private async Task <TokenValidationParameters> GetValidationParameters(string issuer)
{
var settings = AuthSettingsFactory.GetProviderForIssuer(issuer);
return(TokenValidationParametersBuilder.Create()
.DefaultClockSkew()
.ValidateExpiration()
.ValidateSigninKey(await GetSigningKeys(issuer)) // TODO: Give the possibility to configure how to get signingKey
.ValidateAudiences(settings.Audiences)
.ValidateIssuers(settings.Issuer)
.Build());
}
/// <summary>
/// The configure services.
/// This method gets called by the runtime. Use this method to add services to the container.
/// </summary>
/// <param name="services">
/// The services.
/// </param>
/// <returns>
/// The <see cref="IServiceProvider"/>.
/// </returns>
public IServiceProvider ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(
config =>
{
config.TokenValidationParameters =
TokenValidationParametersBuilder.GetTokenValidationParameters(Configuration);
});
services.AddDbContext <EFContext>(options => { options.UseInMemoryDatabase("MyDatabase"); });
services.AddCors();
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
services.Configure <WebEncoderOptions>(
options => options.TextEncoderSettings = new TextEncoderSettings(UnicodeRanges.All));
Console.WriteLine($"{Configuration["Email:Server"]}:{Configuration["Email:Port"]}");
services.AddMailKit(
optionBuilder =>
{
optionBuilder.UseMailKit(
new MailKitOptions()
{
// get options from sercets.json
Server = Configuration["Email:Server"],
Port = Convert.ToInt32(Configuration["Email:Port"]),
SenderName = Configuration["Email:SenderName"],
SenderEmail = Configuration["Email:SenderEmail"],
// can be optional with no authentication
Account = Configuration["Email:Account"],
Password = Configuration["Email:Password"],
// enable ssl or tls
Security = true
});
});
return(services.BuildServiceProvider());
}
public static IServiceCollection RegisterWebApiServices(this IServiceCollection services, IConfiguration configuration)
{
#region JWT
services.AddAuthorization(options =>
{
options.AddPolicy("DigitalBank-Pub", policy => policy.RequireClaim("Authorization", "Pub-DigitalBank"));
});
string secret = configuration["JWT_SECRET"];
SymmetricSecurityKey signingKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(secret));
var tokenOptions = configuration.GetSection(nameof(AuthorizeOptions));
var tokenValidationParameters = new TokenValidationParametersBuilder(tokenOptions, signingKey)
.Build();
services.Configure <AuthorizeOptions>(options =>
{
options.Issuer = tokenOptions[nameof(AuthorizeOptions.Issuer)];
options.Audience = tokenOptions[nameof(AuthorizeOptions.Audience)];
options.SigningCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256);
});
services.AddAuthentication(o =>
{
o.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
o.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(o =>
{
o.TokenValidationParameters = tokenValidationParameters;
});
#endregion
#region Swagger
services.AddSwaggerGen(options =>
{
options.SwaggerDoc(configuration["Application:Version"],
new Info
{
Title = configuration["Application:Title"],
Version = configuration["Application:Version"],
Description = configuration["Application:Description"]
});
options.AddSecurityDefinition("Bearer",
new ApiKeyScheme
{
In = "header",
Description = "Autenticação baseada em Json Web Token (JWT)",
Name = "Authorization",
Type = "apiKey"
});
options.AddSecurityRequirement(new Dictionary <string, IEnumerable <string> >
{
{ "Bearer", new string[] { } }
});
var applicationBasePath = PlatformServices.Default.Application.ApplicationBasePath;
var applicationName = PlatformServices.Default.Application.ApplicationName;
var xmlDocumentPath = Path.Combine(applicationBasePath, $"{applicationName}.xml");
if (File.Exists(xmlDocumentPath))
{
options.IncludeXmlComments(xmlDocumentPath);
}
options.DescribeAllEnumsAsStrings();
});
#endregion
#region AutoMapper
var mappingConfig = new MapperConfiguration(mc =>
{
mc.AddProfile(new MappingProfile());
});
IMapper mapper = mappingConfig.CreateMapper();
services.AddSingleton(mapper);
#endregion
#region Application
#region Repository
services.AddScoped <IDigitalAccountRepository, DigitalAccountRepository>();
services.AddScoped <ICustomerPermissionRepository, CustomerPermissionRepository>();
services.AddScoped <ICustomerRepository, CustomerRepository>();
services.AddScoped <IPermissionRepository, PermissionRepository>();
#endregion
#region Handler
services.AddSingleton <IEncryptorHandler, EncryptorHandler>();
services.AddSingleton <ITokenHandler, Security.JWT.Handler.TokenHandler>();
#endregion
#region Business
services.AddScoped <IDigitalAccountBusiness, DigitalAccountBusiness>();
services.AddScoped <ICustomerBusiness, CustomerBusiness>();
services.AddScoped <ICustomerPermissionBusiness, CustomerPermissionBusiness>();
services.AddScoped <IPermissionBusiness, PermissionBusiness>();
#endregion
#endregion
return(services);
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddCors();
services.AddMvc(config =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
config.Filters.Add(new AuthorizeFilter(policy));
}).AddJsonOptions(x => x.SerializerSettings.ReferenceLoopHandling = Newtonsoft.Json.ReferenceLoopHandling.Ignore);
#region Authentication
services.AddAuthorization(options =>
{
options.AddPolicy("WebApiUser", policy => policy.RequireClaim("PanelAdministrator", "BackEnd"));
});
// Carrega as opções do Token
var tokenOptions = Configuration.GetSection(nameof(AuthorizeOptions));
var tokenValidationParameters = new TokenValidationParametersBuilder(tokenOptions, _signingKey)
.Build();
// Configura as opções do Token
services.Configure <AuthorizeOptions>(options =>
{
options.Issuer = tokenOptions[nameof(AuthorizeOptions.Issuer)];
options.Audience = tokenOptions[nameof(AuthorizeOptions.Audience)];
options.SigningCredentials = new SigningCredentials(_signingKey, SecurityAlgorithms.HmacSha256);
});
services.AddAuthentication(o =>
{
o.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
o.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(o =>
{
o.TokenValidationParameters = tokenValidationParameters;
});
#endregion
#region Swagger
services.AddSwaggerGen(c =>
{
c.OperationFilter <AuthorizationHeaderParameterOperationFilter>();
c.SwaggerDoc("v1", new Info
{
Version = "v1",
Title = "API de Autenticação",
Description = "API para criar e validar a autenticação",
TermsOfService = "None"
});
//var filePath = Path.Combine(PlatformServices.Default.Application.ApplicationBasePath, "mysql.b2b.api.pub.authenticate.xml");
//c.IncludeXmlComments(filePath);
c.DescribeAllEnumsAsStrings();
});
#endregion
services.AddTransient <IDataBaseProvider, DataBaseProvider>();
services.AddTransient <IAuthenticateManager, AuthenticateManager>();
}
