private void ConfigureAuthorizerHttpClient(IServiceCollection services, HttpClient client, AuthorizerSetting settings, CorsSetting corsSettings) { // access the DI container var serviceProvider = services.BuildServiceProvider(); // Find the HttpContextAccessor service var httpContextAccessor = serviceProvider.GetService <IHttpContextAccessor>(); // Get the bearer token from the request context (header) string bearerToken = null; bearerToken = httpContextAccessor.HttpContext.Request .Headers["Authorization"] .FirstOrDefault(h => h.StartsWith("bearer ", StringComparison.InvariantCultureIgnoreCase)); // Add authorization if found if (bearerToken != null) { client.DefaultRequestHeaders.Add("Authorization", bearerToken); } // Add origin header if (corsSettings != null && corsSettings.AllowedOrigins.Length > 0) { client.DefaultRequestHeaders.Add("Origin", $"{httpContextAccessor.HttpContext.Request.Scheme}://{httpContextAccessor.HttpContext.Request.Host.Value}"); } //Other Settings client.BaseAddress = new Uri($"{settings.Authority}/"); client.DefaultRequestHeaders.Add("Accept", "application/x-www-form-urlencoded"); }
public void InstallServices(IServiceCollection services, IConfiguration configuration) { //Set the AppSettings information var appSettingValues = new AppSettings(); var emailSettingValues = new EmailSetting(); configuration.GetSection(nameof(AppSettings)).Bind(appSettingValues); configuration.GetSection(nameof(EmailSetting)).Bind(emailSettingValues); services.AddSingleton <AppSettings>(appSettingValues); services.AddSingleton <EmailSetting>(emailSettingValues); var authorizerSetting = new AuthorizerSetting(); configuration.GetSection("Authorizer").Bind(authorizerSetting); if (!services.Any(x => x.ServiceType == typeof(AuthorizerSetting))) { services.AddSingleton(authorizerSetting); } //Handlers and Resources services.AddSingleton <IMessagesResourceHandler, MessagesResourceHandler>(); services.AddSingleton <IMessageHandler, MessageHandler>(); // Add application services. services.AddTransient <ISMTPEmailSender, SMTPEmailSender>(); services.AddTransient <IRequestProvider, RequestProvider>(); //User Profile services.AddScoped <IUserProfile, UserProfile>(); }
public void InstallServices(IServiceCollection services, IConfiguration configuration) { var authorizerSetting = new AuthorizerSetting(); configuration.GetSection("Authorizer").Bind(authorizerSetting); if (!services.Any(x => x.ServiceType == typeof(AuthorizerSetting))) { services.AddSingleton(authorizerSetting); } var corsSetting = new CorsSetting(); configuration.GetSection(nameof(CorsSetting)).Bind(corsSetting); if (!services.Any(x => x.ServiceType == typeof(CorsSetting))) { services.AddSingleton(corsSetting); } // http client services services.AddHttpClient("authorizer", c => { ConfigureAuthorizerHttpClient(services, c, authorizerSetting, corsSetting); }); }
public void InstallServices(IServiceCollection services, IConfiguration configuration) { var authorizerSetting = new AuthorizerSetting(); configuration.GetSection("Authorizer").Bind(authorizerSetting); if (!services.Any(x => x.ServiceType == typeof(AuthorizerSetting))) { services.AddSingleton(authorizerSetting); } //Antiforgery Setup services.AddAntiforgery(options => options.HeaderName = "X-CSRF-TOKEN"); //Add Culture var cultureInfo = new CultureInfo("es-PR"); CultureInfo.DefaultThreadCurrentCulture = cultureInfo; CultureInfo.DefaultThreadCurrentUICulture = cultureInfo; services.AddControllers(); services.AddOptions(); services.AddDistributedMemoryCache(); //Authentication services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme) .AddIdentityServerAuthentication(options => { options.Authority = authorizerSetting.Authority; options.ApiName = authorizerSetting.ApiName; options.ApiSecret = authorizerSetting.ApiSecret; options.EnableCaching = true; options.CacheDuration = TimeSpan.FromMinutes(authorizerSetting.CacheDuration); options.SupportedTokens = SupportedTokens.Jwt; options.RequireHttpsMetadata = false; }); services.AddMvcCore(options => { var policy = ScopePolicy.Create("mipeapi.fullaccess"); options.Filters.Add(new AuthorizeFilter(policy)); }) .AddAuthorization() .AddApiExplorer(); }
public void InstallServices(IServiceCollection services, IConfiguration configuration) { var authorizerSetting = new AuthorizerSetting(); configuration.GetSection("Authorizer").Bind(authorizerSetting); if (!services.Any(x => x.ServiceType == typeof(AuthorizerSetting))) { services.AddSingleton(authorizerSetting); } //Antiforgery Setup services.AddAntiforgery(options => options.HeaderName = "X-CSRF-TOKEN"); //Add Culture var cultureInfo = new CultureInfo("es-DO"); CultureInfo.DefaultThreadCurrentCulture = cultureInfo; CultureInfo.DefaultThreadCurrentUICulture = cultureInfo; services.AddControllers(); services.AddOptions(); services.AddDistributedMemoryCache(); //Authentication services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme) .AddIdentityServerAuthentication(options => { options.Authority = authorizerSetting.Authority; options.ApiName = authorizerSetting.ApiName; options.ApiSecret = authorizerSetting.ApiSecret; options.EnableCaching = true; options.CacheDuration = TimeSpan.FromMinutes(authorizerSetting.CacheDuration); options.SupportedTokens = SupportedTokens.Jwt; options.RequireHttpsMetadata = false; options.JwtBearerEvents.OnTokenValidated = async(context) => { var identity = context.Principal.Identity as ClaimsIdentity; var currentUsernameClaim = identity.Claims.FirstOrDefault(x => x.Type == "name"); if (currentUsernameClaim == null) { return; } // load user specific data from database (read cache too) var cacheService = context.HttpContext.RequestServices.GetRequiredService <ICacheService>(); var claims = await cacheService.GetCachedAsync("SF_" + currentUsernameClaim.Value, async() => { //var profileService = context.HttpContext.RequestServices.GetRequiredService<IProfileService>(); var profileClaims = new List <Claim>(); // TODO: Set the user profile claims here return(profileClaims); }); // add claims to the identity identity.AddClaims(claims); }; }); services.AddMvcCore(options => { var policy = ScopePolicy.Create("myboilerplate.fullaccess"); options.Filters.Add(new AuthorizeFilter(policy)); }) .AddAuthorization(options => { options.AddPolicy("ApiScope", policy => { policy.RequireAuthenticatedUser(); policy.RequireClaim("scope", "myboilerplateapi"); }); options.AddPolicy("ClientApplicationAccess", policy => { policy.Requirements.Add(new ClientApplicationAccessRequirement()); }); }) .AddApiExplorer(); // Handler that validates Client Access services.AddScoped <IAuthorizationHandler, ClientApplicationAccessAuthorizationHandler>(); }