public void Configure(IApplicationBuilder app)
{
var settings = app.ApplicationServices.GetService<IOptions<AppSettings>>();
LogProvider.SetCurrentLogProvider(new DiagnosticsTraceLogProvider());
app.Map("/core", core =>
{
var factory = InMemoryFactory.Create(
users: Users.Get(),
clients: Clients.Get(),
scopes: Scopes.Get());
var cors = new DefaultCorsPolicyService
{
AllowAll = true
};
factory.CorsPolicyService = new Registration<ICorsPolicyService>(cors);
var idsrvOptions = new IdentityServerOptions
{
LoggingOptions = new LoggingOptions
{
IncludeSensitiveDataInLogs = true,
//WebApiDiagnosticsIsVerbose = true,
//EnableWebApiDiagnostics = true
},
IssuerUri = settings.Options.IssuerUrl,
SiteName = settings.Options.SiteTitle,
Factory = factory,
SigningCertificate = Certificate.Get(),
RequireSsl = false,
AuthenticationOptions = new AuthenticationOptions
{
}
};
core.UseIdentityServer(idsrvOptions);
});
app.Map("/api", api =>
{
api.UseOAuthBearerAuthentication(options => {
options.Authority = settings.Options.AuthorizationUrl;
options.MetadataAddress = settings.Options.AuthorizationUrl + "/.well-known/openid-configuration";
options.TokenValidationParameters.ValidAudience = settings.Options.BaseUrl + "/resources";
});
// for web api
api.UseMvc();
});
}
public void Configuration(IAppBuilder app)
{
// For more information on how to configure your application, visit http://go.microsoft.com/fwlink/?LinkID=316888
app.Map("/identity", idsrvApp =>
{
var corsPolicyService = new DefaultCorsPolicyService() //TODO FAVIO -> use other policy that is included in the "End" folder, because the one used here accepts any origin (not just our angular app)
{
AllowAll = true
};
var idServerServiceFactory = new IdentityServerServiceFactory()
.UseInMemoryClients(Clients.Get())
.UseInMemoryScopes(Scopes.Get())
.UseInMemoryUsers(Users.Get());
idServerServiceFactory.CorsPolicyService = new
Registration<IdentityServer3.Core.Services.ICorsPolicyService>(corsPolicyService);
var options = new IdentityServerOptions
{
Factory = idServerServiceFactory,
SiteName = "TripCompany Security Token service",
IssuerUri = TripGallery.Constants.TripGalleryIssuerUri,
PublicOrigin = TripGallery.Constants.TripGallerySTSOrigin ,
SigningCertificate = LoadCertificate()
};
idsrvApp.UseIdentityServer(options);
}
);
}
public void Configuration(IAppBuilder app)
{
app.Map("/identity", idsrvApp =>
{
var corsPolicyService = new DefaultCorsPolicyService()
{
AllowAll = true
};
var factory = new IdentityServerServiceFactory()
.UseInMemoryUsers(Users.Get())
.UseInMemoryClients(Clients.Get())
.UseInMemoryScopes(Scopes.Get());
factory.CorsPolicyService = new Registration<IdentityServer3.Core.Services.ICorsPolicyService>(corsPolicyService);
idsrvApp.UseIdentityServer(new IdentityServerOptions
{
SiteName = "Embedded IdentityServer",
SigningCertificate = LoadCertificate(),
Factory = factory
});
});
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = "Cookies"
});
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
Authority = "https://localhost:44300/identity",
Scope = "openid profile roles",
ClientId = "mvc",
RedirectUri = "https://localhost:44300/",
ResponseType = "id_token",
SignInAsAuthenticationType = "Cookies"
});
}
public void Configuration(IAppBuilder app)
{
//Identity Server Config
app.Map("/oauth", idApp =>
{
var cors = new DefaultCorsPolicyService() {AllowAll = true};
var factory = new IdentityServerServiceFactory()
{
CorsPolicyService = new Registration<ICorsPolicyService>(cors)
}
.UseInMemoryUsers(Users.Get())
.UseInMemoryClients(Clients.Get())
.UseInMemoryScopes(StandardScopes.All);
idApp.UseIdentityServer(new IdentityServerOptions
{
SiteName = "",
Factory = factory,
RequireSsl = true,
EnableWelcomePage = true,
SigningCertificate = LoadCertificate()
});
});
}
public DefaultCorsPolicyServiceTests()
{
subject = new DefaultCorsPolicyService();
}