/// <inheritdoc />
public virtual void ConfigureServices(IServiceCollection services)
{
if (Settings == null)
{
var provider = services.BuildServiceProvider();
Settings = provider.GetService <DataXSettings>();
// Let's look for the default settings
if (Settings == null)
{
Settings = provider.GetService <IConfiguration>()?.GetSection(DataXSettingsConstants.ServiceEnvironment).Get <DataXSettings>();
if (Settings != null)
{
services.TryAddSingleton(Settings);
}
}
}
else
{
services.TryAddSingleton(Settings);
}
services
.AddDataXAuthorization(DataXDefaultGatewayPolicy.ConfigurePolicy)
.AddMvc(options => options.EnableEndpointRouting = false).AddNewtonsoftJson();
}
public static void ConfigureServices(IServiceCollection services, DataXSettings settings)
{
services
.AddSingleton <ITelemetryInitializer, OperationParentIdTelemetryInitializer>()
.AddApplicationInsightsTelemetry(new ApplicationInsightsServiceOptions()
{
EnableAdaptiveSampling = false,
EnableDebugLogger = false,
InstrumentationKey = GetInstrumentationKey(settings)
})
.AddSingleton <ITelemetryInitializer, OperationParentIdTelemetryInitializer>()
.AddLogging(logging =>
{
try
{
// In order to log ILogger logs
logging.AddApplicationInsights();
// Optional: Apply filters to configure LogLevel Information or above is sent to
// ApplicationInsights for all categories.
logging.AddFilter <ApplicationInsightsLoggerProvider>("", LogLevel.Information);
// Additional filtering For category starting in "Microsoft",
// only Warning or above will be sent to Application Insights.
logging.AddFilter <ApplicationInsightsLoggerProvider>("Microsoft", LogLevel.Warning);
}
catch (Exception e)
{
ServiceEventSource.Current.Message($"ApplicationInsights Error: {e.Message}");
}
});
}
private static string GetInstrumentationKey(DataXSettings settings)
{
var secretName = settings?.AppInsightsIntrumentationKey;
var vaultName = settings.ServiceKeyVaultName;
return(string.IsNullOrWhiteSpace(secretName) || string.IsNullOrWhiteSpace(vaultName)
? Guid.Empty.ToString()
: KeyVault.KeyVault.GetSecretFromKeyvault(settings.ServiceKeyVaultName, settings.AppInsightsIntrumentationKey));
}
public DataXPolicyBuilder(
AuthorizationOptions options,
DataXSettings settings,
Action <AuthorizationPolicyBuilder> configurePolicy)
{
_options = options;
_settings = settings;
_configurePolicy = configurePolicy;
}
/// <summary>
/// Adds DataX default authentication to the given service collection.
/// </summary>
/// <param name="services">The service collection to add to</param>
/// <param name="configurePolicy">An action to configure supplement policy configuration</param>
/// <returns>The modified service collection</returns>
public static IServiceCollection AddDataXAuthorization(this IServiceCollection services, Action <AuthorizationPolicyBuilder> configurePolicy)
{
var settings = services.BuildServiceProvider().GetService <DataXSettings>();
// EnableOneBox scenario as it requires the least configuration and we can't assume cloud connection settings
if (settings == null)
{
settings = new DataXSettings()
{
EnableOneBox = true,
LocalRoot = "",
MetricsHttpEndpoint = "http://localhost:2020/",
SparkHome = "",
};
}
return(services.AddAuthorization(options =>
{
new DataXPolicyBuilder(options, settings, configurePolicy)
.AddPolicy <DataXWriterRequirement>(DataXAuthConstants.WriterPolicyName)
.AddPolicy <DataXReaderRequirement>(DataXAuthConstants.ReaderPolicyName);
}));
}
/// <inheritdoc />
protected override bool IsAuthorized(AuthorizationHandlerContext context, DataXSettings settings)
{
return(base.IsAuthorized(context, settings) || context.User.IsInRole(RolesCheck.ReaderRoleName));
}
public DataXReaderRequirement(DataXSettings settings)
: base(settings)
{
}
public FlowLiveDataServiceStartup(DataXSettings settings)
: base(settings)
{
}
/// <inheritdoc />
protected override bool IsAuthorized(AuthorizationHandlerContext context, DataXSettings settings)
{
// If OneBox, no auth. If in SF, no auth (handled in Gateway). True in both scenarios, so returning true.
return(true);
}
/// <summary> /// Given the auth context and settings, determines if a request is authorized. /// </summary> /// <param name="context">Provided AuthorizationHandlerContext</param> /// <param name="settings">Provided DataXSettings</param> /// <returns>True if determined to be authorized, else false.</returns> protected abstract bool IsAuthorized(AuthorizationHandlerContext context, DataXSettings settings);
public DataXAuthRequirement(DataXSettings settings)
{
Settings = settings;
}
public DataXWriterRequirement(DataXSettings settings)
: base(settings)
{
}
public FlowInteractiveQueryServiceStartup(DataXSettings settings)
: base(settings)
{
}
public FlowSchemaInferenceServiceStartup(DataXSettings settings)
: base(settings)
{
}
public DataXOneBoxRequirement(DataXSettings settings)
: base(settings)
{
}
public FlowManagementServiceStartup(DataXSettings settings)
: base(settings)
{
}
protected override bool IsAuthorized(AuthorizationHandlerContext context, DataXSettings settings)
{
return(settings.EnableOneBox);
}
public DataXServiceStartup(DataXSettings settings)
{
Settings = settings;
}
