protected override void ConfigureIdentityServer()
{
IdentityServerBuilder
.AddDeveloperSigningCredential()
.AddTestUsersIfConfigured(HostingOptions)
.AddCorsPolicyService <CorsPolicyService>()
.AddResourceStore <InMemoryResourceStore>()
.AddClientStore <InMemoryClientManagementStore>();
}
public void AddDeveloperSigningCredential_should_succeed_when_called_multiple_times()
{
IServiceCollection services = new ServiceCollection();
IIdentityServerBuilder identityServerBuilder = new IdentityServerBuilder(services);
try
{
identityServerBuilder.AddDeveloperSigningCredential();
//calling a second time will try to load the saved rsa key from disk. An exception will be throw if the private key is not serialized properly.
identityServerBuilder.AddDeveloperSigningCredential();
}
finally
{
//clean up... delete stored rsa key
var filename = Path.Combine(Directory.GetCurrentDirectory(), "tempkey.rsa");
if (File.Exists(filename))
{
File.Delete(filename);
}
}
}
public void AddDeveloperSigningCredential_should_succeed()
{
IServiceCollection services = new ServiceCollection();
IIdentityServerBuilder identityServerBuilder = new IdentityServerBuilder(services);
identityServerBuilder.AddDeveloperSigningCredential();
//clean up... delete stored rsa key
var filename = Path.Combine(Directory.GetCurrentDirectory(), "tempkey.rsa");
if (File.Exists(filename))
{
File.Delete(filename);
}
}
private static IServiceCollection AddIdentityServer(
this IServiceCollection services,
Core.IdentityServerOptions identityServerOptions,
bool isDevelopment,
Action <IdentityServer4.Configuration.IdentityServerOptions> identityServerOptionsAction,
Action <ConfigurationStoreOptions> configurationStoreOptionsAction,
Action <OperationalStoreOptions> operationalStoreOptionsAction,
Action <IdentityOptions> identityOptionsAction,
Action <AspNetCore.Authentication.AuthenticationOptions> authenticationOptionsAction,
Action <IdentityServerAuthenticationOptions> identityServerAuthenticationOptionsAction,
Action <FacebookOptions> facebookOptionsAction)
{
DefaultInboundClaimTypeMap.Clear();
DefaultOutboundClaimTypeMap.Clear();
var builder = new IdentityServerBuilder(services);
identityServerOptionsAction = identityServerOptionsAction ?? (_ =>
{
});
builder.Services.Configure <SecurityStampValidatorOptions>(opts =>
{
opts.OnRefreshingPrincipal = UpdatePrincipal;
});
builder.Services.ConfigureApplicationCookie(options =>
{
options.Cookie.IsEssential = true;
options.Cookie.SameSite = None;
});
builder.Services.ConfigureExternalCookie(options =>
{
options.Cookie.IsEssential = true;
options.Cookie.SameSite = None;
});
builder.Services.Configure <CookieAuthenticationOptions>(TwoFactorRememberMeScheme, options =>
{
options.Cookie.IsEssential = true;
});
builder.Services.Configure <CookieAuthenticationOptions>(TwoFactorUserIdScheme, options =>
{
options.Cookie.IsEssential = true;
});
builder.Services.Configure(identityServerOptionsAction);
builder.Services.AddIdentityServer();
if (identityServerOptions.UseEntityFramework)
{
builder.Services.AddEntityFramework(configurationStoreOptionsAction, operationalStoreOptionsAction);
builder.AddConfigurationStore <IdentityServerDbContext>(configurationStoreOptionsAction);
builder.AddOperationalStore <IdentityServerDbContext>(operationalStoreOptionsAction);
}
if (identityServerOptions.UseIdentity)
{
builder.Services.AddIdentity(identityServerOptions, identityOptionsAction);
builder.AddAspNetIdentity <User>();
}
if (identityServerOptions.UseAuthentication)
{
builder.Services.AddAuthentication(
identityServerOptions,
authenticationOptionsAction,
identityServerAuthenticationOptionsAction,
facebookOptionsAction);
}
if (isDevelopment)
{
builder.AddDeveloperSigningCredential();
}
else
{
if (!IsNullOrWhiteSpace(identityServerOptions.SigningCredential))
{
var rawData = FromBase64String(identityServerOptions.SigningCredential);
var cert = new X509Certificate2(rawData, default(string), MachineKeySet);
builder.AddSigningCredential(cert);
}
if (!IsNullOrWhiteSpace(identityServerOptions.ValidationKey))
{
var rawData = FromBase64String(identityServerOptions.ValidationKey);
var cert = new X509Certificate2(rawData, default(string), MachineKeySet);
builder.AddValidationKey(cert);
}
builder.AddConfigurationStoreCache();
}
return(builder.Services);
}