everything works now

2021-05-19 23:14:57 +02:00
parent 0b01340e88
commit beab15a7ef
10 changed files with 168 additions and 32 deletions
--- a/HanyadikHetVan/Startup.cs
+++ b/HanyadikHetVan/Startup.cs
@@ -7,11 +7,16 @@ using Microsoft.AspNetCore.Authentication.JwtBearer;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Identity.UI.Services;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Hosting;
+using Microsoft.IdentityModel.Tokens;
 using Microsoft.OpenApi.Models;
+using System;
+using System.Collections.Generic;
+using System.IdentityModel.Tokens.Jwt;
 using System.Reflection;

 namespace HanyadikHetVan
@@ -39,6 +44,8 @@ namespace HanyadikHetVan
            services.AddTransient<IdentityService>();
            services.AddTransient<HanyadikHetVanService>();
            services.AddTransient<IProfileService, ProfileService>();
+            services.AddTransient<IEmailSender, EmailSender>();
+            services.Configure<EmailSenderConfig>(Configuration.GetSection("EmailSender"));
            services.AddDatabaseDeveloperPageExceptionFilter();

            services.AddAuthentication(config =>
@@ -50,26 +57,46 @@ namespace HanyadikHetVan
                    config.Authority = "https://localhost:5001";
                    config.Audience = "api";
                    config.RequireHttpsMetadata = false;
+                    config.TokenValidationParameters = new TokenValidationParameters
+                    {
+                        ValidateIssuer = false,
+                        ValidateAudience = true,
+                        ValidateIssuerSigningKey = false,
+                        RequireSignedTokens = false,
+                        SignatureValidator = delegate (string token, TokenValidationParameters parameters)
+                        {
+                            return new JwtSecurityToken(token);
+                        },
+                        ValidateLifetime = false,
+                        RequireExpirationTime = false
+                    };
                });

            services.AddAuthorization(config =>
            {
                config.AddPolicy("default", config => config.RequireAuthenticatedUser().AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme));
                config.DefaultPolicy = config.GetPolicy("default");
+                config.AddPolicy("AdminPolicy", p => p.RequireClaim("user_role", "admin"));
            });

-            services.AddIdentity<User, IdentityRole>(options => options.SignIn.RequireConfirmedAccount = true)
+            services.AddIdentity<User, IdentityRole>(options => { options.SignIn.RequireConfirmedAccount = true; })
                .AddDefaultTokenProviders()
                .AddEntityFrameworkStores<ApplicationDbContext>();

-            services.AddIdentityServer()
+            services.AddIdentityServer(o =>
+            {
+                o.UserInteraction.LoginUrl = "/Identity/Account/Login";
+                o.UserInteraction.LogoutUrl = "/Identity/Account/Logout";
+                o.UserInteraction.ErrorUrl = "/Identity/Account/Error";
+            })
                .AddDeveloperSigningCredential()
                .AddInMemoryPersistedGrants()
                .AddInMemoryIdentityResources(Configuration.GetSection("IdentityServer:IdentityResources"))
                .AddInMemoryApiResources(Configuration.GetSection("IdentityServer:ApiResources"))
                .AddInMemoryApiScopes(Configuration.GetSection("IdentityServer:ApiScopes"))
                .AddInMemoryClients(Configuration.GetSection("IdentityServer:Clients"))
-                .AddAspNetIdentity<User>();
+                .AddAspNetIdentity<User>()
+                .AddProfileService<ProfileService>();

            services.AddRazorPages();

@@ -88,6 +115,25 @@ namespace HanyadikHetVan

            services.AddSwaggerGen(c =>
            {
+                c.AddSecurityDefinition("oauth2", new OpenApiSecurityScheme
+                {
+                    Type = SecuritySchemeType.OAuth2,
+                    Flows = new OpenApiOAuthFlows
+                    {
+                        AuthorizationCode = new OpenApiOAuthFlow
+                        {
+                            AuthorizationUrl = new Uri("https://localhost:5001/connect/authorize"),
+                            TokenUrl = new Uri("https://localhost:5001/connect/token"),
+                            Scopes = new Dictionary<string, string>
+                            {
+                                {"profile", "Profile"},
+                                {"openid", "OpenID"},
+                                {"user_role", "User roles"},
+                                {"api.readwrite", "Access to api"}
+                            }
+                        }
+                    }
+                });
                c.SwaggerDoc("v1", new OpenApiInfo { Title = "Hanyadik Het Van API", Version = "v1" });
                c.SwaggerDoc("v2", new OpenApiInfo { Title = "Hanyadik Het Van API", Version = "v2" });
            });
@@ -101,10 +147,10 @@ namespace HanyadikHetVan
                app.UseMigrationsEndPoint();
                app.UseSwagger();
                app.UseSwaggerUI(c =>
-                    {
-                        c.SwaggerEndpoint("v1/swagger.json", "Original API");
-                        c.SwaggerEndpoint("v2/swagger.json", "Homework API");
-                    });
+                {
+                    c.SwaggerEndpoint("v1/swagger.json", "Original API");
+                    c.SwaggerEndpoint("v2/swagger.json", "Homework API");
+                });
            }
            else
            {