/// <summary> /// Configure OWIN to use OpenIdConnect /// </summary> /// <param name="app"></param> public static void Configuration(IAppBuilder app) { HostType = DecodeHostType(Settings.Default.HostTypeString); //WebWiz does not allow drop/create database var canDropCreateDatabase = HostType != HostTypes.WebWiz; SetupLogging(HostType); //This runs the ServiceLayer initialise, whoes job it is to initialise any of the lower layers //NOTE: This MUST to come before the setup of the DI because it relies on the configInfo being set up ServiceLayerInitialise.InitialiseThis(HostType == HostTypes.Azure, canDropCreateDatabase); //This sets up the Autofac container for all levels in the program var container = AutofacDi.SetupDependency(); //// Set the dependency resolver for MVC. var mvcResolver = new AutofacDependencyResolver(container); DependencyResolver.SetResolver(mvcResolver); var service = container.Resolve <IListService>(); MailAuthorize.SetService(service); app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType); app.UseCookieAuthentication(new CookieAuthenticationOptions()); app.UseOpenIdConnectAuthentication( new OpenIdConnectAuthenticationOptions { // Sets the ClientId, authority, RedirectUri as obtained from web.config ClientId = clientId, Authority = authority, RedirectUri = redirectUri, // PostLogoutRedirectUri is the page that users will be redirected to after sign-out. In this case, it is using the home page PostLogoutRedirectUri = redirectUri, Scope = OpenIdConnectScope.OpenIdProfile, // ResponseType is set to request the id_token - which contains basic information about the signed-in user ResponseType = OpenIdConnectResponseType.IdToken, // ValidateIssuer set to false to allow personal and work accounts from any organization to sign in to your application // To only allow users from a single organizations, set ValidateIssuer to true and 'tenant' setting in web.config to the tenant name // To allow users from only a list of specific organizations, set ValidateIssuer to true and use ValidIssuers parameter TokenValidationParameters = new TokenValidationParameters() { ValidateIssuer = false // This is a simplification }, // OpenIdConnectAuthenticationNotifications configures OWIN to send notification of failed authentications to OnAuthenticationFailed method Notifications = new OpenIdConnectAuthenticationNotifications { AuthenticationFailed = OnAuthenticationFailed, //RedirectToIdentityProvider = OnRedirectToIdentityProvider, SecurityTokenValidated = OnSecurityTokenValidated, } } ); }
/// <summary> /// This should be called at Startup /// </summary> public static void InitialiseThis(HttpApplication application) { HostType = DecodeHostType(Settings.Default.HostTypeString); //WebWiz does not allow drop/create database var canDropCreateDatabase = HostType != HostTypes.WebWiz; SetupLogging(application, HostType); //This runs the ServiceLayer initialise, whoes job it is to initialise any of the lower layers //NOTE: This MUST to come before the setup of the DI because it relies on the configInfo being set up ServiceLayerInitialise.InitialiseThis(HostType == HostTypes.Azure, canDropCreateDatabase); //This sets up the Autofac container for all levels in the program var container = AutofacDi.SetupDependency(); //// Set the dependency resolver for MVC. var mvcResolver = new AutofacDependencyResolver(container); DependencyResolver.SetResolver(mvcResolver); }