/// <summary>
/// Configure OWIN to use OpenIdConnect
/// </summary>
/// <param name="app"></param>
public static void Configuration(IAppBuilder app)
{
HostType = DecodeHostType(Settings.Default.HostTypeString);
//WebWiz does not allow drop/create database
var canDropCreateDatabase = HostType != HostTypes.WebWiz;
SetupLogging(HostType);
//This runs the ServiceLayer initialise, whoes job it is to initialise any of the lower layers
//NOTE: This MUST to come before the setup of the DI because it relies on the configInfo being set up
ServiceLayerInitialise.InitialiseThis(HostType == HostTypes.Azure, canDropCreateDatabase);
//This sets up the Autofac container for all levels in the program
var container = AutofacDi.SetupDependency();
//// Set the dependency resolver for MVC.
var mvcResolver = new AutofacDependencyResolver(container);
DependencyResolver.SetResolver(mvcResolver);
var service = container.Resolve <IListService>();
MailAuthorize.SetService(service);
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions());
app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
// Sets the ClientId, authority, RedirectUri as obtained from web.config
ClientId = clientId,
Authority = authority,
RedirectUri = redirectUri,
// PostLogoutRedirectUri is the page that users will be redirected to after sign-out. In this case, it is using the home page
PostLogoutRedirectUri = redirectUri,
Scope = OpenIdConnectScope.OpenIdProfile,
// ResponseType is set to request the id_token - which contains basic information about the signed-in user
ResponseType = OpenIdConnectResponseType.IdToken,
// ValidateIssuer set to false to allow personal and work accounts from any organization to sign in to your application
// To only allow users from a single organizations, set ValidateIssuer to true and 'tenant' setting in web.config to the tenant name
// To allow users from only a list of specific organizations, set ValidateIssuer to true and use ValidIssuers parameter
TokenValidationParameters = new TokenValidationParameters()
{
ValidateIssuer = false // This is a simplification
},
// OpenIdConnectAuthenticationNotifications configures OWIN to send notification of failed authentications to OnAuthenticationFailed method
Notifications = new OpenIdConnectAuthenticationNotifications
{
AuthenticationFailed = OnAuthenticationFailed,
//RedirectToIdentityProvider = OnRedirectToIdentityProvider,
SecurityTokenValidated = OnSecurityTokenValidated,
}
}
);
}
/// <summary>
/// This should be called at Startup
/// </summary>
public static void InitialiseThis(HttpApplication application)
{
HostType = DecodeHostType(Settings.Default.HostTypeString);
//WebWiz does not allow drop/create database
var canDropCreateDatabase = HostType != HostTypes.WebWiz;
SetupLogging(application, HostType);
//This runs the ServiceLayer initialise, whoes job it is to initialise any of the lower layers
//NOTE: This MUST to come before the setup of the DI because it relies on the configInfo being set up
ServiceLayerInitialise.InitialiseThis(HostType == HostTypes.Azure, canDropCreateDatabase);
//This sets up the Autofac container for all levels in the program
var container = AutofacDi.SetupDependency();
//// Set the dependency resolver for MVC.
var mvcResolver = new AutofacDependencyResolver(container);
DependencyResolver.SetResolver(mvcResolver);
}
