public void ConfigureServices(IServiceCollection services) { services.Configure <CookiePolicyOptions>(options => { options.MinimumSameSitePolicy = SameSiteMode.Unspecified; options.OnAppendCookie = cookieContext => CheckSameSite(cookieContext.Context, cookieContext.CookieOptions); options.OnDeleteCookie = cookieContext => CheckSameSite(cookieContext.Context, cookieContext.CookieOptions); }); // uncomment, if you want to add an MVC-based UI services.AddControllersWithViews(); var builder = services.AddIdentityServer() .AddSigningCredential(X509.GetCertificate(Configuration["SigningCertThumprint"])) // signing.crt thumbprint .AddValidationKey(X509.GetCertificate(Configuration["ValidationCertThumbprint"])) // validation.crt thumbprint .AddInMemoryIdentityResources(Config.Ids) .AddInMemoryApiResources(Config.Apis) .AddInMemoryClients(Config.Clients) .AddTestUsers(Config.GetUsers()); // not recommended for production - you need to store your key material somewhere secure if (Environment.IsDevelopment()) { builder.AddDeveloperSigningCredential(); } services.AddAuthentication() .AddGoogle("Google", options => { options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme; options.SaveTokens = true; options.ClientId = Config.GoogleClientId; options.ClientSecret = Config.GoogleClientSecrect; //options.CorrelationCookie.SameSite = SameSiteMode.Lax; }); }
public void ConfigureServices(IServiceCollection services) { string connectionString = Configuration.GetConnectionString("DefaultConnection"); services.AddDbContext <ApplicationDbContext>(options => options.UseSqlServer(connectionString)); services.AddIdentity <ApplicationUser, IdentityRole>() .AddEntityFrameworkStores <ApplicationDbContext>() .AddDefaultTokenProviders(); services.AddMvc(options => { //options.SslPort = 5000; //kestrel //options.Filters.Add(new RequireHttpsAttribute()); //kestrel }); //.SetCompatibilityVersion(Microsoft.AspNetCore.Mvc.CompatibilityVersion.Version_2_1); //kestrel //services.AddAntiforgery(options => //{ // options.Cookie.Name = "_af"; // options.Cookie.HttpOnly = true; // options.Cookie.SecurePolicy = Microsoft.AspNetCore.Http.CookieSecurePolicy.Always; // options.HeaderName = "X-XSRF-TOKEN"; //}); services.Configure <MySettingsModel>(Configuration.GetSection("MySettings")); services.AddScoped <IGrafanaHelper, GrafanaHelper>(); services.AddScoped <IGrafRole, GrafRoleHelper>(); var migrationsAssembly = typeof(Startup).GetTypeInfo().Assembly.GetName().Name; var signinCredential = X509.GetCertificate("7948D0F59B78BCF6B165C84BE61834DEFD96AEA0"); var validationKey = X509.GetCertificate("2BF154F3D1F8BC6743238ACB22AED7C31AA909B1"); services.AddIdentityServer() //.AddDeveloperSigningCredential() .AddAspNetIdentity <ApplicationUser>() .AddSigningCredential(signinCredential) //self signed localhost cert .AddValidationKey(validationKey) //self signed localhost cert // this adds the operational data from DB (codes, tokens, consents) .AddOperationalStore(store => { store.ConfigureDbContext = builder => builder.UseSqlServer(connectionString, sql => sql.MigrationsAssembly(migrationsAssembly)); store.EnableTokenCleanup = true; store.TokenCleanupInterval = 1800; }) // this adds the config data from DB (clients, resources) .AddConfigurationStore(options => { options.ConfigureDbContext = builder => builder.UseSqlServer(connectionString, sql => sql.MigrationsAssembly(migrationsAssembly)); }); //.AddAspNetIdentity<ApplicationUser>(); services.Configure <IISOptions>(options => { options.ForwardClientCertificate = false; }); services.AddCsp(nonceByteAmount: 32); services.AddCors(); }