public static void UseIdentityManager(this IAppBuilder app, IdentityManagerOptions options) { if (app == null) throw new ArgumentNullException("app"); if (options == null) throw new ArgumentNullException("config"); app.SetLoggerFactory(new LibLogLoggerFactory()); Logger.Info("Starting IdentityManager configuration"); options.Validate(); app.Use(async (ctx, next) => { if (!ctx.Request.Scheme.Equals("https", StringComparison.OrdinalIgnoreCase) && options.SecurityConfiguration.RequireSsl) { ctx.Response.Write("HTTPS required"); } else { await next(); } }); var container = AutofacConfig.Configure(options); app.Use<AutofacContainerMiddleware>(container); options.SecurityConfiguration.Configure(app); if (!options.DisableUserInterface) { app.UseFileServer(new FileServerOptions { RequestPath = new PathString("/assets"), FileSystem = new EmbeddedResourceFileSystem(typeof(IdentityManagerAppBuilderExtensions).Assembly, "IdentityManager.Assets") }); app.UseFileServer(new FileServerOptions { RequestPath = new PathString("/assets/libs/fonts"), FileSystem = new EmbeddedResourceFileSystem(typeof(IdentityManagerAppBuilderExtensions).Assembly, "IdentityManager.Assets.Content.fonts") }); app.UseStageMarker(PipelineStage.MapHandler); } SignatureConversions.AddConversions(app); app.UseWebApi(WebApiConfig.Configure(options)); app.UseStageMarker(PipelineStage.MapHandler); // clears out the OWIN logger factory so we don't recieve other hosting related logs app.Properties["server.LoggerFactory"] = null; }
public static void UseIdentityManager(this IAppBuilder app, IdentityManagerOptions options) { if (app == null) throw new ArgumentNullException("app"); if (options == null) throw new ArgumentNullException("config"); options.Validate(); JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary<string, string>(); var container = AutofacConfig.Configure(options); app.Use<AutofacContainerMiddleware>(container); if (options.SecurityMode == SecurityMode.LocalMachine) { var local = new LocalAuthenticationOptions(options.AdminRoleName); app.Use<LocalAuthenticationMiddleware>(local); } else if (options.SecurityMode == SecurityMode.OAuth2) { var jwtParams = new System.IdentityModel.Tokens.TokenValidationParameters { NameClaimType = options.OAuth2Configuration.NameClaimType, RoleClaimType = options.OAuth2Configuration.RoleClaimType, ValidAudience = options.OAuth2Configuration.Audience, ValidIssuer = options.OAuth2Configuration.Issuer, }; if (options.OAuth2Configuration.SigningCert != null) { jwtParams.IssuerSigningToken = new X509SecurityToken(options.OAuth2Configuration.SigningCert); } else { var bytes = Convert.FromBase64String(options.OAuth2Configuration.SigningKey); jwtParams.IssuerSigningToken = new BinarySecretSecurityToken(bytes); } app.UseJwtBearerAuthentication(new JwtBearerAuthenticationOptions { TokenValidationParameters = jwtParams }); app.RequireScopes(new ScopeValidationOptions { AllowAnonymousAccess = true, Scopes = new string[] { options.OAuth2Configuration.Scope } }); if (options.OAuth2Configuration.ClaimsTransformation != null) { app.Use(async (ctx, next) => { var user = ctx.Authentication.User; if (user != null) { user = options.OAuth2Configuration.ClaimsTransformation(user); ctx.Authentication.User = user; } await next(); }); } } if (!options.DisableUserInterface) { app.UseFileServer(new FileServerOptions { RequestPath = new PathString("/assets"), FileSystem = new EmbeddedResourceFileSystem(typeof(IdentityManagerAppBuilderExtensions).Assembly, "IdentityManager.Assets") }); app.UseFileServer(new FileServerOptions { RequestPath = new PathString("/assets/libs/fonts"), FileSystem = new EmbeddedResourceFileSystem(typeof(IdentityManagerAppBuilderExtensions).Assembly, "IdentityManager.Assets.Content.fonts") }); app.UseStageMarker(PipelineStage.MapHandler); } SignatureConversions.AddConversions(app); app.UseWebApi(WebApiConfig.Configure(options)); app.UseStageMarker(PipelineStage.MapHandler); }