public void ConfigureServices(IServiceCollection services)
{
services.Configure <CookiePolicyOptions>(options =>
{
options.MinimumSameSitePolicy = SameSiteMode.Unspecified;
options.OnAppendCookie = cookieContext =>
CheckSameSite(cookieContext.Context, cookieContext.CookieOptions);
options.OnDeleteCookie = cookieContext =>
CheckSameSite(cookieContext.Context, cookieContext.CookieOptions);
});
// uncomment, if you want to add an MVC-based UI
services.AddControllersWithViews();
var builder = services.AddIdentityServer()
.AddSigningCredential(X509.GetCertificate(Configuration["SigningCertThumprint"])) // signing.crt thumbprint
.AddValidationKey(X509.GetCertificate(Configuration["ValidationCertThumbprint"])) // validation.crt thumbprint
.AddInMemoryIdentityResources(Config.Ids)
.AddInMemoryApiResources(Config.Apis)
.AddInMemoryClients(Config.Clients)
.AddTestUsers(Config.GetUsers());
// not recommended for production - you need to store your key material somewhere secure
if (Environment.IsDevelopment())
{
builder.AddDeveloperSigningCredential();
}
services.AddAuthentication()
.AddGoogle("Google", options =>
{
options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
options.SaveTokens = true;
options.ClientId = Config.GoogleClientId;
options.ClientSecret = Config.GoogleClientSecrect;
//options.CorrelationCookie.SameSite = SameSiteMode.Lax;
});
}
public void ConfigureServices(IServiceCollection services)
{
string connectionString = Configuration.GetConnectionString("DefaultConnection");
services.AddDbContext <ApplicationDbContext>(options =>
options.UseSqlServer(connectionString));
services.AddIdentity <ApplicationUser, IdentityRole>()
.AddEntityFrameworkStores <ApplicationDbContext>()
.AddDefaultTokenProviders();
services.AddMvc(options =>
{
//options.SslPort = 5000; //kestrel
//options.Filters.Add(new RequireHttpsAttribute()); //kestrel
});
//.SetCompatibilityVersion(Microsoft.AspNetCore.Mvc.CompatibilityVersion.Version_2_1);
//kestrel
//services.AddAntiforgery(options =>
//{
// options.Cookie.Name = "_af";
// options.Cookie.HttpOnly = true;
// options.Cookie.SecurePolicy = Microsoft.AspNetCore.Http.CookieSecurePolicy.Always;
// options.HeaderName = "X-XSRF-TOKEN";
//});
services.Configure <MySettingsModel>(Configuration.GetSection("MySettings"));
services.AddScoped <IGrafanaHelper, GrafanaHelper>();
services.AddScoped <IGrafRole, GrafRoleHelper>();
var migrationsAssembly = typeof(Startup).GetTypeInfo().Assembly.GetName().Name;
var signinCredential = X509.GetCertificate("7948D0F59B78BCF6B165C84BE61834DEFD96AEA0");
var validationKey = X509.GetCertificate("2BF154F3D1F8BC6743238ACB22AED7C31AA909B1");
services.AddIdentityServer()
//.AddDeveloperSigningCredential()
.AddAspNetIdentity <ApplicationUser>()
.AddSigningCredential(signinCredential) //self signed localhost cert
.AddValidationKey(validationKey) //self signed localhost cert
// this adds the operational data from DB (codes, tokens, consents)
.AddOperationalStore(store =>
{
store.ConfigureDbContext = builder =>
builder.UseSqlServer(connectionString,
sql => sql.MigrationsAssembly(migrationsAssembly));
store.EnableTokenCleanup = true;
store.TokenCleanupInterval = 1800;
})
// this adds the config data from DB (clients, resources)
.AddConfigurationStore(options =>
{
options.ConfigureDbContext = builder =>
builder.UseSqlServer(connectionString,
sql => sql.MigrationsAssembly(migrationsAssembly));
});
//.AddAspNetIdentity<ApplicationUser>();
services.Configure <IISOptions>(options =>
{
options.ForwardClientCertificate = false;
});
services.AddCsp(nonceByteAmount: 32);
services.AddCors();
}
