public static void Performseed(ConfigurationDbContext context) { if (!context.Clients.Any()) { foreach (var client in IdentityServerConfiguration.GetClients()) { context.Clients.Add(client.ToEntity()); } context.SaveChanges(); } if (!context.IdentityResources.Any()) { foreach (var resource in IdentityServerConfiguration.GetIdentityResources()) { context.IdentityResources.Add(resource.ToEntity()); } context.SaveChanges(); } if (!context.ApiResources.Any()) { foreach (var api in IdentityServerConfiguration.GetApiResources()) { context.ApiResources.Add(api.ToEntity()); } context.SaveChanges(); } }
public IActionResult GetClientRequestParameters([FromRoute] string clientId) { var parameters = new Dictionary <string, string>(); var client = IdentityServerConfiguration.Clients(Configuration).Single(c => c.ClientId == clientId); if (client == null) { return(NotFound("No client was found with client ID.")); } string responseType = GetResponseType(client.AllowedGrantTypes); if (responseType == null) { responseType = ""; } parameters.Add("authority", HttpContext.GetIdentityServerIssuerUri()); parameters.Add("client_id", clientId); parameters.Add("redirect_uri", client.RedirectUris.First()); parameters.Add("post_logout_redirect_uri", client.PostLogoutRedirectUris.First()); parameters.Add("response_type", responseType); parameters.Add("scope", string.Join(" ", client.AllowedScopes)); return(Ok(parameters)); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { var connectionString = Configuration.GetConnectionString("DefaultConnection"); services.AddGrpc(); services.AddControllers(); services.AddRazorPages(); services.AddSwagger(); services.AddMonitoring(builder => builder.AddNpgSql(connectionString)); services.AddDbContext(connectionString); services.AddDefaultIdentity <User>() .AddRoles <Role>() .AddEntityFrameworkStores <ApplicationDbContext>() .AddDefaultTokenProviders(); services.AddLocalApiAuthentication(); services.AddIdentityServer(options => { options.Events.RaiseErrorEvents = true; options.Events.RaiseInformationEvents = true; options.Events.RaiseFailureEvents = true; options.Events.RaiseSuccessEvents = true; options.UserInteraction.ErrorUrl = "/Error"; }) .AddInMemoryIdentityResources(IdentityServerConfiguration.IdentityResources) .AddInMemoryApiResources(IdentityServerConfiguration.ApiResources) .AddInMemoryApiScopes(IdentityServerConfiguration.ApiScopes) .AddInMemoryClients(IdentityServerConfiguration.Clients(Configuration)) .AddAspNetIdentity <User>() .AddDeveloperSigningCredential(); // not recommended for production - you need to store your key material somewhere secure }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddMvc(); services.AddCors(); services.AddMvcCore() .AddAuthorization() .AddJsonFormatters(); OidcConfiguration oidcConfiguration = IdentityServerConfiguration.GetOidcConfiguration(); services.AddAuthentication(Constant.AuthenticationHeaderPrefix) .AddIdentityServerAuthentication(opt => { opt.Authority = "http://localhost:5000"; opt.RequireHttpsMetadata = false; opt.RoleClaimType = "role"; opt.ApiName = "breadshop"; }); DbContextOptions <BreadShopDatabaseContext> options = new DbContextOptionsBuilder <BreadShopDatabaseContext>() .UseInMemoryDatabase(databaseName: "BreadShopDatabase") .Options; services.AddSingleton(options).AddScoped <BreadShopDatabaseContext>(); services.AddScoped <IProductRepository, ProductRepository>(); services.AddScoped <IProductApplicationService, ProductApplicationService>(); services.AddScoped <IStockRepository, StockRepository>(); services.AddScoped <IStockApplicationService, StockApplicationService>(); }
private static void InitializeIdentityServer(IServiceProvider provider) { var context = provider.GetRequiredService <ConfigurationDbContext>(); if (!context.Clients.Any()) { foreach (var client in IdentityServerConfiguration.GetClients()) { context.Clients.Add(client.ToEntity()); } context.SaveChanges(); } if (!context.IdentityResources.Any()) { foreach (var resource in IdentityServerConfiguration.GetIdentityResources()) { context.IdentityResources.Add(resource.ToEntity()); } context.SaveChanges(); } if (!context.ApiResources.Any()) { foreach (var resource in IdentityServerConfiguration.GetApis()) { context.ApiResources.Add(resource.ToEntity()); } context.SaveChanges(); } }
public AccountController(AccountOrchestrator accountOrchestrator, IOwinWrapper owinWrapper, IdentityServerConfiguration identityServerConfiguration, ILogger logger) { _accountOrchestrator = accountOrchestrator; _owinWrapper = owinWrapper; _identityServerConfiguration = identityServerConfiguration; _logger = logger; }
// This method gets called by the runtime. Use this method to add services to the container. public IServiceProvider ConfigureServices(IServiceCollection services) { services.AddCors(); var cors = new DefaultCorsPolicyService(new Logger <DefaultCorsPolicyService>(new LoggerFactory())) { AllowAll = true }; services.AddSingleton <ICorsPolicyService>(cors); var connectionString = Configuration["ConnectionStrings:DBConnection"]; //Begin Identity Configuration services.AddDbContext <ApplicationDbContext>(options => options.UseSqlServer(connectionString)); services.AddIdentity <ApplicationUser, IdentityRole>() .AddEntityFrameworkStores <ApplicationDbContext>() .AddDefaultTokenProviders(); services.AddMvc(); services.AddIdentityServer() .AddDeveloperSigningCredential() .AddInMemoryApiResources(IdentityServerConfiguration.ApiResources()) .AddInMemoryClients(IdentityServerConfiguration.Clients()) .AddInMemoryIdentityResources(IdentityServerConfiguration.IdentityResources()) .AddTestUsers(TestUsers.GetUsers()); //End Identity Configuration var container = new WindsorContainer(); Bootstrapper.WireUp(container); UserManagementBootstrapper.Wireup(container, connectionString); var service = new WindsorServiceResolver(services, container).GetServiceProvider(); return(service); }
private static void EnsureSeedData(ConfigurationDbContext context) { if (!context.Clients.Any()) { foreach (var client in IdentityServerConfiguration.GetClientScope().ToList()) { context.Clients.Add(client.ToEntity()); } context.SaveChanges(); } if (!context.IdentityResources.Any()) { foreach (var resource in IdentityServerConfiguration.GetIdentityResources().ToList()) { context.IdentityResources.Add(resource.ToEntity()); } context.SaveChanges(); } if (!context.ApiResources.Any()) { foreach (var resource in IdentityServerConfiguration.GetApiResources().ToList()) { context.ApiResources.Add(resource.ToEntity()); } context.SaveChanges(); } }
public async Task <IActionResult> Seed() { _logger.LogInformation("Start seeding database"); if (_configurationDbContext.Clients.Any()) { return(Ok()); } var clients = IdentityServerConfiguration.Clients(_configuration); var identityResource = IdentityServerConfiguration.IdentityResources; var apiResources = IdentityServerConfiguration.ApiResources; await _configurationDbContext.Clients.AddRangeAsync(clients.Select(s => s.ToEntity())); await _configurationDbContext.IdentityResources.AddRangeAsync(identityResource.Select(s => s.ToEntity())); await _configurationDbContext.ApiResources.AddRangeAsync(apiResources.Select(s => s.ToEntity())); await _configurationDbContext.SaveChangesAsync(); _logger.LogInformation("Seeding database successful"); return(Ok()); }
public override void Arrange() { base.Arrange(); AddUserToContext("USER_ID", LoggedInEmail); _accountOrchestrator = new Mock <AccountOrchestrator>(); _owinWrapper = new Mock <IOwinWrapper>(); var identityServerConfiguration = new IdentityServerConfiguration { EmployerPortalUrl = EmployerPortalUrl }; _configurationService = new Mock <IConfigurationService>(); _configurationService.Setup(s => s.GetAsync <EmployerUsersConfiguration>()).Returns(Task.FromResult( new EmployerUsersConfiguration { Account = new AccountConfiguration { UnlockCodeLength = UnlockCodeLength } })); _accountController = new AccountController(_accountOrchestrator.Object, _owinWrapper.Object, identityServerConfiguration, _logger.Object); _accountOrchestrator.Setup(x => x.UnlockUser(It.IsAny <UnlockUserViewModel>())).ReturnsAsync(new OrchestratorResponse <UnlockUserViewModel>() { Data = new UnlockUserViewModel { ErrorDictionary = new Dictionary <string, string>() } }); _accountOrchestrator.Setup(x => x.GetUnlockCodeLength()).ReturnsAsync(UnlockCodeLength); _accountController.ControllerContext = _controllerContext.Object; }
internal static IEnumerable <Client> GetClients(IdentityServerConfiguration identityServerConfig, IList <string> microservices) { microservices.Add(IdentityServerConstants.StandardScopes.OpenId); microservices.Add(IdentityServerConstants.StandardScopes.Profile); microservices.Add(IdentityServerConstants.StandardScopes.OfflineAccess); return(new List <Client>() { new Client { ClientName = "Microservices", ClientId = identityServerConfig.ClientId, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowedScopes = microservices, ClientSecrets = { new Secret(identityServerConfig.ClientSecret.Sha256()) }, AllowOfflineAccess = true, AccessTokenType = AccessTokenType.Jwt, AccessTokenLifetime = 900, //Seconds RequireConsent = false } }); }
public void Initialize() { if (!_configDbContext.Clients.Any()) { foreach (var client in IdentityServerConfiguration.GetClients().ToList()) { _configDbContext.Clients.Add(client.ToEntity()); } _configDbContext.SaveChanges(); } if (!_configDbContext.IdentityResources.Any()) { foreach (var resource in IdentityServerConfiguration.GetIdentityResources().ToList()) { _configDbContext.IdentityResources.Add(resource.ToEntity()); } _configDbContext.SaveChanges(); } if (!_configDbContext.ApiResources.Any()) { foreach (var resource in IdentityServerConfiguration.GetApiResources().ToList()) { _configDbContext.ApiResources.Add(resource.ToEntity()); } _configDbContext.SaveChanges(); } }
private List <Client> GetClients(IdentityServerConfiguration configuration, IRelyingPartyRepository relyingPartyRepository) { var self = new Client { ClientName = "Das Id Manager", ClientId = "idp", Flow = Flows.Implicit, RequireConsent = false, RedirectUris = new List <string> { configuration.ApplicationBaseUrl }, PostLogoutRedirectUris = new List <string> { configuration.ApplicationBaseUrl }, AllowedScopes = new List <string> { "openid", "profile" } }; var clients = new List <Client> { self }; var relyingParties = relyingPartyRepository.GetAllAsync().Result; PopulateRelyingPartyModel(relyingParties); clients.AddRange(relyingParties.Select(rp => new Client { ClientName = rp.Name, ClientId = rp.Id, Flow = (Flows)rp.Flow, ClientSecrets = new List <Secret> { new Secret(rp.ClientSecret) }, RequireConsent = false, RedirectUris = new List <string> { rp.ApplicationUrl }, PostLogoutRedirectUris = new List <string> { rp.LogoutUrl }, AllowedScopes = new List <string> { "openid", "profile" } })); return(clients); }
private void ConfigureIdentityServer(IAppBuilder app, IdentityServerConfiguration configuration, IRelyingPartyRepository relyingPartyRepository) { _logger.Debug("Setting up IdentityServer"); AntiForgeryConfig.UniqueClaimTypeIdentifier = DasClaimTypes.Id; app.Map("/identity", idsrvApp => { var factory = new IdentityServerServiceFactory() .UseDasUserService() .UseInMemoryClients(GetClients(configuration, relyingPartyRepository)) .UseInMemoryScopes(GetScopes()) .RegisterDasServices(StructuremapMvc.Container); factory.RedirectUriValidator = new Registration <IRedirectUriValidator>((dr) => new StartsWithRedirectUriValidator()); factory.ConfigureDefaultViewService <CustomIdsViewService>(new DefaultViewServiceOptions()); if (!ConfigurationManager.AppSettings["EnvironmentName"].Equals("LOCAL", StringComparison.CurrentCultureIgnoreCase)) { factory.AuthorizationCodeStore = new Registration <IAuthorizationCodeStore>(typeof(RedisAuthorizationCodeStore)); } idsrvApp.UseIdentityServer(new IdentityServerOptions { SiteName = "Digital Apprenticeship Service", CspOptions = new CspOptions() { FontSrc = "* data:", ImgSrc = "* data:", FrameSrc = "* data:", Enabled = false }, SigningCertificate = LoadCertificate(), Endpoints = new EndpointOptions { EnableCheckSessionEndpoint = false, }, Factory = factory, AuthenticationOptions = new AuthenticationOptions { EnablePostSignOutAutoRedirect = false, EnableAutoCallbackForFederatedSignout = true, EnableSignOutPrompt = false, CookieOptions = new CookieOptions { AllowRememberMe = false, ExpireTimeSpan = new TimeSpan(0, 10, 0), IsPersistent = false, SecureMode = CookieSecureMode.Always, SlidingExpiration = true }, PostSignOutAutoRedirectDelay = 0, SignInMessageThreshold = 1 } }); }); }
public static IServiceCollection AddCrazyPriceIdentityServer(this IServiceCollection services, IConfiguration configuration) { services.AddTransient <IUserRepository, UserRepository>(); services.AddTransient <IUserService, UserService>(); services.AddTransient <ICryptographicService, CryptographicService>(); services.AddScoped <IProfileService, IdentityProfileService>(); var config = new IdentityServerConfiguration(configuration); services.AddCors(options => { options.AddPolicy(config.PolicyName, policyBuilder => { policyBuilder .AllowCredentials() .WithOrigins(config.Origins) .SetIsOriginAllowedToAllowWildcardSubdomains() .AllowAnyHeader() .AllowAnyMethod(); }); }); var builder = services.AddIdentityServer(options => { // see https://identityserver4.readthedocs.io/en/latest/topics/resources.html options.EmitStaticAudienceClaim = true; options.IssuerUri = config.IssuerUrl; }) .AddInMemoryIdentityResources(config.IdentityResources) .AddInMemoryApiResources(config.ApiResources) .AddInMemoryApiScopes(config.ApiScopes) .AddInMemoryClients(config.Clients); services.AddAuthentication() .AddGoogle("Google", options => { options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;; options.ClientId = config.GoogleClientId; options.ClientSecret = config.GoogleClientSecret; }) .AddFacebook("Facebook", options => { options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;; options.ClientId = config.FacebookClientId; options.ClientSecret = config.FacebookClientSecret; }); builder .AddSigningCredential(new X509Certificate2(Path.Combine(AppDomain.CurrentDomain.BaseDirectory, config.CertificateName), config.CertificatePassword)); return(services); }
public void ConfigureServices(IServiceCollection services) { services.AddMvc(); services.AddIdentityServer() .AddDeveloperSigningCredential() .AddInMemoryClients(IdentityServerConfiguration.GetClientScope()) .AddInMemoryApiResources(IdentityServerConfiguration.GetApiResources()) .AddInMemoryIdentityResources(IdentityServerConfiguration.GetIdentityResources()) .AddTestUsers(IdentityServerConfiguration.GetUsers().ToList()); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1); services.AddIdentityServer() .AddInMemoryIdentityResources(IdentityServerConfiguration.GetIdentityResources()) .AddInMemoryApiResources(IdentityServerConfiguration.GetApis()) .AddInMemoryClients(IdentityServerConfiguration.GetClients()) .AddTestUsers(IdentityServerConfiguration.GetUsers()) .AddDeveloperSigningCredential(); }
private static async Task <(bool, string)> RefreshToken(HttpContext context, IdentityServerConfiguration identityServerConfiguration) { var tokenClient = new TokenClient( identityServerConfiguration.IdentityServerUrl + "/connect/token", identityServerConfiguration.ClientId, identityServerConfiguration.ClientSecret); var refreshToken = await context.GetTokenAsync(CookieAuthenticationDefaults.AuthenticationScheme, "refresh_token"); var response = await tokenClient.RequestRefreshTokenAsync(refreshToken); if (response.IsError) { //logger.Warn($"Failed to refresh token for user {principal.Identity.GetUserId()}, returning 401"); logger.LogWarning($"Failed to refresh token for user {context.User.FindFirstValue(ClaimTypes.NameIdentifier)}"); //TODO //throw new HttpResponseException(HttpStatusCode.Unauthorized); return(false, null); } var tokens = new List <AuthenticationToken> { new AuthenticationToken { Name = OpenIdConnectParameterNames.IdToken, Value = await context.GetTokenAsync(CookieAuthenticationDefaults.AuthenticationScheme, "id_token") }, new AuthenticationToken { Name = OpenIdConnectParameterNames.AccessToken, Value = response.AccessToken }, new AuthenticationToken { Name = OpenIdConnectParameterNames.RefreshToken, Value = response.RefreshToken } }; var expiresAt = DateTime.UtcNow + TimeSpan.FromSeconds(response.ExpiresIn); tokens.Add(new AuthenticationToken { Name = "expires_at", Value = expiresAt.ToString("o", CultureInfo.InvariantCulture) }); var info = await context.AuthenticateAsync(CookieAuthenticationDefaults.AuthenticationScheme); info.Properties.StoreTokens(tokens); //await context.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, info.Principal, info.Properties); context.Response.OnStarting(async() => { await context.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, info.Principal, info.Properties); }); return(true, response.AccessToken); }
private void ConfigureIdentityServer(IServiceCollection services, string connectionString, IConfiguration configuration) { services.AddIdentityServer(c => { c.Endpoints = GetEndpointsOptions(); c.Discovery = GetDiscoveryOptions(); }) .AddInMemoryIdentityResources(IdentityServerConfiguration.GetIdentityResources()) .AddInMemoryApiResources(IdentityServerConfiguration.GetApiResources()) .AddInMemoryClients(IdentityServerConfiguration.GetClients(BuildClientUriConfigurationDictionary(Configuration))) .AddAspNetIdentity <User>() .AddDeveloperSigningCredential(); }
/// <summary> /// Configures the services. /// </summary> /// <param name="services">The services.</param> public void ConfigureServices(IServiceCollection services) { /*services.AddIdentity<ApplicationUser, IdentityRole>() * .AddEntityFrameworkStores<ApplicationDbContext>() * .AddDefaultTokenProviders();*/ services.AddIdentityServer() .AddDeveloperSigningCredential() .AddInMemoryApiResources(IdentityServerConfiguration.GetApis()) .AddInMemoryClients(IdentityServerConfiguration.GetClients()); services.AddControllersWithViews(); }
public void ConfigureServices(IServiceCollection services) { var identityServerConfig = new IdentityServerConfiguration(); _configuration.GetSection(nameof(IdentityServerConfiguration)).Bind(identityServerConfig); services.AddAuthentication(config => { config.DefaultScheme = "Cookie"; config.DefaultChallengeScheme = "oidc"; }) .AddCookie("Cookie") .AddOpenIdConnect("oidc", config => { config.ClientId = identityServerConfig.ClientId; config.ClientSecret = identityServerConfig.ClientSecret; config.Authority = identityServerConfig.IdentityServiceUrl; config.SignedOutCallbackPath = "/Books/Search"; config.SaveTokens = true; config.ResponseType = "code"; config.RequireHttpsMetadata = false; config.Scope.Add(JwtClaimTypes.Role); }); var rabbitMqConnectionString = _configuration["RabbitMqConnectionString"]; services.AddRabbitMq(rabbitMqConnectionString); var mappingConfig = new MapperConfiguration(mc => { mc.AddProfiles(new Profile[] { new ViewModelsMapper(), }); }); IMapper mapper = mappingConfig.CreateMapper(); services.AddSingleton(mapper); var apiUrl = _configuration["ApiUrl"]; services .AddHttpClient("books", c => { c.BaseAddress = new Uri(apiUrl); }) .AddTypedClient(c => RestClient.For <IBooksClient>(c)); services.AddSignalR(); services.AddMvc() .SetCompatibilityVersion(CompatibilityVersion.Latest) .AddJsonOptions(x => x.SerializerSettings.ReferenceLoopHandling = ReferenceLoopHandling.Ignore); }
public ApplicationInitializationService( [NotNull] IHostingEnvironment environment, [NotNull] PersistedGrantDbContext persistedGrantContext, [NotNull] ConfigurationDbContext configurationContext, IOptionsSnapshot <IdentityServerConfiguration> configuration ) { _environment = environment ?? throw new ArgumentNullException(nameof(environment)); _persistedGrantContext = persistedGrantContext ?? throw new ArgumentNullException(nameof(persistedGrantContext)); _configurationContext = configurationContext ?? throw new ArgumentNullException(nameof(configurationContext)); _configuration = configuration?.Value ?? throw new ArgumentNullException(nameof(configuration)); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.Configure <CookiePolicyOptions>(options => { // This lambda determines whether user consent for non-essential cookies is needed for a given request. options.CheckConsentNeeded = context => true; options.MinimumSameSitePolicy = SameSiteMode.None; }); services.AddDbContext <ApplicationDbContext>(options => options.UseSqlServer( Configuration.GetConnectionString("AspNetIdentityConnection"))); services.AddIdentity <ApplicationUser, IdentityRole>() .AddEntityFrameworkStores <ApplicationDbContext>() .AddDefaultTokenProviders(); RegisterClientsCors(services); services.AddMvc(option => option.EnableEndpointRouting = false); services.AddHttpContextAccessor(); services.AddTransient <IEmailSender, EmailSender>(); var _clientsConfiguration = new Dictionary <string, ClientConfiguration>(); var _apiResourcesConfiguration = new List <ApiResourceConfiguration>(); Configuration.GetSection("ClientConfigurations").Bind(_clientsConfiguration); Configuration.GetSection("ApiResourceConfigurations").Bind(_apiResourcesConfiguration); var identityServerConfiguration = new IdentityServerConfiguration(_clientsConfiguration, _apiResourcesConfiguration); services.AddSingleton(identityServerConfiguration); var bootstrapper = new AppBootstrapper(Configuration, services); bootstrapper.Configure(); services.AddAuthorization(); services .AddAuthentication() .AddIdentityServerAuthentication("Bearer", options => { options.Authority = Configuration["IdentityServerEndpoints:Authority"]; options.RequireHttpsMetadata = true; options.ApiName = "merp.auth.api"; }); }
public async Task Initialize() { this._context.Database.Migrate(); this._persistedGrantContext.Database.Migrate(); this._configContext.Database.Migrate(); if (!this._context.Roles.Any(r => r.Name.Equals(Roles.ADMIN)) || !this._userManager.Users.Any(u => u.UserName.Equals(Roles.ADMIN))) { await this._roleManager.CreateAsync(new IdentityRole(Roles.ADMIN)); await this._roleManager.CreateAsync(new IdentityRole(Roles.USER)); await this._userManager.CreateAsync(new UserEntity { UserName = Roles.ADMIN, Email = ADMIN_EMAIL }, ADMIN_PASS); await this._userManager.AddToRoleAsync(await this._userManager.FindByNameAsync(Roles.ADMIN), Roles.ADMIN); } if (!_configContext.Clients.Any()) { foreach (var client in IdentityServerConfiguration.GetClients()) { this._configContext.Clients.Add(client.ToEntity()); } } if (!_configContext.IdentityResources.Any()) { foreach (var resource in IdentityServerConfiguration.GetIdentityResources()) { this._configContext.IdentityResources.Add(resource.ToEntity()); } } if (!_configContext.ApiResources.Any()) { foreach (var resource in IdentityServerConfiguration.GetApiResources()) { this._configContext.ApiResources.Add(resource.ToEntity()); } } await this._context.SaveChangesAsync(); await this._configContext.SaveChangesAsync(); await this._persistedGrantContext.SaveChangesAsync(); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { var identityServerSettings = Configuration.GetSection(IdentityServerSettings.Section) .Get <IdentityServerSettings>(); var identityServerConfig = new IdentityServerConfiguration(identityServerSettings); services.Configure <AccountOptions>(e => { e.AutomaticRedirectAfterSignOut = true; }); services.Configure <ConsentOptions>(e => { e.EnableOfflineAccess = false; }); services.AddDbContext <IdentityDbContext>(options => options.UseSqlServer( Configuration.GetConnectionString(ConfigurationConstants.AuthDbConnectionString))); services.AddIdentity <IdentityUser, IdentityRole>(e => IdentityConfiguration.ConfigureOptions(e, Configuration)) .AddEntityFrameworkStores <IdentityDbContext>() .AddDefaultTokenProviders(); services.ConfigureApplicationCookie(e => { var controllerName = "Account"; e.Cookie.Name = "IdentityServer.Cookie"; e.LoginPath = $"/{controllerName}/Login"; e.LogoutPath = "/Home/Index"; e.AccessDeniedPath = $"/{controllerName}/AccesDenied"; }); services.AddIdentityServer() .AddInMemoryClients(identityServerConfig.Clients) .AddInMemoryIdentityResources(identityServerConfig.IdentityResources) .AddInMemoryApiResources(identityServerConfig.Apis) .AddInMemoryApiScopes(identityServerConfig.ApiScopes) .AddTestUsers(IdentityServerConfiguration.TestUsers.ToList()) .AddAspNetIdentity <IdentityUser>() .AddDeveloperSigningCredential(); services.AddControllersWithViews(); }
public static IServiceCollection ConfigureIdentityServer(this IServiceCollection services) { services.AddIdentityServer().AddDeveloperSigningCredential() // this adds the operational data from DB (codes, tokens, consents) .AddOperationalStore(options => { options.ConfigureDbContext = builder => builder.UseSqlServer(ConfigurationResolver.GetConfiguration().GetConnectionString("SQLServer")); // this enables automatic token cleanup. this is optional. options.EnableTokenCleanup = true; options.TokenCleanupInterval = 30; // interval in seconds }) .AddInMemoryIdentityResources(IdentityServerConfiguration.GetIdentityResources()) .AddInMemoryApiResources(IdentityServerConfiguration.GetApiResources()) .AddInMemoryClients(IdentityServerConfiguration.GetClients()) .AddAspNetIdentity <User>(); return(services); }
private static async Task SeedIdentityServerConfigurationAsync(IConfigurationDbContext context, IConfiguration configuration) { // Seed OIDC clients from configuration var clients = IdentityServerConfiguration.Clients(configuration); foreach (var client in clients) { var clientEntity = await context.Clients.SingleOrDefaultAsync(c => c.ClientId == client.ClientId); if (clientEntity == null) { context.Clients.Add(client.ToEntity()); } } // Seed OIDC resource scopes from configuration var identityResources = IdentityServerConfiguration.IdentityResources; foreach (var identityResource in identityResources) { if (!context.IdentityResources.Any(c => c.Name == identityResource.Name)) { context.IdentityResources.Add(identityResource.ToEntity()); } } // Seed API resource scopes from configuration var apiResources = IdentityServerConfiguration.ApiResources; foreach (var apiResource in apiResources) { if (!context.ApiResources.Any(c => c.Name == apiResource.Name)) { context.ApiResources.Add(apiResource.ToEntity()); } } await context.SaveChangesAsync(); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { IdentityModelEventSource.ShowPII = true; services.AddCors(); services.AddAuthentication(); services.AddAuthorization(); services.AddIdentityServer(options => { options.UserInteraction.LoginUrl = "/Identity/Login"; options.UserInteraction.LogoutUrl = "/Identity/Logout"; }) .AddInMemoryApiResources(IdentityServerConfiguration.GetApiResources()) .AddInMemoryIdentityResources(IdentityServerConfiguration.GetIdentityResources()) .AddInMemoryClients(IdentityServerConfiguration.GetClients()) .AddInMemoryApiScopes(IdentityServerConfiguration.GetApiScopes()) .AddResourceOwnerValidator <ResourceOwnerPasswordValidator>() .AddDeveloperSigningCredential(); services.AddControllersWithViews(); }
public override void Arrange() { base.Arrange(); _orchestrator = new Mock <AccountOrchestrator>(); _orchestrator.Setup(o => o.ResetPassword(It.IsAny <PasswordResetViewModel>())).ReturnsAsync(new OrchestratorResponse <PasswordResetViewModel>()); _owinWrapper = new Mock <IOwinWrapper>(); _owinWrapper.Setup(w => w.GetSignInMessage(Id)) .Returns(new SignInMessage { ReturnUrl = ReturnUrl }); _owinWrapper.Setup(x => x.GetIdsReturnUrl()).Returns(ReturnUrl); var identityServerConfiguration = new IdentityServerConfiguration { EmployerPortalUrl = EmployerPortalReturnUrl }; _controller = new AccountController(_orchestrator.Object, _owinWrapper.Object, identityServerConfiguration, _logger.Object); _controller.ControllerContext = _controllerContext.Object; }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { NLog.LogManager.Configuration = new NLogLoggingConfiguration(Configuration.GetSection("NLog")); services.AddHealthChecks(); services.AddHttpClient(); services.AddDbContext <DataContext>(options => options.UseSqlServer(Configuration.GetConnectionString("TaskAPI"))); var identityServerOptions = new Common.Options.IdentityServerOptions(); Configuration.Bind("IdentityServer", identityServerOptions); var certificatePath = Path.Combine(Directory.GetCurrentDirectory(), identityServerOptions.CertFolder, identityServerOptions.CertFile); Console.WriteLine(certificatePath); services.AddIdentityServer() .AddInMemoryIdentityResources(IdentityServerConfiguration.GetIdentityResources()) .AddInMemoryApiResources(IdentityServerConfiguration.GetApiResources(identityServerOptions.Scope)) .AddInMemoryClients(IdentityServerConfiguration.GetClients(identityServerOptions.ClientId, identityServerOptions.ClientSecret)) .AddResourceOwnerValidator <CustomResourceOwnerPasswordValidator>() .AddProfileService <CustomProfileService>() .AddDeveloperSigningCredential() /** .AddSigningCredential(new X509Certificate2(certificatePath, identityServerOptions.CertPassword)) **/ ; services.AddMvcCore().AddApiExplorer(); services .AddControllers() .AddNewtonsoftJson(options => { options.SerializerSettings.ContractResolver = new DefaultContractResolver { NamingStrategy = new SnakeCaseNamingStrategy() }; }); }