public static void AddTravelyIdentityService(this IServiceCollection services, IWebHostEnvironment env)
{
services
.AddScoped <IResourceOwnerPasswordValidator, ResourceOwnerPasswordValidator>()
.AddScoped <IProfileService, ProfileService>();
//.AddScoped<IExtensionGrantValidator, DelegationGrantValidator>();
services.AddTransient <IPasswordHasher <User>, PasswordHasher <User> >();
services
.AddIdentityServer()
.AddDeveloperSigningCredential()
//.AddSigningCredential()
.AddCorsPolicyService <CorsPolicyService>()
.AddPersistedGrantStore <PersistedGrantStore>()
.AddInMemoryApiResources(AuthConfigs.GetApiResources())
.AddInMemoryClients(AuthConfigs.GetClients(env))
.AddInMemoryApiScopes(AuthConfigs.GetScopes());
services.AddAuthorization(options =>
{
options.AddPolicy("admin", policy => policy.RequireClaim("Admin"));
})
.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddLocalApi(JwtBearerDefaults.AuthenticationScheme, options =>
{
options.ExpectedScope = null;
});
services.AddScoped <IEmailTokenService, EmailTokenService>();
}
public static void AddTravelyIdentityService(this IServiceCollection services)
{
services.AddScoped <IResourceOwnerPasswordValidator, ResourceOwnerPasswordValidator>()
.AddScoped <IProfileService, ProfileService>();
//.AddScoped<IExtensionGrantValidator, DelegationGrantValidator>();
services.AddTransient <IPasswordHasher <User>, PasswordHasher <User> >();
services.AddIdentityServer()
.AddDeveloperSigningCredential()
//.AddSigningCredential()
.AddPersistedGrantStore <PersistedGrantStore>()
.AddInMemoryApiResources(AuthConfigs.GetApiResources())
.AddInMemoryClients(AuthConfigs.GetClients())
.AddInMemoryApiScopes(AuthConfigs.GetScopes())
;
}
public override object OnGet(Auth request)
{
if (ValidateFn != null)
{
var response = ValidateFn(this, HttpMethods.Get, request);
if (response != null)
{
return(response);
}
}
AssertAuthProviders();
if (request.provider == LogoutAction)
{
this.RemoveSession();
return(new AuthResponse());
}
var provider = request.provider ?? AuthConfigs[0].Provider;
if (provider == BasicProvider || provider == CredentialsProvider)
{
return(CredentialsAuth(request));
}
var oAuthConfig = AuthConfigs.FirstOrDefault(x => x.Provider == provider);
if (oAuthConfig == null)
{
throw HttpError.NotFound("No configuration was added for OAuth provider '{0}'".Fmt(provider));
}
var session = this.GetSession();
if (oAuthConfig.CallbackUrl.IsNullOrEmpty())
{
oAuthConfig.CallbackUrl = base.RequestContext.AbsoluteUri;
}
if (session.ReferrerUrl.IsNullOrEmpty())
{
session.ReferrerUrl = base.RequestContext.GetHeader("Referer") ?? oAuthConfig.CallbackUrl;
}
var oAuth = new OAuthAuthorizer(oAuthConfig);
if (!session.IsAuthorized(provider))
{
var tokens = session.ProviderOAuthAccess.FirstOrDefault(x => x.Provider == provider);
if (tokens == null)
{
session.ProviderOAuthAccess.Add(tokens = new OAuthTokens {
Provider = provider
});
}
return(oAuthConfig.Authenticate(this, request, session, tokens, oAuth));
}
//Already Authenticated
return(this.Redirect(session.ReferrerUrl.AddHashParam("s", "0")));
}
