tsai
/
squidex
mirror of https://github.com/Squidex/squidex.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Separate config file for authentication.

pull/169/head
Sebastian Stehle 9 years ago
parent
1b4b93a55d
commit
19cb3ecdbc
3 changed files with 64 additions and 51 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 50
      src/Squidex/Config/Authentication/AuthenticationServices.cs
  2. 62
      src/Squidex/Config/Authentication/IdentityServerServices.cs
  3. 3
      src/Squidex/Config/Domain/InfrastructureServices.cs

50
src/Squidex/Config/Authentication/AuthenticationServices.cs
View File

@ -6,12 +6,8 @@
// All rights reserved.
// ==========================================================================
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Builder;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Squidex.Infrastructure;
namespace Squidex.Config.Authentication
{
@ -22,52 +18,10 @@ namespace Squidex.Config.Authentication
var identityOptions = config.GetSection("identity").Get<MyIdentityOptions>();
services.AddAuthentication()
.AddCookie()
.AddMyGoogleAuthentication(identityOptions)
.AddMyMicrosoftAuthentication(identityOptions)
.AddMyApiProtection(identityOptions, config);
}
public static AuthenticationBuilder AddMyApiProtection(this AuthenticationBuilder authBuilder, MyIdentityOptions identityOptions, IConfiguration config)
{
var apiScope = Constants.ApiScope;
var urlsOptions = config.GetSection("urls").Get<MyUrlsOptions>();
if (!string.IsNullOrWhiteSpace(urlsOptions.BaseUrl))
{
string apiAuthorityUrl;
if (!string.IsNullOrWhiteSpace(identityOptions.AuthorityUrl))
{
apiAuthorityUrl = identityOptions.AuthorityUrl.BuildFullUrl(Constants.IdentityServerPrefix);
}
else
{
apiAuthorityUrl = urlsOptions.BuildUrl(Constants.IdentityServerPrefix);
}
authBuilder.AddIdentityServerAuthentication(options =>
{
options.Authority = apiAuthorityUrl;
options.ApiName = apiScope;
options.ApiSecret = null;
options.RequireHttpsMetadata = identityOptions.RequiresHttps;
});
authBuilder.AddOpenIdConnect(options =>
{
options.Authority = apiAuthorityUrl;
options.ClientId = Constants.InternalClientId;
options.ClientSecret = Constants.InternalClientSecret;
options.RequireHttpsMetadata = identityOptions.RequiresHttps;
options.SaveTokens = true;
options.Scope.Add(Constants.RoleScope);
options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
});
}
return authBuilder;
.AddMyIdentityServerAuthentication(identityOptions, config)
.AddCookie();
}
}
}

62
src/Squidex/Config/Authentication/IdentityServerServices.cs
View File

@ -0,0 +1,62 @@
// ==========================================================================
// AuthenticationServices.cs
// Squidex Headless CMS
// ==========================================================================
// Copyright (c) Squidex Group
// All rights reserved.
// ==========================================================================
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Builder;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Squidex.Infrastructure;
namespace Squidex.Config.Authentication
{
public static class IdentityServerServices
{
public static AuthenticationBuilder AddMyIdentityServerAuthentication(this AuthenticationBuilder authBuilder, MyIdentityOptions identityOptions, IConfiguration config)
{
var apiScope = Constants.ApiScope;
var urlsOptions = config.GetSection("urls").Get<MyUrlsOptions>();
if (!string.IsNullOrWhiteSpace(urlsOptions.BaseUrl))
{
string apiAuthorityUrl;
if (!string.IsNullOrWhiteSpace(identityOptions.AuthorityUrl))
{
apiAuthorityUrl = identityOptions.AuthorityUrl.BuildFullUrl(Constants.IdentityServerPrefix);
}
else
{
apiAuthorityUrl = urlsOptions.BuildUrl(Constants.IdentityServerPrefix);
}
authBuilder.AddIdentityServerAuthentication(options =>
{
options.Authority = apiAuthorityUrl;
options.ApiName = apiScope;
options.ApiSecret = null;
options.RequireHttpsMetadata = identityOptions.RequiresHttps;
});
authBuilder.AddOpenIdConnect(options =>
{
options.Authority = apiAuthorityUrl;
options.ClientId = Constants.InternalClientId;
options.ClientSecret = Constants.InternalClientSecret;
options.RequireHttpsMetadata = identityOptions.RequiresHttps;
options.SaveTokens = true;
options.Scope.Add(Constants.RoleScope);
options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
});
}
return authBuilder;
}
}
}

3
src/Squidex/Config/Domain/InfrastructureServices.cs
View File

@ -9,16 +9,13 @@
using System;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc.Infrastructure;
using Microsoft.Extensions.Caching.Memory;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Options;
using Newtonsoft.Json;
using NodaTime;
using Squidex.Infrastructure;
using Squidex.Infrastructure.Assets;
using Squidex.Infrastructure.Assets.ImageSharp;
using Squidex.Infrastructure.Caching;
using Squidex.Infrastructure.CQRS.Commands;
using Squidex.Infrastructure.CQRS.Events;
using Squidex.Infrastructure.Log;

Write Preview
Loading…
Cancel
Save