public void Configuration(IAppBuilder app)
{
LogProvider.SetCurrentLogProvider(new DiagnosticsTraceLogProvider());
Log.Logger = new LoggerConfiguration()
.MinimumLevel.Debug()
.WriteTo.Trace()
.CreateLogger();
app.UseAesDataProtectorProvider();
app.Map("/admin", adminApp =>
{
var factory = new IdentityManagerServiceFactory();
factory.ConfigureSimpleIdentityManagerService("AspId");
//factory.ConfigureCustomIdentityManagerServiceWithIntKeys("AspId_CustomPK");
var adminOptions = new IdentityManagerOptions(){
Factory = factory
};
adminOptions.SecurityConfiguration.RequireSsl = false;
adminApp.UseIdentityManager(adminOptions);
});
var idSvrFactory = Factory.Configure();
idSvrFactory.ConfigureUserService("AspId");
var viewOptions = new ViewServiceOptions
{
TemplatePath = this.basePath.TrimEnd(new char[] { '/' })
};
idSvrFactory.ViewService = new IdentityServer3.Core.Configuration.Registration<IViewService>(new ViewService(viewOptions));
var options = new IdentityServerOptions
{
SiteName = "IdentityServer3 - ViewSerive-AspNetIdentity",
SigningCertificate = Certificate.Get(),
Factory = idSvrFactory,
RequireSsl = false,
AuthenticationOptions = new AuthenticationOptions
{
IdentityProviders = ConfigureAdditionalIdentityProviders,
}
};
app.Map("/core", core =>
{
core.UseIdentityServer(options);
});
app.UseStaticFiles(new StaticFileOptions
{
RequestPath = new PathString("/Content"),
FileSystem = new PhysicalFileSystem(Path.Combine(this.basePath, "Content"))
});
var config = new HttpConfiguration();
// config.MapHttpAttributeRoutes();
config.Routes.MapHttpRoute("API", "api/{controller}/{action}", new { controller = "Home", action = "Get" });
app.UseWebApi(config);
}
public static HttpConfiguration Configure(IdentityManagerOptions options)
{
if (options == null) throw new ArgumentNullException("idmConfig");
var config = new HttpConfiguration();
config.MessageHandlers.Insert(0, new KatanaDependencyResolver());
config.MapHttpAttributeRoutes();
if (!options.DisableUserInterface)
{
config.Routes.MapHttpRoute(Constants.RouteNames.Home,
"",
new { controller = "Page", action = "Index" });
config.Routes.MapHttpRoute(Constants.RouteNames.Logout,
"logout",
new { controller = "Page", action = "Logout" });
//config.Routes.MapHttpRoute(Constants.RouteNames.OAuthFrameCallback,
// "frame",
// new { controller = "Page", action = "Frame" });
}
config.SuppressDefaultHostAuthentication();
config.Filters.Add(new HostAuthenticationAttribute(options.SecurityConfiguration.BearerAuthenticationType));
config.Filters.Add(new AuthorizeAttribute() { Roles = options.SecurityConfiguration.AdminRoleName });
config.Formatters.Remove(config.Formatters.XmlFormatter);
config.Formatters.Remove(config.Formatters.FormUrlEncodedFormatter);
config.Formatters.JsonFormatter.SerializerSettings.ContractResolver =
new Newtonsoft.Json.Serialization.CamelCasePropertyNamesContractResolver();
config.Services.Add(typeof(IExceptionLogger), new LogProviderExceptionLogger());
return config;
}
public MetaController(IdentityManagerOptions config, IIdentityManagerService userManager)
{
if (config == null) throw new ArgumentNullException("config");
if (userManager == null) throw new ArgumentNullException("userManager");
this.config = config;
this.userManager = userManager;
}
public void Configuration(IAppBuilder app)
{
// config identity server
var factory = new IdentityServerServiceFactory
{
CorsPolicyService = new IdentityServer3.Core.Configuration.Registration<ICorsPolicyService>(new DefaultCorsPolicyService {AllowAll = true}),
ScopeStore = new IdentityServer3.Core.Configuration.Registration<IScopeStore>(new InMemoryScopeStore(Scopes.Get())),
ClientStore = new IdentityServer3.Core.Configuration.Registration<IClientStore>(new InMemoryClientStore(Clients.Get()))
};
factory.ConfigureUserService(ConnectionString);
app.Map("/identity", idServer => idServer.UseIdentityServer(new IdentityServerOptions
{
SiteName = "Identity Server for 8sApp",
RequireSsl = false,
Factory = factory,
SigningCertificate = Certificate.Certificate.Get(),
AuthenticationOptions = new AuthenticationOptions()
{
LoginPageLinks = new[]
{
new LoginPageLink
{
Text = "Register",
Href = "register"
}
}
}
}));
// config identity manager
app.Map("/admin", adminApp =>
{
var identityManagerServiceFactory = new IdentityManagerServiceFactory();
identityManagerServiceFactory.ConfigureIdentityManagerService(ConnectionString);
var options = new IdentityManagerOptions
{
Factory = identityManagerServiceFactory,
SecurityConfiguration = {RequireSsl = false}
};
adminApp.UseIdentityManager(options);
});
// config web api
var config = new HttpConfiguration();
config.MapHttpAttributeRoutes();
config.Routes.MapHttpRoute(
name: "DefaultApi",
routeTemplate: "api/{controller}/{id}",
defaults: new { id = RouteParameter.Optional }
);
app.UseCors(CorsOptions.AllowAll);
app.UseWebApi(config);
}
public static HttpConfiguration Configure(IdentityManagerOptions options)
{
if (options == null)
{
throw new ArgumentNullException("idmConfig");
}
var config = new HttpConfiguration();
config.MessageHandlers.Insert(0, new KatanaDependencyResolver());
config.MapHttpAttributeRoutes();
if (!options.DisableUserInterface)
{
config.Routes.MapHttpRoute(Constants.RouteNames.Home,
"",
new { controller = "Page", action = "Index" });
config.Routes.MapHttpRoute(Constants.RouteNames.OAuthFrameCallback,
"frame",
new { controller = "Page", action = "Frame" });
}
config.SuppressDefaultHostAuthentication();
if (options.SecurityMode == SecurityMode.LocalMachine)
{
config.Filters.Add(new HostAuthenticationAttribute(Constants.LocalAuthenticationType));
}
else
{
config.Filters.Add(new HostAuthenticationAttribute(Constants.BearerAuthenticationType));
}
config.Filters.Add(new AuthorizeAttribute()
{
Roles = options.AdminRoleName
});
config.Formatters.Remove(config.Formatters.XmlFormatter);
config.Formatters.Remove(config.Formatters.FormUrlEncodedFormatter);
config.Formatters.JsonFormatter.SerializerSettings.ContractResolver =
new Newtonsoft.Json.Serialization.CamelCasePropertyNamesContractResolver();
//apiConfig.Services.Add(typeof(IExceptionLogger), new UserAdminExceptionLogger());
//#if DEBUG
// apiConfig.Services.Add(typeof(IExceptionLogger), new TraceLogger());
//#endif
config.Services.Add(typeof(IExceptionLogger), new LogProviderExceptionLogger());
return(config);
}
public static void UseIdentityManager(this IAppBuilder app, IdentityManagerOptions options)
{
if (app == null) throw new ArgumentNullException("app");
if (options == null) throw new ArgumentNullException("config");
app.SetLoggerFactory(new LibLogLoggerFactory());
Logger.Info("Starting IdentityManager configuration");
options.Validate();
app.Use(async (ctx, next) =>
{
if (!ctx.Request.Scheme.Equals("https", StringComparison.OrdinalIgnoreCase) &&
options.SecurityConfiguration.RequireSsl)
{
ctx.Response.Write("HTTPS required");
}
else
{
await next();
}
});
var container = AutofacConfig.Configure(options);
app.Use<AutofacContainerMiddleware>(container);
options.SecurityConfiguration.Configure(app);
if (!options.DisableUserInterface)
{
app.UseFileServer(new FileServerOptions
{
RequestPath = new PathString("/assets"),
FileSystem = new EmbeddedResourceFileSystem(typeof(IdentityManagerAppBuilderExtensions).Assembly, "IdentityManager.Assets")
});
app.UseFileServer(new FileServerOptions
{
RequestPath = new PathString("/assets/libs/fonts"),
FileSystem = new EmbeddedResourceFileSystem(typeof(IdentityManagerAppBuilderExtensions).Assembly, "IdentityManager.Assets.Content.fonts")
});
app.UseStageMarker(PipelineStage.MapHandler);
}
SignatureConversions.AddConversions(app);
app.UseWebApi(WebApiConfig.Configure(options));
app.UseStageMarker(PipelineStage.MapHandler);
// clears out the OWIN logger factory so we don't recieve other hosting related logs
app.Properties["server.LoggerFactory"] = null;
}
public static void UseIdentityServer(this IApplicationBuilder app, IdentityServerOptions options)
{
app.UseOwin(addToPipeline =>
{
addToPipeline(next =>
{
var builder = new Microsoft.Owin.Builder.AppBuilder();
var provider = app.ApplicationServices.GetService<Microsoft.AspNet.DataProtection.IDataProtectionProvider>();
builder.Properties["security.DataProtectionProvider"] = new DataProtectionProviderDelegate(purposes =>
{
var dataProtection = provider.CreateProtector(String.Join(",", purposes));
return new DataProtectionTuple(dataProtection.Protect, dataProtection.Unprotect);
});
builder.UseAesDataProtectorProvider();
builder.Map("/admin", adminApp =>
{
var factory = new IdentityManagerServiceFactory();
factory.ConfigureSimpleIdentityManagerService("AspId");
//factory.ConfigureCustomIdentityManagerServiceWithIntKeys("AspId_CustomPK");
var adminOptions = new IdentityManagerOptions(){
Factory = factory
};
adminOptions.SecurityConfiguration.RequireSsl = false;
adminApp.UseIdentityManager(adminOptions);
});
options.Factory.ConfigureUserService("AspId");
builder.Map("/core", core => {
core.UseIdentityServer(options);
});
var appFunc = builder.Build(typeof(Func<IDictionary<string, object>, Task>)) as Func<IDictionary<string, object>, Task>;
return appFunc;
});
});
}
public void InitializeIdentityManager(IAppBuilder app, string nameOrConnStr, IdentityManagerServiceFactory factory)
{
#region CONFIGURAÇÃO DO IDENTITY MANAGER
app.Map("/admin", admin => {
var congig = new IdentityManagerOptions {
Factory = factory,
#region Configura a authenticação e o administrador do IdMgr
SecurityConfiguration = new HostSecurityConfiguration {
HostAuthenticationType = "Cookies",
AdditionalSignOutType = "oidc",
AdminRoleName = ConfigurationManager.AppSettings[Constantes.AppSettings.IdMgr.IdMgrAdminRoleName],
RequireSsl = true
#endregion
}
};
admin.UseIdentityManager(congig);
});
#endregion
}
public static IContainer Configure(IdentityManagerOptions config)
{
if (config == null)
{
throw new ArgumentNullException("config");
}
var builder = new ContainerBuilder();
builder.RegisterInstance(config);
builder.Register(config.Factory.IdentityManagerService);
builder.Register(c => new OwinEnvironmentService(c.Resolve <IOwinContext>()));
builder.RegisterApiControllers(typeof(AutofacConfig).Assembly);
foreach (var registration in config.Factory.Registrations)
{
builder.Register(registration, registration.Name);
}
var container = builder.Build();
return(container);
}
public static void Configure(IAppBuilder app)
{
Log.Logger = new LoggerConfiguration()
.MinimumLevel.Debug()
.WriteTo.Trace()
.CreateLogger();
app.UseAesDataProtectorProvider();
BasePath = AppDomain.CurrentDomain.BaseDirectory;
var certFile = Path.Combine(BasePath, "idsrv3test.pfx");
Console.WriteLine(certFile);
var options = ConfigureIdentityServer(certFile);
// var cpath = Path.GetFullPath(Path.Combine(Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location),"..", "..", "..", "src", "Janitor", "Content"));
// Console.WriteLine(cpath);
// app.UseStaticFiles (new StaticFileOptions {
// RequestPath = new PathString("/Content"),
// FileSystem = new PhysicalFileSystem(cpath)
// });
app.Map("/admin", adminApp =>
{
var factory = new IdentityManagerServiceFactory();
factory.ConfigureSimpleIdentityManagerService("AspId");
var adminOptions = new IdentityManagerOptions
{
Factory = factory,
};
adminOptions.SecurityConfiguration.RequireSsl = false;
adminApp.UseIdentityManager(adminOptions);
});
app.UseIdentityServer(options);
}
public PageController(IdentityManagerOptions idmConfig)
{
if (idmConfig == null) throw new ArgumentNullException("idmConfig");
this.idmConfig = idmConfig;
}
public void Configuration(IAppBuilder appBuilder)
{
Log.Logger = new LoggerConfiguration()
.WriteTo.Trace(outputTemplate: "{Timestamp} [{Level}] ({Name}){NewLine} {Message}{NewLine}{Exception}")
.CreateLogger();
JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary<string, string>();
appBuilder.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = "Cookies",
LoginPath = new PathString("/Home/Login")
});
appBuilder.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
AuthenticationType = "oidc",
Authority = "https://localhost:44333",
ClientId = "idmgr_and_idadmin",
RedirectUri = "https://localhost:44333",
ResponseType = "id_token",
UseTokenLifetime = false,
Scope = "openid idmgr idAdmin",
SignInAsAuthenticationType = "Cookies",
Notifications = new OpenIdConnectAuthenticationNotifications
{
SecurityTokenValidated = n =>
{
n.AuthenticationTicket.Identity.AddClaim(new Claim("id_token", n.ProtocolMessage.IdToken));
return Task.FromResult(0);
},
RedirectToIdentityProvider = async n =>
{
if (n.ProtocolMessage.RequestType == Microsoft.IdentityModel.Protocols.OpenIdConnectRequestType.LogoutRequest)
{
var result = await n.OwinContext.Authentication.AuthenticateAsync("Cookies");
if (result != null)
{
var id_token = result.Identity.Claims.GetValue("id_token");
if (id_token != null)
{
n.ProtocolMessage.IdTokenHint = id_token;
n.ProtocolMessage.PostLogoutRedirectUri = "https://localhost:44333";
}
}
}
}
}
});
var connString = ConfigurationManager.ConnectionStrings["IdSvr3Config"].ConnectionString;
// Identity admin
appBuilder.Map("/adm", adminApp =>
{
var idAdminOptions = new IdentityAdminOptions
{
Factory = ConfigIdentityServerAdmin.Factory.Configure(connString),
AdminSecurityConfiguration = new IdentityAdmin.Configuration.AdminHostSecurityConfiguration()
{
HostAuthenticationType = IdentityAdmin.Constants.CookieAuthenticationType,
AdminRoleName = "IdentityServerAdmin",
NameClaimType = "name",
RoleClaimType = "role",
}
};
adminApp.UseIdentityAdmin(idAdminOptions);
});
//Identity manager
appBuilder.Map("/idm", adminApp =>
{
var idManagerOptions = new IdentityManagerOptions
{
Factory = ConfigIdentityManager.Factory.Configure(connString),
SecurityConfiguration = new HostSecurityConfiguration()
{
HostAuthenticationType = IdentityManager.Constants.CookieAuthenticationType,
AdminRoleName = "IdentityManagerAdmin",
NameClaimType = "name",
RoleClaimType = "role",
}
};
adminApp.UseIdentityManager(idManagerOptions);
});
// Identity server
appBuilder.Map("/ids", adminApp =>
{
var idsrvOptions = new IdentityServerOptions
{
Factory = ConfigIdentityServer.Factory.Configure(connString),
SigningCertificate = Certificate.Get(),
RequireSsl = true
};
appBuilder.UseIdentityServer(idsrvOptions);
});
}
public static void UseIdentityManager(this IAppBuilder app, IdentityManagerOptions options)
{
if (app == null) throw new ArgumentNullException("app");
if (options == null) throw new ArgumentNullException("config");
options.Validate();
JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary<string, string>();
var container = AutofacConfig.Configure(options);
app.Use<AutofacContainerMiddleware>(container);
if (options.SecurityMode == SecurityMode.LocalMachine)
{
var local = new LocalAuthenticationOptions(options.AdminRoleName);
app.Use<LocalAuthenticationMiddleware>(local);
}
else if (options.SecurityMode == SecurityMode.OAuth2)
{
var jwtParams = new System.IdentityModel.Tokens.TokenValidationParameters
{
NameClaimType = options.OAuth2Configuration.NameClaimType,
RoleClaimType = options.OAuth2Configuration.RoleClaimType,
ValidAudience = options.OAuth2Configuration.Audience,
ValidIssuer = options.OAuth2Configuration.Issuer,
};
if (options.OAuth2Configuration.SigningCert != null)
{
jwtParams.IssuerSigningToken = new X509SecurityToken(options.OAuth2Configuration.SigningCert);
}
else
{
var bytes = Convert.FromBase64String(options.OAuth2Configuration.SigningKey);
jwtParams.IssuerSigningToken = new BinarySecretSecurityToken(bytes);
}
app.UseJwtBearerAuthentication(new JwtBearerAuthenticationOptions {
TokenValidationParameters = jwtParams
});
app.RequireScopes(new ScopeValidationOptions {
AllowAnonymousAccess = true,
Scopes = new string[] {
options.OAuth2Configuration.Scope
}
});
if (options.OAuth2Configuration.ClaimsTransformation != null)
{
app.Use(async (ctx, next) =>
{
var user = ctx.Authentication.User;
if (user != null)
{
user = options.OAuth2Configuration.ClaimsTransformation(user);
ctx.Authentication.User = user;
}
await next();
});
}
}
if (!options.DisableUserInterface)
{
app.UseFileServer(new FileServerOptions
{
RequestPath = new PathString("/assets"),
FileSystem = new EmbeddedResourceFileSystem(typeof(IdentityManagerAppBuilderExtensions).Assembly, "IdentityManager.Assets")
});
app.UseFileServer(new FileServerOptions
{
RequestPath = new PathString("/assets/libs/fonts"),
FileSystem = new EmbeddedResourceFileSystem(typeof(IdentityManagerAppBuilderExtensions).Assembly, "IdentityManager.Assets.Content.fonts")
});
app.UseStageMarker(PipelineStage.MapHandler);
}
SignatureConversions.AddConversions(app);
app.UseWebApi(WebApiConfig.Configure(options));
app.UseStageMarker(PipelineStage.MapHandler);
}
public void Configuration(IAppBuilder app)
{
LogProvider.SetCurrentLogProvider(new DiagnosticsTraceLogProvider());
Log.Logger = new LoggerConfiguration()
.MinimumLevel.Debug()
.WriteTo.Trace()
.CreateLogger();
app.UseAesDataProtectorProvider();
app.Map("/admin", adminApp =>
{
var factory = new IdentityManagerServiceFactory();
factory.ConfigureSimpleIdentityManagerService("AspId");
//factory.ConfigureCustomIdentityManagerServiceWithIntKeys("AspId_CustomPK");
var adminOptions = new IdentityManagerOptions(){
Factory = factory
};
adminOptions.SecurityConfiguration.RequireSsl = false;
adminApp.UseIdentityManager(adminOptions);
});
var idSvrFactory = Factory.Configure();
idSvrFactory.ConfigureUserService("AspId");
//idSvrFactory.ConfigureCustomUserService("AspId_CustomPK");
var options = new IdentityServerOptions
{
SiteName = "IdentityServer3 - UserService-AspNetIdentity",
SigningCertificate = Certificate.Get(),
Factory = idSvrFactory,
RequireSsl = false,
AuthenticationOptions = new AuthenticationOptions
{
IdentityProviders = ConfigureAdditionalIdentityProviders,
}
};
app.UseIdentityServer(options);
}