public static IServiceCollection AddPersistenceTier(this IServiceCollection services, IConfiguration configuration)
{
var efPersistenceBuilder = IdentityEFPersistenceBuilder.Build(configuration);
services
.AddDbContext <IdentityDBContext>(efPersistenceBuilder.ConfigurePersistence)
.AddIdentity <IdentityAppUser, ApplicationRole>(options =>
{
// Password settings.
options.Password.RequireDigit = true;
options.Password.RequireLowercase = true;
options.Password.RequireNonAlphanumeric = false;
options.Password.RequireUppercase = true;
options.Password.RequiredLength = 6;
options.Password.RequiredUniqueChars = 0;
// Lockout settings.
options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(5);
options.Lockout.MaxFailedAccessAttempts = 5;
options.Lockout.AllowedForNewUsers = true;
// User settings.
options.User.AllowedUserNameCharacters =
"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-._@+";
options.User.RequireUniqueEmail = true;
options.Tokens.AuthenticatorTokenProvider = TokenOptions.DefaultAuthenticatorProvider;
options.SignIn.RequireConfirmedEmail = false;
})
.AddEntityFrameworkStores <IdentityDBContext>()
.AddDefaultTokenProviders();
return(services);
}
public void ConfigureServices(IServiceCollection services)
{
var efPersistenceBuilder = IdentityEFPersistenceBuilder.Build(Configuration);
services
.AddPersistenceTier(Configuration)
.AddControllersWithViews();
services.AddCors(options =>
{
options.AddPolicy("AllOrigins", builder =>
{
builder
.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader();
});
});
services
.AddRazorPages()
.AddRazorPagesOptions(options =>
{
options.Conventions.AuthorizeAreaFolder("Identity", "/Account/Manage");
}); /*https://docs.microsoft.com/en-us/aspnet/core/security/authorization/razor-pages-authorization?view=aspnetcore-3.1 */
var builder = services.AddIdentityServer(options =>
{
options.Events.RaiseErrorEvents = true;
options.Events.RaiseInformationEvents = true;
options.Events.RaiseFailureEvents = true;
options.Events.RaiseSuccessEvents = true;
options.EmitStaticAudienceClaim = true; // see https://identityserver4.readthedocs.io/en/latest/topics/resources.html
options.UserInteraction.LoginUrl = "/Account/Login";
options.UserInteraction.LogoutUrl = "/Account/Logout";
options.UserInteraction.ErrorUrl = "/Home/Error";
options.Authentication = new AuthenticationOptions()
{
CookieLifetime = TimeSpan.FromHours(10), // ID server cookie timeout set to 10 hours
CookieSlidingExpiration = true
};
})
.AddConfigurationStore <ConfigurationDBContext>(efPersistenceBuilder.ConfigureGrantsStore)
.AddOperationalStore <PersistedGrantDBContext>(efPersistenceBuilder.ConfigureOperationalStore)
.AddAspNetIdentity <Model.Entities.IdentityAppUser>();
// not recommended for production - you need to store your key material somewhere secure
services
.AddIf(_settings.IsDevelopment, _ => builder.AddDeveloperSigningCredential().Services)
.AddIf(_settings.IsDevelopment, sv => sv.AddDatabaseDeveloperPageExceptionFilter());
services.AddAuthentication()
.AddGoogle("Google", options =>
{
options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
options.ClientId = "<insert here>";
options.ClientSecret = "<insert here>";
})
.AddOpenIdConnect("oidc", "Demo IdentityServer", options =>
{
options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
options.SignOutScheme = IdentityServerConstants.SignoutScheme;
options.SaveTokens = true;
options.Authority = "https://demo.identityserver.io/";
options.ClientId = "interactive.confidential";
options.ClientSecret = "secret";
options.ResponseType = "code";
options.TokenValidationParameters = new TokenValidationParameters
{
NameClaimType = "name",
RoleClaimType = "role"
};
});
services.AddLocalApiAuthentication();
services.AddTransient <IEmailSender, EmailSenderClient>();
services.AddScoped <IProfileService, ProfileService>();
services.AddScoped <IUserService, UserService>();
services.AddScoped <IRoleService, RoleService>();
services.AddScoped <ISettingsService, SettingsService>();
services.AddScoped <IAuthService, AuthService>();
services.AddScoped <IContextProvider, ContextProvider>();
}