public void Configure(IApplicationBuilder app) { var settings = app.ApplicationServices.GetService<IOptions<AppSettings>>(); LogProvider.SetCurrentLogProvider(new DiagnosticsTraceLogProvider()); app.Map("/core", core => { var factory = InMemoryFactory.Create( users: Users.Get(), clients: Clients.Get(), scopes: Scopes.Get()); var cors = new DefaultCorsPolicyService { AllowAll = true }; factory.CorsPolicyService = new Registration<ICorsPolicyService>(cors); var idsrvOptions = new IdentityServerOptions { LoggingOptions = new LoggingOptions { IncludeSensitiveDataInLogs = true, //WebApiDiagnosticsIsVerbose = true, //EnableWebApiDiagnostics = true }, IssuerUri = settings.Options.IssuerUrl, SiteName = settings.Options.SiteTitle, Factory = factory, SigningCertificate = Certificate.Get(), RequireSsl = false, AuthenticationOptions = new AuthenticationOptions { } }; core.UseIdentityServer(idsrvOptions); }); app.Map("/api", api => { api.UseOAuthBearerAuthentication(options => { options.Authority = settings.Options.AuthorizationUrl; options.MetadataAddress = settings.Options.AuthorizationUrl + "/.well-known/openid-configuration"; options.TokenValidationParameters.ValidAudience = settings.Options.BaseUrl + "/resources"; }); // for web api api.UseMvc(); }); }
public void Configuration(IAppBuilder app) { // For more information on how to configure your application, visit http://go.microsoft.com/fwlink/?LinkID=316888 app.Map("/identity", idsrvApp => { var corsPolicyService = new DefaultCorsPolicyService() //TODO FAVIO -> use other policy that is included in the "End" folder, because the one used here accepts any origin (not just our angular app) { AllowAll = true }; var idServerServiceFactory = new IdentityServerServiceFactory() .UseInMemoryClients(Clients.Get()) .UseInMemoryScopes(Scopes.Get()) .UseInMemoryUsers(Users.Get()); idServerServiceFactory.CorsPolicyService = new Registration<IdentityServer3.Core.Services.ICorsPolicyService>(corsPolicyService); var options = new IdentityServerOptions { Factory = idServerServiceFactory, SiteName = "TripCompany Security Token service", IssuerUri = TripGallery.Constants.TripGalleryIssuerUri, PublicOrigin = TripGallery.Constants.TripGallerySTSOrigin , SigningCertificate = LoadCertificate() }; idsrvApp.UseIdentityServer(options); } ); }
public void Configuration(IAppBuilder app) { app.Map("/identity", idsrvApp => { var corsPolicyService = new DefaultCorsPolicyService() { AllowAll = true }; var factory = new IdentityServerServiceFactory() .UseInMemoryUsers(Users.Get()) .UseInMemoryClients(Clients.Get()) .UseInMemoryScopes(Scopes.Get()); factory.CorsPolicyService = new Registration<IdentityServer3.Core.Services.ICorsPolicyService>(corsPolicyService); idsrvApp.UseIdentityServer(new IdentityServerOptions { SiteName = "Embedded IdentityServer", SigningCertificate = LoadCertificate(), Factory = factory }); }); app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = "Cookies" }); app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions { Authority = "https://localhost:44300/identity", Scope = "openid profile roles", ClientId = "mvc", RedirectUri = "https://localhost:44300/", ResponseType = "id_token", SignInAsAuthenticationType = "Cookies" }); }
public void Configuration(IAppBuilder app) { //Identity Server Config app.Map("/oauth", idApp => { var cors = new DefaultCorsPolicyService() {AllowAll = true}; var factory = new IdentityServerServiceFactory() { CorsPolicyService = new Registration<ICorsPolicyService>(cors) } .UseInMemoryUsers(Users.Get()) .UseInMemoryClients(Clients.Get()) .UseInMemoryScopes(StandardScopes.All); idApp.UseIdentityServer(new IdentityServerOptions { SiteName = "", Factory = factory, RequireSsl = true, EnableWelcomePage = true, SigningCertificate = LoadCertificate() }); }); }
public DefaultCorsPolicyServiceTests() { subject = new DefaultCorsPolicyService(); }