public void Configuration(IAppBuilder app) { // this configures IdentityManager // we're using a Map just to test hosting not at the root app.Map("/idm", idm => { LogProvider.SetCurrentLogProvider(new DiagnosticsTraceLogProvider()); var factory = new IdentityManagerServiceFactory(); var rand = new System.Random(); var users = Users.Get(rand.Next(5000, 20000)); var roles = Roles.Get(rand.Next(15)); factory.Register(new Registration <ICollection <InMemoryUser> >(users)); factory.Register(new Registration <ICollection <InMemoryRole> >(roles)); factory.IdentityManagerService = new Registration <IIdentityManagerService, InMemoryIdentityManagerService>(); idm.UseIdentityManager(new IdentityManagerOptions { Factory = factory, SecurityMode = SecurityMode.LocalMachine, OAuth2Configuration = new OAuth2Configuration { AuthorizationUrl = "http://localhost:17457/ids/connect/authorize", Issuer = "https://idsrv3.com", Audience = "https://idsrv3.com/resources", ClientId = "idmgr", SigningCert = Cert.Load(), Scope = "idmgr", ClaimsTransformation = user => { if (user.IsInRole("Foo")) { ((ClaimsIdentity)user.Identity).AddClaim(new Claim("role", "IdentityManagerAdministrator")); } return(user); }, //PersistToken = true, //AutomaticallyRenewToken = true } }); }); // this configures an embedded IdentityServer to act as an external authentication provider // when using IdentityManager in Token security mode. normally you'd configure this elsewhere. app.Map("/ids", ids => { IdSvrConfig.Configure(ids); }); // used to redirect to the main admin page visiting the root of the host app.Run(ctx => { ctx.Response.Redirect("/idm/"); return(System.Threading.Tasks.Task.FromResult(0)); }); }
public void Configuration(IAppBuilder app) { LogProvider.SetCurrentLogProvider(new TraceSourceLogProvider()); JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary <string, string>(); app.UseCookieAuthentication(new Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions { AuthenticationType = "Cookies" }); app.UseOpenIdConnectAuthentication(new Microsoft.Owin.Security.OpenIdConnect.OpenIdConnectAuthenticationOptions { Authority = "https://localhost:44337/ids", ClientId = "idmgr_client", RedirectUri = "https://localhost:44337", ResponseType = "id_token", UseTokenLifetime = false, Scope = "openid idmgr", SignInAsAuthenticationType = "Cookies" }); app.Map("/idm", idm => { var factory = new IdentityManagerServiceFactory(); var rand = new System.Random(); var users = Users.Get(rand.Next(5000, 20000)); var roles = Roles.Get(rand.Next(15)); factory.Register(new Registration <ICollection <InMemoryUser> >(users)); factory.Register(new Registration <ICollection <InMemoryRole> >(roles)); factory.IdentityManagerService = new Registration <IIdentityManagerService, InMemoryIdentityManagerService>(); idm.UseIdentityManager(new IdentityManagerOptions { Factory = factory, SecurityConfiguration = new HostSecurityConfiguration { HostAuthenticationType = "Cookies" } }); }); // this configures an embedded IdentityServer to act as an external authentication provider // when using IdentityManager in Token security mode. normally you'd configure this elsewhere. app.Map("/ids", ids => { IdSvrConfig.Configure(ids); }); // used to redirect to the main admin page visiting the root of the host app.Run(ctx => { ctx.Response.Redirect("/idm/"); return(Task.FromResult(0)); }); }
public void Configuration(IAppBuilder app) { // this configures IdentityManager // we're using a Map just to test hosting not at the root app.Map("/idm", idm => { var rand = new System.Random(); var svc = new InMemoryIdentityManagerService(Users.Get(rand.Next(5000, 20000)), Roles.Get(rand.Next(15))); idm.UseIdentityManager(new IdentityManagerConfiguration { IdentityManagerFactory = () => svc, SecurityMode = SecurityMode.LocalMachine, OAuth2Configuration = new OAuth2Configuration { AuthorizationUrl = "http://localhost:17457/ids/connect/authorize", Issuer = "https://idsrv3.com", Audience = "https://idsrv3.com/resources", ClientId = "idmgr", SigningCert = Cert.Load(), Scope = "idmgr", //PersistToken = true, //AutomaticallyRenewToken = true } }); }); // this configures an embedded IdentityServer to act as an external authentication provider // when using IdentityManager in Token security mode. normally you'd configure this elsewhere. app.Map("/ids", ids => { IdSvrConfig.Configure(ids); }); // used to redirect to the main admin page visiting the root of the host app.Run(ctx => { ctx.Response.Redirect("/idm/"); return(System.Threading.Tasks.Task.FromResult(0)); }); }
public void Configuration(IAppBuilder app) { LogProvider.SetCurrentLogProvider(new TraceSourceLogProvider()); JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary <string, string>(); app.UseCookieAuthentication(new Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions { AuthenticationType = "Cookies", }); app.UseOpenIdConnectAuthentication(new Microsoft.Owin.Security.OpenIdConnect.OpenIdConnectAuthenticationOptions { AuthenticationType = "oidc", Authority = "https://localhost:44337/ids", ClientId = "idmgr_client", RedirectUri = "https://localhost:44337", ResponseType = "id_token", UseTokenLifetime = false, Scope = "openid idmgr", SignInAsAuthenticationType = "Cookies", Notifications = new Microsoft.Owin.Security.OpenIdConnect.OpenIdConnectAuthenticationNotifications { SecurityTokenValidated = n => { n.AuthenticationTicket.Identity.AddClaim(new Claim("id_token", n.ProtocolMessage.IdToken)); return(Task.FromResult(0)); }, RedirectToIdentityProvider = async n => { if (n.ProtocolMessage.RequestType == Microsoft.IdentityModel.Protocols.OpenIdConnectRequestType.LogoutRequest) { var result = await n.OwinContext.Authentication.AuthenticateAsync("Cookies"); if (result != null) { var id_token = result.Identity.Claims.GetValue("id_token"); if (id_token != null) { n.ProtocolMessage.IdTokenHint = id_token; n.ProtocolMessage.PostLogoutRedirectUri = "https://localhost:44337/idm"; } } } } } }); app.Map("/idm", idm => { var factory = new IdentityManagerServiceFactory(); var rand = new System.Random(); var users = Users.Get(rand.Next(5000, 20000)); var roles = Roles.Get(rand.Next(15)); factory.Register(new Registration <ICollection <InMemoryUser> >(users)); factory.Register(new Registration <ICollection <InMemoryRole> >(roles)); factory.IdentityManagerService = new Registration <IIdentityManagerService, InMemoryIdentityManagerService>(); idm.UseIdentityManager(new IdentityManagerOptions { Factory = factory, SecurityConfiguration = new HostSecurityConfiguration { HostAuthenticationType = "Cookies", //AdditionalSignOutType = "oidc" } }); }); // this configures an embedded IdentityServer to act as an external authentication provider // when using IdentityManager in Token security mode. normally you'd configure this elsewhere. app.Map("/ids", ids => { IdSvrConfig.Configure(ids); }); }