private void SeedData()
{
if (!_configurationDbContext.Clients.Any())
{
foreach (var client in Clients.Get())
{
_configurationDbContext.Clients.Add(client.ToEntity());
}
_configurationDbContext.SaveChanges();
}
if (!_configurationDbContext.IdentityResources.Any())
{
foreach (var resource in IdentityResources.Get())
{
_configurationDbContext.IdentityResources.Add(resource.ToEntity());
}
_configurationDbContext.SaveChanges();
}
if (!_configurationDbContext.ApiResources.Any())
{
foreach (var resource in ApiResources.Get())
{
_configurationDbContext.ApiResources.Add(resource.ToEntity());
}
_configurationDbContext.SaveChanges();
}
}
private void ConfigureAuthentication(IServiceCollection services)
{
services
.AddIdentity <EmpGridUser, EmpGridRole>()
.AddUserStore <EmpGridUserStore>()
.AddRoleStore <EmpGridRoleStore>()
.AddDefaultTokenProviders();
services.Configure <IdentityOptions>(options =>
{
options.Password.RequireDigit = false;
options.Password.RequiredLength = 12;
options.Password.RequireLowercase = false;
options.Password.RequireUppercase = false;
options.Password.RequireDigit = false;
options.Password.RequireNonAlphanumeric = false;
});
var identityServerBuilder = services
.AddIdentityServer()
.AddInMemoryClients(Clients.Get())
.AddInMemoryApiResources(ApiResources.Get())
.AddInMemoryIdentityResources(IdentityResources.Get())
.AddAspNetIdentity <EmpGridUser>();
if (Environment.IsDevelopment())
{
identityServerBuilder.AddDeveloperSigningCredential();
}
else
{
throw new NotImplementedException("Cannot configure services for prod environments yet: need to configure IdentityServer4 signing setup");
}
services
.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = "Bearer";
// This is required to prevent redirection to /account/login when
// a token is not correct. Since we use the legacy Resource Owner
// Password flow, we don't use that. The result of this line is
// a 403 instead of a 404.
options.DefaultChallengeScheme = "Bearer";
})
.AddIdentityServerAuthentication(options =>
{
// TODO: Grab from settings:
options.Authority = "http://localhost:65203";
options.ApiName = ApiResources.ApiResourceName;
// Only for development:
options.RequireHttpsMetadata = !Environment.IsDevelopment();
});
}
