public static void AssemblyInitialize(TestContext context) { IdentitySchemaMapper.MapSchema(MappingSchema.Default); DbConfigurationExtensions.SetLinq2DbTestSettings(); }
public void ConfigureServices(IConfiguration configuration, IServiceCollection services) { services.AddTransient <IStartupTask, RegisterPermissionsStartupTask>(); services.AddSingleton <IContentProvider, ContentProvider>(); services.AddTransient <IPermissionProvider, PermissionProvider>(); services.AddTransient <IEmailConfirmationService, EmailConfirmationService>(); services.AddTransient <ISignInManager, DefaultSignInManager>(); services.AddTransient <IOidcServer, OpenIddictServer>(); services.AddNamedTransient <IClassifierRepository, DbRoleRepository>(ClassifierTypeCode.Role); services.AddNamedTransient <IClassifierRepository, DbUserRepository>(ClassifierTypeCode.User); services.AddScoped <IAuthorizationHandler, UserPermissionAuthorizationHandler>(); services.AddScoped <IAuthorizationHandler, SuperUserAuthorizationHandler>(); services .AddAuthentication() .AddCookie(); // todo: move from impl to idx? services.Configure <IdentityOptions>(options => { // todo: move to settings options.SignIn.RequireConfirmedAccount = false; options.SignIn.RequireConfirmedEmail = false; options.SignIn.RequireConfirmedPhoneNumber = false; options.User.RequireUniqueEmail = true; options.Password.RequireDigit = true; options.Password.RequireLowercase = true; options.Password.RequireNonAlphanumeric = true; options.Password.RequireUppercase = true; options.Password.RequiredLength = 6; options.Password.RequiredUniqueChars = 1; options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(5); options.Lockout.MaxFailedAccessAttempts = 5; options.Lockout.AllowedForNewUsers = true; options.ClaimsIdentity.UserNameClaimType = Claims.Name; options.ClaimsIdentity.UserIdClaimType = Claims.Subject; options.ClaimsIdentity.RoleClaimType = Claims.Role; options.ClaimsIdentity.EmailClaimType = Claims.Email; }); services.AddDbContext <ApplicationDbContext>(options => { // todo: remove hardcoded connection name options.UseNpgsql(configuration.GetConnectionString("Default")); options.UseOpenIddict(); }); IdentitySchemaMapper.MapSchema(MappingSchema.Default); services .AddIdentity <DbUser, DbRole>() .AddErrorDescriber <LocalizedIdentityErrorDescriber>() .AddLinqToDBStores(new DbConnectionFactory(), // todo: why connection factory instance here? typeof(Guid), typeof(LinqToDB.Identity.IdentityUserClaim <Guid>), typeof(LinqToDB.Identity.IdentityUserRole <Guid>), typeof(LinqToDB.Identity.IdentityUserLogin <Guid>), typeof(LinqToDB.Identity.IdentityUserToken <Guid>), typeof(LinqToDB.Identity.IdentityRoleClaim <Guid>)) .AddDefaultTokenProviders(); // ConfigureApplicationCookie should be after AddIdentity // https://github.com/dotnet/aspnetcore/issues/5828 services.ConfigureApplicationCookie(options => { options.LoginPath = ClientRoutes.Login; options.LogoutPath = ClientRoutes.Logout; // options.AccessDeniedPath = "/account/access-denied"; /*options.Events = new CookieAuthenticationEvents * { * OnRedirectToLogin = (ctx) => * { * if (ctx.Request.Path.StartsWithSegments("/api") && ctx.Response.StatusCode == 200) * { * ctx.Response.StatusCode = 401; * } * * return Task.CompletedTask; * }, * OnRedirectToAccessDenied = (ctx) => * { * if (ctx.Request.Path.StartsWithSegments("/api") && ctx.Response.StatusCode == 200) * { * ctx.Response.StatusCode = 403; * } * * return Task.CompletedTask; * } * };*/ }); services.AddOpenIddict() .AddCore(options => { options.UseEntityFrameworkCore() .UseDbContext <ApplicationDbContext>(); }) // Register the OpenIddict server components. .AddServer(options => { // Enable the authorization, logout, token and userinfo endpoints. options .SetAuthorizationEndpointUris("/connect/authorize") .SetLogoutEndpointUris("/connect/logout") .SetTokenEndpointUris("/connect/token") .SetUserinfoEndpointUris("/connect/userinfo"); // Mark the "email", "profile" and "roles" scopes as supported scopes. options.RegisterScopes(Scopes.Email, Scopes.Profile, Scopes.Roles); options .AllowAuthorizationCodeFlow() .AllowRefreshTokenFlow() .AllowClientCredentialsFlow() .AllowImplicitFlow(); // Register the signing and encryption credentials. options.AddDevelopmentEncryptionCertificate() .AddDevelopmentSigningCertificate(); // Register the ASP.NET Core host and configure the ASP.NET Core-specific options. options.UseAspNetCore() .EnableAuthorizationEndpointPassthrough() .EnableTokenEndpointPassthrough() .EnableLogoutEndpointPassthrough() // .EnableUserinfoEndpointPassthrough() .EnableStatusCodePagesIntegration(); }) // Register the OpenIddict validation components. .AddValidation(options => { // Import the configuration from the local OpenIddict server instance. options.UseLocalServer(); // Register the ASP.NET Core host. options.UseAspNetCore(); }); services.AddAuthorization(); // Register the worker responsible of seeding the database with the sample clients. // Note: in a real world application, this step should be part of a setup script. services.AddHostedService <Worker>(); }