コード例 #1
0
        override public async Task SeedAsync()
        {
            await base.SeedAsync().ConfigureAwait(false);

            await _persistedGrantContext.Database.MigrateAsync().ConfigureAwait(false);

            await _configurationContext.Database.MigrateAsync().ConfigureAwait(false);

            if (!await _configurationContext.Clients.AnyAsync())
            {
                _logger.LogInformation("Seeding IdentityServer Clients");

                foreach (var client in IdentityServerConfig.GetClients())
                {
                    _configurationContext.Clients.Add(client.ToEntity());
                }

                _configurationContext.SaveChanges();
            }

            if (!await _configurationContext.IdentityResources.AnyAsync())
            {
                _logger.LogInformation("Seeding IdentityServer Identity Resources");

                foreach (var resource in IdentityServerConfig.GetIdentityResources())
                {
                    _configurationContext.IdentityResources.Add(resource.ToEntity());
                }

                _configurationContext.SaveChanges();
            }

            if (!await _configurationContext.ApiResources.AnyAsync())
            {
                _logger.LogInformation("Seeding IdentityServer API Resources");

                foreach (var resource in IdentityServerConfig.GetApiResources())
                {
                    _configurationContext.ApiResources.Add(resource.ToEntity());
                }

                _configurationContext.SaveChanges();
            }
        }
コード例 #2
0
ファイル: Startup.cs プロジェクト: mathewpjose2020/iAccount
        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddDbContext <ApplicationDbContext>(options =>
                                                         options.UseSqlServer(Configuration["ConnectionStrings:DefaultConnection"], b => b.MigrationsAssembly("QuickApp")));

            // add identity
            services.AddIdentity <ApplicationUser, ApplicationRole>()
            .AddEntityFrameworkStores <ApplicationDbContext>()
            .AddDefaultTokenProviders();

            // Configure Identity options and password complexity here
            services.Configure <IdentityOptions>(options =>
            {
                // User settings
                options.User.RequireUniqueEmail = true;

                //    //// Password settings
                //    //options.Password.RequireDigit = true;
                //    //options.Password.RequiredLength = 8;
                //    //options.Password.RequireNonAlphanumeric = false;
                //    //options.Password.RequireUppercase = true;
                //    //options.Password.RequireLowercase = false;

                //    //// Lockout settings
                //    //options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(30);
                //    //options.Lockout.MaxFailedAccessAttempts = 10;
            });


            // Adds IdentityServer.
            services.AddIdentityServer()
            // The AddDeveloperSigningCredential extension creates temporary key material for signing tokens.
            // This might be useful to get started, but needs to be replaced by some persistent key material for production scenarios.
            // See http://docs.identityserver.io/en/release/topics/crypto.html#refcrypto for more information.
            .AddDeveloperSigningCredential()
            .AddInMemoryPersistedGrants()
            // To configure IdentityServer to use EntityFramework (EF) as the storage mechanism for configuration data (rather than using the in-memory implementations),
            // see https://identityserver4.readthedocs.io/en/release/quickstarts/8_entity_framework.html
            .AddInMemoryIdentityResources(IdentityServerConfig.GetIdentityResources())
            .AddInMemoryApiResources(IdentityServerConfig.GetApiResources())
            .AddInMemoryClients(IdentityServerConfig.GetClients())
            .AddAspNetIdentity <ApplicationUser>()
            .AddProfileService <ProfileService>();


            var applicationUrl = Configuration["ApplicationUrl"].TrimEnd('/');

            services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
            .AddIdentityServerAuthentication(options =>
            {
                options.Authority            = applicationUrl;
                options.SupportedTokens      = SupportedTokens.Jwt;
                options.RequireHttpsMetadata = false;     // Note: Set to true in production
                options.ApiName = IdentityServerConfig.ApiName;
            });

            services.AddAuthorization(options =>
            {
                options.AddPolicy(Authorization.Policies.ViewAllUsersPolicy, policy => policy.RequireClaim(ClaimConstants.Permission, AppPermissions.ViewUsers));
                options.AddPolicy(Authorization.Policies.ManageAllUsersPolicy, policy => policy.RequireClaim(ClaimConstants.Permission, AppPermissions.ManageUsers));

                options.AddPolicy(Authorization.Policies.ViewAllRolesPolicy, policy => policy.RequireClaim(ClaimConstants.Permission, AppPermissions.ViewRoles));
                options.AddPolicy(Authorization.Policies.ViewRoleByRoleNamePolicy, policy => policy.Requirements.Add(new ViewRoleAuthorizationRequirement()));
                options.AddPolicy(Authorization.Policies.ManageAllRolesPolicy, policy => policy.RequireClaim(ClaimConstants.Permission, AppPermissions.ManageRoles));

                options.AddPolicy(Authorization.Policies.AssignAllowedRolesPolicy, policy => policy.Requirements.Add(new AssignRolesAuthorizationRequirement()));
            });



            // Add cors
            services.AddCors();

            services.AddControllersWithViews();

            // In production, the Angular files will be served from this directory
            services.AddSpaStaticFiles(configuration =>
            {
                configuration.RootPath = "ClientApp/dist";
            });

            services.AddSwaggerGen(c =>
            {
                c.SwaggerDoc("v1", new OpenApiInfo {
                    Title = IdentityServerConfig.ApiFriendlyName, Version = "v1"
                });
                c.OperationFilter <AuthorizeCheckOperationFilter>();
                c.AddSecurityDefinition("oauth2", new OpenApiSecurityScheme
                {
                    Type  = SecuritySchemeType.OAuth2,
                    Flows = new OpenApiOAuthFlows
                    {
                        Password = new OpenApiOAuthFlow
                        {
                            TokenUrl = new Uri("/connect/token", UriKind.Relative),
                            Scopes   = new Dictionary <string, string>()
                            {
                                { IdentityServerConfig.ApiName, IdentityServerConfig.ApiFriendlyName }
                            }
                        }
                    }
                });
            });

            services.AddAutoMapper(typeof(Startup));

            // Configurations
            services.Configure <AppSettings>(Configuration);


            // Business Services
            services.AddScoped <IEmailSender, EmailSender>();


            // Repositories
            services.AddScoped <IUnitOfWork, HttpUnitOfWork>();
            services.AddScoped <IAccountManager, AccountManager>();
            services.AddScoped <IAccounttypeRepository, AccounttypeRepository>();
            services.AddScoped <IBankAccountRepository, BankAccountRepository>();

            // Auth Handlers
            services.AddSingleton <IAuthorizationHandler, ViewUserAuthorizationHandler>();
            services.AddSingleton <IAuthorizationHandler, ManageUserAuthorizationHandler>();
            services.AddSingleton <IAuthorizationHandler, ViewRoleAuthorizationHandler>();
            services.AddSingleton <IAuthorizationHandler, AssignRolesAuthorizationHandler>();

            // DB Creation and Seeding
            services.AddTransient <IDatabaseInitializer, DatabaseInitializer>();
        }
コード例 #3
0
ファイル: Startup.cs プロジェクト: kabatlantafan7/quickapp
        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddDbContext <ApplicationDbContext>(options =>
                                                         options.UseSqlServer(Configuration["ConnectionStrings:DefaultConnection"], b => b.MigrationsAssembly("QuickApp")));

            // add identity
            services.AddIdentity <ApplicationUser, ApplicationRole>()
            .AddEntityFrameworkStores <ApplicationDbContext>()
            .AddDefaultTokenProviders();

            // Configure Identity options and password complexity here
            services.Configure <IdentityOptions>(options =>
            {
                // User settings
                options.User.RequireUniqueEmail = true;

                //    //// Password settings
                //    //options.Password.RequireDigit = true;
                //    //options.Password.RequiredLength = 8;
                //    //options.Password.RequireNonAlphanumeric = false;
                //    //options.Password.RequireUppercase = true;
                //    //options.Password.RequireLowercase = false;

                //    //// Lockout settings
                //    //options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(30);
                //    //options.Lockout.MaxFailedAccessAttempts = 10;
            });


            // Adds IdentityServer.
            services.AddIdentityServer()
            // The AddDeveloperSigningCredential extension creates temporary key material for signing tokens.
            // This might be useful to get started, but needs to be replaced by some persistent key material for production scenarios.
            // See http://docs.identityserver.io/en/release/topics/crypto.html#refcrypto for more information.
            .AddDeveloperSigningCredential()
            .AddInMemoryPersistedGrants()
            // To configure IdentityServer to use EntityFramework (EF) as the storage mechanism for configuration data (rather than using the in-memory implementations),
            // see https://identityserver4.readthedocs.io/en/release/quickstarts/8_entity_framework.html
            .AddInMemoryIdentityResources(IdentityServerConfig.GetIdentityResources())
            .AddInMemoryApiResources(IdentityServerConfig.GetApiResources())
            .AddInMemoryClients(IdentityServerConfig.GetClients())
            .AddAspNetIdentity <ApplicationUser>()
            .AddProfileService <ProfileService>();


            var applicationUrl = Configuration["ApplicationUrl"].TrimEnd('/');

            services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
            .AddIdentityServerAuthentication(options =>
            {
                options.Authority            = applicationUrl;
                options.SupportedTokens      = SupportedTokens.Jwt;
                options.RequireHttpsMetadata = false;     // Note: Set to true in production
                options.ApiName = IdentityServerConfig.ApiName;
            });


            services.AddAuthorization(options =>
            {
                options.AddPolicy(Authorization.Policies.ViewAllUsersPolicy, policy => policy.RequireClaim(ClaimConstants.Permission, AppPermissions.ViewUsers));
                options.AddPolicy(Authorization.Policies.ManageAllUsersPolicy, policy => policy.RequireClaim(ClaimConstants.Permission, AppPermissions.ManageUsers));

                options.AddPolicy(Authorization.Policies.ViewAllRolesPolicy, policy => policy.RequireClaim(ClaimConstants.Permission, AppPermissions.ViewRoles));
                options.AddPolicy(Authorization.Policies.ViewRoleByRoleNamePolicy, policy => policy.Requirements.Add(new ViewRoleAuthorizationRequirement()));
                options.AddPolicy(Authorization.Policies.ManageAllRolesPolicy, policy => policy.RequireClaim(ClaimConstants.Permission, AppPermissions.ManageRoles));

                options.AddPolicy(Authorization.Policies.AssignAllowedRolesPolicy, policy => policy.Requirements.Add(new AssignRolesAuthorizationRequirement()));
            });


            // Add cors
            services.AddCors();

            // Add framework services.
            services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);

            // The port to use for https redirection in production
            if (!_env.IsDevelopment() && !string.IsNullOrWhiteSpace(Configuration["HttpsRedirectionPort"]))
            {
                services.AddHttpsRedirection(options =>
                {
                    options.HttpsPort = int.Parse(Configuration["HttpsRedirectionPort"]);
                });
            }

            // In production, the Angular files will be served from this directory
            services.AddSpaStaticFiles(configuration =>
            {
                configuration.RootPath = "ClientApp/dist";
            });


            //Todo: ***Using DataAnnotations for validation until Swashbuckle supports FluentValidation***
            //services.AddFluentValidation(fv => fv.RegisterValidatorsFromAssemblyContaining<Startup>());


            //.AddJsonOptions(opts =>
            //{
            //    opts.SerializerSettings.ContractResolver = new CamelCasePropertyNamesContractResolver();
            //});


            services.AddSwaggerGen(c =>
            {
                c.SwaggerDoc("v1", new Info {
                    Title = IdentityServerConfig.ApiFriendlyName, Version = "v1"
                });
                c.OperationFilter <AuthorizeCheckOperationFilter>();
                c.AddSecurityDefinition("oauth2", new OAuth2Scheme
                {
                    Type     = "oauth2",
                    Flow     = "password",
                    TokenUrl = $"{applicationUrl}/connect/token",
                    Scopes   = new Dictionary <string, string>()
                    {
                        { IdentityServerConfig.ApiName, IdentityServerConfig.ApiFriendlyName }
                    }
                });
            });


            Mapper.Initialize(cfg =>
            {
                cfg.AddProfile <AutoMapperProfile>();
            });


            // Configurations
            services.Configure <AppSettings>(Configuration);


            // Business Services
            services.AddScoped <IEmailSender, EmailSender>();


            // Repositories
            services.AddScoped <IUnitOfWork, HttpUnitOfWork>();
            services.AddScoped <IAccountManager, AccountManager>();

            // Auth Handlers
            services.AddSingleton <IAuthorizationHandler, ViewUserAuthorizationHandler>();
            services.AddSingleton <IAuthorizationHandler, ManageUserAuthorizationHandler>();
            services.AddSingleton <IAuthorizationHandler, ViewRoleAuthorizationHandler>();
            services.AddSingleton <IAuthorizationHandler, AssignRolesAuthorizationHandler>();

            // DB Creation and Seeding
            services.AddTransient <IDatabaseInitializer, DatabaseInitializer>();
        }