationalServices(adminConfiguration);

                factory.ConfigureUserService(MyConstants.UserAdminConfig);

                factory.ConfigureClientStoreCache();
                factory.ConfigureScopeStoreCache();
                factory.ConfigureUserServiceCache();

                var identityServerOptions = new IdentityServerOptions
                {
                    SiteName           = "Paradise Security Provider",
                    Factory            = factory,
                    SigningCertificate = Cert.Load(),

                    AuthenticationOptions = new IdentityServer3.Core.Configuration.AuthenticationOptions
                    {
                        IdentityProviders = ConfigureIdentityProviders,
                        EnableAutoCallbackForFederatedSignout = false
                    },
                };

                identityServerApp.UseIdentityServer(identityServerOptions);
            });
        }
コード例 #30
0
        public void Configuration(IAppBuilder app)
        {
#if DEBUG
            const string serverName = "devservername";
#else
            const string serverName = "prodservername";
#endif

            LogProvider.SetCurrentLogProvider(new TraceSourceLogProvider());


            const string connectionName = "AspId";

            var factory = new IdentityServerServiceFactory();
            factory.ConfigureClientService(connectionName);
            factory.ConfigureScopeService(connectionName);
            factory.ConfigureUserService(connectionName);
            //factory.ConfigureClientStoreCache();
            //factory.ConfigureScopeStoreCache();
            //factory.ConfigureUserServiceCache();

            app.Map("/core1", coreApp =>
            {
                var options = new IdentityServerOptions
                {
                    IssuerUri             = "https://" + serverName + "/identityserver",
                    SiteName              = "Identity Server Name",
                    SigningCertificate    = Cert.Load(serverName),
                    Factory               = factory,
                    CorsPolicy            = CorsPolicy.AllowAll,
                    RequireSsl            = true,
                    EnableWelcomePage     = true,
                    AuthenticationOptions = new AuthenticationOptions
                    {
                        EnableLoginHint                           = true,
                        EnableSignOutPrompt                       = false,
                        EnableLocalLogin                          = false,
                        EnablePostSignOutAutoRedirect             = true,
                        PostSignOutAutoRedirectDelay              = 0,
                        RequireAuthenticatedUserForSignOutMessage = false,
                        RememberLastUsername                      = false,
                        SignInMessageThreshold                    = 3,
                        IdentityProviders                         = ConfigureAdditionalIdentityProviders1,
                        CookieOptions = new Thinktecture.IdentityServer.Core.Configuration.CookieOptions()
                        {
                            Prefix     = "Core1",
                            SecureMode = CookieSecureMode.Always
                        }
                    },
                    LoggingOptions = new LoggingOptions
                    {
                        EnableHttpLogging          = true,
                        EnableWebApiDiagnostics    = true,
                        IncludeSensitiveDataInLogs = true,
                        WebApiDiagnosticsIsVerbose = false
                    },
                    EventsOptions = new EventsOptions
                    {
                        RaiseSuccessEvents     = true,
                        RaiseErrorEvents       = true,
                        RaiseFailureEvents     = true,
                        RaiseInformationEvents = true
                    }
                };


                coreApp.UseIdentityServer(options);
            });

            app.Map("/core2", coreApp =>
            {
                var options = new IdentityServerOptions
                {
                    IssuerUri             = "https://" + serverName + "/identityserver",
                    SiteName              = "Identity Server Name",
                    SigningCertificate    = Cert.Load(serverName),
                    Factory               = factory,
                    CorsPolicy            = CorsPolicy.AllowAll,
                    RequireSsl            = true,
                    EnableWelcomePage     = false,
                    AuthenticationOptions = new AuthenticationOptions
                    {
                        EnableLoginHint                           = true,
                        EnableSignOutPrompt                       = false,
                        EnableLocalLogin                          = false,
                        EnablePostSignOutAutoRedirect             = true,
                        PostSignOutAutoRedirectDelay              = 0,
                        RequireAuthenticatedUserForSignOutMessage = false,
                        RememberLastUsername                      = false,
                        SignInMessageThreshold                    = 3,
                        IdentityProviders                         = ConfigureAdditionalIdentityProviders2,
                        CookieOptions = new Thinktecture.IdentityServer.Core.Configuration.CookieOptions()
                        {
                            Prefix     = "Core2",
                            SecureMode = CookieSecureMode.Always
                        }
                    },
                    LoggingOptions = new LoggingOptions
                    {
                        EnableHttpLogging          = true,
                        EnableWebApiDiagnostics    = true,
                        IncludeSensitiveDataInLogs = true
                    },
                    EventsOptions = new EventsOptions
                    {
                        RaiseSuccessEvents     = true,
                        RaiseErrorEvents       = true,
                        RaiseFailureEvents     = true,
                        RaiseInformationEvents = true
                    }
                };
                coreApp.UseIdentityServer(options);
            });
        }