/// <summary>
/// Configure Authentication & Authorization
/// </summary>
/// <param name="services"></param>
/// <param name="configuration"></param>
public static void ConfigureServices(IServiceCollection services, IConfiguration configuration)
{
var url = configuration.GetSection("IdentityServer").GetValue <string>("Url");
services.AddAuthentication(options =>
{
options.DefaultScheme = IdentityServerAuthenticationDefaults.AuthenticationScheme;
options.DefaultAuthenticateScheme = IdentityServerAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = IdentityServerAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignInScheme = IdentityServerAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignOutScheme = IdentityServerAuthenticationDefaults.AuthenticationScheme;
})
.AddIdentityServerAuthentication(options =>
{
options.SupportedTokens = SupportedTokens.Jwt;
options.Authority = $"{url}{AppData.AuthUrl}";
options.EnableCaching = true;
options.RequireHttpsMetadata = false;
});
services.AddIdentityServer(options =>
{
options.Authentication.CookieSlidingExpiration = true;
options.IssuerUri = $"{url}{AppData.AuthUrl}";
options.Events.RaiseErrorEvents = true;
options.Events.RaiseInformationEvents = true;
options.Events.RaiseFailureEvents = true;
options.Events.RaiseSuccessEvents = true;
})
.AddInMemoryPersistedGrants()
.AddDeveloperSigningCredential()
.AddInMemoryIdentityResources(IdentityServerConfig.GetIdentityResources())
.AddInMemoryApiResources(IdentityServerConfig.GetApiResources())
.AddInMemoryClients(IdentityServerConfig.GetClients())
.AddInMemoryApiScopes(IdentityServerConfig.GetAPiScopes())
.AddAspNetIdentity <ApplicationUser>()
.AddJwtBearerClientAuthentication()
.AddProfileService <IdentityProfileService>();
}
/// <summary>
/// Configure services for current microservice
/// </summary>
/// <param name="services"></param>
/// <param name="configuration"></param>
public override void ConfigureServices(IServiceCollection services, IConfiguration configuration)
{
services.Configure <IdentityOptions>(options =>
{
// Password settings.
options.Password.RequireDigit = false;
options.Password.RequireLowercase = false;
options.Password.RequireNonAlphanumeric = false;
options.Password.RequireUppercase = false;
options.Password.RequiredLength = 6;
options.Password.RequiredUniqueChars = 0;
// Lockout settings.
options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(5);
options.Lockout.MaxFailedAccessAttempts = 10;
options.Lockout.AllowedForNewUsers = true;
// User settings.
options.User.AllowedUserNameCharacters = null;
options.User.RequireUniqueEmail = true;
});
services.AddTransient <ApplicationUserStore>();
services.AddScoped <ApplicationClaimsPrincipalFactory>();
services
.AddIdentity <ApplicationUser, ApplicationRole>()
.AddUserStore <ApplicationUserStore>()
.AddEntityFrameworkStores <ApplicationDbContext>()
.AddDefaultTokenProviders();
services.AddRouting(options => options.LowercaseUrls = true);
var url = configuration.GetSection("IdentityServer").GetValue <string>("Url");
services.AddAuthentication()
.AddCookie(CookieAuthenticationDefaults.AuthenticationScheme)
.AddIdentityServerAuthentication(
options =>
{
options.SupportedTokens = SupportedTokens.Jwt;
options.Authority = url;
options.EnableCaching = true;
options.RequireHttpsMetadata = false;
});
services.AddIdentityServer(options =>
{
options.Authentication.CookieSlidingExpiration = true;
options.IssuerUri = url;
options.Events.RaiseErrorEvents = true;
options.Events.RaiseInformationEvents = true;
options.Events.RaiseFailureEvents = true;
options.Events.RaiseSuccessEvents = true;
options.UserInteraction.LoginUrl = "/Authentication/Login";
options.UserInteraction.LogoutUrl = "/Authentication/Logout";
})
.AddCorsPolicyService <CorsPolicyService>()
.AddInMemoryPersistedGrants()
.AddDeveloperSigningCredential()
.AddInMemoryIdentityResources(IdentityServerConfig.GetIdentityResources())
.AddInMemoryApiResources(IdentityServerConfig.GetApiResources())
.AddInMemoryClients(IdentityServerConfig.GetClients())
.AddInMemoryApiScopes(IdentityServerConfig.GetAPiScopes())
.AddAspNetIdentity <ApplicationUser>()
.AddJwtBearerClientAuthentication()
.AddProfileService <IdentityProfileService>();
services.AddSingleton <IAuthorizationPolicyProvider, AuthorizationPolicyProvider>();
services.AddSingleton <IAuthorizationHandler, MicroservicePermissionHandler>();
services.AddAuthorization();
}