private void SetupIdentity(IServiceCollection services) { //var cert = new X509Certificate2("coraltime.pfx", "", X509KeyStorageFlags.MachineKeySet); services.AddIdentity <ApplicationUser, IdentityRole>() .AddEntityFrameworkStores <AppDbContext>() .AddDefaultTokenProviders(); // Identity options. services.Configure <IdentityOptions>(options => { // Password settings. options.Password.RequireDigit = true; options.Password.RequiredLength = 8; options.Password.RequireNonAlphanumeric = true; options.Password.RequireUppercase = true; options.Password.RequireLowercase = true; options.User.RequireUniqueEmail = true; }); services.AddAuthorization(options => { Config.CreateAuthorizatoinOptions(options); }); var accessTokenLifetime = int.Parse(Configuration["AccessTokenLifetime"]); var refreshTokenLifetime = int.Parse(Configuration["RefreshTokenLifetime"]); // Adds IdentityServer services.AddIdentityServer() //.AddTemporarySigningCredential() .AddDeveloperSigningCredential() .AddInMemoryIdentityResources(Config.GetIdentityResources()) .AddInMemoryApiResources(Config.GetApiResources()) .AddInMemoryClients(Config.GetClients(accessTokenLifetime, refreshTokenLifetime)) .AddAspNetIdentity <ApplicationUser>() .AddResourceOwnerValidator <ResourceOwnerPasswordValidator>() //.AddSigningCredential(cert) .AddProfileService <IdentityWithAdditionalClaimsProfileService>(); }
private void SetupIdentity(IServiceCollection services) { var isDemo = bool.Parse(Configuration["DemoSiteMode"]); // Identity options. services.Configure <IdentityOptions>(options => { // Password settings. if (isDemo) { options.Password.RequireDigit = false; options.Password.RequireNonAlphanumeric = false; options.Password.RequireUppercase = false; options.Password.RequireLowercase = false; } else { options.Password.RequireDigit = true; options.Password.RequireNonAlphanumeric = true; options.Password.RequireUppercase = true; options.Password.RequireLowercase = true; } options.Password.RequiredLength = 8; options.User.RequireUniqueEmail = true; }); var accessTokenLifetime = int.Parse(Configuration["AccessTokenLifetime"]); var refreshTokenLifetime = int.Parse(Configuration["RefreshTokenLifetime"]); if (isDemo) { services.AddIdentityServer() .AddDeveloperSigningCredential() .AddInMemoryIdentityResources(Config.GetIdentityResources()) .AddInMemoryApiResources(Config.GetApiResources()) .AddInMemoryClients(Config.GetClients(accessTokenLifetime, refreshTokenLifetime)) .AddAspNetIdentity <ApplicationUser>() .AddResourceOwnerValidator <ResourceOwnerPasswordValidator>() .AddProfileService <IdentityWithAdditionalClaimsProfileService>(); } else { var cert = new X509Certificate2("coraltime.pfx", "", X509KeyStorageFlags.MachineKeySet); services.AddIdentityServer() .AddInMemoryIdentityResources(Config.GetIdentityResources()) .AddInMemoryApiResources(Config.GetApiResources()) .AddInMemoryClients(Config.GetClients(accessTokenLifetime, refreshTokenLifetime)) .AddAspNetIdentity <ApplicationUser>() .AddResourceOwnerValidator <ResourceOwnerPasswordValidator>() .AddSigningCredential(cert).AddAppAuthRedirectUriValidator() .AddProfileService <IdentityWithAdditionalClaimsProfileService>(); } services.AddAuthentication(options => { options.DefaultAuthenticateScheme = "Bearer"; options.DefaultChallengeScheme = "Bearer"; options.DefaultForbidScheme = "Identity.Application"; }).AddJwtBearer(options => { // name of the API resource options.Audience = "WebAPI"; options.Authority = Configuration["Authority"]; options.RequireHttpsMetadata = false; }); services.AddAuthorization(options => { Config.CreateAuthorizatoinOptions(options); }); }