Пример #1
0
        public void Configuration(IAppBuilder app)
        {
            LogProvider.SetCurrentLogProvider(new DiagnosticsTraceLogProvider());
            Log.Logger = new LoggerConfiguration()
               .MinimumLevel.Debug()
               .WriteTo.Trace()
               .CreateLogger();

            app.UseAesDataProtectorProvider();
            app.Map("/admin", adminApp =>
                {
                    var factory = new IdentityManagerServiceFactory();
                   
                    factory.ConfigureSimpleIdentityManagerService("AspId");
                    //factory.ConfigureCustomIdentityManagerServiceWithIntKeys("AspId_CustomPK");

                    var adminOptions = new IdentityManagerOptions(){
                        Factory = factory
                    };
                    adminOptions.SecurityConfiguration.RequireSsl = false;
                    adminApp.UseIdentityManager(adminOptions);
                });

            var idSvrFactory = Factory.Configure();
            idSvrFactory.ConfigureUserService("AspId");

            var viewOptions = new ViewServiceOptions
            {
                TemplatePath = this.basePath.TrimEnd(new char[] { '/' })
            };
            idSvrFactory.ViewService = new IdentityServer3.Core.Configuration.Registration<IViewService>(new ViewService(viewOptions));

            var options = new IdentityServerOptions
            {
                SiteName = "IdentityServer3 - ViewSerive-AspNetIdentity",
                SigningCertificate = Certificate.Get(),
                Factory = idSvrFactory,
                RequireSsl = false,
                AuthenticationOptions = new AuthenticationOptions
                {
                    IdentityProviders = ConfigureAdditionalIdentityProviders,
                }
            };

            app.Map("/core", core =>
            {
                core.UseIdentityServer(options);
            });

            app.UseStaticFiles(new StaticFileOptions
            {
                RequestPath = new PathString("/Content"),
                FileSystem = new PhysicalFileSystem(Path.Combine(this.basePath, "Content")) 
            });

            var config = new HttpConfiguration();
          //  config.MapHttpAttributeRoutes();
            config.Routes.MapHttpRoute("API", "api/{controller}/{action}", new { controller = "Home", action = "Get" });
            app.UseWebApi(config);
        }
Пример #2
0
        public static HttpConfiguration Configure(IdentityManagerOptions options)
        {
            if (options == null) throw new ArgumentNullException("idmConfig");

            var config = new HttpConfiguration();
            config.MessageHandlers.Insert(0, new KatanaDependencyResolver());

            config.MapHttpAttributeRoutes();
            if (!options.DisableUserInterface)
            {
                config.Routes.MapHttpRoute(Constants.RouteNames.Home,
                    "",
                    new { controller = "Page", action = "Index" });
                config.Routes.MapHttpRoute(Constants.RouteNames.Logout,
                    "logout",
                    new { controller = "Page", action = "Logout" });
                //config.Routes.MapHttpRoute(Constants.RouteNames.OAuthFrameCallback,
                //    "frame",
                //    new { controller = "Page", action = "Frame" });
            }

            config.SuppressDefaultHostAuthentication();
            config.Filters.Add(new HostAuthenticationAttribute(options.SecurityConfiguration.BearerAuthenticationType));
            config.Filters.Add(new AuthorizeAttribute() { Roles = options.SecurityConfiguration.AdminRoleName });

            config.Formatters.Remove(config.Formatters.XmlFormatter);
            config.Formatters.Remove(config.Formatters.FormUrlEncodedFormatter);
            config.Formatters.JsonFormatter.SerializerSettings.ContractResolver =
                new Newtonsoft.Json.Serialization.CamelCasePropertyNamesContractResolver();

            config.Services.Add(typeof(IExceptionLogger), new LogProviderExceptionLogger());

            return config;
        }
        public MetaController(IdentityManagerOptions config, IIdentityManagerService userManager)
        {
            if (config == null) throw new ArgumentNullException("config");
            if (userManager == null) throw new ArgumentNullException("userManager");

            this.config = config;
            this.userManager = userManager;
        }
        public void Configuration(IAppBuilder app)
        {
            // config identity server
            var factory = new IdentityServerServiceFactory
            {
                CorsPolicyService = new IdentityServer3.Core.Configuration.Registration<ICorsPolicyService>(new DefaultCorsPolicyService {AllowAll = true}),
                ScopeStore = new IdentityServer3.Core.Configuration.Registration<IScopeStore>(new InMemoryScopeStore(Scopes.Get())),
                ClientStore = new IdentityServer3.Core.Configuration.Registration<IClientStore>(new InMemoryClientStore(Clients.Get()))
            };
            factory.ConfigureUserService(ConnectionString);

            app.Map("/identity", idServer => idServer.UseIdentityServer(new IdentityServerOptions
            {
                SiteName = "Identity Server for 8sApp",
                RequireSsl = false,
                Factory = factory,
                SigningCertificate = Certificate.Certificate.Get(),
                AuthenticationOptions = new AuthenticationOptions()
                {
                    LoginPageLinks = new[]
                    {
                        new LoginPageLink
                        {
                            Text = "Register",
                            Href = "register"
                        }
                    }
                }
            }));

            // config identity manager
            app.Map("/admin", adminApp =>
            {
                var identityManagerServiceFactory = new IdentityManagerServiceFactory();
                identityManagerServiceFactory.ConfigureIdentityManagerService(ConnectionString);
                var options = new IdentityManagerOptions
                {
                    Factory = identityManagerServiceFactory,
                    SecurityConfiguration = {RequireSsl = false}
                };
                adminApp.UseIdentityManager(options);
            });

            // config web api
            var config = new HttpConfiguration();
            config.MapHttpAttributeRoutes();
            config.Routes.MapHttpRoute(
                name: "DefaultApi",
                routeTemplate: "api/{controller}/{id}",
                defaults: new { id = RouteParameter.Optional }
            );

            app.UseCors(CorsOptions.AllowAll);
            app.UseWebApi(config);
        }
Пример #5
0
        public static HttpConfiguration Configure(IdentityManagerOptions options)
        {
            if (options == null)
            {
                throw new ArgumentNullException("idmConfig");
            }

            var config = new HttpConfiguration();

            config.MessageHandlers.Insert(0, new KatanaDependencyResolver());

            config.MapHttpAttributeRoutes();
            if (!options.DisableUserInterface)
            {
                config.Routes.MapHttpRoute(Constants.RouteNames.Home,
                                           "",
                                           new { controller = "Page", action = "Index" });
                config.Routes.MapHttpRoute(Constants.RouteNames.OAuthFrameCallback,
                                           "frame",
                                           new { controller = "Page", action = "Frame" });
            }

            config.SuppressDefaultHostAuthentication();

            if (options.SecurityMode == SecurityMode.LocalMachine)
            {
                config.Filters.Add(new HostAuthenticationAttribute(Constants.LocalAuthenticationType));
            }
            else
            {
                config.Filters.Add(new HostAuthenticationAttribute(Constants.BearerAuthenticationType));
            }

            config.Filters.Add(new AuthorizeAttribute()
            {
                Roles = options.AdminRoleName
            });

            config.Formatters.Remove(config.Formatters.XmlFormatter);
            config.Formatters.Remove(config.Formatters.FormUrlEncodedFormatter);
            config.Formatters.JsonFormatter.SerializerSettings.ContractResolver =
                new Newtonsoft.Json.Serialization.CamelCasePropertyNamesContractResolver();

            //apiConfig.Services.Add(typeof(IExceptionLogger), new UserAdminExceptionLogger());

//#if DEBUG
//            apiConfig.Services.Add(typeof(IExceptionLogger), new TraceLogger());
//#endif
            config.Services.Add(typeof(IExceptionLogger), new LogProviderExceptionLogger());

            return(config);
        }
        public static void UseIdentityManager(this IAppBuilder app, IdentityManagerOptions options)
        {
            if (app == null) throw new ArgumentNullException("app");
            if (options == null) throw new ArgumentNullException("config");

            app.SetLoggerFactory(new LibLogLoggerFactory());
            
            Logger.Info("Starting IdentityManager configuration");

            options.Validate();

            app.Use(async (ctx, next) =>
            {
                if (!ctx.Request.Scheme.Equals("https", StringComparison.OrdinalIgnoreCase) && 
                    options.SecurityConfiguration.RequireSsl)
                {
                    ctx.Response.Write("HTTPS required");
                }
                else
                {
                    await next();
                }
            });

            var container = AutofacConfig.Configure(options);
            app.Use<AutofacContainerMiddleware>(container);

            options.SecurityConfiguration.Configure(app);

            if (!options.DisableUserInterface)
            {
                app.UseFileServer(new FileServerOptions
                {
                    RequestPath = new PathString("/assets"),
                    FileSystem = new EmbeddedResourceFileSystem(typeof(IdentityManagerAppBuilderExtensions).Assembly, "IdentityManager.Assets")
                });
                app.UseFileServer(new FileServerOptions
                {
                    RequestPath = new PathString("/assets/libs/fonts"),
                    FileSystem = new EmbeddedResourceFileSystem(typeof(IdentityManagerAppBuilderExtensions).Assembly, "IdentityManager.Assets.Content.fonts")
                });
                app.UseStageMarker(PipelineStage.MapHandler);
            }

            SignatureConversions.AddConversions(app);
            app.UseWebApi(WebApiConfig.Configure(options));
            app.UseStageMarker(PipelineStage.MapHandler);

            // clears out the OWIN logger factory so we don't recieve other hosting related logs
            app.Properties["server.LoggerFactory"] = null;
        }
        public static void UseIdentityServer(this IApplicationBuilder app, IdentityServerOptions options)
        {
            app.UseOwin(addToPipeline =>
            {
                addToPipeline(next =>
                {
                    var builder = new Microsoft.Owin.Builder.AppBuilder();
                    var provider = app.ApplicationServices.GetService<Microsoft.AspNet.DataProtection.IDataProtectionProvider>();

                    builder.Properties["security.DataProtectionProvider"] = new DataProtectionProviderDelegate(purposes =>
                    {
                        var dataProtection = provider.CreateProtector(String.Join(",", purposes));
                        return new DataProtectionTuple(dataProtection.Protect, dataProtection.Unprotect);
                    });
                    builder.UseAesDataProtectorProvider();

                    builder.Map("/admin", adminApp =>
                    {
                        var factory = new IdentityManagerServiceFactory();

                        factory.ConfigureSimpleIdentityManagerService("AspId");
                        //factory.ConfigureCustomIdentityManagerServiceWithIntKeys("AspId_CustomPK");

                        var adminOptions = new IdentityManagerOptions(){
                            Factory = factory
                        };
                        adminOptions.SecurityConfiguration.RequireSsl = false;
                        adminApp.UseIdentityManager(adminOptions);
                    });

                    options.Factory.ConfigureUserService("AspId");

                    builder.Map("/core", core => {
                        core.UseIdentityServer(options);
                    });
                    var appFunc = builder.Build(typeof(Func<IDictionary<string, object>, Task>)) as Func<IDictionary<string, object>, Task>;
                    return appFunc;
                });
            });
        }
Пример #8
0
        public void InitializeIdentityManager(IAppBuilder app, string nameOrConnStr, IdentityManagerServiceFactory factory)
        {
            #region CONFIGURAÇÃO DO IDENTITY MANAGER
            app.Map("/admin", admin => {

                var congig = new IdentityManagerOptions {
                    Factory = factory,

                    #region Configura a authenticação e o administrador do IdMgr
                    SecurityConfiguration = new HostSecurityConfiguration {
                        HostAuthenticationType = "Cookies",
                        AdditionalSignOutType = "oidc",
                        AdminRoleName = ConfigurationManager.AppSettings[Constantes.AppSettings.IdMgr.IdMgrAdminRoleName],
                        RequireSsl = true
                    #endregion

                    }
                };

                admin.UseIdentityManager(congig);
            });

            #endregion
        }
Пример #9
0
        public static IContainer Configure(IdentityManagerOptions config)
        {
            if (config == null)
            {
                throw new ArgumentNullException("config");
            }

            var builder = new ContainerBuilder();

            builder.RegisterInstance(config);
            builder.Register(config.Factory.IdentityManagerService);
            builder.Register(c => new OwinEnvironmentService(c.Resolve <IOwinContext>()));

            builder.RegisterApiControllers(typeof(AutofacConfig).Assembly);

            foreach (var registration in config.Factory.Registrations)
            {
                builder.Register(registration, registration.Name);
            }

            var container = builder.Build();

            return(container);
        }
Пример #10
0
        public static void Configure(IAppBuilder app)
        {
            Log.Logger = new LoggerConfiguration()
                       .MinimumLevel.Debug()
                       .WriteTo.Trace()
                       .CreateLogger();
            app.UseAesDataProtectorProvider();

            BasePath = AppDomain.CurrentDomain.BaseDirectory;
            var certFile = Path.Combine(BasePath, "idsrv3test.pfx");
            Console.WriteLine(certFile);
            var options = ConfigureIdentityServer(certFile);

            //  var cpath = Path.GetFullPath(Path.Combine(Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location),"..", "..", "..", "src", "Janitor", "Content"));
            //  Console.WriteLine(cpath);
            //  app.UseStaticFiles (new StaticFileOptions {
            //		RequestPath = new PathString("/Content"),
            //		FileSystem = new PhysicalFileSystem(cpath)
            //	});

            app.Map("/admin", adminApp =>
            {
                var factory = new IdentityManagerServiceFactory();
                factory.ConfigureSimpleIdentityManagerService("AspId");
                    var adminOptions = new IdentityManagerOptions
                        {
                            Factory = factory,

                        };
                    adminOptions.SecurityConfiguration.RequireSsl = false;
                    adminApp.UseIdentityManager(adminOptions);
            });

            app.UseIdentityServer(options);
        }
Пример #11
0
        public PageController(IdentityManagerOptions idmConfig)
        {
            if (idmConfig == null) throw new ArgumentNullException("idmConfig");

            this.idmConfig = idmConfig;
        }
    public void Configuration(IAppBuilder appBuilder)
    {
      Log.Logger = new LoggerConfiguration()
        .WriteTo.Trace(outputTemplate: "{Timestamp} [{Level}] ({Name}){NewLine} {Message}{NewLine}{Exception}")
        .CreateLogger();

      JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary<string, string>();

      appBuilder.UseCookieAuthentication(new CookieAuthenticationOptions
      {
        AuthenticationType = "Cookies",
        LoginPath = new PathString("/Home/Login")
      });

      appBuilder.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
      {
        AuthenticationType = "oidc",
        Authority = "https://localhost:44333",
        ClientId = "idmgr_and_idadmin",
        RedirectUri = "https://localhost:44333",
        ResponseType = "id_token",
        UseTokenLifetime = false,
        Scope = "openid idmgr idAdmin",
        SignInAsAuthenticationType = "Cookies",
        Notifications = new OpenIdConnectAuthenticationNotifications
        {
          SecurityTokenValidated = n =>
          {
            n.AuthenticationTicket.Identity.AddClaim(new Claim("id_token", n.ProtocolMessage.IdToken));
            return Task.FromResult(0);
          },
          RedirectToIdentityProvider = async n =>
          {
            if (n.ProtocolMessage.RequestType == Microsoft.IdentityModel.Protocols.OpenIdConnectRequestType.LogoutRequest)
            {
              var result = await n.OwinContext.Authentication.AuthenticateAsync("Cookies");
              if (result != null)
              {
                var id_token = result.Identity.Claims.GetValue("id_token");
                if (id_token != null)
                {
                  n.ProtocolMessage.IdTokenHint = id_token;
                  n.ProtocolMessage.PostLogoutRedirectUri = "https://localhost:44333";
                }
              }
            }
          }
        }
      });

      var connString = ConfigurationManager.ConnectionStrings["IdSvr3Config"].ConnectionString;

      // Identity admin
      appBuilder.Map("/adm", adminApp =>
      {
        var idAdminOptions = new IdentityAdminOptions
        {
          Factory = ConfigIdentityServerAdmin.Factory.Configure(connString),
          AdminSecurityConfiguration = new IdentityAdmin.Configuration.AdminHostSecurityConfiguration()
          {
            HostAuthenticationType = IdentityAdmin.Constants.CookieAuthenticationType,
            AdminRoleName = "IdentityServerAdmin",
            NameClaimType = "name",
            RoleClaimType = "role",
          }

        };

        adminApp.UseIdentityAdmin(idAdminOptions);
      });

      //Identity manager
      appBuilder.Map("/idm", adminApp =>
      {
        var idManagerOptions = new IdentityManagerOptions
        {
          Factory = ConfigIdentityManager.Factory.Configure(connString),
          SecurityConfiguration = new HostSecurityConfiguration()
          {
            HostAuthenticationType = IdentityManager.Constants.CookieAuthenticationType,
            AdminRoleName = "IdentityManagerAdmin",
            NameClaimType = "name",
            RoleClaimType = "role",
          }
        };

        adminApp.UseIdentityManager(idManagerOptions);
      });

      // Identity server
      appBuilder.Map("/ids", adminApp =>
      {
        var idsrvOptions = new IdentityServerOptions
        {
          Factory = ConfigIdentityServer.Factory.Configure(connString),
          SigningCertificate = Certificate.Get(),
          RequireSsl = true
        };

        appBuilder.UseIdentityServer(idsrvOptions);
      });

    }
        public static void UseIdentityManager(this IAppBuilder app, IdentityManagerOptions options)
        {
            if (app == null) throw new ArgumentNullException("app");
            if (options == null) throw new ArgumentNullException("config");
            options.Validate();

            JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary<string, string>();

            var container = AutofacConfig.Configure(options);
            app.Use<AutofacContainerMiddleware>(container);

            if (options.SecurityMode == SecurityMode.LocalMachine)
            {
                var local = new LocalAuthenticationOptions(options.AdminRoleName);
                app.Use<LocalAuthenticationMiddleware>(local);
            }
            else if (options.SecurityMode == SecurityMode.OAuth2)
            {
                var jwtParams = new System.IdentityModel.Tokens.TokenValidationParameters
                {
                    NameClaimType = options.OAuth2Configuration.NameClaimType,
                    RoleClaimType = options.OAuth2Configuration.RoleClaimType,
                    ValidAudience = options.OAuth2Configuration.Audience,
                    ValidIssuer = options.OAuth2Configuration.Issuer,
                };
                if (options.OAuth2Configuration.SigningCert != null)
                {
                    jwtParams.IssuerSigningToken = new X509SecurityToken(options.OAuth2Configuration.SigningCert);
                }
                else
                {
                    var bytes = Convert.FromBase64String(options.OAuth2Configuration.SigningKey);
                    jwtParams.IssuerSigningToken = new BinarySecretSecurityToken(bytes);
                }

                app.UseJwtBearerAuthentication(new JwtBearerAuthenticationOptions {
                    TokenValidationParameters = jwtParams
                });
                app.RequireScopes(new ScopeValidationOptions {
                    AllowAnonymousAccess = true,
                    Scopes = new string[] {
                        options.OAuth2Configuration.Scope
                    }
                });
                if (options.OAuth2Configuration.ClaimsTransformation != null)
                {
                    app.Use(async (ctx, next) =>
                    {
                        var user = ctx.Authentication.User;
                        if (user != null)
                        {
                            user = options.OAuth2Configuration.ClaimsTransformation(user);
                            ctx.Authentication.User = user;
                        }

                        await next();
                    });
                }
            }

            if (!options.DisableUserInterface)
            {
                app.UseFileServer(new FileServerOptions
                {
                    RequestPath = new PathString("/assets"),
                    FileSystem = new EmbeddedResourceFileSystem(typeof(IdentityManagerAppBuilderExtensions).Assembly, "IdentityManager.Assets")
                });
                app.UseFileServer(new FileServerOptions
                {
                    RequestPath = new PathString("/assets/libs/fonts"),
                    FileSystem = new EmbeddedResourceFileSystem(typeof(IdentityManagerAppBuilderExtensions).Assembly, "IdentityManager.Assets.Content.fonts")
                });
                app.UseStageMarker(PipelineStage.MapHandler);
            }

            SignatureConversions.AddConversions(app);
            app.UseWebApi(WebApiConfig.Configure(options));
            app.UseStageMarker(PipelineStage.MapHandler);
        }
Пример #14
0
        public void Configuration(IAppBuilder app)
        {
            LogProvider.SetCurrentLogProvider(new DiagnosticsTraceLogProvider());
            Log.Logger = new LoggerConfiguration()
               .MinimumLevel.Debug()
               .WriteTo.Trace()
               .CreateLogger();

            app.UseAesDataProtectorProvider();
            app.Map("/admin", adminApp =>
                {
                    var factory = new IdentityManagerServiceFactory();

                    factory.ConfigureSimpleIdentityManagerService("AspId");
                    //factory.ConfigureCustomIdentityManagerServiceWithIntKeys("AspId_CustomPK");

                    var adminOptions = new IdentityManagerOptions(){
                        Factory = factory
                    };
                    adminOptions.SecurityConfiguration.RequireSsl = false;
                    adminApp.UseIdentityManager(adminOptions);
                });

            var idSvrFactory = Factory.Configure();
            idSvrFactory.ConfigureUserService("AspId");
            //idSvrFactory.ConfigureCustomUserService("AspId_CustomPK");

            var options = new IdentityServerOptions
            {
                SiteName = "IdentityServer3 - UserService-AspNetIdentity",
                SigningCertificate = Certificate.Get(),
                Factory = idSvrFactory,
                RequireSsl = false,
                AuthenticationOptions = new AuthenticationOptions
                {
                    IdentityProviders = ConfigureAdditionalIdentityProviders,
                }
            };

            app.UseIdentityServer(options);
        }