public void ConfigureServices(IServiceCollection services)
{
services.AddControllersWithViews().AddJsonOptions(o => o.JsonSerializerOptions.WriteIndented = true);
services.AddCors(options =>
{
// this defines a CORS policy called "default"
options.AddPolicy("default", policy =>
{
policy.WithOrigins("http://localhost:8100")
.AllowAnyHeader()
.AllowAnyMethod();
});
});
// Modify for https
// HTTPS
// const issuer = "https://identityserver/";
// HTTP
var issuer = "http://identityserver/";
// HTTP
var builder = services.AddIdentityServer(o => o.IssuerUri = issuer)
.AddInMemoryIdentityResources(Config.Ids)
.AddInMemoryApiResources(Config.Apis)
.AddInMemoryClients(Config.Clients)
.AddTestUsers(TestUsers.Users());
builder.AddDeveloperSigningCredential();
//services.AddAuthentication()
// .AddGoogle("Google", options =>
// {
// options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
// options.ClientId = "<insert here>";
// options.ClientSecret = "<insert here>";
// })
// .AddOpenIdConnect("oidc", "Demo IdentityServer", options =>
// {
// options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
// options.SignOutScheme = IdentityServerConstants.SignoutScheme;
// options.SaveTokens = true;
// options.Authority = "https://demo.identityserver.io/";
// options.ClientId = "native.code";
// options.ClientSecret = "secret";
// options.ResponseType = "code";
// options.TokenValidationParameters = new TokenValidationParameters
// {
// NameClaimType = "name",
// RoleClaimType = "role"
// };
// });
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddIdentityServer()
.AddInMemoryClients(ClientStore.GetClients())
.AddInMemoryIdentityResources(Resources.GetIdentityResources())
.AddInMemoryApiResources(Resources.GetApiResources())
.AddInMemoryApiScopes(Resources.GetApiScopes())
.AddTestUsers(TestUsers.GetTestUsers())
.AddDeveloperSigningCredential(); // TODO: IdentityServer uses an asymmetric key pair to sign and validate JWTs. Change this to a secure RSA key
}
/// <summary>
/// Updates the database.
/// </summary>
/// <param name="app">The application.</param>
/// <param name="env">The environmental variable.</param>
private static void UpdateDatabase(IApplicationBuilder app, IWebHostEnvironment env)
{
using IServiceScope serviceScope = app.ApplicationServices
.GetRequiredService <IServiceScopeFactory>()
.CreateScope();
using IdentityDbContext context = serviceScope.ServiceProvider.GetService <IdentityDbContext>();
context.Database.Migrate();
if (!context.IdentityUser.Any())
{
context.IdentityUser.AddRange(TestUsers.GetDefaultIdentityUsers(env.IsProduction()));
context.SaveChanges();
}
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
var pfxFilePath = Configuration.GetSection("Certificate:PfxFilePath");
var pfxFilePassword = Configuration.GetSection("Certificate:Password");
services.AddIdentityServer()
.AddSigningCredential(new X509Certificate2(pfxFilePath.Value, pfxFilePassword.Value))
.AddInMemoryClients(Clients.Get())
.AddInMemoryApiResources(ApiRecourses.Get())
.AddTestUsers(TestUsers.Get().ToList());
services.AddMvc();
}
public void ConfigureServices(IServiceCollection services) =>
services
.AddControllersWithViews().Services
.AddIdentityServer(options => {
options.Events.RaiseErrorEvents = true;
options.Events.RaiseInformationEvents = true;
options.Events.RaiseFailureEvents = true;
options.Events.RaiseSuccessEvents = true;
})
.AddTestUsers(TestUsers.FromFile())
.AddInMemoryIdentityResources(Configuration.GetSection("IdentityResources"))
.AddInMemoryApiResources(Configuration.GetSection("ApiResources"))
.AddInMemoryClients(Configuration.GetSection("Clients"))
.AddDeveloperSigningCredential().Services
.AddAuthentication();
public AccountController(
IIdentityServerInteractionService interaction,
IClientStore clientStore,
IAuthenticationSchemeProvider schemeProvider,
IEventService events,
TestUserStore users = null)
{
// if the TestUserStore is not in DI, then we'll just use the global users collection
// this is where you would plug in your own custom identity management library (e.g. ASP.NET Identity)
_users = users ?? new TestUserStore(TestUsers.Users());
_interaction = interaction;
_clientStore = clientStore;
_schemeProvider = schemeProvider;
_events = events;
}
/// <summary>
/// Updates the database.
/// </summary>
/// <param name="app">The application.</param>
/// <param name="env">The environmental variable.</param>
private static void UpdateDatabase(IApplicationBuilder app, IWebHostEnvironment env)
{
using IServiceScope serviceScope = app.ApplicationServices
.GetRequiredService <IServiceScopeFactory>()
.CreateScope();
using IdentityDbContext context = serviceScope.ServiceProvider.GetService <IdentityDbContext>();
context.Database.Migrate();
List <IdentityUser> identityUsers = TestUsers.GetDefaultIdentityUsers();
foreach (IdentityUser identityUser in identityUsers.Where(identityUser => !context.IdentityUser.Any(e => e.SubjectId == identityUser.SubjectId)))
{
if (env.IsProduction())
{
identityUser.Password = TestUsers.CreateTestUserPassword(identityUser.Username);
}
context.Add(identityUser);
}
context.SaveChanges();
}
private static void InitializeDbTestData(IApplicationBuilder app)
{
using (var serviceScope = app.ApplicationServices.GetService <IServiceScopeFactory>().CreateScope())
{
serviceScope.ServiceProvider.GetRequiredService <PersistedGrantDbContext>().Database.Migrate();
serviceScope.ServiceProvider.GetRequiredService <ConfigurationDbContext>().Database.Migrate();
serviceScope.ServiceProvider.GetRequiredService <ApplicationDbContext>().Database.Migrate();
var context = serviceScope.ServiceProvider.GetRequiredService <ConfigurationDbContext>();
if (!context.Clients.Any())
{
foreach (var client in Clients.Get())
{
context.Clients.Add(client.ToEntity());
}
context.SaveChanges();
}
if (!context.IdentityResources.Any())
{
foreach (var resource in Resources.GetIdentityResources())
{
context.IdentityResources.Add(resource.ToEntity());
}
context.SaveChanges();
}
if (!context.ApiScopes.Any())
{
foreach (var scope in Resources.GetApiScopes())
{
context.ApiScopes.Add(scope.ToEntity());
}
context.SaveChanges();
}
if (!context.ApiResources.Any())
{
foreach (var resource in Resources.GetApiResources())
{
context.ApiResources.Add(resource.ToEntity());
}
context.SaveChanges();
}
var userManager = serviceScope.ServiceProvider.GetRequiredService <UserManager <User> >();
if (!userManager.Users.Any())
{
foreach (var testUser in TestUsers.Get())
{
User identityUser = new User()
{
Id = testUser.SubjectId,
UserName = testUser.Username
};
userManager.CreateAsync(identityUser, testUser.Password).Wait();
userManager.AddClaimsAsync(identityUser, testUser.Claims.ToList()).Wait();
}
}
}
}
