protected async Task BaseInitializeAsync(AuthenticationOptions options, HttpContext context)
{
_baseOptions = options;
Context = context;
RequestPathBase = Request.PathBase;
RegisterAuthenticationHandler();
Response.OnSendingHeaders(OnSendingHeaderCallback, this);
await InitializeCoreAsync();
if (BaseOptions.AuthenticationMode == AuthenticationMode.Active)
{
AuthenticationTicket ticket = await AuthenticateAsync();
if (ticket != null && ticket.Identity != null)
{
SecurityHelper.AddUserIdentity(Context, ticket.Identity);
}
}
}
protected async Task BaseInitialize(AuthenticationOptions options, OwinRequest request, OwinResponse response)
{
_baseOptions = options;
Request = request;
Response = response;
Helper = new SecurityHelper(request);
RequestPathBase = Request.PathBase;
_registration = Request.RegisterAuthenticationHandler(this);
Request.OnSendingHeaders(state => ((AuthenticationHandler)state).ApplyResponse().Wait(), this);
await InitializeCore();
if (BaseOptions.AuthenticationMode == AuthenticationMode.Active)
{
AuthenticationTicket ticket = await Authenticate();
if (ticket != null && ticket.Identity != null)
{
Helper.AddUserIdentity(ticket.Identity);
}
}
}
private static void GetAuthenticationOptions(AuthenticationOptions options)
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}
private async Task AfterInitialAuthDialog(
IDialogContext authContext,
IAwaitable <AuthResult> awaitableAuthResult)
{
try
{
SD.Trace.TraceInformation("AppAuthDialog::AfterInitialAuthDialog");
AuthResult authResult = await awaitableAuthResult;
Activity activity = authContext.ConversationData.GetValue <Activity>("Activity");
// return our reply to the user for debugging purposes
if (displayAuthMessages)
{
int length = (activity.Text ?? string.Empty).Length;
await authContext.PostAsync($"We see you sent {activity.Text} which was {length} characters");
}
if (authResult == null)
{
await authContext.PostAsync("You didn't log in.");
authContext.Done(true);
return;
}
else
{
if (displayAuthMessages)
{
await authContext.PostAsync($"Token: {authResult.AccessToken}");
}
}
// Use token to call into service
JObject json = await new HttpClient().GetWithAuthAsync(
authResult.AccessToken, GraphUrl);
// Two items to test
// A -- Access Token Expires, do JUST [Part 1] Below
// B -- Access Token Expires AND refresh fails, do [Part 1], [Part 2], and [Part 3].
//
// To test auth expiration null out json variable (uncomment next line) [Part 1]
// json = null;
if (json == null)
{
var authProvider = new MSALAuthProvider();
AuthenticationOptions options =
authContext.UserData.GetValue <AuthenticationOptions>(
$"{authProvider.Name}{ContextConstants.AuthOptions}");
SD.Trace.TraceInformation("Attempting to refresh with token.");
if (displayAuthMessages)
{
await authContext.PostAsync($"Attempting to refresh with token: {authResult.RefreshToken}");
}
// To test auth expiration comment out next line [Part 2]
authResult = await authProvider.GetAccessToken(options, authContext);
// To test auth expiration uncomment out next two lines [Part 3]
// authResult = null;
// await authProvider.Logout(options, authContext);
if (authResult != null)
{
SD.Trace.TraceInformation("Token Refresh Succeeded.");
if (displayAuthMessages)
{
await authContext.PostAsync($"Token Refresh Succeeded. New Token: {authResult.AccessToken}");
}
json = await new HttpClient().GetWithAuthAsync(
authResult.AccessToken, "https://graph.microsoft.com/v1.0/me");
}
else
{
SD.Trace.TraceInformation("Token Refresh Failed. Trying full login.");
if (displayAuthMessages)
{
await authContext.PostAsync("Token Refresh Failed. Trying full login.");
}
await authContext.Forward(
new BotAuth.Dialogs.AuthDialog(new MSALAuthProvider(), options),
this.AfterInitialAuthDialog,
activity,
CancellationToken.None);
return;
}
}
SD.Trace.TraceInformation("Getting user data post auth.");
string userName = json.Value <string>("displayName");
string userEmail = json.Value <string>("userPrincipalName");
if (displayAuthMessages)
{
await authContext.PostAsync($"I now know your name is {userName} " +
$"and your UPN is {userEmail}");
}
MeetingRequestInput meetingData = authContext.ConversationData.GetValue <MeetingRequestInput>(MeetingDataKey);
meetingData.OrganizerName = userName;
meetingData.OrganizerEmail = userEmail;
authContext.ConversationData.SetValue(MeetingDataKey, meetingData);
authContext.PrivateConversationData.SetValue(AccessTokenDataKey, authResult.AccessToken);
SD.Trace.TraceInformation("Post Auth Hand Off to CreateMeetingRequestDialog.");
authContext.Call(new CreateMeetingRequestDialog(), this.ResumeAfterMeetingDialog);
}
catch (Exception ex)
{
string fullError = ex.ToString();
SD.Trace.TraceError(fullError);
await authContext.PostAsync(fullError);
}
}
private static void AuthenticationOptionsConfigure(AuthenticationOptions opts)
{
opts.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
opts.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
opts.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}
/// <summary>
/// This method gets called by the runtime. Use this method to add services to the container.
/// </summary>
/// <param name="services">IServiceCollection instance.</param>
public void ConfigureServices(IServiceCollection services)
{
// Add all options set from configuration values.
services.AddOptions <AuthenticationOptions>()
.Configure <IConfiguration>((authenticationOptions, configuration) =>
{
Startup.FillAuthenticationOptionsProperties(authenticationOptions, configuration);
});
services.AddOptions <BotOptions>()
.Configure <IConfiguration>((botOptions, configuration) =>
{
botOptions.MicrosoftAppId = configuration.GetValue <string>("MicrosoftAppId");
botOptions.MicrosoftAppPassword = configuration.GetValue <string>("MicrosoftAppPassword");
});
services.AddOptions <BotFilterMiddlewareOptions>()
.Configure <IConfiguration>((botFilterMiddlewareOptions, configuration) =>
{
botFilterMiddlewareOptions.DisableTenantFilter =
configuration.GetValue <bool>("DisableTenantFilter", false);
botFilterMiddlewareOptions.AllowedTenants =
configuration.GetValue <string>("AllowedTenants");
});
services.AddOptions <RepositoryOptions>()
.Configure <IConfiguration>((repositoryOptions, configuration) =>
{
repositoryOptions.StorageAccountConnectionString =
configuration.GetValue <string>("StorageAccountConnectionString");
// Setting this to false because the main application should ensure that all
// tables exist.
repositoryOptions.IsItExpectedThatTableAlreadyExists = false;
});
services.AddOptions <MessageQueueOptions>()
.Configure <IConfiguration>((messageQueueOptions, configuration) =>
{
messageQueueOptions.ServiceBusConnection =
configuration.GetValue <string>("ServiceBusConnection");
});
services.AddOptions <DataQueueMessageOptions>()
.Configure <IConfiguration>((dataQueueMessageOptions, configuration) =>
{
dataQueueMessageOptions.ForceCompleteMessageDelayInSeconds =
configuration.GetValue <double>("ForceCompleteMessageDelayInSeconds", 86400);
});
services.AddOptions();
// Add localization services.
services.AddLocalization();
// Add authentication services.
AuthenticationOptions authenticationOptionsParameter = new AuthenticationOptions();
Startup.FillAuthenticationOptionsProperties(authenticationOptionsParameter, this.Configuration);
services.AddAuthentication(this.Configuration, authenticationOptionsParameter);
services.AddControllersWithViews();
// Setup SPA static files.
// In production, the React files will be served from this directory.
services.AddSpaStaticFiles(configuration =>
{
configuration.RootPath = "ClientApp/build";
});
// Add blob client.
services.AddSingleton(sp => new BlobContainerClient(
sp.GetService <IConfiguration>().GetValue <string>("StorageAccountConnectionString"),
Common.Constants.BlobContainerName));
// The bot needs an HttpClient to download and upload files.
services.AddHttpClient();
// Add bot services.
services.AddSingleton <ICredentialProvider, ConfigurationCredentialProvider>();
services.AddTransient <CompanyCommunicatorBotFilterMiddleware>();
services.AddSingleton <CompanyCommunicatorBotAdapter>();
services.AddTransient <TeamsDataCapture>();
services.AddTransient <TeamsFileUpload>();
services.AddTransient <IBot, CompanyCommunicatorBot>();
// Add repositories.
services.AddSingleton <TeamDataRepository>();
services.AddSingleton <UserDataRepository>();
services.AddSingleton <SentNotificationDataRepository>();
services.AddSingleton <NotificationDataRepository>();
services.AddSingleton <SendBatchesDataRepository>();
services.AddSingleton <ExportDataRepository>();
// Add service bus message queues.
services.AddSingleton <PrepareToSendQueue>();
services.AddSingleton <DataQueue>();
services.AddSingleton <ExportQueue>();
// Add draft notification preview services.
services.AddTransient <DraftNotificationPreviewService>();
// Add microsoft graph services.
services.AddTransient <IGraphServiceClient, GraphServiceClient>();
services.AddTransient <IAuthenticationProvider, GraphTokenProvider>();
services.AddScoped <IGroupsService, GroupsService>();
// Add Application Insights telemetry.
services.AddApplicationInsightsTelemetry();
// Add miscellaneous dependencies.
services.AddTransient <TableRowKeyGenerator>();
services.AddTransient <AdaptiveCardCreator>();
}
private static async Task <ClaimsPrincipal> ValidateTokenAsync(this AuthenticationHeaderValue value, AuthenticationOptions securityOptions, ILogger logger = null)
{
if (value?.Scheme != "Bearer")
{
return(null);
}
var configurationManager = new ConfigurationManager <OpenIdConnectConfiguration>(
$"{securityOptions.Issuer}/.well-known/openid-configuration",
new OpenIdConnectConfigurationRetriever(),
new HttpDocumentRetriever {
RequireHttps = securityOptions.Issuer.StartsWith("https://")
}
);
var config = await configurationManager.GetConfigurationAsync(CancellationToken.None);
var validationParameter = new TokenValidationParameters
{
RequireSignedTokens = true,
ValidAudience = securityOptions.Audience,
ValidateAudience = true,
ValidIssuer = $"{securityOptions.Issuer}/", // Auth0's issuer has a '/' on the end of its url
ValidateIssuer = true,
ValidateIssuerSigningKey = true,
ValidateLifetime = true,
IssuerSigningKeys = config.SigningKeys,
ValidateActor = true
};
ClaimsPrincipal result = null;
var tries = 0;
while (result == null && tries <= 1)
{
try
{
var handler = new JwtSecurityTokenHandler();
result = handler.ValidateToken(value.Parameter, validationParameter, out var token);
}
catch (SecurityTokenSignatureKeyNotFoundException ex1)
{
logger?.LogWarning($"{nameof(SecurityTokenSignatureKeyNotFoundException)}: {ex1.Message}");
// This exception is thrown if the signature key of the JWT could not be found.
// This could be the case when the issuer changed its signing keys, so we trigger a
// refresh and retry validation.
configurationManager.RequestRefresh();
tries++;
}
catch (SecurityTokenException ex2)
{
logger?.LogWarning($"{nameof(SecurityTokenException)}: {ex2.Message}");
return(null);
}
}
return(result);
}
private void ThenTheFollowingConfigIsReturned(AuthenticationOptions expected)
{
_result.AllowedScopes.ShouldBe(expected.AllowedScopes);
_result.AuthenticationProviderKey.ShouldBe(expected.AuthenticationProviderKey);
}
public static void Setup(AuthenticationOptions options)
{
options.DefaultAuthenticateScheme = OverseerAuthenticationScheme;
options.DefaultChallengeScheme = OverseerAuthenticationScheme;
}
// This method gets called by the runtime. Use this method to add services to the container.
// ReSharper disable once UnusedMember.Global
public void ConfigureServices(IServiceCollection services)
{
services.ConfigureOptions(Configuration, typeof(NethereumOptions), typeof(AuthenticationOptions), typeof(SiteOptions), typeof(SmtpOptions), typeof(AzureStorageOptions));
services.AddSwaggerGen(c => { c.SwaggerDoc("v1", new Info {
Title = "SmartValley API", Version = "v1"
}); });
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.RequireHttpsMetadata = _currentEnvironment.IsProduction();
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidIssuer = AuthenticationOptions.Issuer,
ValidateAudience = true,
ValidAudience = AuthenticationOptions.Audience,
ValidateLifetime = false,
IssuerSigningKey = AuthenticationOptions.GetSymmetricSecurityKey(),
ValidateIssuerSigningKey = true
};
});
services.AddSingleton(provider => InitializeWeb3(provider.GetService <NethereumOptions>().RpcAddress));
services.AddSingleton <IClock, UtcClock>();
services.AddSingleton <EthereumMessageSigner>();
services.AddSingleton <EthereumClient>();
services.AddSingleton <EthereumContractClient>();
services.AddSingleton <MailService>();
services.AddSingleton <MailTokenService>();
services.AddSingleton <MailSender>();
services.AddSingleton <ITemplateProvider, TemplateProvider>(provider => new TemplateProvider(_currentEnvironment.ContentRootPath));
services.AddSingleton(InitializeProjectTeamMembersStorageProvider);
services.AddSingleton(InitializeApplicationTeamMembersStorageProvider);
services.AddSingleton(InitializeExpertApplicationsStorageProvider);
services.AddSingleton(InitializeProjectStorageProvider);
services.AddSingleton <IScoringContractClient, ScoringContractClient>(
provider => new ScoringContractClient(provider.GetService <EthereumContractClient>(), provider.GetService <NethereumOptions>().ScoringContract));
services.AddSingleton <IERC223ContractClient, ERC223ContractClient>(
provider => new ERC223ContractClient(provider.GetService <EthereumContractClient>(), provider.GetService <NethereumOptions>().ERC223Contract));
services.AddSingleton <IEtherManagerContractClient, EtherManagerContractClient>(
provider => new EtherManagerContractClient(provider.GetService <EthereumContractClient>(), provider.GetService <NethereumOptions>().EtherManagerContract));
services.AddSingleton <IScoringsRegistryContractClient, ScoringsRegistryContractClient>(
provider => new ScoringsRegistryContractClient(provider.GetService <EthereumContractClient>(), provider.GetService <NethereumOptions>().ScoringsRegistryContract));
services.AddSingleton <IScoringOffersManagerContractClient, ScoringOffersManagerContractClient>(
provider => new ScoringOffersManagerContractClient(provider.GetService <EthereumContractClient>(), provider.GetService <NethereumOptions>().ScoringOffersManagerContract));
services.AddSingleton <IAllotmentEventsManagerContractClient, AllotmentEventsManagerContractClient>(
provider => new AllotmentEventsManagerContractClient(provider.GetService <EthereumContractClient>(), provider.GetService <NethereumOptions>().AllotmentEventsManagerContract));
services.AddSingleton <IAllotmentEventContractClient, AllotmentEventContractClient>(
provider => new AllotmentEventContractClient(provider.GetService <EthereumContractClient>(), provider.GetService <NethereumOptions>().AllotmentEventContract.Abi));
services.AddMemoryCache();
services.AddMvc(options =>
{
options.Filters.Add(new AuthenticationFilterFactory());
options.Filters.Add(new AppErrorsExceptionFilter());
options.Filters.Add(new ModelStateFilter());
});
var builder = new DbContextOptionsBuilder <AppDBContext>();
builder.UseSqlServer(Configuration.GetConnectionString("DefaultConnection"));
var dbOptions = builder.Options;
services.AddDbContext <AppDBContext>(options => options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));
services.AddTransient(x => AppDBContext.CreateEditable(dbOptions));
services.AddTransient(x => AppDBContext.CreateReadOnly(dbOptions));
services.AddTransient <IProjectRepository, ProjectRepository>();
services.AddTransient <IScoringRepository, ScoringRepository>();
services.AddTransient <IScoringOffersRepository, ScoringOffersRepository>();
services.AddTransient <IProjectService, ProjectService>();
services.AddTransient <IEstimationService, EstimationService>();
services.AddTransient <IScoringService, ScoringService>();
services.AddTransient <IScoringCriterionRepository, ScoringCriterionRepository>();
services.AddTransient <IUserRepository, UserRepository>();
services.AddTransient <IUserService, UserService>();
services.AddTransient <IAdminService, AdminService>();
services.AddTransient <IUserRepository, UserRepository>();
services.AddTransient <IAuthenticationService, AuthenticationService>();
services.AddTransient <IExpertRepository, ExpertRepository>();
services.AddTransient <IExpertService, ExpertService>();
services.AddTransient <Experts.IExpertService, Experts.ExpertService>();
services.AddTransient <IExpertApplicationRepository, ExpertApplicationRepository>();
services.AddTransient <ICountryRepository, CountryRepository>();
services.AddTransient <IExpertApplicationRepository, ExpertApplicationRepository>();
services.AddTransient <IScoringApplicationRepository, ScoringApplicationRepository>();
services.AddTransient <IScoringApplicationQuestionsRepository, ScoringApplicationQuestionsRepository>();
services.AddTransient <IScoringApplicationService, ScoringApplicationService>();
services.AddTransient <IFeedbackRepository, FeedbackRepository>();
services.AddTransient <IFeedbackService, FeedbackService>();
services.AddTransient <IAllotmentEventService, AllotmentEventService>();
services.AddTransient <IAllotmentEventRepository, AllotmentEventRepository>();
services.AddTransient <IEthereumTransactionService, EthereumTransactionService>();
services.AddTransient <IEthereumTransactionRepository, EthereumTransactionRepository>();
var logger = CreateLogger();
services.AddSingleton(logger.ForContext("Source", "api"));
var serviceProvider = services.BuildServiceProvider();
var siteOptions = serviceProvider.GetService <SiteOptions>();
ConfigureCorsPolicy(services, siteOptions);
var dataProtectionProvider = serviceProvider.GetService <IDataProtectionProvider>();
services.AddSingleton <IMessageSession>(
provider => EndpointConfigurator
.StartAsync(Configuration, _currentEnvironment.ContentRootPath, dataProtectionProvider, logger.ForContext("Source", "nservicebus"))
.GetAwaiter()
.GetResult());
}
public Response <RequestDelegate> CreateIdentityServerAuthenticationHandler(IApplicationBuilder app, AuthenticationOptions authOptions)
{
var builder = app.New();
builder.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
{
Authority = authOptions.ProviderRootUrl,
ApiName = authOptions.ScopeName,
RequireHttpsMetadata = authOptions.RequireHttps,
AllowedScopes = authOptions.AdditionalScopes,
SupportedTokens = SupportedTokens.Both,
ApiSecret = authOptions.ScopeSecret
});
var authenticationNext = builder.Build();
return(new OkResponse <RequestDelegate>(authenticationNext));
}
public async Task SearchFiles(IDialogContext context, LuisResult result)
{
// makes sure we got at least one entity from LUIS
if (result.Entities.Count == 0)
{
await None(context, result);
}
else
{
var query = "https://graph.microsoft.com/v1.0/me/drive/search(q='{0}')?$select=id,name,size,webUrl&$top=5";
// we will assume only one entity, but LUIS can handle multiple entities
if (result.Entities[0].Type == "FileName")
{
// perform a search for the filename
query = String.Format(query, result.Entities[0].Entity.Replace(" . ", "."));
}
else if (result.Entities[0].Type == "FileType")
{
// perform search based on filetype...but clean up the filetype first
var fileType = result.Entities[0].Entity.Replace(" . ", ".").Replace(". ", ".").ToLower();
List <string> images = new List <string>()
{
"images", "pictures", "pics", "photos", "image", "picture", "pic", "photo"
};
List <string> presentations = new List <string>()
{
"powerpoints", "presentations", "decks", "powerpoints", "presentation", "deck", ".pptx", ".ppt", "pptx", "ppt"
};
List <string> documents = new List <string>()
{
"documents", "document", "word", "doc", ".docx", ".doc", "docx", "doc"
};
List <string> workbooks = new List <string>()
{
"workbooks", "workbook", "excel", "spreadsheet", "spreadsheets", ".xlsx", ".xls", "xlsx", "xls"
};
List <string> music = new List <string>()
{
"music", "songs", "albums", ".mp3", "mp3"
};
List <string> videos = new List <string>()
{
"video", "videos", "movie", "movies", ".mp4", "mp4", ".mov", "mov", ".avi", "avi"
};
if (images.Contains(fileType))
{
query = String.Format(query, ".png .jpg .jpeg .gif");
}
else if (presentations.Contains(fileType))
{
query = String.Format(query, ".pptx .ppt");
}
else if (documents.Contains(fileType))
{
query = String.Format(query, ".docx .doc");
}
else if (workbooks.Contains(fileType))
{
query = String.Format(query, ".xlsx .xls");
}
else if (music.Contains(fileType))
{
query = String.Format(query, ".mp3");
}
else if (videos.Contains(fileType))
{
query = String.Format(query, ".mp4 .avi .mov");
}
else
{
query = String.Format(query, fileType);
}
}
// save the query so we can run it after authenticating
context.ConversationData.SetValue <string>("GraphQuery", query);
// Initialize AuthenticationOptions with details from AAD v2 app registration (https://apps.dev.microsoft.com)
AuthenticationOptions options = new AuthenticationOptions()
{
Authority = ConfigurationManager.AppSettings["aad:Authority"],
ClientId = ConfigurationManager.AppSettings["aad:ClientId"],
ClientSecret = ConfigurationManager.AppSettings["aad:ClientSecret"],
Scopes = new string[] { "Files.Read" },
RedirectUrl = ConfigurationManager.AppSettings["aad:Callback"]
};
// Forward the dialog to the AuthDialog to sign the user in and get an access token for calling the Microsoft Graph
await context.Forward(new AuthDialog(new MSALAuthProvider(), options), async (IDialogContext authContext, IAwaitable <AuthResult> authResult) =>
{
var tokenInfo = await authResult;
// Get the users profile photo from the Microsoft Graph
var json = await new HttpClient().GetWithAuthAsync(tokenInfo.AccessToken, authContext.ConversationData.GetValue <string>("GraphQuery"));
var items = (JArray)json.SelectToken("value");
var reply = ((Activity)authContext.Activity).CreateReply();
foreach (var item in items)
{
// we could get thumbnails for each item using the id, but will keep it simple
ThumbnailCard card = new ThumbnailCard()
{
Title = item.Value <string>("name"),
Subtitle = $"Size: {item.Value<int>("size").ToString()}",
Text = $"Download: {item.Value<string>("webUrl")}"
};
reply.Attachments.Add(card.ToAttachment());
}
reply.AttachmentLayout = AttachmentLayoutTypes.Carousel;
ConnectorClient client = new ConnectorClient(new Uri(authContext.Activity.ServiceUrl));
await client.Conversations.ReplyToActivityAsync(reply);
}, context.Activity, CancellationToken.None);
}
}
public EnsureSignInScheme(IOptions <AuthenticationOptions> authOptions)
{
_authOptions = authOptions.Value;
}
private void SetJwtBearerAuthentication(AuthenticationOptions options)
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}
public static async Task <AuthenticationStatus> Authenticate(this HttpRequest httpRequest, AuthenticationOptions securityOptions, string userId, ILogger logger = null)
{
if (securityOptions.Debug == true)
{
return(AuthenticationStatus.Authenticated); // Doing this for now because swagger isnt using jwt token
}
var authenticationHeader = httpRequest.ParseAuthenticationHeader(logger);
if ((await authenticationHeader?.ValidateTokenAsync(securityOptions, logger)) == null)
{
return(AuthenticationStatus.Unauthenticated);
}
var tokenHandler = new JwtSecurityTokenHandler();
if (!tokenHandler.CanReadToken(authenticationHeader.Parameter))
{
return(AuthenticationStatus.Unauthenticated);
}
var token = tokenHandler.ReadJwtToken(authenticationHeader.Parameter);
if (userId != token.Subject)
{
return(AuthenticationStatus.Unauthenticated);
}
return(AuthenticationStatus.Authenticated);
}
public static void Configure(IAppBuilder app, IUnityContainer container, AuthenticationOptions authenticationOptions)
{
app.CreatePerOwinContext(() => container.Resolve<SecurityDbContext>());
app.CreatePerOwinContext(() => container.Resolve<ApplicationUserManager>());
if (authenticationOptions.CookiesEnabled)
{
// Enable the application to use a cookie to store information for the signed in user
// and to use a cookie to temporarily store information about a user logging in with a third party login provider
// Configure the sign in cookie
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
//LoginPath = new PathString("/Account/Logon"),
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
validateInterval: authenticationOptions.CookiesValidateInterval,
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
}
});
}
if (authenticationOptions.BearerTokensEnabled)
{
app.UseOAuthBearerTokens(new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/Token"),
AuthorizeEndpointPath = new PathString("/Account/Authorize"),
Provider = new ApplicationOAuthProvider(PublicClientId),
AccessTokenExpireTimeSpan = authenticationOptions.BearerTokensExpireTimeSpan,
AllowInsecureHttp = true
});
}
if (authenticationOptions.HmacEnabled || authenticationOptions.ApiKeysEnabled)
{
var apiAccountProvider = container.Resolve<IApiAccountProvider>();
var claimsIdentityProvider = container.Resolve<IClaimsIdentityProvider>();
var cacheManager = container.Resolve<ICacheManager<object>>();
if (authenticationOptions.HmacEnabled)
{
app.UseHmacAuthentication(new HmacAuthenticationOptions
{
ApiCredentialsProvider = apiAccountProvider,
IdentityProvider = claimsIdentityProvider,
CacheManager = cacheManager,
SignatureValidityPeriod = authenticationOptions.HmacSignatureValidityPeriod
});
}
if (authenticationOptions.ApiKeysEnabled)
{
app.UseApiKeysAuthentication(new ApiKeysAuthenticationOptions
{
ApiCredentialsProvider = apiAccountProvider,
IdentityProvider = claimsIdentityProvider,
CacheManager = cacheManager,
HttpHeaderName = authenticationOptions.ApiKeysHttpHeaderName,
QueryStringParameterName = authenticationOptions.ApiKeysQueryStringParameterName
});
}
}
app.Use<CurrentUserOwinMiddleware>(container.Resolve<Func<ICurrentUser>>());
}
public SecretRekeyProvider(IDialogCoordinator dialogCoordinator, ILogger <SecretRekeyProvider> logger, AuthenticationOptions authnOptions, EmailOptions emailOptions, IProtectedSecretProvider secretProvider)
{
this.dialogCoordinator = dialogCoordinator;
this.logger = logger;
this.authnOptions = authnOptions;
this.emailOptions = emailOptions;
this.secretProvider = secretProvider;
}
public void Configuration(IAppBuilder app, string virtualRoot, string routPrefix)
{
VirtualRoot = virtualRoot;
_assembliesPath = HostingEnvironment.MapPath(VirtualRoot + "/App_Data/Modules");
var platformPath = HostingEnvironment.MapPath(VirtualRoot).EnsureEndSeparator();
var modulesVirtualPath = VirtualRoot + "/Modules";
var modulesPhysicalPath = HostingEnvironment.MapPath(modulesVirtualPath).EnsureEndSeparator();
AppDomain.CurrentDomain.AssemblyResolve += CurrentDomainOnAssemblyResolve;
//Modules initialization
var bootstrapper = new VirtoCommercePlatformWebBootstrapper(modulesVirtualPath, modulesPhysicalPath, _assembliesPath, platformPath);
bootstrapper.Run();
var container = bootstrapper.Container;
container.RegisterInstance(app);
var moduleInitializerOptions = (ModuleInitializerOptions)container.Resolve<IModuleInitializerOptions>();
moduleInitializerOptions.VirtualRoot = virtualRoot;
moduleInitializerOptions.RoutPrefix = routPrefix;
//Initialize Platform dependencies
const string connectionStringName = "VirtoCommerce";
InitializePlatform(app, container, connectionStringName);
var moduleManager = container.Resolve<IModuleManager>();
var moduleCatalog = container.Resolve<IModuleCatalog>();
var applicationBase = AppDomain.CurrentDomain.SetupInformation.ApplicationBase.EnsureEndSeparator();
// Register URL rewriter for platform scripts
var scriptsPhysicalPath = HostingEnvironment.MapPath(VirtualRoot + "/Scripts").EnsureEndSeparator();
var scriptsRelativePath = MakeRelativePath(applicationBase, scriptsPhysicalPath);
var platformUrlRewriterOptions = new UrlRewriterOptions();
platformUrlRewriterOptions.Items.Add(PathString.FromUriComponent("/$(Platform)/Scripts"), "");
app.Use<UrlRewriterOwinMiddleware>(platformUrlRewriterOptions);
app.UseStaticFiles(new StaticFileOptions
{
FileSystem = new Microsoft.Owin.FileSystems.PhysicalFileSystem(scriptsRelativePath)
});
// Register URL rewriter before modules initialization
if (Directory.Exists(modulesPhysicalPath))
{
var modulesRelativePath = MakeRelativePath(applicationBase, modulesPhysicalPath);
var urlRewriterOptions = new UrlRewriterOptions();
foreach (var module in moduleCatalog.Modules.OfType<ManifestModuleInfo>())
{
var urlRewriteKey = string.Format(CultureInfo.InvariantCulture, "/Modules/$({0})", module.ModuleName);
var urlRewriteValue = MakeRelativePath(modulesPhysicalPath, module.FullPhysicalPath);
urlRewriterOptions.Items.Add(PathString.FromUriComponent(urlRewriteKey), "/" + urlRewriteValue);
moduleInitializerOptions.ModuleDirectories.Add(module.ModuleName, module.FullPhysicalPath);
}
app.Use<UrlRewriterOwinMiddleware>(urlRewriterOptions);
app.UseStaticFiles(new StaticFileOptions
{
FileSystem = new Microsoft.Owin.FileSystems.PhysicalFileSystem(modulesRelativePath)
});
}
// Ensure all modules are loaded
foreach (var module in moduleCatalog.Modules.Where(x => x.State == ModuleState.NotStarted))
{
moduleManager.LoadModule(module.ModuleName);
}
// Post-initialize
// Platform MVC configuration
if (IsApplication)
{
AreaRegistration.RegisterAllAreas();
}
GlobalConfiguration.Configure(WebApiConfig.Register);
FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);
RouteConfig.RegisterRoutes(RouteTable.Routes);
BundleConfig.RegisterBundles(BundleTable.Bundles);
AuthConfig.RegisterAuth();
// Security OWIN configuration
var authenticationOptions = new AuthenticationOptions
{
CookiesEnabled = ConfigurationManager.AppSettings.GetValue("VirtoCommerce:Authentication:Cookies.Enabled", true),
CookiesValidateInterval = ConfigurationManager.AppSettings.GetValue("VirtoCommerce:Authentication:Cookies.ValidateInterval", TimeSpan.FromDays(1)),
BearerTokensEnabled = ConfigurationManager.AppSettings.GetValue("VirtoCommerce:Authentication:BearerTokens.Enabled", true),
BearerTokensExpireTimeSpan = ConfigurationManager.AppSettings.GetValue("VirtoCommerce:Authentication:BearerTokens.AccessTokenExpireTimeSpan", TimeSpan.FromHours(1)),
HmacEnabled = ConfigurationManager.AppSettings.GetValue("VirtoCommerce:Authentication:Hmac.Enabled", true),
HmacSignatureValidityPeriod = ConfigurationManager.AppSettings.GetValue("VirtoCommerce:Authentication:Hmac.SignatureValidityPeriod", TimeSpan.FromMinutes(20)),
ApiKeysEnabled = ConfigurationManager.AppSettings.GetValue("VirtoCommerce:Authentication:ApiKeys.Enabled", true),
ApiKeysHttpHeaderName = ConfigurationManager.AppSettings.GetValue("VirtoCommerce:Authentication:ApiKeys.HttpHeaderName", "api_key"),
ApiKeysQueryStringParameterName = ConfigurationManager.AppSettings.GetValue("VirtoCommerce:Authentication:ApiKeys.QueryStringParameterName", "api_key"),
};
OwinConfig.Configure(app, container, connectionStringName, authenticationOptions);
RecurringJob.AddOrUpdate<SendNotificationsJobs>("SendNotificationsJob", x => x.Process(), "*/1 * * * *");
var notificationManager = container.Resolve<INotificationManager>();
notificationManager.RegisterNotificationType(() => new RegistrationEmailNotification(container.Resolve<IEmailNotificationSendingGateway>())
{
DisplayName = "Registration notification",
Description = "This notification sends by email to client when he finish registration",
NotificationTemplate = new NotificationTemplate
{
Body = PlatformNotificationResource.RegistrationNotificationBody,
Subject = PlatformNotificationResource.RegistrationNotificationSubject,
Language = "en-US"
}
});
notificationManager.RegisterNotificationType(() => new ResetPasswordEmailNotification(container.Resolve<IEmailNotificationSendingGateway>())
{
DisplayName = "Reset password notification",
Description = "This notification sends by email to client when he want to reset his password",
NotificationTemplate = new NotificationTemplate
{
Body = PlatformNotificationResource.ResetPasswordNotificationBody,
Subject = PlatformNotificationResource.ResetPasswordNotificationSubject,
Language = "en-US"
}
});
var postInitializeModules = moduleCatalog.CompleteListWithDependencies(moduleCatalog.Modules)
.Where(m => m.ModuleInstance != null)
.ToArray();
foreach (var module in postInitializeModules)
{
moduleManager.PostInitializeModule(module);
}
// SignalR
var tempCounterManager = new TempPerformanceCounterManager();
GlobalHost.DependencyResolver.Register(typeof(IPerformanceCounterManager), () => tempCounterManager);
var hubConfiguration = new HubConfiguration();
hubConfiguration.EnableJavaScriptProxies = false;
app.MapSignalR("/" + moduleInitializerOptions.RoutPrefix + "signalr", hubConfiguration);
}
/// <summary>
/// Sets up authentication schemes.
/// </summary>
private void SetupAuthentication(AuthenticationOptions options)
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
}
public static void AddBearers
(
this IServiceCollection services,
IWebHostEnvironment environment,
OidcAuthorizationServerOptions openIdOptions,
AuthenticationOptions authenticationOptions,
string[] schemes
)
{
services
.AddDbContext <DbContext>(options =>
{
// Configure the context to use an in-memory store.
options.UseInMemoryDatabase(nameof(DbContext));
// Register the entity sets needed by OpenIddict.
// Note: use the generic overload if you need
// to replace the default OpenIddict entities.
options.UseOpenIddict();
})
.AddOpenIddict()
.AddCore(options =>
{
// Configure OpenIddict to use the Entity Framework Core stores and entities.
options.UseEntityFrameworkCore().UseDbContext <DbContext>();
})
.AddServer(options =>
{
// Register the ASP.NET Core MVC binder used by OpenIddict.
// Note: if you don't call this method, you won't be able to
// bind OpenIdConnectRequest or OpenIdConnectResponse parameters.
options.UseMvc();
// Enable the authorization/token endpoints (required to use the code flow).
options.EnableTokenEndpoint(@$ "/{authenticationOptions.TokenEndpoint
.Replace(authenticationOptions.Issuer, string.Empty)}");
//.EnableAuthorizationEndpoint("/connect/authorize");
// Allow client applications to use the grant_type=client_credentials flow.
options.AllowClientCredentialsFlow();
// During development, you can disable the HTTPS requirement.
if (environment.IsDevelopment())
{
options.DisableHttpsRequirement();
}
// Accept token requests that don't specify a client_id.
// options.AcceptAnonymousClients();
options.EnableRequestCaching();
// Note: to use JWT access tokens instead of the default
// encrypted format, the following lines are required:
//
options.UseJsonWebTokens();
// Register a new ephemeral key, that is discarded when the application
// shuts down. Tokens signed using this key are automatically invalidated.
// This method should only be used during development.
//options.AddEphemeralSigningKey();
// On production, using a X.509 certificate stored in the machine store is recommended.
options.AddSigningCertificate(LoadCertificate(openIdOptions));
var expiryInSeconds = openIdOptions.AccessTokenExpiration;
options.SetAccessTokenLifetime(TimeSpan.FromSeconds(Convert.ToDouble(expiryInSeconds)));
// Note: if you don't want to use permissions, you can disable
// permission enforcement by uncommenting the following lines:
//
// options.IgnoreEndpointPermissions()
// .IgnoreGrantTypePermissions()
// .IgnoreScopePermissions();
});
public static void Configure(IAppBuilder app, IUnityContainer container, string databaseConnectionStringName, AuthenticationOptions authenticationOptions)
{
app.CreatePerOwinContext(() => container.Resolve<SecurityDbContext>());
app.CreatePerOwinContext(() => container.Resolve<ApplicationUserManager>());
if (authenticationOptions.CookiesEnabled)
{
// Enable the application to use a cookie to store information for the signed in user
// and to use a cookie to temporarily store information about a user logging in with a third party login provider
// Configure the sign in cookie
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
//LoginPath = new PathString("/Account/Logon"),
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
validateInterval: authenticationOptions.CookiesValidateInterval,
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
}
});
}
if (authenticationOptions.BearerTokensEnabled)
{
app.UseOAuthBearerTokens(new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/Token"),
AuthorizeEndpointPath = new PathString("/Account/Authorize"),
Provider = new ApplicationOAuthProvider(PublicClientId),
AccessTokenExpireTimeSpan = authenticationOptions.BearerTokensExpireTimeSpan,
AllowInsecureHttp = true
});
}
if (authenticationOptions.HmacEnabled || authenticationOptions.ApiKeysEnabled)
{
var apiAccountProvider = container.Resolve<IApiAccountProvider>();
var claimsIdentityProvider = container.Resolve<IClaimsIdentityProvider>();
var cacheManager = container.Resolve<CacheManager>();
var cacheSettings = new[]
{
new CacheSettings(HmacAuthenticationHandler.CacheGroup, TimeSpan.FromSeconds(60))
};
cacheManager.AddCacheSettings(cacheSettings);
if (authenticationOptions.HmacEnabled)
{
app.UseHmacAuthentication(new HmacAuthenticationOptions
{
ApiCredentialsProvider = apiAccountProvider,
IdentityProvider = claimsIdentityProvider,
CacheManager = cacheManager,
SignatureValidityPeriod = authenticationOptions.HmacSignatureValidityPeriod
});
}
if (authenticationOptions.ApiKeysEnabled)
{
app.UseApiKeysAuthentication(new ApiKeysAuthenticationOptions
{
ApiCredentialsProvider = apiAccountProvider,
IdentityProvider = claimsIdentityProvider,
CacheManager = cacheManager,
HttpHeaderName = authenticationOptions.ApiKeysHttpHeaderName,
QueryStringParameterName = authenticationOptions.ApiKeysQueryStringParameterName
});
}
}
var permissionService = container.Resolve<IPermissionService>();
app.UseHangfire(config =>
{
config.UseUnityActivator(container);
config.UseSqlServerStorage(databaseConnectionStringName, new SqlServerStorageOptions { PrepareSchemaIfNecessary = false, QueuePollInterval = TimeSpan.FromSeconds(60) /* 15 Default value */ });
config.UseAuthorizationFilters(new PermissionBasedAuthorizationFilter(permissionService) { Permission = PredefinedPermissions.BackgroundJobsManage });
config.UseServer();
});
}
public AuthDialog(IAuthProvider AuthProvider, AuthenticationOptions AuthOptions, string Prompt = "Please click to sign in: ")
{
this.prompt = Prompt;
this.authProvider = AuthProvider;
this.authOptions = AuthOptions;
}
public DownstreamReRouteBuilder WithAuthenticationOptions(AuthenticationOptions authenticationOptions)
{
_authenticationOptions = authenticationOptions;
return(this);
}
private void WhenICreateTheAuthenticationOptions()
{
_result = _authOptionsCreator.Create(_fileReRoute);
}
public AuthenticationController(ILogger logger, IUserService userService, CoreSettings settings, IExternalClaimsFilter externalClaimsFilter, AuthenticationOptions authenticationOptions, InternalConfiguration internalConfiguration)
{
this.logger = logger;
this.userService = userService;
this.settings = settings;
this.externalClaimsFilter = externalClaimsFilter;
this.authenticationOptions = authenticationOptions;
this.internalConfiguration = internalConfiguration;
}
private void SetAuthenticationOptions(AuthenticationOptions options)
{
options.DefaultScheme = Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectDefaults.AuthenticationScheme;
}
/// <inheritdoc /> public abstract IWorkItemStore Create(AuthenticationOptions options);
public static KrbAsReq CreateAsReq(KerberosCredential credential, AuthenticationOptions options)
{
var kdcOptions = (KdcOptions)(options & ~AuthenticationOptions.AllAuthentication);
var hostAddress = Environment.MachineName;
var padata = new List <KrbPaData>()
{
new KrbPaData
{
Type = PaDataType.PA_PAC_REQUEST,
Value = new KrbPaPacRequest
{
IncludePac = options.HasFlag(AuthenticationOptions.IncludePacRequest)
}.Encode().AsMemory()
}
};
if (options.HasFlag(AuthenticationOptions.PreAuthenticate))
{
KerberosConstants.Now(out DateTimeOffset timestamp, out int usec);
var ts = new KrbPaEncTsEnc
{
PaTimestamp = timestamp,
PaUSec = usec
};
var tsEncoded = ts.Encode().AsMemory();
KrbEncryptedData encData = KrbEncryptedData.Encrypt(
tsEncoded,
credential.CreateKey(),
KeyUsage.PaEncTs
);
padata.Add(new KrbPaData
{
Type = PaDataType.PA_ENC_TIMESTAMP,
Value = encData.Encode().AsMemory()
});
}
var asreq = new KrbAsReq()
{
MessageType = MessageType.KRB_AS_REQ,
Body = new KrbKdcReqBody
{
Addresses = new[] {
new KrbHostAddress {
AddressType = AddressType.NetBios,
Address = Encoding.ASCII.GetBytes(hostAddress.PadRight(16, ' '))
}
},
CName = new KrbPrincipalName
{
Name = new[] { $"{credential.UserName}@{credential.Domain}" },
Type = PrincipalNameType.NT_ENTERPRISE
},
EType = KerberosConstants.ETypes.ToArray(),
KdcOptions = kdcOptions,
Nonce = KerberosConstants.GetNonce(),
RTime = KerberosConstants.EndOfTime,
Realm = credential.Domain,
SName = new KrbPrincipalName
{
Type = PrincipalNameType.NT_SRV_INST,
Name = new[] { "krbtgt", credential.Domain }
},
Till = KerberosConstants.EndOfTime
},
PaData = padata.ToArray()
};
return(asreq);
}
public static void SetSignInChallengeResultCallback(
this AuthenticationOptions authOptions,
Func <IOwinContext, AuthenticationProperties> authProperties)
{
authOptions.Description.Properties["ChallengeResultCallback"] = authProperties;
}
private void ConfigureAuthenticationOptions(AuthenticationOptions options)
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}
/// <summary>
/// Used during the External authentication process to assign external sign-in options
/// that are used by the Umbraco authentication process.
/// </summary>
/// <param name="authOptions"></param>
/// <param name="options"></param>
public static void SetExternalSignInAutoLinkOptions(
this AuthenticationOptions authOptions,
ExternalSignInAutoLinkOptions options)
{
authOptions.Description.Properties["ExternalSignInAutoLinkOptions"] = options;
}
/// <summary>
/// This method gets called by the runtime. Use this method to add services to the container.
/// </summary>
/// <param name="services">IServiceCollection instance.</param>
public void ConfigureServices(IServiceCollection services)
{
// Add all options set from configuration values.
services.AddOptions <AuthenticationOptions>()
.Configure <IConfiguration>((authenticationOptions, configuration) =>
{
Startup.FillAuthenticationOptionsProperties(authenticationOptions, configuration);
});
services.AddOptions <BotOptions>()
.Configure <IConfiguration>((botOptions, configuration) =>
{
botOptions.UserAppId = configuration.GetValue <string>("UserAppId");
botOptions.UserAppPassword = configuration.GetValue <string>("UserAppPassword");
botOptions.AuthorAppId = configuration.GetValue <string>("AuthorAppId");
botOptions.AuthorAppPassword = configuration.GetValue <string>("AuthorAppPassword");
});
services.AddOptions <BotFilterMiddlewareOptions>()
.Configure <IConfiguration>((botFilterMiddlewareOptions, configuration) =>
{
botFilterMiddlewareOptions.DisableTenantFilter =
configuration.GetValue <bool>("DisableTenantFilter", false);
botFilterMiddlewareOptions.AllowedTenants =
configuration.GetValue <string>("AllowedTenants");
});
services.AddOptions <RepositoryOptions>()
.Configure <IConfiguration>((repositoryOptions, configuration) =>
{
repositoryOptions.StorageAccountConnectionString =
configuration.GetValue <string>("StorageAccountConnectionString");
// Setting this to true because the main application should ensure that all
// tables exist.
repositoryOptions.EnsureTableExists = true;
});
services.AddOptions <MessageQueueOptions>()
.Configure <IConfiguration>((messageQueueOptions, configuration) =>
{
messageQueueOptions.ServiceBusConnection =
configuration.GetValue <string>("ServiceBusConnection");
});
services.AddOptions <DataQueueMessageOptions>()
.Configure <IConfiguration>((dataQueueMessageOptions, configuration) =>
{
dataQueueMessageOptions.ForceCompleteMessageDelayInSeconds =
configuration.GetValue <double>("ForceCompleteMessageDelayInSeconds", 86400);
});
services.AddOptions <UserAppOptions>()
.Configure <IConfiguration>((options, configuration) =>
{
options.ProactivelyInstallUserApp =
configuration.GetValue <bool>("ProactivelyInstallUserApp", true);
options.UserAppExternalId =
configuration.GetValue <string>("UserAppExternalId", "148a66bb-e83d-425a-927d-09f4299a9274");
});
services.AddOptions();
// Add localization services.
services.AddLocalizationSettings(this.Configuration);
// Add authentication services.
AuthenticationOptions authenticationOptionsParameter = new AuthenticationOptions();
Startup.FillAuthenticationOptionsProperties(authenticationOptionsParameter, this.Configuration);
services.AddAuthentication(this.Configuration, authenticationOptionsParameter);
services.AddControllersWithViews();
// Setup SPA static files.
// In production, the React files will be served from this directory.
services.AddSpaStaticFiles(configuration =>
{
configuration.RootPath = "ClientApp/build";
});
// Add blob client.
services.AddSingleton(sp => new BlobContainerClient(
sp.GetService <IConfiguration>().GetValue <string>("StorageAccountConnectionString"),
Common.Constants.BlobContainerName));
// The bot needs an HttpClient to download and upload files.
services.AddHttpClient();
// Add bot services.
services.AddTransient <TeamsDataCapture>();
services.AddTransient <TeamsFileUpload>();
services.AddTransient <UserTeamsActivityHandler>();
services.AddTransient <AuthorTeamsActivityHandler>();
services.AddSingleton <ICredentialProvider, ConfigurationCredentialProvider>();
services.AddTransient <CompanyCommunicatorBotFilterMiddleware>();
services.AddSingleton <CompanyCommunicatorBotAdapter>();
services.AddSingleton <BotFrameworkHttpAdapter>();
// Add repositories.
services.AddSingleton <ITeamDataRepository, TeamDataRepository>();
services.AddSingleton <IUserDataRepository, UserDataRepository>();
services.AddSingleton <ISentNotificationDataRepository, SentNotificationDataRepository>();
services.AddSingleton <INotificationDataRepository, NotificationDataRepository>();
services.AddSingleton <IExportDataRepository, ExportDataRepository>();
services.AddSingleton <IAppConfigRepository, AppConfigRepository>();
services.AddSingleton <IUrlTrackingDataRepository, UrlTrackingDataRepository>();
// Add service bus message queues.
services.AddSingleton <IPrepareToSendQueue, PrepareToSendQueue>();
services.AddSingleton <IDataQueue, DataQueue>();
services.AddSingleton <IExportQueue, ExportQueue>();
// Add draft notification preview services.
services.AddTransient <DraftNotificationPreviewService>();
// Add microsoft graph services.
services.AddScoped <IAuthenticationProvider, GraphTokenProvider>();
services.AddScoped <IGraphServiceClient, GraphServiceClient>();
services.AddScoped <Beta.IGraphServiceClient, Beta.GraphServiceClient>();
services.AddScoped <IGraphServiceFactory, GraphServiceFactory>();
services.AddScoped <IGroupsService>(sp => sp.GetRequiredService <IGraphServiceFactory>().GetGroupsService());
services.AddScoped <IAppCatalogService>(sp => sp.GetRequiredService <IGraphServiceFactory>().GetAppCatalogService());
// Add Application Insights telemetry.
services.AddApplicationInsightsTelemetry();
// Add miscellaneous dependencies.
services.AddTransient <TableRowKeyGenerator>();
services.AddTransient <AdaptiveCardCreator>();
services.AddTransient <IAppSettingsService, AppSettingsService>();
services.AddTransient <IUserDataService, UserDataService>();
services.AddTransient <ITeamMembersService, TeamMembersService>();
// Enable redirect controller
services.AddHttpContextAccessor();
}
public static void Register(HttpConfiguration config)
{
var authConfig = new AuthenticationConfiguration
{
RequireSsl = false,
ClaimsAuthenticationManager = new ClaimsTransformer(),
EnableSessionToken = true,
};
var registry = new ConfigurationBasedIssuerNameRegistry();
registry.AddTrustedIssuer(System.Configuration.ConfigurationManager.AppSettings["SigningThumbPrint"], System.Configuration.ConfigurationManager.AppSettings["IssuerURI"]);
var handlerConfig = new SecurityTokenHandlerConfiguration();
handlerConfig.AudienceRestriction.AllowedAudienceUris.Add(new Uri(System.Configuration.ConfigurationManager.AppSettings["AudianceUri"]));
handlerConfig.IssuerNameRegistry = registry;
handlerConfig.CertificateValidator = X509CertificateValidator.None;
handlerConfig.ServiceTokenResolver = new X509CertificateStoreTokenResolver(StoreName.My, StoreLocation.LocalMachine);
authConfig.AddSaml2(handlerConfig, AuthenticationOptions.ForAuthorizationHeader("SAML"), AuthenticationScheme.SchemeOnly("SAML"));
config.MessageHandlers.Add(new AuthenticationHandler(authConfig));
config.Routes.MapHttpRoute(
name: "UsersCurrentPermittedUser",
routeTemplate: "api/Users/{logonUserName}/CurrentPermittedUser",
defaults: new { Controller = "UsersCurrentPermittedUser", id = RouteParameter.Optional });
//constraints:new {httpMethod = new System.Web.Http.Routing.HttpMethodConstraint(HttpMethod.Get,HttpMethod.Post)});
config.Routes.MapHttpRoute(
name: "Calculations",
routeTemplate: "api/Periods/{PeriodId}/Calculations/{id}",
defaults: new { Controller = "Calculations", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "CalculationsState",
routeTemplate: "api/Periods/{PeriodId}/Calculations/{id}/State",
defaults: new { Controller = "CalculationsState", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "CalculationsExceptions",
routeTemplate: "api/Periods/{PeriodId}/Calculations/{calculationId}/Exceptions/{id}",
defaults: new { Controller = "CalculationsExceptions", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "JobIndexPoints",
routeTemplate: "api/Periods/{PeriodId}/Calculations/{CalculationId}/JobIndexpoints/{id}",
defaults: new { Controller = "JobIndexPoints", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "JobCustomFields",
routeTemplate: "api/Jobs/{jobId}/CustomFields/{id}",
defaults: new { Controller = "JobCustomFields", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "PeriodState",
routeTemplate: "api/Periods/{id}/State",
defaults: new { Controller = "PeriodsState", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "PeriodSourceDestinationState",
routeTemplate: "api/SourcePeriods/{sourcePeriodId}/DestinationPeriods/{destinationPeriodId}/State",
defaults: new { Controller = "PeriodSourceDestinationState", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "PolicyFunctions",
routeTemplate: "api/Policies/{PolicyId}/Functions/{id}",
defaults: new { Controller = "PolicyFunctions", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "PolicyRules",
routeTemplate: "api/Policies/{PolicyId}/Rules/{id}",
defaults: new { Controller = "PolicyRules", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "PolicyRuleTrails",
routeTemplate: "api/Policies/{policyId}/Rules/{ruleId}/Trails/{id}",
defaults: new { Controller = "PolicyRuleTrails", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "PolicyRuleCompilations",
routeTemplate: "api/Policies/{PolicyId}/RuleCompilations/{id}",
defaults: new { Controller = "RuleCompilations", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "PeriodUnits",
routeTemplate: "api/Periods/{PeriodId}/Units/{id}",
defaults: new { Controller = "PeriodUnits", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "UnitInquirySubjectsController",
routeTemplate: "api/Periods/{PeriodId}/Units/{UnitId}/InquirySubjects",
defaults: new { Controller = "UnitInquirySubjects", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "UnitVerifiersController",
routeTemplate: "api/Periods/{PeriodId}/Units/{UnitId}/Verifiers",
defaults: new { Controller = "UnitVerifiers", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "InquirerInquiryUnits",
routeTemplate: "api/Periods/{PeriodId}/Inquirers/{InquirerEmployeeNo}/InquiryUnits",
defaults: new { Controller = "InquirerInquiryUnits", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "EmployeeUnits",
routeTemplate: "api/Periods/{PeriodId}/Employees/{EmployeeNo}/Units",
defaults: new { Controller = "EmployeeUnits", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "InquiryUnitInquiryUnitIndexPoints",
routeTemplate:
"api/Periods/{PeriodId}/Inquirers/{InquirerEmployeeNo}/Units/{unitId}/InquiryUnitIndexPoints",
defaults: new { Controller = "InquiryUnitInquiryUnitIndexPoints", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "PeriodEmployees",
routeTemplate: "api/Periods/{PeriodId}/Employees/{id}",
defaults: new { Controller = "PeriodEmployees", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "EmployeeJobPositions",
routeTemplate: "api/Periods/{PeriodId}/Employees/{EmployeeNo}/JobPositions",
defaults: new { Controller = "EmployeeJobPositions", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "PeriodJobPositions",
routeTemplate: "api/Periods/{PeriodId}/JobPositions/{id}",
defaults: new { Controller = "PeriodJobPositions", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "PeriodJobIndex",
routeTemplate: "api/Periods/{PeriodId}/JobIndices/{id}",
defaults: new { Controller = "PeriodJobIndex", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "PeriodUnitIndex",
routeTemplate: "api/Periods/{PeriodId}/UnitIndices/{id}",
defaults: new { Controller = "PeriodUnitIndex", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "PeriodJobs",
routeTemplate: "api/Periods/{PeriodId}/Jobs/{id}",
defaults: new { Controller = "PeriodJobs", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "JobIndexCustomFields",
routeTemplate: "api/JobIndices/{jobindexid}/CustomFields/{id}",
defaults: new { Controller = "CustomFields", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "JobPositionJobs",
routeTemplate: "api/Periods/{PeriodId}/JobPositions/{JobPositionId}/Jobs",
defaults: new { Controller = "JobPositionJobs", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "JobPositionInquirySubjects",
routeTemplate: "api/Periods/{PeriodId}/JobPositions/{JobPositionId}/InquirySubjects",
defaults: new { Controller = "JobPositionInquirySubjects", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "InquirySubjectInquirers",
routeTemplate: "api/Periods/{PeriodId}/JobPositions/{JobPositionId}/InquirySubjects/{InquirySubjectEmployeeNo}/Inquirers",
defaults: new { Controller = "InquirySubjectInquirers", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "InquirerInquirySubjects",
routeTemplate: "api/Periods/{PeriodId}/Inquirers/{InquirerEmployeeNo}/InquirySubjects",
defaults: new { Controller = "InquirerInquirySubjects", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "InquirerInquiryIndices",
routeTemplate: "api/Periods/{PeriodId}/Inquirers/{InquirerEmployeeNo}/InquiryIndices",
defaults: new { Controller = "InquirerInquiryIndices", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "InquirySubjectJobPositionInquiryJobIndexPoints",
routeTemplate:
"api/Periods/{PeriodId}/Inquirers/{InquirerEmployeeNo}/InquirySubjects/{InquirySubjectEmployeeNo}/JobPositions/{JobPositionId}/InquiryJobIndexPoints",
defaults: new { Controller = "InquirySubjectJobPositionInquiryJobIndexPoints", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "InquiryIndexInquiryJobIndexPoints",
routeTemplate:
"api/Periods/{PeriodId}/Inquirers/{InquirerEmployeeNo}/InquiryIndices/{jobIndexId}/InquiryJobIndexPoints",
defaults: new { Controller = "InquiryIndexInquiryJobIndexPoints", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "PeriodClaims",
routeTemplate: "api/Periods/{PeriodId}/Claims/{id}",
defaults: new { Controller = "PeriodClaims", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "PeriodClaimStates",
routeTemplate: "api/Periods/{PeriodId}/ClaimStates",
defaults: new { Controller = "PeriodClaimStates", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "PeriodClaimTypes",
routeTemplate: "api/Periods/{PeriodId}/ClaimTypes",
defaults: new { Controller = "PeriodClaimTypes", id = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "DefaultApi",
routeTemplate: "api/{controller}/{id}",
defaults: new { id = RouteParameter.Optional });
config.Formatters.Add(new PlainTextFormatter());
config.Filters.Add(new GlobalExceptionFilterAttribute());
config.Formatters.JsonFormatter.SerializerSettings.TypeNameHandling = TypeNameHandling.Auto;
config.Formatters.JsonFormatter.SerializerSettings.TypeNameAssemblyFormat = System.Runtime.Serialization.Formatters.FormatterAssemblyStyle.Simple;
config.Formatters.JsonFormatter.SerializerSettings.ReferenceLoopHandling
= ReferenceLoopHandling.Serialize;
config.Formatters.JsonFormatter.SerializerSettings.PreserveReferencesHandling
= PreserveReferencesHandling.Objects;
config.Services.RemoveAll(typeof(System.Web.Http.Validation.ModelValidatorProvider), v => v is InvalidModelValidatorProvider);
}
private void JwtBearerDefault(AuthenticationOptions obj)
{
throw new NotImplementedException();
}
public static void ConfigureAuthenticationOptions(this AuthenticationOptions authenticationOptions)
{
authenticationOptions.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
authenticationOptions.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}
