override public async Task SeedAsync() { await base.SeedAsync().ConfigureAwait(false); await _persistedGrantContext.Database.MigrateAsync().ConfigureAwait(false); await _configurationContext.Database.MigrateAsync().ConfigureAwait(false); if (!await _configurationContext.Clients.AnyAsync()) { _logger.LogInformation("Seeding IdentityServer Clients"); foreach (var client in IdentityServerConfig.GetClients()) { _configurationContext.Clients.Add(client.ToEntity()); } _configurationContext.SaveChanges(); } if (!await _configurationContext.IdentityResources.AnyAsync()) { _logger.LogInformation("Seeding IdentityServer Identity Resources"); foreach (var resource in IdentityServerConfig.GetIdentityResources()) { _configurationContext.IdentityResources.Add(resource.ToEntity()); } _configurationContext.SaveChanges(); } if (!await _configurationContext.ApiResources.AnyAsync()) { _logger.LogInformation("Seeding IdentityServer API Resources"); foreach (var resource in IdentityServerConfig.GetApiResources()) { _configurationContext.ApiResources.Add(resource.ToEntity()); } _configurationContext.SaveChanges(); } }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddDbContext <ApplicationDbContext>(options => options.UseSqlServer(Configuration["ConnectionStrings:DefaultConnection"], b => b.MigrationsAssembly("QuickApp"))); // add identity services.AddIdentity <ApplicationUser, ApplicationRole>() .AddEntityFrameworkStores <ApplicationDbContext>() .AddDefaultTokenProviders(); // Configure Identity options and password complexity here services.Configure <IdentityOptions>(options => { // User settings options.User.RequireUniqueEmail = true; // //// Password settings // //options.Password.RequireDigit = true; // //options.Password.RequiredLength = 8; // //options.Password.RequireNonAlphanumeric = false; // //options.Password.RequireUppercase = true; // //options.Password.RequireLowercase = false; // //// Lockout settings // //options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(30); // //options.Lockout.MaxFailedAccessAttempts = 10; }); // Adds IdentityServer. services.AddIdentityServer() // The AddDeveloperSigningCredential extension creates temporary key material for signing tokens. // This might be useful to get started, but needs to be replaced by some persistent key material for production scenarios. // See http://docs.identityserver.io/en/release/topics/crypto.html#refcrypto for more information. .AddDeveloperSigningCredential() .AddInMemoryPersistedGrants() // To configure IdentityServer to use EntityFramework (EF) as the storage mechanism for configuration data (rather than using the in-memory implementations), // see https://identityserver4.readthedocs.io/en/release/quickstarts/8_entity_framework.html .AddInMemoryIdentityResources(IdentityServerConfig.GetIdentityResources()) .AddInMemoryApiResources(IdentityServerConfig.GetApiResources()) .AddInMemoryClients(IdentityServerConfig.GetClients()) .AddAspNetIdentity <ApplicationUser>() .AddProfileService <ProfileService>(); var applicationUrl = Configuration["ApplicationUrl"].TrimEnd('/'); services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme) .AddIdentityServerAuthentication(options => { options.Authority = applicationUrl; options.SupportedTokens = SupportedTokens.Jwt; options.RequireHttpsMetadata = false; // Note: Set to true in production options.ApiName = IdentityServerConfig.ApiName; }); services.AddAuthorization(options => { options.AddPolicy(Authorization.Policies.ViewAllUsersPolicy, policy => policy.RequireClaim(ClaimConstants.Permission, AppPermissions.ViewUsers)); options.AddPolicy(Authorization.Policies.ManageAllUsersPolicy, policy => policy.RequireClaim(ClaimConstants.Permission, AppPermissions.ManageUsers)); options.AddPolicy(Authorization.Policies.ViewAllRolesPolicy, policy => policy.RequireClaim(ClaimConstants.Permission, AppPermissions.ViewRoles)); options.AddPolicy(Authorization.Policies.ViewRoleByRoleNamePolicy, policy => policy.Requirements.Add(new ViewRoleAuthorizationRequirement())); options.AddPolicy(Authorization.Policies.ManageAllRolesPolicy, policy => policy.RequireClaim(ClaimConstants.Permission, AppPermissions.ManageRoles)); options.AddPolicy(Authorization.Policies.AssignAllowedRolesPolicy, policy => policy.Requirements.Add(new AssignRolesAuthorizationRequirement())); }); // Add cors services.AddCors(); services.AddControllersWithViews(); // In production, the Angular files will be served from this directory services.AddSpaStaticFiles(configuration => { configuration.RootPath = "ClientApp/dist"; }); services.AddSwaggerGen(c => { c.SwaggerDoc("v1", new OpenApiInfo { Title = IdentityServerConfig.ApiFriendlyName, Version = "v1" }); c.OperationFilter <AuthorizeCheckOperationFilter>(); c.AddSecurityDefinition("oauth2", new OpenApiSecurityScheme { Type = SecuritySchemeType.OAuth2, Flows = new OpenApiOAuthFlows { Password = new OpenApiOAuthFlow { TokenUrl = new Uri("/connect/token", UriKind.Relative), Scopes = new Dictionary <string, string>() { { IdentityServerConfig.ApiName, IdentityServerConfig.ApiFriendlyName } } } } }); }); services.AddAutoMapper(typeof(Startup)); // Configurations services.Configure <AppSettings>(Configuration); // Business Services services.AddScoped <IEmailSender, EmailSender>(); // Repositories services.AddScoped <IUnitOfWork, HttpUnitOfWork>(); services.AddScoped <IAccountManager, AccountManager>(); services.AddScoped <IAccounttypeRepository, AccounttypeRepository>(); services.AddScoped <IBankAccountRepository, BankAccountRepository>(); // Auth Handlers services.AddSingleton <IAuthorizationHandler, ViewUserAuthorizationHandler>(); services.AddSingleton <IAuthorizationHandler, ManageUserAuthorizationHandler>(); services.AddSingleton <IAuthorizationHandler, ViewRoleAuthorizationHandler>(); services.AddSingleton <IAuthorizationHandler, AssignRolesAuthorizationHandler>(); // DB Creation and Seeding services.AddTransient <IDatabaseInitializer, DatabaseInitializer>(); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddDbContext <ApplicationDbContext>(options => options.UseSqlServer(Configuration["ConnectionStrings:DefaultConnection"], b => b.MigrationsAssembly("QuickApp"))); // add identity services.AddIdentity <ApplicationUser, ApplicationRole>() .AddEntityFrameworkStores <ApplicationDbContext>() .AddDefaultTokenProviders(); // Configure Identity options and password complexity here services.Configure <IdentityOptions>(options => { // User settings options.User.RequireUniqueEmail = true; // //// Password settings // //options.Password.RequireDigit = true; // //options.Password.RequiredLength = 8; // //options.Password.RequireNonAlphanumeric = false; // //options.Password.RequireUppercase = true; // //options.Password.RequireLowercase = false; // //// Lockout settings // //options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(30); // //options.Lockout.MaxFailedAccessAttempts = 10; }); // Adds IdentityServer. services.AddIdentityServer() // The AddDeveloperSigningCredential extension creates temporary key material for signing tokens. // This might be useful to get started, but needs to be replaced by some persistent key material for production scenarios. // See http://docs.identityserver.io/en/release/topics/crypto.html#refcrypto for more information. .AddDeveloperSigningCredential() .AddInMemoryPersistedGrants() // To configure IdentityServer to use EntityFramework (EF) as the storage mechanism for configuration data (rather than using the in-memory implementations), // see https://identityserver4.readthedocs.io/en/release/quickstarts/8_entity_framework.html .AddInMemoryIdentityResources(IdentityServerConfig.GetIdentityResources()) .AddInMemoryApiResources(IdentityServerConfig.GetApiResources()) .AddInMemoryClients(IdentityServerConfig.GetClients()) .AddAspNetIdentity <ApplicationUser>() .AddProfileService <ProfileService>(); var applicationUrl = Configuration["ApplicationUrl"].TrimEnd('/'); services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme) .AddIdentityServerAuthentication(options => { options.Authority = applicationUrl; options.SupportedTokens = SupportedTokens.Jwt; options.RequireHttpsMetadata = false; // Note: Set to true in production options.ApiName = IdentityServerConfig.ApiName; }); services.AddAuthorization(options => { options.AddPolicy(Authorization.Policies.ViewAllUsersPolicy, policy => policy.RequireClaim(ClaimConstants.Permission, AppPermissions.ViewUsers)); options.AddPolicy(Authorization.Policies.ManageAllUsersPolicy, policy => policy.RequireClaim(ClaimConstants.Permission, AppPermissions.ManageUsers)); options.AddPolicy(Authorization.Policies.ViewAllRolesPolicy, policy => policy.RequireClaim(ClaimConstants.Permission, AppPermissions.ViewRoles)); options.AddPolicy(Authorization.Policies.ViewRoleByRoleNamePolicy, policy => policy.Requirements.Add(new ViewRoleAuthorizationRequirement())); options.AddPolicy(Authorization.Policies.ManageAllRolesPolicy, policy => policy.RequireClaim(ClaimConstants.Permission, AppPermissions.ManageRoles)); options.AddPolicy(Authorization.Policies.AssignAllowedRolesPolicy, policy => policy.Requirements.Add(new AssignRolesAuthorizationRequirement())); }); // Add cors services.AddCors(); // Add framework services. services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2); // The port to use for https redirection in production if (!_env.IsDevelopment() && !string.IsNullOrWhiteSpace(Configuration["HttpsRedirectionPort"])) { services.AddHttpsRedirection(options => { options.HttpsPort = int.Parse(Configuration["HttpsRedirectionPort"]); }); } // In production, the Angular files will be served from this directory services.AddSpaStaticFiles(configuration => { configuration.RootPath = "ClientApp/dist"; }); //Todo: ***Using DataAnnotations for validation until Swashbuckle supports FluentValidation*** //services.AddFluentValidation(fv => fv.RegisterValidatorsFromAssemblyContaining<Startup>()); //.AddJsonOptions(opts => //{ // opts.SerializerSettings.ContractResolver = new CamelCasePropertyNamesContractResolver(); //}); services.AddSwaggerGen(c => { c.SwaggerDoc("v1", new Info { Title = IdentityServerConfig.ApiFriendlyName, Version = "v1" }); c.OperationFilter <AuthorizeCheckOperationFilter>(); c.AddSecurityDefinition("oauth2", new OAuth2Scheme { Type = "oauth2", Flow = "password", TokenUrl = $"{applicationUrl}/connect/token", Scopes = new Dictionary <string, string>() { { IdentityServerConfig.ApiName, IdentityServerConfig.ApiFriendlyName } } }); }); Mapper.Initialize(cfg => { cfg.AddProfile <AutoMapperProfile>(); }); // Configurations services.Configure <AppSettings>(Configuration); // Business Services services.AddScoped <IEmailSender, EmailSender>(); // Repositories services.AddScoped <IUnitOfWork, HttpUnitOfWork>(); services.AddScoped <IAccountManager, AccountManager>(); // Auth Handlers services.AddSingleton <IAuthorizationHandler, ViewUserAuthorizationHandler>(); services.AddSingleton <IAuthorizationHandler, ManageUserAuthorizationHandler>(); services.AddSingleton <IAuthorizationHandler, ViewRoleAuthorizationHandler>(); services.AddSingleton <IAuthorizationHandler, AssignRolesAuthorizationHandler>(); // DB Creation and Seeding services.AddTransient <IDatabaseInitializer, DatabaseInitializer>(); }