Created
June 23, 2020 20:05
-
-
Save mangowi/b2b89d304b1cb9dcbbfb9645a1e51346 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // ConfigureServices | |
| public void ConfigureServices(IServiceCollection services) | |
| { | |
| services.AddCors(); | |
| services.AddControllersWithViews(); | |
| services.AddControllers(); | |
| services.AddDbContextPool<AppIdentityDbContext>(options => options | |
| // Configure the context to use MySQL Server. | |
| .UseMySql(Configuration.GetConnectionString("DefaultConnection"), mySqlOptions => mySqlOptions | |
| // replace with your Server Version and Type | |
| .ServerVersion(new Version(8, 0, 18), ServerType.MySql) | |
| ) | |
| // Register the entity sets needed by OpenIddict. | |
| // Note: use the generic overload if you need | |
| // to replace the default OpenIddict entities. | |
| .UseOpenIddict()); | |
| // Register the Identity services. | |
| services.AddIdentity<ApplicationUser, IdentityRole>( options => | |
| options.Password = new PasswordOptions | |
| { | |
| RequireDigit = false, | |
| RequiredLength = 6, | |
| RequireLowercase = false, | |
| RequireUppercase = false, | |
| RequireNonAlphanumeric = false, | |
| RequiredUniqueChars = 0 | |
| }) | |
| .AddEntityFrameworkStores<AppIdentityDbContext>() | |
| .AddDefaultTokenProviders(); | |
| // Configure Identity to use the same JWT claims as OpenIddict instead | |
| // of the legacy WS-Federation claims it uses by default (ClaimTypes), | |
| // which saves you from doing the mapping in your authorization controller. | |
| services.Configure<IdentityOptions>(options => | |
| { | |
| options.ClaimsIdentity.UserNameClaimType = OpenIddictConstants.Claims.Name; | |
| options.ClaimsIdentity.UserIdClaimType = OpenIddictConstants.Claims.Subject; | |
| options.ClaimsIdentity.RoleClaimType =OpenIddictConstants.Claims.Role; | |
| }); | |
| // Register the OpenIddict services. | |
| services.AddOpenIddict() | |
| .AddCore(options => | |
| { | |
| // Configure OpenIddict to use the Entity Framework Core stores and entities. | |
| options.UseEntityFrameworkCore() | |
| .UseDbContext<AppIdentityDbContext>(); | |
| }) | |
| // Register the OpenIddict server handler. | |
| .AddServer(options => | |
| { | |
| options.SetAccessTokenLifetime(TimeSpan.FromMinutes(250)); | |
| options.SetRefreshTokenLifetime(TimeSpan.FromMinutes(3500)); | |
| // Enable the token endpoint. | |
| options.SetTokenEndpointUris("/connect/token") | |
| .SetLogoutEndpointUris("/connect/logout") | |
| .SetUserinfoEndpointUris("/connect/userinfo"); | |
| // Mark the "email", "profile" and "roles" scopes as supported scopes. | |
| options.RegisterScopes(Scopes.Email, Scopes.Profile, Scopes.Roles); | |
| // Enable the password and the refresh token flows. | |
| options.AllowPasswordFlow() | |
| .AllowRefreshTokenFlow(); | |
| // Accept anonymous clients (i.e clients that don't send a client_id). | |
| options.AcceptAnonymousClients(); | |
| // Register the signing and encryption credentials. | |
| options.AddDevelopmentEncryptionCertificate() | |
| .AddDevelopmentSigningCertificate(); | |
| // Register the ASP.NET Core host and configure the ASP.NET Core-specific options. | |
| options.UseAspNetCore() | |
| .EnableTokenEndpointPassthrough() | |
| .DisableTransportSecurityRequirement(); // During development, you can disable the HTTPS requirement. | |
| #region OpenIddict 2.1 | |
| /* | |
| Removed | |
| */ | |
| #endregion | |
| }) | |
| // Register the OpenIddict validation handler. | |
| // Note: the OpenIddict validation handler is only compatible with the | |
| // default token format or with reference tokens and cannot be used with | |
| // JWT tokens. For JWT tokens, use the Microsoft JWT bearer handler. | |
| // Register the OpenIddict validation components. | |
| .AddValidation(options => | |
| { | |
| // Import the configuration from the local OpenIddict server instance. | |
| options.UseLocalServer(); | |
| // Register the ASP.NET Core host. | |
| options.UseAspNetCore(); | |
| }); | |
| services.AddAuthentication(options => | |
| { | |
| options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; | |
| options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; | |
| }).AddJwtBearer(options => | |
| { | |
| options.Authority = "https://localhost:44335/"; | |
| options.Audience = "resource_server"; | |
| options.RequireHttpsMetadata = false; | |
| options.TokenValidationParameters = new TokenValidationParameters | |
| { | |
| NameClaimType = Claims.Email, | |
| RoleClaimType = Claims.Role, | |
| //ValidIssuer = "https://localhost:44335/", | |
| //ValidAudience = "resource_server", | |
| ValidateIssuer = false, | |
| ValidateAudience = false | |
| }; | |
| }); | |
| } | |
| public void Configure(IApplicationBuilder app, IWebHostEnvironment env) | |
| { | |
| // this will do the initial DB population | |
| //InitializeDatabase(app); | |
| if (env.IsDevelopment()) | |
| { | |
| app.UseDeveloperExceptionPage(); | |
| } | |
| app.UseHttpsRedirection(); | |
| app.UseRouting(); | |
| app.UseCors(builder => | |
| { | |
| builder.WithOrigins("http://localhost:44335"); | |
| builder.WithMethods("GET","POST"); | |
| builder.WithHeaders("Authorization"); | |
| }); | |
| app.UseAuthentication(); | |
| app.UseAuthorization(); | |
| app.UseEndpoints(options => | |
| { | |
| options.MapControllers(); | |
| options.MapDefaultControllerRoute(); | |
| }); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment