feat(auth-server): Add the default configuration of Openiddict

aspnet-core/services/LY.MicroService.AuthServer/AuthServerModule.Configure.cs

@@ -29,6 +29,8 @@ using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Hosting;
 using Microsoft.IdentityModel.Logging;
 using Microsoft.IdentityModel.Tokens;
+using OpenIddict.Server;
+using OpenIddict.Server.AspNetCore;
 using OpenIddict.Validation.AspNetCore;
 using StackExchange.Redis;
 using System;
@@ -111,7 +113,7 @@ public partial class AuthServerModule
         });
     }
 
-    private void PreConfigureAuth()
+    private void PreConfigureAuthServer()
     {
         PreConfigure<OpenIddictBuilder>(builder =>
         {
@@ -139,7 +141,7 @@ public partial class AuthServerModule
 
             PreConfigure<OpenIddictServerBuilder>(builder =>
             {
-                builder.AddProductionEncryptionAndSigningCertificate("openiddict.pfx", "e1c48393-0c43-11f0-9582-4aecacda42db");
+                builder.AddProductionEncryptionAndSigningCertificate(configuration["App:SslFile"], configuration["App:SslPassword"]);
             });
         }
 
@@ -367,6 +369,31 @@ public partial class AuthServerModule
             }
         });
     }
+
+    private void ConfigureAuthServer(IConfiguration configuration)
+    {
+        Configure<OpenIddictServerAspNetCoreBuilder>(builder =>
+        {
+            builder.DisableTransportSecurityRequirement();
+        });
+
+        Configure<OpenIddictServerAspNetCoreOptions>(options =>
+        {
+            options.DisableTransportSecurityRequirement = true;
+        });
+
+        Configure<OpenIddictServerOptions>(options =>
+        {
+            var lifetime = configuration.GetSection("OpenIddict:Lifetime");
+            options.AuthorizationCodeLifetime = lifetime.GetValue("AuthorizationCode", options.AuthorizationCodeLifetime);
+            options.AccessTokenLifetime = lifetime.GetValue("AccessToken", options.AccessTokenLifetime);
+            options.DeviceCodeLifetime = lifetime.GetValue("DeviceCode", options.DeviceCodeLifetime);
+            options.IdentityTokenLifetime = lifetime.GetValue("IdentityToken", options.IdentityTokenLifetime);
+            options.RefreshTokenLifetime = lifetime.GetValue("RefreshToken", options.RefreshTokenLifetime);
+            options.RefreshTokenReuseLeeway = lifetime.GetValue("RefreshTokenReuseLeeway", options.RefreshTokenReuseLeeway);
+            options.UserCodeLifetime = lifetime.GetValue("UserCode", options.UserCodeLifetime);
+        });
+    }
     private void ConfigureSecurity(IServiceCollection services, IConfiguration configuration, bool isDevelopment = false)
     {
         services.ForwardIdentityAuthenticationForBearer(OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme);

aspnet-core/services/LY.MicroService.AuthServer/AuthServerModule.cs

@@ -84,10 +84,10 @@ public partial class AuthServerModule : AbpModule
         var configuration = context.Services.GetConfiguration();
         var hostingEnvironment = context.Services.GetHostingEnvironment();
 
-        PreConfigureAuth();
         PreConfigureWrapper();
         PreConfigureFeature();
         PreForwardedHeaders();
+        PreConfigureAuthServer();
         PreConfigureApp(configuration);
         PreConfigureCAP(configuration);
         PreConfigureCertificate(configuration, hostingEnvironment);
@@ -110,6 +110,7 @@ public partial class AuthServerModule : AbpModule
         ConfigureUrls(configuration);
         ConfigureTiming(configuration);
         ConfigureAuditing(configuration);
+        ConfigureAuthServer(configuration);
         ConfigureMultiTenancy(configuration);
         ConfigureJsonSerializer(configuration);
         ConfigureMvc(context.Services, configuration);

aspnet-core/services/LY.MicroService.AuthServer/appsettings.json

@@ -2,7 +2,9 @@
   "App": {
     "Branding": {
       "AppName": "Auth Server"
-    }
+    },
+    "SslFile": "openiddict.pfx",
+    "SslPassword": "e1c48393-0c43-11f0-9582-4aecacda42db"
   },
   "Clock": {
     "Kind": "Local"