public static void BuildApp(this IApplicationBuilder app) { app.UseRouter(r => { var contactRepo = new InMemoryContactRepository(); r.MapGet("contacts", async(request, response, routeData) => { var contacts = await contactRepo.GetAll(); await response.WriteJson(contacts); }); r.MapGet("contacts/{id:int}", async(request, response, routeData) => { var contact = await contactRepo.Get(Convert.ToInt32(routeData.Values["id"])); if (contact == null) { response.StatusCode = 404; return; } await response.WriteJson(contact); }); r.MapPost("contacts", async(request, response, routeData) => { var newContact = await request.HttpContext.ReadFromJson <Contact>(); if (newContact == null) { return; } await contactRepo.Add(newContact); response.StatusCode = 201; await response.WriteJson(newContact); }); r.MapPut("contacts/{id:int}", async(request, response, routeData) => { var updatedContact = await request.HttpContext.ReadFromJson <Contact>(); if (updatedContact == null) { return; } updatedContact.ContactId = Convert.ToInt32(routeData.Values["id"]); await contactRepo.Update(updatedContact); response.StatusCode = 204; }); r.MapDelete("contacts/{id:int}", async(request, response, routeData) => { await contactRepo.Delete(Convert.ToInt32(routeData.Values["id"])); response.StatusCode = 204; }); }); }
public static async Task Main(string[] args) => await WebHost.CreateDefaultBuilder(args) .ConfigureServices(s => { s.AddEmbeddedIdentityServer(); s.AddRouting(); }) .Configure(app => { app.Map("/identity", id => { // use embedded identity server to issue tokens id.UseIdentityServer(); }) .UseAuthentication() // consume the JWT tokens in the API .Use(async(c, next) => // authorize the whole API against the API policy { var allowed = await c.RequestServices.GetRequiredService <IAuthorizationService>().AuthorizeAsync(c.User, "API"); if (!allowed.Succeeded) { c.Response.StatusCode = 401; return; } await next(); }) .UseRouter(r => // define all API endpoints { var contactRepo = new InMemoryContactRepository(); r.MapGet("contacts", async(request, response, routeData) => { var contacts = await contactRepo.GetAll(); response.WriteJson(contacts); }); r.MapGet("contacts/{id:int}", async(request, response, routeData) => { var contact = await contactRepo.Get(Convert.ToInt32(routeData.Values["id"])); if (contact == null) { response.StatusCode = 404; return; } response.WriteJson(contact); }); r.MapPost("contacts", async(request, response, routeData) => { var newContact = request.HttpContext.ReadFromJson <Contact>(); if (newContact == null) { return; } await contactRepo.Add(newContact); response.StatusCode = 201; response.WriteJson(newContact); }); r.MapPut("contacts/{id:int}", async(request, response, routeData) => { var updatedContact = request.HttpContext.ReadFromJson <Contact>(); if (updatedContact == null) { return; } updatedContact.ContactId = Convert.ToInt32(routeData.Values["id"]); await contactRepo.Update(updatedContact); response.StatusCode = 204; }); r.MapDelete("contacts/{id:int}", async(request, response, routeData) => { await contactRepo.Delete(Convert.ToInt32(routeData.Values["id"])); response.StatusCode = 204; }); }); }) .Build().RunAsync();
public static async Task Main(string[] args) => await WebHost.CreateDefaultBuilder(args) .ConfigureServices(s => { // set up embedded identity server s.AddIdentityServer(). AddTestClients(). AddTestResources(). AddDeveloperSigningCredential(); s.AddRouting() .AddAuthorization(options => { // set up authorization policy for the API options.AddPolicy("API", policy => { policy.AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme); policy.RequireAuthenticatedUser().RequireClaim("scope", "read"); }); }) .AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme) .AddIdentityServerAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme, o => { o.Authority = "https://localhost:5001/identity"; }); }) .Configure(app => { app.Map("/identity", id => { // use embedded identity server to issue tokens id.UseIdentityServer(); }) .UseAuthentication() // consume the JWT tokens in the API .Use(async(c, next) => // authorize the whole API against the API policy { var allowed = await c.RequestServices.GetRequiredService <IAuthorizationService>().AuthorizeAsync(c.User, null, "API"); if (allowed.Succeeded) { await next(); } else { c.Response.StatusCode = 401; } }) .UseRouter(r => // define all API endpoints { var contactRepo = new InMemoryContactRepository(); r.MapGet("contacts", async(request, response, routeData) => { var contacts = await contactRepo.GetAll(); response.WriteJson(contacts); }); r.MapGet("contacts/{id:int}", async(request, response, routeData) => { var contact = await contactRepo.Get(Convert.ToInt32(routeData.Values["id"])); if (contact == null) { response.StatusCode = 404; return; } response.WriteJson(contact); }); r.MapPost("contacts", async(request, response, routeData) => { var newContact = request.HttpContext.ReadFromJson <Contact>(); if (newContact == null) { return; } await contactRepo.Add(newContact); response.StatusCode = 201; response.WriteJson(newContact); }); r.MapPut("contacts/{id:int}", async(request, response, routeData) => { var updatedContact = request.HttpContext.ReadFromJson <Contact>(); if (updatedContact == null) { return; } updatedContact.ContactId = Convert.ToInt32(routeData.Values["id"]); await contactRepo.Update(updatedContact); response.StatusCode = 204; }); r.MapDelete("contacts/{id:int}", async(request, response, routeData) => { await contactRepo.Delete(Convert.ToInt32(routeData.Values["id"])); response.StatusCode = 204; }); }); }) .Build().RunAsync();