public void Configuration(IAppBuilder app)
{
var factory = new IdentityServerServiceFactory().UseInMemoryUsers(Users.Get());
factory.UserService = new Registration <IUserService, UserService>();
factory.RegisterClientDataStore(new Registration <IClientDataStore>(resolver => new InMemoryClientDataStore(Clients.Get())));
factory.RegisterScopeDataStore(new Registration <IScopeDataStore>(resolver => new InMemoryScopeDataStore(Scopes.Get())));
factory.AddVaultClientSecretStore(new VaultClientSecretStoreAppRoleOptions
{
RoleId = ConfigurationManager.AppSettings["AppRoleId"],
SecretId = ConfigurationManager.AppSettings["AppSecretId"]
});
var options = new IdentityServerOptions
{
SigningCertificate = LoadCertificate(),
Factory = factory,
RequireSsl = false
};
app.UseIdentityServer(options);
}
public static void AddVaultClientSecretStore(
this IdentityServerServiceFactory factory,
VaultClientSecretStoreAppRoleOptions vaultOptions
)
{
factory.AddVaultClientSecretStore(vaultOptions, new VaultAppRoleAuth(vaultOptions.RoleId, vaultOptions.SecretId));
}
public void Configuration(IAppBuilder app)
{
var efConfig = new EntityFrameworkServiceOptions
{
ConnectionString = IdentityServerDb
};
var cleanup = new TokenCleanup(efConfig, 10);
cleanup.Start();
// Add in the Clients and Scopes to the EF database
IdentityServerTestData.SetUp(efConfig);
MembershipTestData.SetUp(MembershipDb, MembershipApplicationName);
var factory = new IdentityServerServiceFactory();
factory.RegisterOperationalServices(efConfig);
factory.Register(new Registration <IClientConfigurationDbContext>(resolver => new ClientConfigurationDbContext(efConfig.ConnectionString)));
factory.RegisterClientDataStore(new Registration <IClientDataStore>(resolver => new ClientDataStore(resolver.Resolve <IClientConfigurationDbContext>())));
factory.CorsPolicyService = new ClientConfigurationCorsPolicyRegistration(efConfig);
factory.Register(new Registration <IScopeConfigurationDbContext>(resolver => new ScopeConfigurationDbContext(efConfig.ConnectionString)));
factory.RegisterScopeDataStore(new Registration <IScopeDataStore>(resolver => new ScopeDataStore(resolver.Resolve <IScopeConfigurationDbContext>())));
factory.AddVaultClientSecretStore(
new VaultClientSecretStoreAppIdOptions
{
AppId = Program.IdentityServerAppId,
UserId = Program.IdentityServerUserId
});
factory.UseMembershipService(
new MembershipOptions
{
ConnectionString = ConfigurationManager.ConnectionStrings["Membership"].ConnectionString,
ApplicationName = MembershipApplicationName
});
var options = new IdentityServerOptions
{
Factory = factory,
RequireSsl = false
};
// Wire up Vault as being the X509 Certificate Signing Store
options.AddVaultCertificateStore(new VaultCertificateStoreAppIdOptions
{
AppId = Program.IdentityServerAppId,
UserId = Program.IdentityServerUserId,
RoleName = RoleName,
CommonName = CommonName
});
app.UseIdentityServer(options);
}
public static void AddVaultClientSecretStore(
this IdentityServerServiceFactory factory,
VaultClientSecretStoreAppIdOptions vaultOptions)
{
factory.AddVaultClientSecretStore(vaultOptions, new VaultAppIdAuth(vaultOptions.AppId, vaultOptions.UserId));
}