/// <summary> /// Adds the IdentityServer API endpoints to MVC. /// </summary> /// <param name="mvcBuilder">An interface for configuring MVC services.</param> /// <param name="configureAction">Configuration options for IdentityServer API feature.</param> public static IMvcBuilder AddIdentityServerApiEndpoints(this IMvcBuilder mvcBuilder, Action <IdentityServerApiEndpointsOptions> configureAction = null) { mvcBuilder.ConfigureApplicationPartManager(x => x.FeatureProviders.Add(new IdentityServerApiFeatureProvider())); var services = mvcBuilder.Services; var serviceProvider = services.BuildServiceProvider(); var configuration = serviceProvider.GetRequiredService <IConfiguration>(); var apiEndpointsOptions = new IdentityServerApiEndpointsOptions { Services = services }; // Initialize default options. configureAction?.Invoke(apiEndpointsOptions); apiEndpointsOptions.Services = null; services.AddDistributedMemoryCache(); // Configure options for CacheResourceFilter. services.Configure <CacheResourceFilterOptions>(options => options.DisableCache = apiEndpointsOptions.DisableCache); // Invoke action provided by developer to override default options. services.AddSingleton(apiEndpointsOptions); services.AddIndiceServices(configuration); services.AddTransient <IEventService, EventService>(); // Register validation filters. services.AddScoped <CreateClaimTypeRequestValidationFilter>(); services.AddScoped <CreateRoleRequestValidationFilter>(); // Add authorization policies that are used by the IdentityServer API. services.AddAuthorization(authOptions => { authOptions.AddPolicy(IdentityServerApi.Scope, policy => { policy.AddAuthenticationSchemes(IdentityServerApi.AuthenticationScheme) .RequireAuthenticatedUser(); }); authOptions.AddPolicy(IdentityServerApi.SubScopes.Users, policy => { policy.AddAuthenticationSchemes(IdentityServerApi.AuthenticationScheme) .RequireAuthenticatedUser() .RequireAssertion(x => x.User.HasClaim(JwtClaimTypes.Scope, IdentityServerApi.SubScopes.Users) && (x.User.IsAdmin() || x.User.IsSystemClient())); }); authOptions.AddPolicy(IdentityServerApi.SubScopes.Clients, policy => { policy.AddAuthenticationSchemes(IdentityServerApi.AuthenticationScheme) .RequireAuthenticatedUser() .RequireAssertion(x => x.User.HasClaim(JwtClaimTypes.Scope, IdentityServerApi.SubScopes.Clients) && (x.User.IsAdmin() || x.User.IsSystemClient())); }); authOptions.AddPolicy(IdentityServerApi.Admin, policy => { policy.AddAuthenticationSchemes(IdentityServerApi.AuthenticationScheme) .RequireAuthenticatedUser() .RequireAssertion(x => x.User.HasClaim(JwtClaimTypes.Scope, IdentityServerApi.Scope) && (x.User.IsAdmin() || x.User.IsSystemClient())); }); }); // Configure antiforgery token options. services.Configure <AntiforgeryOptions>(options => { options.HeaderName = CustomHeaderNames.AntiforgeryHeaderName; }); // Try register the extended version of UserManager<User>. services.TryAddScoped <ExtendedUserManager <User> >(); services.TryAddScoped <IdentityMessageDescriber>(); // Register the authentication handler, using a custom scheme name, for local APIs. services.AddAuthentication() .AddLocalApi(IdentityServerApi.AuthenticationScheme, options => { options.ExpectedScope = IdentityServerApi.Scope; }); return(mvcBuilder); }
/// <summary> /// Creates an instance of <see cref="ClientsController"/>. /// </summary> /// <param name="configurationDbContext">Abstraction for the configuration context.</param> /// <param name="generalSettings">Applications general settings.</param> /// <param name="eventService">Models the event mechanism used to raise events inside the IdentityServer API.</param> /// <param name="apiEndpointsOptions">Options for configuring the IdentityServer API feature.</param> public ClientsController( ExtendedConfigurationDbContext configurationDbContext, IOptionsSnapshot <GeneralSettings> generalSettings, IEventService eventService, IdentityServerApiEndpointsOptions apiEndpointsOptions ) { _configurationDbContext = configurationDbContext ?? throw new ArgumentNullException(nameof(configurationDbContext)); _generalSettings = generalSettings?.Value ?? throw new ArgumentNullException(nameof(generalSettings)); _eventService = eventService ?? throw new ArgumentNullException(nameof(eventService)); _apiEndpointsOptions = apiEndpointsOptions ?? throw new ArgumentNullException(nameof(apiEndpointsOptions)); }
/// <summary> /// Creates an instance of <see cref="UsersController"/>. /// </summary> /// <param name="userManager">Provides the APIs for managing user in a persistence store.</param> /// <param name="roleManager">Provides the APIs for managing roles in a persistence store.</param> /// <param name="dbContext">Class for the Entity Framework database context used for identity.</param> /// <param name="persistedGrantService">Implements persisted grant logic.</param> /// <param name="clientStore">Retrieval of client configuration.</param> /// <param name="apiEndpointsOptions">Options for configuring the IdentityServer API feature.</param> /// <param name="eventService">Models the event mechanism used to raise events inside the IdentityServer API.</param> /// <param name="generalSettings">General settings for an ASP.NET Core application.</param> /// <param name="localizer">Represents an <see cref="IStringLocalizer"/> that provides strings for <see cref="UsersController"/>.</param> public UsersController(ExtendedUserManager <User> userManager, RoleManager <Role> roleManager, ExtendedIdentityDbContext <User, Role> dbContext, IPersistedGrantService persistedGrantService, IClientStore clientStore, IdentityServerApiEndpointsOptions apiEndpointsOptions, IEventService eventService, IOptions <GeneralSettings> generalSettings, IStringLocalizer <UsersController> localizer) { _userManager = userManager ?? throw new ArgumentNullException(nameof(userManager)); _roleManager = roleManager ?? throw new ArgumentNullException(nameof(roleManager)); _dbContext = dbContext ?? throw new ArgumentNullException(nameof(dbContext)); _persistedGrantService = persistedGrantService ?? throw new ArgumentNullException(nameof(persistedGrantService)); _clientStore = clientStore ?? throw new ArgumentNullException(nameof(clientStore)); _apiEndpointsOptions = apiEndpointsOptions ?? throw new ArgumentNullException(nameof(apiEndpointsOptions)); _eventService = eventService ?? throw new ArgumentNullException(nameof(eventService)); _generalSettings = generalSettings?.Value ?? throw new ArgumentNullException(nameof(generalSettings)); _localizer = localizer ?? throw new ArgumentNullException(nameof(localizer)); }
public MyAccountController(ExtendedUserManager <User> userManager, IOptions <GeneralSettings> generalSettings, IOptionsSnapshot <IdentityOptions> identityOptions, IdentityServerApiEndpointsOptions identityServerApiEndpointsOptions, IEventService eventService, ISmsService smsService, IEmailService emailService, MessageDescriber messageDescriber, ExtendedIdentityDbContext <User, Role> dbContext) { _userManager = userManager ?? throw new ArgumentNullException(nameof(userManager)); _generalSettings = generalSettings?.Value ?? throw new ArgumentNullException(nameof(generalSettings)); _identityOptions = identityOptions?.Value ?? throw new ArgumentNullException(nameof(identityOptions)); _identityServerApiEndpointsOptions = identityServerApiEndpointsOptions ?? throw new ArgumentNullException(nameof(identityServerApiEndpointsOptions)); _eventService = eventService ?? throw new ArgumentNullException(nameof(eventService)); _messageDescriber = messageDescriber ?? throw new ArgumentNullException(nameof(messageDescriber)); _dbContext = dbContext ?? throw new ArgumentNullException(nameof(dbContext)); _smsService = smsService; _emailService = emailService; }
/// <summary> /// Registers the <see cref="DbContext"/> to be used by the Identity system. /// </summary> /// <param name="options">Options for configuring the IdentityServer API feature.</param> /// <param name="configureAction">Configuration for <see cref="ExtendedIdentityDbContext{TUser, TRole}"/>.</param> public static void AddDbContext(this IdentityServerApiEndpointsOptions options, Action <IdentityDbContextOptions> configureAction) { var dbContextOptions = new IdentityDbContextOptions(); configureAction?.Invoke(dbContextOptions); options.Services.AddSingleton(dbContextOptions); if (dbContextOptions.ResolveDbContextOptions != null) { options.Services.AddDbContext <ExtendedIdentityDbContext <User, Role> >(dbContextOptions.ResolveDbContextOptions); } else { options.Services.AddDbContext <ExtendedIdentityDbContext <User, Role> >(dbContextOptions.ConfigureDbContext); } options.Services.AddTransient <Func <ExtendedIdentityDbContext <User, Role> > >(provider => provider.GetService <ExtendedIdentityDbContext <User, Role> >); }
public MyAccountController( ExtendedIdentityDbContext <User, Role> dbContext, ExtendedUserManager <User> userManager, IConfiguration configuration, IdentityServerApiEndpointsOptions identityServerApiEndpointsOptions, IEmailService emailService, IEventService eventService, IOptions <GeneralSettings> generalSettings, IOptionsSnapshot <IdentityOptions> identityOptions, ISmsServiceFactory smsServiceFactory ) { _configuration = configuration ?? throw new ArgumentNullException(nameof(configuration)); _dbContext = dbContext ?? throw new ArgumentNullException(nameof(dbContext)); _emailService = emailService; _eventService = eventService ?? throw new ArgumentNullException(nameof(eventService)); _generalSettings = generalSettings?.Value ?? throw new ArgumentNullException(nameof(generalSettings)); _identityOptions = identityOptions?.Value ?? throw new ArgumentNullException(nameof(identityOptions)); _identityServerApiEndpointsOptions = identityServerApiEndpointsOptions ?? throw new ArgumentNullException(nameof(identityServerApiEndpointsOptions)); _smsServiceFactory = smsServiceFactory ?? throw new ArgumentNullException(nameof(smsServiceFactory)); _userManager = userManager ?? throw new ArgumentNullException(nameof(userManager)); }
/// <summary> /// Creates a new instance of <see cref="ExtendedIdentityDbContext{TUser, TRole}"/>. /// </summary> /// <param name="dbContextOptions">The options to be used by a <see cref="DbContext"/>.</param> /// <param name="options">Options for configuring the IdentityServer API feature.</param> /// <param name="webHostEnvironment">Provides information about the web hosting environment an application is running in.</param> public ExtendedIdentityDbContext(DbContextOptions <ExtendedIdentityDbContext <TUser, TRole> > dbContextOptions, IdentityServerApiEndpointsOptions options, IWebHostEnvironment webHostEnvironment) : base(dbContextOptions) { if (Database.EnsureCreated() && webHostEnvironment.IsDevelopment()) { if (options.UseInitialData) { this.Seed(); } this.Seed(options.InitialUsers); } }
/// <summary> /// Registers an implementation of <see cref="IIdentityServerApiEventHandler{TEvent}"/> for the specified event type. /// </summary> /// <typeparam name="TEvent">The type of the event to handler.</typeparam> /// <typeparam name="TEventHandler">The handler to user for the specified event.</typeparam> /// <param name="options">Options for configuring the IdentityServer API feature.</param> public static IdentityServerApiEndpointsOptions AddEventHandler <TEvent, TEventHandler>(this IdentityServerApiEndpointsOptions options) where TEvent : IIdentityServerApiEvent where TEventHandler : class, IIdentityServerApiEventHandler <TEvent> { options.Services.AddTransient(typeof(IIdentityServerApiEventHandler <TEvent>), typeof(TEventHandler)); return(options); }