public static void ConfigureAUTH(this IServiceCollection services, IConfiguration configuration) { JwtSettings jwtSettings = new JwtSettings(); configuration.GetSection("JwtSettings").Bind(jwtSettings); services .AddAuthentication(options => { options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultSignInScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(configuration => { configuration.RequireHttpsMetadata = false; configuration.SaveToken = true; configuration.TokenValidationParameters = new TokenValidationParameters { ValidIssuer = jwtSettings.Issuer, // site that makes the token ValidateIssuer = true, // TODO: change this to avoid forwarding attacks ValidAudience = jwtSettings.Audience, // site that consumes the token ValidateAudience = true, // TODO: change this to avoid forwarding attacks IssuerSigningKey = new SymmetricSecurityKey(TokenStoreSecurityService.GetSha256Hash(jwtSettings.Key)), ValidateIssuerSigningKey = true, // verify signature to avoid tampering ValidateLifetime = true, // validate the expiration ClockSkew = TimeSpan.Zero // tolerance for the expiration date }; configuration.Events = new JwtBearerEvents { OnAuthenticationFailed = context => { var logger = context.HttpContext.RequestServices.GetRequiredService <ILoggerFactory>().CreateLogger(nameof(JwtBearerEvents)); logger.LogError("Authentication failed.", context.Exception); return(Task.CompletedTask); }, OnTokenValidated = context => { ITokenValidatorService tokenValidatorService = context.HttpContext.RequestServices.GetRequiredService <ITokenValidatorService>(); return(tokenValidatorService.ValidateAsync(context)); }, OnMessageReceived = context => { return(Task.CompletedTask); }, OnChallenge = context => { var logger = context.HttpContext.RequestServices.GetRequiredService <ILoggerFactory>().CreateLogger(nameof(JwtBearerEvents)); logger.LogError("OnChallenge error", context.Error, context.ErrorDescription); return(Task.CompletedTask); } }; }); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.Configure <BearerTokensOptions>(options => Configuration.GetSection("BearerTokens").Bind(options)); services.Configure <AppSettings>(options => Configuration.Bind(options)); //Enable GZip Compression services.AddResponseCompression(options => { options.Providers.Add <GzipCompressionProvider>(); }); services.Configure <GzipCompressionProviderOptions>(options => { // You Can use fastest compression options.Level = CompressionLevel.Optimal; }); services.AddSingleton <IHttpContextAccessor, HttpContextAccessor>(); services.AddOptions(); //services.Configure<IHelperServices.Models.AppSettings>(options => Configuration.Bind(options)); services.AddCors(); // Using Cache with ServerState option services.AddDistributedMemoryCache(); // Default IdleTimeout 20 Minutes services.AddSession(); services.AddAutoMapper(); services.AddSwaggerGen(action => { action.EnableAnnotations(); action.SwaggerGeneratorOptions = new Swashbuckle.AspNetCore.SwaggerGen.SwaggerGeneratorOptions() { OperationIdSelector = x => x.ActionDescriptor.AttributeRouteInfo.Template.Replace('{', '_').Replace('}', '_') }; action.SwaggerDoc("v1", new Swashbuckle.AspNetCore.Swagger.Info { Title = "eCommerce WebApi", Version = "v1" }); }); services.AddEntityFrameworkSqlServer().AddDbContext <MainDbContext>(options => { options.UseLazyLoadingProxies(true) .UseSqlServer(Configuration.GetConnectionString("MainConnectionString"), serverDbContextOptionsBuilder => { int minutes = (int)TimeSpan.FromMinutes(3).TotalSeconds; serverDbContextOptionsBuilder.CommandTimeout(minutes); serverDbContextOptionsBuilder.EnableRetryOnFailure(); }); }); services.AddSingleton(typeof(DbContextOptionsBuilder <MainDbContext>), new DbContextOptionsBuilder <MainDbContext>().UseSqlServer(Configuration.GetConnectionString("MainConnectionString"))); services.AddSingleton <IHttpContextAccessor, HttpContextAccessor>(); services.AddScoped(typeof(IStringLocalizer), typeof(DbStringLocalizer)); services.AddHelperServices(); services.AddBusinessServices(); services.AddScoped <IUnitOfWork, UnitOfWork>(); //services.AddAuthorization(options => //{ // options.AddPolicy("HasPermissionPolicy", policy => // policy.Requirements.Add(new HasPermissionRequirment())); // options.AddPolicy("AuthenticatedOnlyPolicy", policy => // policy.Requirements.Add(new AuthenticatedOnlyRequirment())); //}); services.AddScoped <IAuthorizationHandler, AuthenticatedOnlyFilter>(); //services.AddScoped<IAuthorizationHandler, AuthHandler>(); services .AddAuthentication(options => { options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultSignInScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(cfg => { cfg.RequireHttpsMetadata = false; cfg.SaveToken = true; cfg.TokenValidationParameters = new TokenValidationParameters { ValidIssuer = Configuration["BearerTokens:Issuer"], // site that makes the token ValidateIssuer = false, // TODO: change this to avoid forwarding attacks ValidAudience = Configuration["BearerTokens:Audience"], // site that consumes the token ValidateAudience = false, // TODO: change this to avoid forwarding attacks IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["BearerTokens:Key"])), ValidateIssuerSigningKey = true, // verify signature to avoid tampering ValidateLifetime = true, // validate the expiration ClockSkew = TimeSpan.FromMinutes(5) // tolerance for the expiration date }; cfg.Events = new JwtBearerEvents { OnAuthenticationFailed = context => { ILogger logger = context.HttpContext.RequestServices.GetRequiredService <ILoggerFactory>().CreateLogger(nameof(JwtBearerEvents)); logger.LogError("Authentication failed.", context.Exception); return(Task.CompletedTask); }, OnTokenValidated = context => { ITokenValidatorService tokenValidatorService = context.HttpContext.RequestServices.GetRequiredService <ITokenValidatorService>(); return(tokenValidatorService.ValidateAsync(context)); }, OnChallenge = context => { ILogger logger = context.HttpContext.RequestServices.GetRequiredService <ILoggerFactory>().CreateLogger(nameof(JwtBearerEvents)); logger.LogError("OnChallenge error", context.Error, context.ErrorDescription); return(Task.CompletedTask); }, //OnMessageReceived = context => //{ // Microsoft.Extensions.Primitives.StringValues accessToken = context.Request.Query["access_token"]; // // If the request is for our hub... // PathString path = context.HttpContext.Request.Path; // if (!string.IsNullOrEmpty(accessToken) && // (path.StartsWithSegments("/SignalR"))) // { // // Read the token out of the query string // context.Token = accessToken; // } // return Task.CompletedTask; //} }; }); //services.AddAntiforgery(x => x.HeaderName = "X-XSRF-TOKEN"); //services.AddMvc(options => // { // options.Filters.Add(new AutoValidateAntiforgeryTokenAttribute()); // }) services.AddMvc() .AddDataAnnotationsLocalization() .AddJsonOptions(options => { options.SerializerSettings.PreserveReferencesHandling = PreserveReferencesHandling.None; options.SerializerSettings.ReferenceLoopHandling = ReferenceLoopHandling.Ignore; options.SerializerSettings.ContractResolver = new DefaultContractResolver(); }); //services.AddSignalR(options => options.EnableDetailedErrors = true); // To use Username instead of ConnectionId in Communication services.AddSingleton <IUserIdProvider, CustomUserIdProvider>(); // In production, the Angular files will be served from this directory services.AddSpaStaticFiles(configuration => { configuration.RootPath = "wwwroot"; }); services.Configure <RequestLocalizationOptions>(options => { CultureInfo[] supportedCultures = new[] { new CultureInfo("ar"), new CultureInfo("en") }; options.DefaultRequestCulture = new RequestCulture("ar"); options.SupportedCultures = supportedCultures; options.SupportedUICultures = supportedCultures; }); }
public void ConfigureServices(IServiceCollection services) { services.Configure <AppSettings>(options => Configuration.Bind(options)); services.AddAutoMapper(typeof(Startup)); services.AddDistributedMemoryCache(); services.AddSession(); services.AddResponseCompression(options => { options.Providers.Add <GzipCompressionProvider>(); }); services.Configure <GzipCompressionProviderOptions>(options => { // You Can use fastest compression options.Level = CompressionLevel.Optimal; }); services.AddSingleton <IHttpContextAccessor, HttpContextAccessor>(); services.AddOptions(); services.AddCors(); services.InjectDependancies(); services.AddAutoMapperProfiles(); services.AddSwaggerGen(c => { c.SwaggerGeneratorOptions = new Swashbuckle.AspNetCore.SwaggerGen.SwaggerGeneratorOptions() { OperationIdSelector = x => x.ActionDescriptor.AttributeRouteInfo.Template.Replace('{', '_').Replace('}', '_') }; c.SwaggerDoc("v1", new OpenApiInfo { Title = "WeAreReading", Version = "v1" }); }); services.AddEntityFrameworkSqlServer().AddDbContext <MainDbContext>(options => { options.UseLazyLoadingProxies(true) .UseSqlServer(Configuration.GetConnectionString("MainConnectionString"), serverDbContextOptionsBuilder => { int minutes = (int)TimeSpan.FromMinutes(3).TotalSeconds; serverDbContextOptionsBuilder.CommandTimeout(minutes); serverDbContextOptionsBuilder.EnableRetryOnFailure(); }); }); services.AddSingleton(typeof(DbContextOptionsBuilder <MainDbContext>), new DbContextOptionsBuilder <MainDbContext>().UseSqlServer(Configuration.GetConnectionString("MainConnectionString"))); services .AddAuthentication(options => { options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultSignInScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(cfg => { cfg.RequireHttpsMetadata = false; cfg.SaveToken = true; cfg.TokenValidationParameters = new TokenValidationParameters { ValidIssuer = Configuration["BearerTokensSettings:Issuer"], // site that makes the token ValidateIssuer = true, // TODO: change this to avoid forwarding attacks ValidAudience = Configuration["BearerTokensSettings:Audience"], // site that consumes the token ValidateAudience = false, // TODO: change this to avoid forwarding attacks IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["BearerTokensSettings:Key"])), ValidateIssuerSigningKey = true, // verify signature to avoid tampering ValidateLifetime = false, // validate the expiration ClockSkew = TimeSpan.FromMinutes(5) // tolerance for the expiration date }; cfg.Events = new JwtBearerEvents { OnAuthenticationFailed = context => { ILogger logger = context.HttpContext.RequestServices.GetRequiredService <ILoggerFactory>().CreateLogger(nameof(JwtBearerEvents)); logger.LogError("Authentication failed.", context.Exception); return(Task.CompletedTask); }, OnTokenValidated = context => { ITokenValidatorService tokenValidatorService = context.HttpContext.RequestServices.GetRequiredService <ITokenValidatorService>(); tokenValidatorService.Validate(context); return(Task.CompletedTask); }, OnChallenge = context => { ILogger logger = context.HttpContext.RequestServices.GetRequiredService <ILoggerFactory>().CreateLogger(nameof(JwtBearerEvents)); logger.LogError("OnChallenge error", context.Error, context.ErrorDescription); return(Task.CompletedTask); }, //OnMessageReceived = context => //{ // Microsoft.Extensions.Primitives.StringValues accessToken = context.Request.Query["access_token"]; // // If the request is for our hub... // PathString path = context.HttpContext.Request.Path; // if (!string.IsNullOrEmpty(accessToken) && // (path.StartsWithSegments("/SignalR"))) // { // // Read the token out of the query string // context.Token = accessToken; // } // return Task.CompletedTask; //} }; }); services.AddControllers().AddFluentValidation(); services.AddSpaStaticFiles(configuration => { configuration.RootPath = "ClientApp/dist"; }); }
public TokenFunctions(ITokenService tokenService, ITokenValidatorService tokenValidatorService) { _tokenService = tokenService; _tokenValidatorService = tokenValidatorService; }