Ewerton · May 9, 2022 21:03
diff --git a/HostingExtensions.cs b/HostingExtensions.cs
 using IdentityServer.Data;
 using IdentityServer.Models;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Identity.UI.Services;
 using Microsoft.EntityFrameworkCore;
 using PrefeituraBrasil.IdentityServer;
 using PrefeituraBrasil.IdentityServer.Service;
 using PrefeituraBrasil.Infra.Comunicacoes.Email;
 using PrefeituraBrasil.Infra.Comunicacoes.Email.Interfaces;
 using Serilog;
 using System.Reflection;

 namespace IdentityServer;

 internal static class HostingExtensions
 {
    public static WebApplication ConfigureServices(this WebApplicationBuilder builder)
    {
        builder.Services.AddRazorPages();

        var migrationsAssembly = typeof(Program).GetTypeInfo().Assembly.GetName().Name;
        string connectionString = builder.Configuration.GetConnectionString("IdentityServer");

        builder.Services.AddDbContext<ApplicationDbContext>(options =>
            options.UseNpgsql(connectionString));
        builder.Services.AddDatabaseDeveloperPageExceptionFilter();

        builder.Services.AddIdentity<ApplicationUser, IdentityRole>(options =>
        {
            // Password settings.
            options.Password.RequiredLength = 8;
            options.Password.RequireUppercase = true;
            options.Password.RequireLowercase = true;
            options.Password.RequireDigit = true;
            options.Password.RequireNonAlphanumeric = true;

            // SignIn settings.
            options.SignIn.RequireConfirmedAccount = true;

            // User settings.
            options.User.RequireUniqueEmail = true;
        })
        .AddEntityFrameworkStores<ApplicationDbContext>()
        .AddDefaultTokenProviders()
        .AddErrorDescriber<LocalizedIdentityErrorDescriber>(); // Para emitir as mensagens de erro em pt-BR (mensagens como "A senha deve ter x caracteres")

        builder.Services.AddIdentityServer(options =>
        {
            options.Events.RaiseErrorEvents = true;
            options.Events.RaiseInformationEvents = true;
            options.Events.RaiseFailureEvents = true;
            options.Events.RaiseSuccessEvents = true;

            // see https://docs.duendesoftware.com/identityserver/v6/fundamentals/resources/
            options.EmitStaticAudienceClaim = true;
        })

        .AddConfigurationStore(options =>
        {
            options.ConfigureDbContext = b => b.UseNpgsql(connectionString,
                sql => sql.MigrationsAssembly(migrationsAssembly)); // Informa que os migrations vão ficar neste assembly
        })

        .AddOperationalStore(options =>
        {
            options.ConfigureDbContext = b => b.UseNpgsql(connectionString,
                sql => sql.MigrationsAssembly(migrationsAssembly)); // Informa que os migrations vão ficar neste assembly
        })

        .AddAspNetIdentity<ApplicationUser>(); //Novo

        builder.Services.AddAuthentication();

        // Não habilite o CORS aqui. Isso deve ser habilitado para cada client (veja Config.CS "AllowedCorsOrigins") 
        //builder.Services.AddCors();

        return builder.Build();
    }

    public static WebApplication ConfigurePipeline(this WebApplication app)
    {
        app.UseSerilogRequestLogging();

        if (app.Environment.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }

        // Não habilite o CORS aqui. Isso deve ser habilitado para cada client (veja Config.CS "AllowedCorsOrigins") 
        //app.UseCors(corsPolicyBuilder => corsPolicyBuilder
        //    .AllowAnyOrigin()
        //    .AllowAnyMethod()
        //    .AllowAnyHeader());


        //app.UseHttpsRedirection(); // ?
        app.UseStaticFiles();
        app.UseRouting();

        app.UseIdentityServer();
        app.UseAuthentication(); // 
        app.UseAuthorization();

        // http://docs.nwebsec.com/en/latest/nwebsec/Configuring-xfo.html
        // Não permite que este site seja carregado em um iFrame para proteger de atraques de Clickjacking
        app.UseXfo(options => options.SameOrigin());


        //https://www.hanselman.com/blog/net-6-hot-reload-and-refused-to-connect-to-ws-because-it-violates-the-content-security-policy-directive-because-web-sockets
        // Permite que a página faça chamadas wss (secure webservice) para o servidor. Este é o mecanismo usado pelo Visual Studio para fazer HotReload, portanto, sem isso o Hotreload não funciona
        if (app.Environment.IsDevelopment())
        {
            app.UseCsp(options => options
                .DefaultSources(s => s.Self())
                .ImageSources(s => s.Self().CustomSources("data:")) // Habilita uso de imagem encodadas em base64
                .ConnectSources(s => s.CustomSources("wss:"))); // Habilita execução do script js para HotReload pelo VS
        }
        else
        {
            app.UseCsp(options => options
               .DefaultSources(s => s.Self())
               .ImageSources(s => s.Self().CustomSources("data:"))); // Habilita uso de imagem encodadas em base64
        }

        app.MapRazorPages()
             .RequireAuthorization();

        return app;
    }

    public static IServiceCollection RegisterDependencies(this IServiceCollection services, IConfiguration config)
    {
      // omited
    }


 }
	using IdentityServer.Data;
	using IdentityServer.Models;
	using Microsoft.AspNetCore.Identity;
	using Microsoft.AspNetCore.Identity.UI.Services;
	using Microsoft.EntityFrameworkCore;
	using PrefeituraBrasil.IdentityServer;
	using PrefeituraBrasil.IdentityServer.Service;
	using PrefeituraBrasil.Infra.Comunicacoes.Email;
	using PrefeituraBrasil.Infra.Comunicacoes.Email.Interfaces;
	using Serilog;
	using System.Reflection;

	namespace IdentityServer;

	internal static class HostingExtensions
	{
	public static WebApplication ConfigureServices(this WebApplicationBuilder builder)
	{
	builder.Services.AddRazorPages();

	var migrationsAssembly = typeof(Program).GetTypeInfo().Assembly.GetName().Name;
	string connectionString = builder.Configuration.GetConnectionString("IdentityServer");

	builder.Services.AddDbContext<ApplicationDbContext>(options =>
	options.UseNpgsql(connectionString));
	builder.Services.AddDatabaseDeveloperPageExceptionFilter();

	builder.Services.AddIdentity<ApplicationUser, IdentityRole>(options =>
	{
	// Password settings.
	options.Password.RequiredLength = 8;
	options.Password.RequireUppercase = true;
	options.Password.RequireLowercase = true;
	options.Password.RequireDigit = true;
	options.Password.RequireNonAlphanumeric = true;

	// SignIn settings.
	options.SignIn.RequireConfirmedAccount = true;

	// User settings.
	options.User.RequireUniqueEmail = true;
	})
	.AddEntityFrameworkStores<ApplicationDbContext>()
	.AddDefaultTokenProviders()
	.AddErrorDescriber<LocalizedIdentityErrorDescriber>(); // Para emitir as mensagens de erro em pt-BR (mensagens como "A senha deve ter x caracteres")

	builder.Services.AddIdentityServer(options =>
	{
	options.Events.RaiseErrorEvents = true;
	options.Events.RaiseInformationEvents = true;
	options.Events.RaiseFailureEvents = true;
	options.Events.RaiseSuccessEvents = true;

	// see https://docs.duendesoftware.com/identityserver/v6/fundamentals/resources/
	options.EmitStaticAudienceClaim = true;
	})

	.AddConfigurationStore(options =>
	{
	options.ConfigureDbContext = b => b.UseNpgsql(connectionString,
	sql => sql.MigrationsAssembly(migrationsAssembly)); // Informa que os migrations vão ficar neste assembly
	})

	.AddOperationalStore(options =>
	{
	options.ConfigureDbContext = b => b.UseNpgsql(connectionString,
	sql => sql.MigrationsAssembly(migrationsAssembly)); // Informa que os migrations vão ficar neste assembly
	})

	.AddAspNetIdentity<ApplicationUser>(); //Novo

	builder.Services.AddAuthentication();

	// Não habilite o CORS aqui. Isso deve ser habilitado para cada client (veja Config.CS "AllowedCorsOrigins")
	//builder.Services.AddCors();

	return builder.Build();
	}

	public static WebApplication ConfigurePipeline(this WebApplication app)
	{
	app.UseSerilogRequestLogging();

	if (app.Environment.IsDevelopment())
	{
	app.UseDeveloperExceptionPage();
	}

	// Não habilite o CORS aqui. Isso deve ser habilitado para cada client (veja Config.CS "AllowedCorsOrigins")
	//app.UseCors(corsPolicyBuilder => corsPolicyBuilder
	// .AllowAnyOrigin()
	// .AllowAnyMethod()
	// .AllowAnyHeader());


	//app.UseHttpsRedirection(); // ?
	app.UseStaticFiles();
	app.UseRouting();

	app.UseIdentityServer();
	app.UseAuthentication(); //
	app.UseAuthorization();

	// http://docs.nwebsec.com/en/latest/nwebsec/Configuring-xfo.html
	// Não permite que este site seja carregado em um iFrame para proteger de atraques de Clickjacking
	app.UseXfo(options => options.SameOrigin());


	//https://www.hanselman.com/blog/net-6-hot-reload-and-refused-to-connect-to-ws-because-it-violates-the-content-security-policy-directive-because-web-sockets
	// Permite que a página faça chamadas wss (secure webservice) para o servidor. Este é o mecanismo usado pelo Visual Studio para fazer HotReload, portanto, sem isso o Hotreload não funciona
	if (app.Environment.IsDevelopment())
	{
	app.UseCsp(options => options
	.DefaultSources(s => s.Self())
	.ImageSources(s => s.Self().CustomSources("data:")) // Habilita uso de imagem encodadas em base64
	.ConnectSources(s => s.CustomSources("wss:"))); // Habilita execução do script js para HotReload pelo VS
	}
	else
	{
	app.UseCsp(options => options
	.DefaultSources(s => s.Self())
	.ImageSources(s => s.Self().CustomSources("data:"))); // Habilita uso de imagem encodadas em base64
	}

	app.MapRazorPages()
	.RequireAuthorization();

	return app;
	}

	public static IServiceCollection RegisterDependencies(this IServiceCollection services, IConfiguration config)
	{
	// omited
	}


	}