// This method gets called by the runtime. Use this method to inject services to the container
public void ConfigureServices(IServiceCollection services)
{
if (_env.IsProduction())
{
var secretsMgr = new SecretsManager();
string dbConnectionString = secretsMgr.GetDbConnectionString();
services.AddDbContext <MSAContext>(options =>
options.UseSqlServer(dbConnectionString));
// Get salt and bind to option model
services.PostConfigure <Salt>(options =>
{
options.salt = secretsMgr.GetSecret("astronautsloth/salt");
});
// Get JWT secret and bind to option model
dynamic token = JsonConvert.DeserializeObject(secretsMgr.GetSecret("astronautsloth/jwt"));
string tokenSecret = token.secret;
string tokenIssuer = token.issuer;
string tokenAudience = token.audience;
services.PostConfigure <TokenManagement>(options =>
{
options.Secret = tokenSecret;
options.Issuer = tokenIssuer;
options.Audience = tokenAudience;
});
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(options =>
{
options.Events = new JwtBearerEvents
{
OnMessageReceived = context =>
{
context.Token = context.Request.Cookies["auth-token"];
return(Task.CompletedTask);
},
};
options.RequireHttpsMetadata = false;
options.SaveToken = true;
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(tokenSecret)),
ValidIssuer = tokenIssuer,
ValidAudience = tokenAudience,
ValidateIssuer = false,
ValidateAudience = false
};
});
}
else
{
services.AddDbContext <MSAContext>(options =>
options.UseSqlServer(Configuration["MultiSpaApp:ConnectionString"]));
services.AddDatabaseDeveloperPageExceptionFilter();
services.Configure <Salt>(Configuration.GetSection("salt"));
services.Configure <TokenManagement>(Configuration.GetSection("tokenManagement"));
var token = Configuration.GetSection("tokenManagement").Get <TokenManagement>();
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(options =>
{
options.Events = new JwtBearerEvents
{
OnMessageReceived = context =>
{
context.Token = context.Request.Cookies["auth-token"];
return(Task.CompletedTask);
},
};
options.RequireHttpsMetadata = false;
options.SaveToken = true;
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(token.Secret)),
ValidIssuer = token.Issuer,
ValidAudience = token.Audience,
ValidateIssuer = false,
ValidateAudience = false
};
});
}
services.AddSignalR();
// CSRF token service
services.AddAntiforgery(options =>
{
options.HeaderName = "csrf-token";
});
services.AddScoped <ApiAntiforgeryTokenAuthorizationFilter>(); // Custom CSRF token validation attribute - Antiforgery not supported for APIs with no views
services.AddScoped <ITokenAuthService, TokenAuthService>();
services.AddScoped <IUserRepository, UserRepository>(); // Test UserRepository with fake dependencies
services.AddScoped <IFriendshipRepository, FriendshipRepository>();
services.AddScoped <IUserManager, UserManager>();
services.AddScoped <IFriendshipManager, FriendshipManager>();
services.AddScoped <IMessageRepository, MessageRepository>();
services.AddScoped <IConversationRepository, ConversationRepository>();
services.AddScoped <IConversationManager, ConversationManager>();
services.AddScoped <ICommentRepository, CommentRepository>();
services.AddScoped <SecretsManager>();
services.AddTransient <StupidLoader>();
services.AddSingleton <IUserIdProvider, EmailBasedUserIdProvider>();
services.AddControllers();
services.AddHttpContextAccessor();
}
