public void InstallConfiguration(IApplicationBuilder app, IWebHostEnvironment env, IConfiguration configuration,
ILogger logger)
{
var swaggerOptions = new SwaggerOptions();
configuration.GetSection(nameof(SwaggerOptions)).Bind(swaggerOptions);
app.UseSwagger();
app.UseSwaggerUI(options =>
{
options.SwaggerEndpoint(swaggerOptions.UIEndPoint, swaggerOptions.Description);
options.RoutePrefix = "swagger"; //To serve the Swagger UI at the :http://localhost:<port>/RoutePrefix
});
app.UseHttpsRedirection();
app.UseMiddleware(typeof(ErrorHandlingMiddleware));
app.UseRouting();
var useAuthentication = configuration.GetValue <bool>("UseAuthentication");
if (useAuthentication)
{
logger.LogInformation("Authentication enabled");
app.UseAuthentication();
}
else
{
logger.LogInformation("Authentication disabled");
//on staging/development dont require authentication
app.Use(async(context, next) =>
{
// Set claims for the test user.
var claims = new[] { new Claim("role", "Admin") };
var id = new ClaimsIdentity(claims, "DebugAuthorizationMiddleware", "name", "role");
// Add the test user as Identity.
context.User.AddIdentity(id);
// User is now authenticated.
await next.Invoke();
});
}
app.UseStaticFiles();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
endpoints.MapRazorPages();
});
}
public void InstallServices(IServiceCollection services, IConfiguration configuration, IWebHostEnvironment env,
ILogger logger)
{
services.AddRazorPages();
services.AddControllers(opts => { })
.AddNewtonsoftJson();
services.AddAutoMapper(typeof(Startup));
var jwtSettings = new JwtSettings();
configuration.Bind(nameof(JwtSettings), jwtSettings);
services.AddSingleton(jwtSettings);
var tokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = false,
ValidateAudience = false,
ValidateIssuerSigningKey = true,
IssuerSigningKey = jwtSettings.PrivateSigningSecretKey,
ValidateLifetime = true,
ClockSkew = TimeSpan.Zero
};
services.AddSingleton(tokenValidationParameters);
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.SaveToken = true;
options.TokenValidationParameters = tokenValidationParameters;
});
services.AddAuthorization(options =>
{
options.AddPolicy(Authorizations.RequireAdminOrManagerRole,
policy => policy.RequireRole(Authorizations.Admin, Authorizations.Manager));
});
services.AddSwaggerGen(x =>
{
var swaggerOptions = new SwaggerOptions();
configuration.GetSection(nameof(SwaggerOptions)).Bind(swaggerOptions);
x.SwaggerDoc(swaggerOptions.Version,
new OpenApiInfo {
Title = swaggerOptions.Title, Version = swaggerOptions.Version
});
var secScheme = new OpenApiSecurityScheme
{
Description = "JWT Authorization header using bearer scheme",
Name = "Authorization",
Type = SecuritySchemeType.ApiKey,
In = ParameterLocation.Header,
Reference = new OpenApiReference
{
Type = ReferenceType.SecurityScheme,
Id = "Bearer"
},
};
x.AddSecurityDefinition("Bearer", secScheme);
x.AddSecurityRequirement(new OpenApiSecurityRequirement {
{ secScheme, new List <string>() }
});
});
}