public async Task <AdminConfigResponse> Insert(AdminConfigResponse entity) { string Id = Guid.NewGuid().ToString(); var adminConfig = new AdminConfiguration { RowKey = Id, PartitionKey = PartitionKey.AdminConfiguration, ConfigId = Id, FlagName = entity.FlagName, FlagDescription = entity.FlagDescription, FlagValue = entity.FlagValue.ToString(), }; await _storage.Insert <AdminConfiguration>(TableStorageEntityType.AdminConfiguration, adminConfig); if (entity.FlagValue == Allow.AllOff && entity.UserId != null) { var chunkedList = this.ChunkBy(entity.UserId, 100).Select(e => string.Join(",", e)).ToList(); foreach (var chunk in chunkedList) { var user = new AllowExtenedUser { RowKey = Guid.NewGuid().ToString(), PartitionKey = Id, UserId = chunk }; await _storage.Insert <AllowExtenedUser>(TableStorageEntityType.AllowExtenedUser, user); } } entity.ConfigId = new Guid(Id); return(entity); }
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IWebHostEnvironment env, AdminConfiguration adminConfiguration) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } app.UseSwagger(); app.UseSwaggerUI(c => { c.SwaggerEndpoint($"{adminConfiguration.ApiBaseUrl}/swagger/v1/swagger.json", adminConfiguration.ApiName); c.OAuthClientId(adminConfiguration.OidcSwaggerUiClientId); c.OAuthAppName(adminConfiguration.ApiName); }); app.UseRouting(); UseAuthentication(app); app.UseCors(); app.UseAuthorization(); app.UseEndpoints(endpoints => { endpoints.MapDefaultControllerRoute(); endpoints.MapHealthChecks("/health", new HealthCheckOptions { ResponseWriter = UIResponseWriter.WriteHealthCheckUIResponse }); }); }
public ActionResult FreeTrialQuota() { using (var db = new EchoContext()) { TrialQuota tq = new TrialQuota(); var today = DateTime.Now.Date; AccountTrial today_acctt = db.AccountTrials.SingleOrDefault(x => x.Date.Equals(today)); if (today_acctt == null) { today_acctt = new AccountTrial(); } AdminConfiguration ac = db.AdminConfigurations.SingleOrDefault(); if (ac == null) { ac = new AdminConfiguration(); } tq.no_trial_used = today_acctt.No_Trial_Used; tq.no_trial_acc = today_acctt.No_Trial_Used_Acc; tq.trial_limit_total = ac.Trial_Limit_Total; tq.trial_dur_val = ac.Trial_Dur_Val; tq.trial_enable_flag = ac.Trial_Enable_Flag; return(View(tq)); } }
//private static EchoContext db = new EchoContext(); public static bool is_service_disabled() { using (var val_db = new EchoContext()) { bool result = false; AdminConfiguration ac = val_db.AdminConfigurations.SingleOrDefault(); if (ac == null) { ac = new AdminConfiguration(); } DateTime utc_now = DateTime.UtcNow; //TimeZoneInfo bkk = TimeZoneInfo.FindSystemTimeZoneById("S.E. Asia Standard Time"); DateTime now = utc_now.AddHours(7); TimeSpan disabled_start = (TimeSpan)ac.Regist_Disable_StartTime; TimeSpan disabled_end = (TimeSpan)ac.Regist_Disable_EndTime; if (disabled_end < disabled_start) { disabled_end = disabled_end.Add(new TimeSpan(24, 0, 0)); } TimeSpan disabled_span = disabled_end - disabled_start; DateTime start_at = new DateTime(now.Year, now.Month, now.Day, disabled_start.Hours, disabled_start.Minutes, disabled_start.Seconds); DateTime end_at = start_at.Add(disabled_span); if (start_at <= now && now <= end_at) { result = true; } return(result); } }
public ActionResult UpdateActivationLimit() { using (var db = new EchoContext()) { ActivationLimit al = new ActivationLimit(); var date = DateTime.Now.Date; AccountActivation aa = db.AccountActivations.Where(x => x.Date.Equals(date)).SingleOrDefault(); if (aa == null) { aa = new AccountActivation(); } AdminConfiguration ac = db.AdminConfigurations.SingleOrDefault(); if (ac == null) { ac = new AdminConfiguration(); } al.no_activation = aa.No_Activation; al.no_activation_pending = aa.No_Activation_Pending; al.no_activation_acc = aa.No_Activation_Acc; al.no_activation_limit_total = ac.No_Activation_Limit_Total; al.no_activation_limit_daily = ac.No_Activation_Limit_Daily; return(View(al)); } }
private static Task OnMessageReceived(MessageReceivedContext context, AdminConfiguration adminConfiguration) { context.Properties.IsPersistent = true; context.Properties.ExpiresUtc = new DateTimeOffset(DateTime.Now.AddHours(adminConfiguration.IdentityAdminCookieExpiresUtcHours)); return(Task.FromResult(0)); }
public static IEnumerable <ApiResource> GetApis(AdminConfiguration adminConfiguration) { return(new List <ApiResource> { new ApiResource(IdentityServerConstants.LocalApi.ScopeName), new ApiResource(adminConfiguration.IdentityAdminApiScope, new List <string> { JwtClaimTypes.Role }) { Scopes = new List <Scope>() { new Scope(adminConfiguration.IdentityAdminApiScope) } }, new ApiResource("api1", "My API", new List <string> { JwtClaimTypes.Role }) { ApiSecrets = new List <Secret> { new Secret("api1Secret1".Sha256(), "api1Secret1", DateTime.Now.AddMinutes(1)), new Secret("api1Secret2".Sha256(), "api1Secret2") }, Scopes = new List <Scope> { new Scope("api1"), new Scope("api2"), new Scope("apiall") } } }); }
public ConfirmationPerson(IPersonService personService, IOptions <SendGridConnections> sendGridSettings, IOptions <AdminConfiguration> adminSettings) { this.personService = personService; this.sendGridSettings = sendGridSettings.Value; this.adminSettings = adminSettings.Value; }
public ConfirmationCommunity(ICommunityService communityService, IOptions <SendGridConnections> sendGridSettings, IOptions <AdminConfiguration> adminSettings) { this.communityService = communityService; this.sendGridSettings = sendGridSettings.Value; this.adminSettings = adminSettings.Value; }
public ConfirmationArticle(IArticleService articleService, IOptions <SendGridConnections> sendGridSettings, IOptions <AdminConfiguration> adminSettings) { this.articleService = articleService; this.sendGridSettings = sendGridSettings.Value; this.adminSettings = adminSettings.Value; }
private static Task OnRedirectToIdentityProvider(RedirectContext context, AdminConfiguration adminConfiguration) { if (!string.IsNullOrEmpty(adminConfiguration.IdentityAdminRedirectUri)) { context.ProtocolMessage.RedirectUri = adminConfiguration.IdentityAdminRedirectUri; } return(Task.CompletedTask); }
public ReportEvents(IEventService eventService, IOptions <SendGridConnections> sendGridSettings, IOptions <AdminConfiguration> adminSettings, IFlatFileService flatFileService, IFileService fileService) { this.eventService = eventService; this.flatFileService = flatFileService; this.fileService = fileService; this.sendGridSettings = sendGridSettings.Value; this.adminSettings = adminSettings.Value; }
/// <summary> /// Initializes a new instance of the <see cref="DashboardService"/> class. /// </summary> /// <param name="noteDelegate">The note delegate to interact with the DB.</param> /// <param name="userProfileDelegate">The user profile delegate to interact with the DB.</param> /// <param name="betaRequestDelegate">The beta request delegate to interact with the DB.</param> /// <param name="config">The configuration provider.</param> public DashboardService( INoteDelegate noteDelegate, IUserProfileDelegate userProfileDelegate, IBetaRequestDelegate betaRequestDelegate, IConfiguration config) { this.noteDelegate = noteDelegate; this.userProfileDelegate = userProfileDelegate; this.betaRequestDelegate = betaRequestDelegate; this.configuration = config; this.adminConfiguration = new AdminConfiguration(); this.configuration.GetSection("Admin").Bind(this.adminConfiguration); }
private static Task OnRedirectToIdentityProvider(RedirectContext n, AdminConfiguration adminConfiguration) { n.ProtocolMessage.RedirectUri = adminConfiguration.IdentityAdminRedirectUri; // EZY-modification (EZYC-3029): custom feature to support redirecting when deployed inside d-c where ports are different. if (adminConfiguration.IdentityServerUseExternalBaseUrl) { n.ProtocolMessage.IssuerAddress = n.ProtocolMessage.IssuerAddress.Replace( adminConfiguration.IdentityServerBaseUrl, adminConfiguration.IdentityServerExternalBaseUrl); } return(Task.FromResult(0)); }
/// <summary> /// Initializes a new instance of the <see cref="DashboardService"/> class. /// </summary> /// <param name="noteDelegate">The note delegate to interact with the DB.</param> /// <param name="dependentDelegate">The dependent delegate to interact with the DB.</param> /// <param name="userProfileDelegate">The user profile delegate to interact with the DB.</param> /// <param name="config">The configuration provider.</param> public DashboardService( INoteDelegate noteDelegate, IResourceDelegateDelegate dependentDelegate, IUserProfileDelegate userProfileDelegate, IConfiguration config) { this.noteDelegate = noteDelegate; this.dependentDelegate = dependentDelegate; this.userProfileDelegate = userProfileDelegate; this.configuration = config; this.adminConfiguration = new AdminConfiguration(); this.configuration.GetSection("Admin").Bind(this.adminConfiguration); }
public static void SetAdminClaimsViaHeaders(this HttpClient client, AdminConfiguration adminConfiguration) { var claims = new[] { new Claim(ClaimTypes.NameIdentifier, Guid.NewGuid().ToString()), new Claim(ClaimTypes.Name, Guid.NewGuid().ToString()), new Claim(ClaimTypes.Role, adminConfiguration.AdministrationRole) }; var token = new JwtSecurityToken(claims: claims); var t = new JwtSecurityTokenHandler().WriteToken(token); client.DefaultRequestHeaders.Add(AuthenticatedTestRequestMiddleware.TestAuthorizationHeader, t); }
public AccountController(UserResolver <TUser> userResolver, UserManager <TUser> userManager, SignInManager <TUser> signInManager, IClientStore clientStore, IEventService events, IEmailSender emailSender, IGenericControllerLocalizer <AccountController <TUserDto, TUserDtoKey, TRoleDto, TCreateUserDto, TRoleDtoKey, TUserKey, TRoleKey, TUser, TRole, TKey, TUserClaim, TUserRole, TUserLogin, TRoleClaim, TUserToken, TUsersDto, TRolesDto, TUserRolesDto, TUserClaimsDto, TUserProviderDto, TUserProvidersDto, TUserChangePasswordDto, TRoleClaimsDto> > localizer, AdminConfiguration adminConfiguration, IIdentityService <TUserDto, TUserDtoKey, TRoleDto, TRoleDtoKey, TUserKey, TRoleKey, TUser, TRole, TKey, TUserClaim, TUserRole, TUserLogin, TRoleClaim, TUserToken, TUsersDto, TRolesDto, TUserRolesDto, TUserClaimsDto, TUserProviderDto, TUserProvidersDto, TUserChangePasswordDto, TRoleClaimsDto> identityService, IIdentityServerHelper identityServerHelper, ILogger logger) { _userResolver = userResolver; _userManager = userManager; _signInManager = signInManager; _clientStore = clientStore; _events = events; _emailSender = emailSender; _localizer = localizer; _adminConfiguration = adminConfiguration; _identityService = identityService; _identityServerHelper = identityServerHelper; _logger = logger; }
public LoginModel( SignInManager <ApplicationUser> signInManager, UserManager <ApplicationUser> userManager, RoleManager <IdentityRole> roleManager, ILogger <LoginModel> logger, IConfiguration configuration) { _settings = configuration .GetSection("Admin") .Get <AdminConfiguration>(); _signInManager = signInManager; _userManager = userManager; _roleManager = roleManager; _logger = logger; }
public ActionResult UpdateActivationLimit(ActivationLimit al) { using (var db = new EchoContext()) { AdminConfiguration ac = db.AdminConfigurations.SingleOrDefault(); string user_no = Session["User_No"].ToString(); ac.No_Activation_Limit_Total = Convert.ToInt32(al.no_activation_limit_total); ac.No_Activation_Limit_Daily = Convert.ToInt32(al.no_activation_limit_daily); ac.Updated_By = user_no; ac.Updated_Dttm = DateTime.Now; db.Entry(ac).State = EntityState.Modified; db.SaveChanges(); FreebieEvent.UserUpdateEvent(Permission.activation_page_id, "A04"); return(RedirectToAction("ActivationLimit")); } }
public ActionResult UpdateFreeTrialQuota(TrialQuota tq) { using (var db = new EchoContext()) { AdminConfiguration ac = db.AdminConfigurations.SingleOrDefault(); string user_no = Session["User_No"].ToString(); ac.Trial_Limit_Total = Convert.ToInt32(tq.trial_limit_total); ac.Trial_Dur_Val = Convert.ToInt32(tq.trial_dur_val); ac.Trial_Enable_Flag = Convert.ToBoolean(tq.trial_enable_flag); ac.Updated_By = user_no; ac.Updated_Dttm = DateTime.Now; db.Entry(ac).State = EntityState.Modified; db.SaveChanges(); FreebieEvent.UserUpdateEvent(Permission.free_trial_page_id, "A04"); return(RedirectToAction("FreeTrialQuota")); } }
public async Task <AdminConfigResponse> Upsert(AdminConfigResponse entity) { var adminConfig = new AdminConfiguration { RowKey = entity.ConfigId.ToString(), PartitionKey = PartitionKey.AdminConfiguration, ConfigId = entity.ConfigId.ToString(), FlagName = entity.FlagName, FlagDescription = entity.FlagDescription, FlagValue = entity.FlagValue.ToString(), }; await _storage.Upsert <AdminConfiguration>(TableStorageEntityType.AdminConfiguration, adminConfig); var existingData = await _storage.GetAll <AllowExtenedUser>(TableStorageEntityType.AllowExtenedUser, entity.ConfigId.ToString()); foreach (var data in existingData) { await _storage.Delete <AllowExtenedUser>(TableStorageEntityType.AllowExtenedUser, data); } if (entity.FlagValue == Allow.AllOff && entity.UserId != null) { var chunkedList = this.ChunkBy(entity.UserId, 100).Select(e => string.Join(",", e)).ToList(); foreach (var chunk in chunkedList) { var user = new AllowExtenedUser { RowKey = Guid.NewGuid().ToString(), PartitionKey = entity.ConfigId.ToString(), UserId = chunk }; await _storage.Upsert <AllowExtenedUser>(TableStorageEntityType.AllowExtenedUser, user); } } return(entity); }
/// <summary> /// Register services for authentication, including Identity. /// For production mode is used OpenId Connect middleware which is connected to IdentityServer4 instance. /// For testing purpose is used cookie middleware with fake login url. /// </summary> /// <typeparam name="TContext"></typeparam> /// <typeparam name="TUserIdentity"></typeparam> /// <typeparam name="TUserIdentityRole"></typeparam> /// <param name="services"></param> /// <param name="adminConfiguration"></param> public static void AddAuthenticationServices <TContext, TUserIdentity, TUserIdentityRole>(this IServiceCollection services, AdminConfiguration adminConfiguration) where TContext : DbContext where TUserIdentity : class where TUserIdentityRole : class { services.AddIdentity <TUserIdentity, TUserIdentityRole>(options => { options.User.RequireUniqueEmail = true; }) .AddEntityFrameworkStores <TContext>() .AddDefaultTokenProviders(); services.AddAuthentication(options => { options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme; options.DefaultChallengeScheme = AuthenticationConsts.OidcAuthenticationScheme; options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme; options.DefaultForbidScheme = CookieAuthenticationDefaults.AuthenticationScheme; options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme; options.DefaultSignOutScheme = CookieAuthenticationDefaults.AuthenticationScheme; }) .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, options => { options.Cookie.Name = adminConfiguration.IdentityAdminCookieName; // Issue: https://github.com/aspnet/Announcements/issues/318 options.Cookie.SameSite = SameSiteMode.None; }) .AddOpenIdConnect(AuthenticationConsts.OidcAuthenticationScheme, options => { options.Authority = adminConfiguration.IdentityServerBaseUrl; options.RequireHttpsMetadata = adminConfiguration.RequireHttpsMetadata; options.ClientId = adminConfiguration.ClientId; options.ClientSecret = adminConfiguration.ClientSecret; options.ResponseType = adminConfiguration.OidcResponseType; options.Scope.Clear(); foreach (var scope in adminConfiguration.Scopes) { options.Scope.Add(scope); } options.ClaimActions.MapJsonKey(adminConfiguration.TokenValidationClaimRole, adminConfiguration.TokenValidationClaimRole, adminConfiguration.TokenValidationClaimRole); options.SaveTokens = true; options.GetClaimsFromUserInfoEndpoint = true; options.TokenValidationParameters = new TokenValidationParameters { NameClaimType = adminConfiguration.TokenValidationClaimName, RoleClaimType = adminConfiguration.TokenValidationClaimRole }; options.Events = new OpenIdConnectEvents { OnMessageReceived = context => OnMessageReceived(context, adminConfiguration), OnRedirectToIdentityProvider = context => OnRedirectToIdentityProvider(context, adminConfiguration) }; }); }
public UserCreatorService(AdminConfiguration adminConfiguration, IServiceProvider serviceProvider) { _serviceProvider = serviceProvider; _adminConfiguration = adminConfiguration; }
public static AdminConfiguration CreateAdminConfiguration(string name, string value, global::System.DateTime lastModifiedTime) { AdminConfiguration adminConfiguration = new AdminConfiguration(); adminConfiguration.Name = name; adminConfiguration.Value = value; adminConfiguration.LastModifiedTime = lastModifiedTime; return adminConfiguration; }
public void AddToAdminConfigurations(AdminConfiguration adminConfiguration) { base.AddObject("AdminConfigurations", adminConfiguration); }
/// <summary> /// Register services for authentication, including Identity. /// For production mode is used OpenId Connect middleware which is connected to Duende IdentityServer instance. /// For testing purpose is used cookie middleware with fake login url. /// </summary> /// <typeparam name="TContext"></typeparam> /// <typeparam name="TUserIdentity"></typeparam> /// <typeparam name="TUserIdentityRole"></typeparam> /// <param name="services"></param> /// <param name="adminConfiguration"></param> public static void AddAuthenticationServices <TContext, TUserIdentity, TUserIdentityRole>(this IServiceCollection services, AdminConfiguration adminConfiguration, Action <IdentityOptions> identityOptionsAction, Action <AuthenticationBuilder> authenticationBuilderAction) where TContext : DbContext where TUserIdentity : class where TUserIdentityRole : class { services.Configure <CookiePolicyOptions>(options => { options.MinimumSameSitePolicy = SameSiteMode.Unspecified; options.Secure = CookieSecurePolicy.SameAsRequest; options.OnAppendCookie = cookieContext => AuthenticationHelpers.CheckSameSite(cookieContext.Context, cookieContext.CookieOptions); options.OnDeleteCookie = cookieContext => AuthenticationHelpers.CheckSameSite(cookieContext.Context, cookieContext.CookieOptions); }); services .AddIdentity <TUserIdentity, TUserIdentityRole>(identityOptionsAction) .AddEntityFrameworkStores <TContext>() .AddDefaultTokenProviders(); var authenticationBuilder = services.AddAuthentication(options => { options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme; options.DefaultChallengeScheme = AuthenticationConsts.OidcAuthenticationScheme; options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme; options.DefaultForbidScheme = CookieAuthenticationDefaults.AuthenticationScheme; options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme; options.DefaultSignOutScheme = CookieAuthenticationDefaults.AuthenticationScheme; }) .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, options => { options.Cookie.Name = adminConfiguration.IdentityAdminCookieName; }) .AddOpenIdConnect(AuthenticationConsts.OidcAuthenticationScheme, options => { options.Authority = adminConfiguration.IdentityServerBaseUrl; options.RequireHttpsMetadata = adminConfiguration.RequireHttpsMetadata; options.ClientId = adminConfiguration.ClientId; options.ClientSecret = adminConfiguration.ClientSecret; options.ResponseType = adminConfiguration.OidcResponseType; options.Scope.Clear(); foreach (var scope in adminConfiguration.Scopes) { options.Scope.Add(scope); } options.ClaimActions.MapJsonKey(adminConfiguration.TokenValidationClaimRole, adminConfiguration.TokenValidationClaimRole, adminConfiguration.TokenValidationClaimRole); options.SaveTokens = true; options.GetClaimsFromUserInfoEndpoint = true; options.TokenValidationParameters = new TokenValidationParameters { NameClaimType = adminConfiguration.TokenValidationClaimName, RoleClaimType = adminConfiguration.TokenValidationClaimRole }; options.Events = new OpenIdConnectEvents { OnMessageReceived = context => OnMessageReceived(context, adminConfiguration), OnRedirectToIdentityProvider = context => OnRedirectToIdentityProvider(context, adminConfiguration) }; }); authenticationBuilderAction?.Invoke(authenticationBuilder); }
/// <summary> /// Add authorization policies /// </summary> /// <param name="services"></param> public static void AddAuthorizationPolicies(this IServiceCollection services, AdminConfiguration adminConfiguration, Action <AuthorizationOptions> authorizationAction) { services.AddAuthorization(options => { options.AddPolicy(AuthorizationConsts.AdministrationPolicy, policy => policy.RequireRole(adminConfiguration.AdministrationRole)); authorizationAction?.Invoke(options); }); }
private static Task OnRedirectToIdentityProvider(RedirectContext n, AdminConfiguration adminConfiguration) { n.ProtocolMessage.RedirectUri = adminConfiguration.IdentityAdminRedirectUri; return(Task.FromResult(0)); }
private static void Seed(AppDbContext dbContext, UserManager <User> userManager, RoleManager <IdentityRole <int> > roleManager, ILogger <AppDbContext> logger, AdminConfiguration config) { try { var roles = Enum.GetNames(typeof(UserRole)); var dbRoles = dbContext.Roles.ToList(); if (roles.Length > dbRoles.Count) { var rolesToAdd = roles.Where(r => dbRoles.All(dbr => dbr.Name != r)); foreach (var role in rolesToAdd) { roleManager.CreateAsync(new IdentityRole <int>(role)).Wait(); } } var user = new User(DateTime.Now, config.AdminUserName); userManager.CreateAsync(user).GetAwaiter().GetResult(); userManager.AddPasswordAsync(user, config.AdminPassword).GetAwaiter().GetResult(); userManager.AddToRoleAsync(user, UserRole.Admin.ToString()).GetAwaiter().GetResult(); dbContext.SaveChanges(); } catch (Exception e) { logger.LogCritical(e.Message); throw; } }
public static IEnumerable <Client> GetClients(AdminConfiguration adminConfiguration) { return(new List <Client> { new Client { ClientId = "client", // no interactive user, use the clientid/secret for authentication AllowedGrantTypes = GrantTypes.ClientCredentials, // secret for authentication ClientSecrets = { new Secret("secret".Sha256(), "secret1", DateTime.Now.AddMinutes(1)), new Secret("secret2".Sha256(), "secret2") }, // scopes that client has access to AllowedScopes = { "api1", "api2", "apiall", JwtClaimTypes.Role, IdentityServerConstants.LocalApi.ScopeName, adminConfiguration.IdentityAdminApiScope }, ClientClaimsPrefix = string.Empty, Claims = new List <Claim> { new Claim(JwtClaimTypes.Role, "zero.Admin") } }, // resource owner password grant client new Client { ClientId = "ro.client", AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, ClientSecrets = { new Secret("secret".Sha256()) }, AllowedScopes = { "api1", adminConfiguration.IdentityAdminApiScope } }, // OpenID Connect hybrid flow client (MVC) new Client { ClientId = "mvc", ClientName = "MVC Client", AllowedGrantTypes = GrantTypes.Hybrid, ClientSecrets = { new Secret("secret".Sha256()) }, RedirectUris = { "http://localhost:5002/signin-oidc" }, PostLogoutRedirectUris = { "http://localhost:5002/signout-callback-oidc" }, AllowedScopes = { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Profile, JwtClaimTypes.Role, "api1", "api2", adminConfiguration.IdentityAdminApiScope }, AllowOfflineAccess = true }, new Client { ClientId = "mvc2", ClientName = "MVC Client2", AllowedGrantTypes = GrantTypes.Hybrid, ClientSecrets = { new Secret("secret".Sha256()) }, RedirectUris = { "http://localhost:5003/signin-oidc" }, PostLogoutRedirectUris = { "http://localhost:5003/signout-callback-oidc" }, AllowedScopes = { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Profile, JwtClaimTypes.Role, "api1", "api2", adminConfiguration.IdentityAdminApiScope }, AllowOfflineAccess = true }, // JavaScript Client new Client { ClientId = "js", ClientName = "JavaScript Client", AllowedGrantTypes = GrantTypes.Code, RequirePkce = true, RequireClientSecret = false, RedirectUris = { "http://localhost:5003/callback.html" }, PostLogoutRedirectUris = { "http://localhost:5003/index.html" }, AllowedCorsOrigins = { "http://localhost:5003" }, AllowedScopes = { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Profile, "api1", adminConfiguration.IdentityAdminApiScope } }, new Client { ClientId = adminConfiguration.IdentityAdminApiSwaggerUIClientId, ClientName = adminConfiguration.IdentityAdminApiSwaggerUIClientId, AllowedGrantTypes = GrantTypes.Implicit, RedirectUris = new List <string> { adminConfiguration.IdentityAdminApiSwaggerUIRedirectUrl }, AllowedScopes = { JwtClaimTypes.Role, adminConfiguration.IdentityAdminApiScope }, AllowAccessTokensViaBrowser = true } }); }
public static void AddIdSHealthChecks <TConfigurationDbContext, TPersistedGrantDbContext, TIdentityDbContext, TLogDbContext, TAuditLoggingDbContext>(this IServiceCollection services, IConfiguration configuration, AdminConfiguration adminConfiguration) where TConfigurationDbContext : DbContext, IAdminConfigurationDbContext where TPersistedGrantDbContext : DbContext, IAdminPersistedGrantDbContext where TIdentityDbContext : DbContext where TLogDbContext : DbContext, IAdminLogDbContext where TAuditLoggingDbContext : DbContext, IAuditLoggingDbContext <AuditLog> { var configurationDbConnectionString = configuration.GetConnectionString(ConfigurationConsts.ConfigurationDbConnectionStringKey); var persistedGrantsDbConnectionString = configuration.GetConnectionString(ConfigurationConsts.PersistedGrantDbConnectionStringKey); var identityDbConnectionString = configuration.GetConnectionString(ConfigurationConsts.IdentityDbConnectionStringKey); var logDbConnectionString = configuration.GetConnectionString(ConfigurationConsts.AdminLogDbConnectionStringKey); var auditLogDbConnectionString = configuration.GetConnectionString(ConfigurationConsts.AdminAuditLogDbConnectionStringKey); var identityServerUri = adminConfiguration.IdentityServerBaseUrl; var healthChecksBuilder = services.AddHealthChecks() .AddDbContextCheck <TConfigurationDbContext>("ConfigurationDbContext") .AddDbContextCheck <TPersistedGrantDbContext>("PersistedGrantsDbContext") .AddDbContextCheck <TIdentityDbContext>("IdentityDbContext") .AddDbContextCheck <TLogDbContext>("LogDbContext") .AddDbContextCheck <TAuditLoggingDbContext>("AuditLogDbContext") .AddIdentityServer(new Uri(identityServerUri), "Identity Server"); var serviceProvider = services.BuildServiceProvider(); var scopeFactory = serviceProvider.GetRequiredService <IServiceScopeFactory>(); using (var scope = scopeFactory.CreateScope()) { var configurationTableName = DbContextHelpers.GetEntityTable <TConfigurationDbContext>(scope.ServiceProvider); var persistedGrantTableName = DbContextHelpers.GetEntityTable <TPersistedGrantDbContext>(scope.ServiceProvider); var identityTableName = DbContextHelpers.GetEntityTable <TIdentityDbContext>(scope.ServiceProvider); var logTableName = DbContextHelpers.GetEntityTable <TLogDbContext>(scope.ServiceProvider); var auditLogTableName = DbContextHelpers.GetEntityTable <TAuditLoggingDbContext>(scope.ServiceProvider); var databaseProvider = configuration.GetSection(nameof(DatabaseProviderConfiguration)).Get <DatabaseProviderConfiguration>(); switch (databaseProvider.ProviderType) { case DatabaseProviderType.SqlServer: healthChecksBuilder .AddSqlServer(configurationDbConnectionString, name: "ConfigurationDb", healthQuery: $"SELECT TOP 1 * FROM dbo.[{configurationTableName}]") .AddSqlServer(persistedGrantsDbConnectionString, name: "PersistentGrantsDb", healthQuery: $"SELECT TOP 1 * FROM dbo.[{persistedGrantTableName}]") .AddSqlServer(identityDbConnectionString, name: "IdentityDb", healthQuery: $"SELECT TOP 1 * FROM dbo.[{identityTableName}]") .AddSqlServer(logDbConnectionString, name: "LogDb", healthQuery: $"SELECT TOP 1 * FROM dbo.[{logTableName}]") .AddSqlServer(auditLogDbConnectionString, name: "AuditLogDb", healthQuery: $"SELECT TOP 1 * FROM dbo.[{auditLogTableName}]"); break; case DatabaseProviderType.PostgreSQL: healthChecksBuilder .AddNpgSql(configurationDbConnectionString, name: "ConfigurationDb", healthQuery: $"SELECT * FROM {configurationTableName} LIMIT 1") .AddNpgSql(persistedGrantsDbConnectionString, name: "PersistentGrantsDb", healthQuery: $"SELECT * FROM {persistedGrantTableName} LIMIT 1") .AddNpgSql(identityDbConnectionString, name: "IdentityDb", healthQuery: $"SELECT * FROM {identityTableName} LIMIT 1") .AddNpgSql(logDbConnectionString, name: "LogDb", healthQuery: $"SELECT * FROM {logTableName} LIMIT 1") .AddNpgSql(auditLogDbConnectionString, name: "AuditLogDb", healthQuery: $"SELECT * FROM {auditLogTableName} LIMIT 1"); break; case DatabaseProviderType.MySql: healthChecksBuilder .AddMySql(configurationDbConnectionString, name: "ConfigurationDb") .AddMySql(persistedGrantsDbConnectionString, name: "PersistentGrantsDb") .AddMySql(identityDbConnectionString, name: "IdentityDb") .AddMySql(logDbConnectionString, name: "LogDb") .AddMySql(auditLogDbConnectionString, name: "AuditLogDb"); break; default: throw new NotImplementedException($"Health checks not defined for database provider {databaseProvider.ProviderType}"); } } }
public CheckUserExistence(IOptions <AdminConfiguration> adminSettings) { this.adminSettings = adminSettings.Value; }