override public async Task SeedAsync()
        {
            await base.SeedAsync().ConfigureAwait(false);

            await _persistedGrantContext.Database.MigrateAsync().ConfigureAwait(false);

            await _configurationContext.Database.MigrateAsync().ConfigureAwait(false);

            if (!await _configurationContext.Clients.AnyAsync())
            {
                _logger.LogInformation("Seeding IdentityServer Clients");
                foreach (var client in IdentityServerConfig.GetClients())
                {
                    _configurationContext.Clients.Add(client.ToEntity());
                }
                _configurationContext.SaveChanges();
            }
            if (!await _configurationContext.IdentityResources.AnyAsync())
            {
                _logger.LogInformation("Seeding IdentityServer Identity Resources");
                foreach (var resource in IdentityServerConfig.GetIdentityResources())
                {
                    _configurationContext.IdentityResources.Add(resource.ToEntity());
                }
                _configurationContext.SaveChanges();
            }
            if (!await _configurationContext.ApiResources.AnyAsync())
            {
                _logger.LogInformation("Seeding IdentityServer API Resources");
                foreach (var resource in IdentityServerConfig.GetApiResources())
                {
                    _configurationContext.ApiResources.Add(resource.ToEntity());
                }
                _configurationContext.SaveChanges();
            }
        }
예제 #2
0
        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddDbContext <ApplicationDbContext>(options =>
                                                         options.UseSqlServer(Configuration["ConnectionStrings:DefaultConnection"], b => b.MigrationsAssembly("QuickApp.Pro")));

            // add identity
            services.AddIdentity <ApplicationUser, ApplicationRole>()
            .AddEntityFrameworkStores <ApplicationDbContext>()
            .AddDefaultTokenProviders();

            // Configure Identity options and password complexity here
            services.Configure <IdentityOptions>(options =>
            {
                // User settings
                options.User.RequireUniqueEmail = true;

                //    //// Password settings
                //    //options.Password.RequireDigit = true;
                //    //options.Password.RequiredLength = 8;
                //    //options.Password.RequireNonAlphanumeric = false;
                //    //options.Password.RequireUppercase = true;
                //    //options.Password.RequireLowercase = false;

                //    //// Lockout settings
                //    //options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(30);
                //    //options.Lockout.MaxFailedAccessAttempts = 10;
            });


            // Adds IdentityServer.
            services.AddIdentityServer()
            // The AddDeveloperSigningCredential extension creates temporary key material for signing tokens.
            // This might be useful to get started, but needs to be replaced by some persistent key material for production scenarios.
            // See http://docs.identityserver.io/en/release/topics/crypto.html#refcrypto for more information.
            .AddDeveloperSigningCredential()
            .AddInMemoryPersistedGrants()
            // To configure IdentityServer to use EntityFramework (EF) as the storage mechanism for configuration data (rather than using the in-memory implementations),
            // see https://identityserver4.readthedocs.io/en/release/quickstarts/8_entity_framework.html
            .AddInMemoryIdentityResources(IdentityServerConfig.GetIdentityResources())
            .AddInMemoryApiResources(IdentityServerConfig.GetApiResources())
            .AddInMemoryClients(IdentityServerConfig.GetClients())
            .AddAspNetIdentity <ApplicationUser>()
            .AddProfileService <ProfileService>();


            var applicationUrl = Configuration["ApplicationUrl"].TrimEnd('/');

            services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
            .AddIdentityServerAuthentication(options =>
            {
                options.Authority            = applicationUrl;
                options.SupportedTokens      = SupportedTokens.Jwt;
                options.RequireHttpsMetadata = false;     // Note: Set to true in production
                options.ApiName = IdentityServerConfig.ApiName;
            });


            services.AddAuthorization(options =>
            {
                options.AddPolicy(Authorization.Policies.ViewAllUsersPolicy, policy => policy.RequireClaim(ClaimConstants.Permission, AppPermissions.ViewUsers));
                options.AddPolicy(Authorization.Policies.ManageAllUsersPolicy, policy => policy.RequireClaim(ClaimConstants.Permission, AppPermissions.ManageUsers));

                options.AddPolicy(Authorization.Policies.ViewAllRolesPolicy, policy => policy.RequireClaim(ClaimConstants.Permission, AppPermissions.ViewRoles));
                options.AddPolicy(Authorization.Policies.ViewRoleByRoleNamePolicy, policy => policy.Requirements.Add(new ViewRoleAuthorizationRequirement()));
                options.AddPolicy(Authorization.Policies.ManageAllRolesPolicy, policy => policy.RequireClaim(ClaimConstants.Permission, AppPermissions.ManageRoles));

                options.AddPolicy(Authorization.Policies.AssignAllowedRolesPolicy, policy => policy.Requirements.Add(new AssignRolesAuthorizationRequirement()));
            });


            // Add cors
            services.AddCors();

            // Add framework services.
            services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);


            // In production, the Angular files will be served from this directory
            services.AddSpaStaticFiles(configuration =>
            {
                configuration.RootPath = "ClientApp/dist";
            });


            //Todo: ***Using DataAnnotations for validation until Swashbuckle supports FluentValidation***
            //services.AddFluentValidation(fv => fv.RegisterValidatorsFromAssemblyContaining<Startup>());


            //.AddJsonOptions(opts =>
            //{
            //    opts.SerializerSettings.ContractResolver = new CamelCasePropertyNamesContractResolver();
            //});


            services.AddSwaggerGen(c =>
            {
                c.SwaggerDoc("v1", new Info {
                    Title = IdentityServerConfig.ApiFriendlyName, Version = "v1"
                });
                c.OperationFilter <AuthorizeCheckOperationFilter>();
                c.AddSecurityDefinition("oauth2", new OAuth2Scheme
                {
                    Type     = "oauth2",
                    Flow     = "password",
                    TokenUrl = $"{applicationUrl}/connect/token",
                    Scopes   = new Dictionary <string, string>()
                    {
                        { IdentityServerConfig.ApiName, IdentityServerConfig.ApiFriendlyName }
                    }
                });
            });


            Mapper.Initialize(cfg =>
            {
                cfg.AddProfile <AutoMapperProfile>();
            });


            // Configurations
            services.Configure <SmtpConfig>(Configuration.GetSection("SmtpConfig"));


            // Business Services
            services.AddScoped <IEmailSender, EmailSender>();


            // Repositories
            services.AddScoped <IUnitOfWork, HttpUnitOfWork>();
            services.AddScoped <IAccountManager, AccountManager>();

            // Auth Handlers
            services.AddSingleton <IAuthorizationHandler, ViewUserAuthorizationHandler>();
            services.AddSingleton <IAuthorizationHandler, ManageUserAuthorizationHandler>();
            services.AddSingleton <IAuthorizationHandler, ViewRoleAuthorizationHandler>();
            services.AddSingleton <IAuthorizationHandler, AssignRolesAuthorizationHandler>();

            // DB Creation and Seeding
            services.AddTransient <IDatabaseInitializer, DatabaseInitializer>();
        }