// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
Log("Configure");
if (env.EnvironmentName == "Development")
{
app.UseDeveloperExceptionPage();
}
else
{
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseMiddleware(typeof(ErrorHandlingMiddleware));
app.UseRouting();
app.UseCors(MyAllowSpecificOrigins);
//To get actual Client IP even though behind load balancer
app.UseForwardedHeaders(new ForwardedHeadersOptions
{
ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
});
var httpOnlyRaw = _configuration["HttpOnly"];
// UseHttpsRedirection doesn't work well with docker.
if (!String.IsNullOrWhiteSpace(httpOnlyRaw) && httpOnlyRaw.ToLower() == "true")
{
Log("Using HTTP only");
}
else
{
Log("Also using HTTPS. Activating https redirection");
app.UseHttpsRedirection();
}
app.UseAuthentication();
app.UseAuthorization();
SwaggerSetup.Configure(_configuration, app);
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
Log("Configure done");
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
Log("ConfigureServices starting");
AddApplicationInsights(services);
services.AddControllers();
var corsDomainsFromConfig = ConfigUtil.GetCommaSeparatedConfigValueAndThrowIfEmpty(_configuration, ConfigConstants.ALLOW_CORS_DOMAINS);
Log("Startup - ConfigureServices - Cors domains: *");
services.AddCors(options =>
{
options.AddPolicy(MyAllowSpecificOrigins,
builder =>
{
var domainsAsArray = new string[corsDomainsFromConfig.Count];
corsDomainsFromConfig.CopyTo(domainsAsArray);
builder.WithOrigins(domainsAsArray);
builder.AllowAnyHeader().AllowAnyMethod();
});
});
var isIntegrationTest = ConfigUtil.GetBoolConfig(_configuration, ConfigConstants.IS_INTEGRATION_TEST);
Log($"Is Integration test: {isIntegrationTest}");
if (!isIntegrationTest)
{
var enableSensitiveDataLoggingFromConfig = ConfigUtil.GetBoolConfig(_configuration, ConfigConstants.SENSITIVE_DATA_LOGGING);
var readWriteDbConnectionString = _configuration[ConfigConstants.DB_READ_WRITE_CONNECTION_STRING];
DoMigration(enableSensitiveDataLoggingFromConfig);
if (string.IsNullOrWhiteSpace(readWriteDbConnectionString))
{
throw new Exception("Could not obtain database READWRITE connection string. Unable to add DB Context");
}
services.AddDbContext <SepesDbContext>(
options => options.UseSqlServer(
readWriteDbConnectionString,
assembly => assembly.MigrationsAssembly(typeof(SepesDbContext).Assembly.FullName))
.EnableSensitiveDataLogging(enableSensitiveDataLoggingFromConfig)
);
}
var authenticationAdder = services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApi(a => { }, b =>
{
_configuration.Bind("AzureAd", b);
var defaultBackChannel = new HttpClient();
defaultBackChannel.DefaultRequestHeaders.Add("Origin", "sepes");
b.Backchannel = defaultBackChannel;
}).EnableTokenAcquisitionToCallDownstreamApi(e =>
{
}
)
.AddInMemoryTokenCaches();
if (!isIntegrationTest)
{
authenticationAdder
.AddDownstreamWebApi("GraphApi", _configuration.GetSection("GraphApi"))
.AddDownstreamWebApi("WbsSearch", (a) => { a.BaseUrl = _configuration[ConfigConstants.WBS_SEARCH_API_URL]; a.Scopes = _configuration[ConfigConstants.WBS_SEARCH_API_SCOPE]; });
}
services.AddHttpContextAccessor();
services.AddAutoMapper(typeof(AutoMappingConfigs));
RegisterServices(services, isIntegrationTest);
SwaggerSetup.ConfigureServices(_configuration, services);
Log("Configuring services done");
}
