public Startup(ILogger logger, IConfiguration configuration, ILifetimeScope rootScope, IOAuthAuthorizationServerProvider authorizationServerProvider)
{
_logger = logger;
_configuration = configuration ?? throw new ArgumentNullException(nameof(configuration));
_rootScope = rootScope ?? throw new ArgumentNullException(nameof(rootScope));
_authorizationServerProvider = authorizationServerProvider ?? throw new ArgumentNullException(nameof(authorizationServerProvider));
}
public AuthenticationConfiguration(
IOAuthAuthorizationServerProvider accessTokenProvider,
IAuthenticationTokenProvider refreshTokenProvider)
{
_accessTokenProvider = accessTokenProvider;
_refreshTokenProvider = refreshTokenProvider;
}
/// <summary>
/// Initializes a new instance of the <see cref="JwtOAuthServerOptions"/> class.
/// </summary>
/// <param name="serverSettings">The server settings.</param>
/// <param name="provider">The provider.</param>
/// <param name="jwtAccessTokenFormat">The JWT format.</param>
public JwtOAuthServerOptions(
JwtOAuthServerSettings serverSettings,
IOAuthAuthorizationServerProvider provider,
JwtAccessTokenFormat jwtAccessTokenFormat)
{
if (serverSettings == null)
{
throw new ArgumentNullException(nameof(serverSettings));
}
if (provider == null)
{
throw new ArgumentNullException(nameof(provider));
}
if (jwtAccessTokenFormat == null)
{
throw new ArgumentNullException(nameof(jwtAccessTokenFormat));
}
AuthenticationType = "JWT";
AllowInsecureHttp = serverSettings.AllowInsecureHttp;
AccessTokenExpireTimeSpan = serverSettings.AccessTokenExpireTimeSpan;
TokenEndpointPath = serverSettings.TokenEndpointPath;
Provider = provider;
AccessTokenFormat = jwtAccessTokenFormat;
}
public SimpleOAuthAuthorizationServerOptions(
IOAuthAuthorizationServerProvider oAuthAuthorizationServerProvider,
IAuthenticationTokenProvider tokenProvider)
{
_provider = oAuthAuthorizationServerProvider;
_tokenProvider = tokenProvider;
}
public AuthorizationServerOptions(IOAuthAuthorizationServerProvider oAuthAuthorizationServerProvider)
{
TokenEndpointPath = new PathString("/token"); // Move to appsettings
AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(30); // Move to appsettings
AllowInsecureHttp = true; // Move to appsettings
Provider = oAuthAuthorizationServerProvider;
}
public JwtAuthorizationServerConfig(IApplicationSettingProvider applicationSettingProvider,
//ITokenFormatProvider tokenFormatProvider,
IOAuthAuthorizationServerProvider oAuthAuthorizationServerProvider)
{
_applicationSettingProvider = applicationSettingProvider;
//_tokenFormatProvider = tokenFormatProvider;
_oAuthAuthorizationServerProvider = oAuthAuthorizationServerProvider;
}
public ApiOAuthAuthorizationServerOptions(
[Named("RefreshTokenProvider")]
IAuthenticationTokenProvider refreshTokenProvider,
[Named("AccessTokenProvider")]
IAuthenticationTokenProvider accessTokenProvider,
IOAuthAuthorizationServerProvider interalOAuthAuthorizationServerProvider)
{
_refreshTokenProvider = refreshTokenProvider;
_accessTokenProvider = accessTokenProvider;
_interalOAuthAuthorizationServerProvider = interalOAuthAuthorizationServerProvider;
}
/// <summary>
/// Конструктор
/// </summary>
public OAuthAuthorizationServerOptionsProvider(IOAuthAuthorizationServerProvider OAuthAuthorizationServerProvider) : base()
{
// PROD На продакшн = false
this.AllowInsecureHttp = true;
// Путь по которому получаем токен
this.TokenEndpointPath = new PathString("/logon");
// Время жизни токена
this.AccessTokenExpireTimeSpan = TimeSpan.FromDays(1);
// Кто выдает токены
this.Provider = OAuthAuthorizationServerProvider;
}
public WebApiStartup(
IWebDependencyResolver webResolver,
ISignalRDependencyResolver sigrResolver,
IResourceAuthorizationManager resourceAuth,
IOAuthAuthorizationServerProvider oauthServerProvider,
IDataProtectionProvider dataProtectionProvider,
ISecureDataFormat <AuthenticationTicket> oauthTokenFormat)
{
this.webResolver = webResolver;
this.sigrResolver = sigrResolver;
this.resourceAuth = resourceAuth;
this.oauthServerProvider = oauthServerProvider;
this.dataProtectionProvider = dataProtectionProvider;
this.oauthTokenFormat = oauthTokenFormat;
}
public GestionOAuthAuthorizationServerOptionsFactory(IOAuthAuthorizationServerProvider authorizationProvider, IAudiencesStoreFactory audiencesStoreFactory, IRefreshTokenStoreFactory refreshTokenStoreFactory)
{
_authorizationProvider = authorizationProvider;
_audiencesStoreFactory = audiencesStoreFactory;
_refreshTokenStoreFactory = refreshTokenStoreFactory;
var allowInsecureHttp = Convert.ToBoolean(ConfigurationManager.AppSettings[Constants.AppSettings.AUTH_SERVER_ALLOW_INSECURE_HTTP]);
var accessTokenExpirationSeconds = Convert.ToDouble(ConfigurationManager.AppSettings[Constants.AppSettings.AUTH_SERVER_ACCESS_TOKEN_EXPIRATION_SECONDS]);
var tokenIssuer = ConfigurationManager.AppSettings[Constants.AppSettings.AUTH_SERVER_TOKEN_ISSUER];
this.AllowInsecureHttp = allowInsecureHttp;
this.AccessTokenExpireTimeSpan = TimeSpan.FromSeconds(accessTokenExpirationSeconds);
this.JwtAccessTokenIssuer = tokenIssuer;
this.TokenEndpointPath = TOKEN_ENDPOINT;
}
/// <summary>
/// Name: ConfigureOAuth
/// Description: Metho to define the configuration of OAuth
/// </summary>
/// <param name="app">IAppBuilder</param>
public void ConfigureOAuth(IAppBuilder app)
{
ProviderBuilder providerBuilder = ProviderBuilder.GetInstance();
IOAuthAuthorizationServerProvider provider = providerBuilder.GetProvider <IOAuthAuthorizationServerProvider>(ProviderBuilder.IAUTHAUTHORIZATIONSERVERPROVIDER);
IAuthenticationTokenProvider tokenProvider = providerBuilder.GetProvider <IAuthenticationTokenProvider>(ProviderBuilder.IAUTHENTICATIONTOKENPROVIDER);
OAuthAuthorizationServerOptions OAuthServerOptions = new OAuthAuthorizationServerOptions()
{
AllowInsecureHttp = true,
TokenEndpointPath = new PathString("/token"),
AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(120),
Provider = provider,
RefreshTokenProvider = tokenProvider
};
app.UseOAuthAuthorizationServer(OAuthServerOptions);
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
}
public static void ConfigureOAuth(IAppBuilder app, IOAuthAuthorizationServerProvider provider, TimeSpan accessTokenExpireTimeSpan)
{
app.UseExternalSignInCookie(Microsoft.AspNet.Identity.DefaultAuthenticationTypes.ExternalCookie);
OAuthBearerOptions = new OAuthBearerAuthenticationOptions();
var OAutServerOption = new OAuthAuthorizationServerOptions
{
AuthenticationMode = AuthenticationMode.Active,
AllowInsecureHttp = true,
TokenEndpointPath = new PathString("/api/security/token"),
AccessTokenExpireTimeSpan = accessTokenExpireTimeSpan,
Provider = provider
};
app.UseOAuthAuthorizationServer(OAutServerOption);
app.UseOAuthBearerAuthentication(OAuthBearerOptions);
}
/// <summary>The configure authorization.</summary>
/// <param name="simpleAuthServer">The simple auth server.</param>
/// <param name="authTokenProvider">The auth token provider.</param>
/// <param name="accessTokenFormat">The access token format.</param>
/// <param name="accessTokenExpireTimeSpan">The access token expire time span.</param>
/// <returns>The <see cref="OAuthAuthorizationServerOptions"/>.</returns>
private static OAuthAuthorizationServerOptions ConfigureAuthorization(IOAuthAuthorizationServerProvider simpleAuthServer,
IAuthenticationTokenProvider authTokenProvider,
TicketDataFormat accessTokenFormat,
int accessTokenExpireTimeSpan)
{
var oauthServerOptions = new OAuthAuthorizationServerOptions
{
AllowInsecureHttp = true,
TokenEndpointPath = new PathString("/token"),
AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(accessTokenExpireTimeSpan),
Provider = simpleAuthServer,
AccessTokenFormat = accessTokenFormat,
RefreshTokenProvider = authTokenProvider
};
return(oauthServerOptions);
}
/// <summary>
/// OAuth Token Producer
/// </summary>
public static void ConfigureOAuthServer(IAppBuilder app, IOAuthAuthorizationServerProvider provider)
{
OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/Token"),
AuthenticationType = OAuthType,
AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
AccessTokenFormat = GetTokenTicketFormat(app),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
AllowInsecureHttp = true
};
if (provider != null)
{
OAuthOptions.Provider = provider;
}
app.UseOAuthBearerTokens(OAuthOptions);
}
/// <summary>
/// 初始化OAuth
/// </summary>
/// <param name="app"></param>
/// <param name="provider"></param>
/// <returns></returns>
public static IAppBuilder ConfigureOAuth(this IAppBuilder app, IServiceProvider provider)
{
IOAuthAuthorizationServerProvider oauthServerProvider = provider.GetService <IOAuthAuthorizationServerProvider>();
if (oauthServerProvider == null)
{
throw new InvalidOperationException(Resources.OAuthServerProviderIsNull);
}
IAuthorizationCodeProvider authorizationCodeProvider = provider.GetService <IAuthorizationCodeProvider>();
if (authorizationCodeProvider == null)
{
throw new InvalidOperationException(Resources.AuthorizationCodeProviderIsNull);
}
IRefreshTokenProvider refreshTokenProvider = provider.GetService <IRefreshTokenProvider>();
if (refreshTokenProvider == null)
{
throw new InvalidOperationException(Resources.RefreshTokenProviderIsNull);
}
OAuthAuthorizationServerOptions options = new OAuthAuthorizationServerOptions()
{
TokenEndpointPath = new PathString("/token"),
AuthorizeEndpointPath = new PathString("/authorize"),
ApplicationCanDisplayErrors = true,
AuthenticationMode = AuthenticationMode.Active,
#if DEBUG
AllowInsecureHttp = true,
#endif
Provider = oauthServerProvider,
AuthorizationCodeProvider = authorizationCodeProvider,
RefreshTokenProvider = refreshTokenProvider
};
app.UseOAuthAuthorizationServer(options);
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
return(app);
}
private static void setUserType(IAppBuilder app, IOAuthAuthorizationServerProvider provider)
{
// Configure the db context and user manager to use a single instance per request
app.CreatePerOwinContext(BristleconeAuthDbContext.Create);
app.CreatePerOwinContext <ApplicationUserManager>(ApplicationUserManager.Create);
}
// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
public void ConfigureAuth <T>(IAppBuilder app) where T : class
{
IOAuthAuthorizationServerProvider provider = null;
setUserType(app, provider);
// Enable the application to use a cookie to store information for the signed in user
// and to use a cookie to temporarily store information about a user logging in with a third party login provider
app.UseCookieAuthentication(new CookieAuthenticationOptions());
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
// Configure the application for OAuth based flow
PublicClientId = "self";
OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/Token"),
Provider = Activator.CreateInstance(typeof(T), new object[] { PublicClientId }) as OAuthAuthorizationServerProvider,
AuthorizeEndpointPath = new PathString($"/api/Account/ExternalLogin"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
// In production mode set AllowInsecureHttp = false
AllowInsecureHttp = true
};
// Enable the application to use bearer tokens to authenticate users
app.UseOAuthBearerTokens(OAuthOptions);
// Uncomment the following lines to enable logging in with third party login providers
//app.UseMicrosoftAccountAuthentication(
// clientId: "",
// clientSecret: "");
//app.UseTwitterAuthentication(
// consumerKey: "",
// consumerSecret: "");
//var facebookProvider = new FacebookAuthenticationProvider()
//{
// OnAuthenticated = (context) =>
// {
// // Add the email id to the claim
// context.Identity.AddClaim(new Claim(ClaimTypes.Email, context.Email));
// return Task.FromResult(0);
// }
//};
//var options = new FacebookAuthenticationOptions()
//{
// AppId = "1768972796678680",
// AppSecret = "d7053829d8a24e4c02b68ac9613f73a9",
// Provider = facebookProvider
//};
//options.Scope.Add("email");
//app.UseFacebookAuthentication(options);
app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions()
{
ClientId = "77896847526-ot1ltoknk6u1puhvmrlprfdfun60gucn.apps.googleusercontent.com",
ClientSecret = "QRjLw3PT-ehygH3Oog7qdkNJ"
});
app.UseLinkedInAuthentication(new LinkedInAuthenticationOptions
{
ClientId = "77rkpk9ecvpk55",
ClientSecret = "RFDQGJAvhWMScjq1",
});
}
public CustomOAuthAuthorizationServerOptions(IOAuthAuthorizationServerProvider provider)
{
_provider = provider;
}
public AuthServerOptions(string issuer)
{
_issuer = issuer;
_authProvider = new AuthorizationServer();
}
/// <summary>
/// OAuth Token Producer
/// </summary>
/// <param name="app"></param>
public static void ConfigureOAuthServer(IAppBuilder app, IOAuthAuthorizationServerProvider provider)
{
OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/Token"),
AuthenticationType = OAuthType,
AccessTokenFormat = GetTokenTicketFormat(app),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
AllowInsecureHttp = true
};
if (provider != null)
{
OAuthOptions.Provider = provider;
}
app.UseOAuthBearerTokens(OAuthOptions);
}
/// <summary>
///
/// </summary>
/// <param name="app"></param>
/// <param name="loginPath">/User/Login</param>
/// <param name="cookieProvider"></param>
public static void ConfigureAuth(IAppBuilder app, string loginPath
, IOAuthAuthorizationServerProvider provider)
{
ConfigCookieAuth(app, loginPath, null);
ConfigureOAuthServer(app, provider);
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
// Enables the application to temporarily store user information
// when they are verifying the second factor in the two-factor authentication process.
app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(5));
// Enables the application to remember the second login verification factor such as phone or email.
// Once you check this option, your second step of verification
// during the login process will be remembered on the device where you logged in from.
// This is similar to the RememberMe option when you log in.
app.UseTwoFactorRememberBrowserCookie(DefaultAuthenticationTypes.TwoFactorRememberBrowserCookie);
}
