private void ConfigureOwinPipeline(IAppBuilder app) { var startupLog = Log .ForContext("Startup", "App.Startup"); startupLog.Debug("Installing exception handler in OWIN pipeline"); app.Use(async (context, next) => { try { await next(); } catch (Exception exception) { Debugger.Break(); startupLog.Error(exception, "Unhandled exception"); } }); startupLog.Information("Starting application"); // install HTTPS auto-redirect + abrupt pipeline abortion middlewarez only when not running on dev boxes if (AppSettings.Environment != Env.Local) { startupLog.Debug("Instaling HTTPS enforcement middlewarez in OWIN pipeline"); app.AutomaticallyRedirectToHttps(); //app.RequireSsl(); } else { LevelSwitch.MinimumLevel = LogEventLevel.Verbose; } startupLog.Debug("Initializing (web) container"); WebContainer.Install( new WebApplicationServicesInstaller(), new ServiceInstaller(), new BlobStorageInstaller(), new WebApiControllerInstaller(), new AutoMapperInstaller() ); RegisterForDisposal(WebContainer, "Web container"); app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll); startupLog.Debug("Installing oauth in OWIN pipeline"); ConfigureOAuth(app); //ConfigureWebRequestCORS(app); startupLog.Debug("Installing Windsor scoping in OWIN pipeline"); ConfigureWebRequestScope(app); startupLog.Debug("Installing Web API in OWIN pipeline"); var config = new HttpConfiguration(); config.SuppressDefaultHostAuthentication(); config.Filters.Add(new HostAuthenticationFilter(OAuthDefaults.AuthenticationType)); config.Filters.Add(new HostAuthenticationFilter(DefaultAuthenticationTypes.ApplicationCookie)); //Enable CORS //var corsPolicy = ConfigureCors(app); config.EnableCors(); config.Services.Replace(typeof(IHttpControllerActivator), new WindsorCompositionRoot(WebContainer)); WebApiConfig.Register(config); SwaggerConfig.Register(config); app.UseWebApi(config); startupLog.Information("Application started!"); }