public static void AddIdentityServerConfig(this IServiceCollection services, AuthSettings authSettings)
        {
            services.AddIdentityServer(options =>
            {
                options.Events.RaiseErrorEvents = true;
                // options.Events.RaiseFailureEvents = true;
                options.Events.RaiseInformationEvents = true;
                options.Events.RaiseSuccessEvents     = true;
                options.UserInteraction.LoginUrl      = $"{authSettings.Authority}/auth/login";
                options.UserInteraction.LogoutUrl     = $"{authSettings.Authority}/auth/logout";
                options.IssuerUri = authSettings.Authority;
            })
            .AddDeveloperSigningCredential()
            .AddJwtBearerClientAuthentication()
            .AddInMemoryIdentityResources(IdentityServerConfig.GetIdentityResources())
            .AddInMemoryApiResources(IdentityServerConfig.GetApiResources())
            .AddInMemoryApiScopes(IdentityServerConfig.GetScopes())
            .AddInMemoryClients(authSettings.Clients)
            .AddAspNetIdentity <User>();

            services.AddAuthentication()
            .AddIdentityServerAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme,
                                             options =>
            {
                options.Authority            = authSettings.Authority;
                options.SaveToken            = true;
                options.RequireHttpsMetadata = false;

                if (!authSettings.MetadataAddress.IsEmpty())
                {
                    options.MetadataAddress = authSettings.MetadataAddress;
                }

                options.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidateAudience         = false,
                    ValidateIssuerSigningKey = false,
                    ValidateIssuer           = false,
                    NameClaimType            = "name",
                    RoleClaimType            = "role"
                };
            },
                                             null)
            .AddGoogle(options =>
            {
                options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;

                options.ClientId     = authSettings.GoogleSettings.ClientId;
                options.ClientSecret = authSettings.GoogleSettings.ClientSecret;
            });

            services.AddAuthorization();
        }
Пример #2
0
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddCors(options =>
            {
                options.AddPolicy(DefaultCorsPolicy, builder =>
                {
                    builder.AllowAnyMethod()
                    .AllowAnyHeader()
                    .AllowCredentials()
                    .SetIsOriginAllowed(host => true);
                });
            });

            Assembly assembly = typeof(Api.Reference).Assembly;

            services.AddControllers()
            .AddApplicationPart(assembly)
            .AddJsonOptions(options =>
            {
                options.JsonSerializerOptions.IgnoreNullValues     = true;
                options.JsonSerializerOptions.PropertyNamingPolicy = JsonNamingPolicy.CamelCase;
            });
            services.AddSignalR().AddHubOptions <AssetsHub>(options => { options.EnableDetailedErrors = true; });


            services.AddHttpContextAccessor();

            services.AddIdentityServer()
            .AddInMemoryClients(IdentityServerConfig.GetClients())
            .AddInMemoryIdentityResources(IdentityServerConfig.GetIdentityResources())
            .AddInMemoryApiScopes(IdentityServerConfig.GetScopes());
            services.AddLocalApiAuthentication();

            // In production, the React files will be served from this directory
            services.AddSpaStaticFiles(configuration => { configuration.RootPath = "ClientApp/build"; });

            services.AddLetsEncrypt();
        }