public virtual void Configure(IAppBuilder owinApp)
{
if (owinApp == null)
{
throw new ArgumentNullException(nameof(owinApp));
}
AppEnvironment activeAppEnvironment = _appEnvironmentProvider.GetActiveAppEnvironment();
IdentityServerBearerTokenAuthenticationOptions authOptions = new IdentityServerBearerTokenAuthenticationOptions
{
ClientId = activeAppEnvironment.Security.ClientName,
Authority = activeAppEnvironment.Security.SSOServerUrl,
DelayLoadMetadata = true,
RequiredScopes = activeAppEnvironment.Security.Scopes,
ClientSecret = activeAppEnvironment.Security.ClientSecret.Sha512(),
EnableValidationResultCache = true,
ValidationResultCacheDuration = TimeSpan.FromMinutes(15),
// ValidationMode = ValidationMode.ValidationEndpoint,
ValidationMode = ValidationMode.Local,
PreserveAccessToken = true,
SigningCertificate = _certificateProvider.GetSingleSignOnCertificate(),
BackchannelHttpHandler = GetHttpClientHandler(nameof(IdentityServerBearerTokenAuthenticationOptions.BackchannelHttpHandler)),
IntrospectionHttpHandler = GetHttpClientHandler(nameof(IdentityServerBearerTokenAuthenticationOptions.IntrospectionHttpHandler)),
IssuerName = activeAppEnvironment.Security.SSOServerUrl
};
owinApp.UseIdentityServerBearerTokenAuthentication(authOptions);
}
public virtual void Configure(IAppBuilder owinApp)
{
if (owinApp == null)
{
throw new ArgumentNullException(nameof(owinApp));
}
owinApp.Map("/core", coreApp =>
{
LogProvider.SetCurrentLogProvider(_dependencyManager.Resolve <ILogProvider>());
AppEnvironment activeAppEnvironment = _appEnvironmentProvider.GetActiveAppEnvironment();
IdentityServerServiceFactory factory = new IdentityServerServiceFactory()
.UseInMemoryClients(_dependencyManager.Resolve <IClientProvider>().GetClients().ToArray())
.UseInMemoryScopes(_scopesProvider.GetScopes());
factory.UserService =
new Registration <IUserService>(_dependencyManager.Resolve <IUserService>());
factory.ViewService = new Registration <IViewService>(_dependencyManager.Resolve <IViewService>());
bool requireSslConfigValue = activeAppEnvironment.GetConfig("RequireSsl", defaultValueOnNotFound: false);
string identityServerSiteName = activeAppEnvironment.GetConfig("IdentityServerSiteName", "Identity Server");
IdentityServerOptions identityServerOptions = new IdentityServerOptions
{
SiteName = identityServerSiteName,
SigningCertificate = _certificateProvider.GetSingleSignOnCertificate(),
Factory = factory,
RequireSsl = requireSslConfigValue,
EnableWelcomePage = activeAppEnvironment.DebugMode == true,
CspOptions = new CspOptions
{
// Content security policy
Enabled = false
},
Endpoints = new EndpointOptions
{
EnableAccessTokenValidationEndpoint = true,
EnableAuthorizeEndpoint = true,
EnableCheckSessionEndpoint = true,
EnableClientPermissionsEndpoint = true,
EnableCspReportEndpoint = true,
EnableDiscoveryEndpoint = true,
EnableEndSessionEndpoint = true,
EnableIdentityTokenValidationEndpoint = true,
EnableIntrospectionEndpoint = true,
EnableTokenEndpoint = true,
EnableTokenRevocationEndpoint = true,
EnableUserInfoEndpoint = true
}
};
coreApp.UseIdentityServer(identityServerOptions);
});
}
public virtual IdentityServerBearerTokenAuthenticationOptions BuildIdentityServerBearerTokenAuthenticationOptions()
{
AppEnvironment activeAppEnvironment = _appEnvironmentProvider.GetActiveAppEnvironment();
IdentityServerBearerTokenAuthenticationOptions authOptions = new IdentityServerBearerTokenAuthenticationOptions
{
ClientId = activeAppEnvironment.Security.ClientId,
Authority = activeAppEnvironment.GetSsoUrl(),
DelayLoadMetadata = true,
RequiredScopes = activeAppEnvironment.Security.Scopes,
ClientSecret = activeAppEnvironment.Security.ClientSecret,
EnableValidationResultCache = true,
ValidationResultCacheDuration = TimeSpan.FromMinutes(15),
// ValidationMode = ValidationMode.ValidationEndpoint,
ValidationMode = ValidationMode.Local,
PreserveAccessToken = true,
SigningCertificate = _certificateProvider.GetSingleSignOnCertificate(),
BackchannelHttpHandler = GetHttpClientHandler(nameof(IdentityServerBearerTokenAuthenticationOptions.BackchannelHttpHandler)),
IntrospectionHttpHandler = GetHttpClientHandler(nameof(IdentityServerBearerTokenAuthenticationOptions.IntrospectionHttpHandler)),
IssuerName = activeAppEnvironment.GetSsoIssuerName()
};
return(authOptions);
}
