Merge branch 'aspnetcore-v2' of github.com:Squidex/squidex

Squidex.sln

@@ -1,6 +1,6 @@
 Microsoft Visual Studio Solution File, Format Version 12.00
 # Visual Studio 15
-VisualStudioVersion = 15.0.26730.12
+VisualStudioVersion = 15.0.27004.2002
 MinimumVisualStudioVersion = 10.0.40219.1
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Squidex", "src\Squidex\Squidex.csproj", "{61F6BBCE-A080-4400-B194-70E2F5D2096E}"
 EndProject

src/Squidex.Domain.Apps.Core/Squidex.Domain.Apps.Core.csproj

@@ -13,8 +13,8 @@
     <PackageReference Include="Jint" Version="2.11.23" />
     <PackageReference Include="Microsoft.OData.Core" Version="7.3.1" />
     <PackageReference Include="Newtonsoft.Json" Version="10.0.3" />
-    <PackageReference Include="NJsonSchema" Version="9.7.3" />
+    <PackageReference Include="NJsonSchema" Version="9.8.3" />
-    <PackageReference Include="NodaTime" Version="2.2.0" />
+    <PackageReference Include="NodaTime" Version="2.2.1" />
     <PackageReference Include="RefactoringEssentials" Version="5.2.0" />
     <PackageReference Include="StyleCop.Analyzers" Version="1.0.2" />
     <PackageReference Include="System.Collections.Immutable" Version="1.4.0" />

src/Squidex.Domain.Apps.Events/Squidex.Domain.Apps.Events.csproj

@@ -11,7 +11,7 @@
     <ProjectReference Include="..\Squidex.Infrastructure\Squidex.Infrastructure.csproj" />
   </ItemGroup>
   <ItemGroup>
-    <PackageReference Include="NodaTime" Version="2.2.0" />
+    <PackageReference Include="NodaTime" Version="2.2.1" />
     <PackageReference Include="RefactoringEssentials" Version="5.2.0" />
     <PackageReference Include="StyleCop.Analyzers" Version="1.0.2" />
     <PackageReference Include="System.ValueTuple" Version="4.4.0" />

src/Squidex.Domain.Apps.Read/Squidex.Domain.Apps.Read.csproj

@@ -13,8 +13,8 @@
   </ItemGroup>
   <ItemGroup>
     <PackageReference Include="GraphQL" Version="0.17.3" />
-    <PackageReference Include="Microsoft.Extensions.Caching.Memory" Version="1.1.2" />
+    <PackageReference Include="Microsoft.Extensions.Caching.Memory" Version="2.0.0" />
-    <PackageReference Include="NodaTime" Version="2.2.0" />
+    <PackageReference Include="NodaTime" Version="2.2.1" />
     <PackageReference Include="RefactoringEssentials" Version="5.2.0" />
     <PackageReference Include="StyleCop.Analyzers" Version="1.0.2" />
     <PackageReference Include="System.Threading.Tasks.Dataflow" Version="4.8.0" />

src/Squidex.Domain.Apps.Write/Squidex.Domain.Apps.Write.csproj

@@ -14,7 +14,7 @@
     <ProjectReference Include="..\Squidex.Shared\Squidex.Shared.csproj" />
   </ItemGroup>
   <ItemGroup>
-    <PackageReference Include="NodaTime" Version="2.2.0" />
+    <PackageReference Include="NodaTime" Version="2.2.1" />
     <PackageReference Include="RefactoringEssentials" Version="5.2.0" />
     <PackageReference Include="StyleCop.Analyzers" Version="1.0.2" />
     <PackageReference Include="System.ValueTuple" Version="4.4.0" />

src/Squidex.Domain.Users.MongoDb/Squidex.Domain.Users.MongoDb.csproj

@@ -13,8 +13,8 @@
     <ProjectReference Include="..\Squidex.Shared\Squidex.Shared.csproj" />
   </ItemGroup>
   <ItemGroup>
-    <PackageReference Include="IdentityServer4" Version="1.5.2" />
+    <PackageReference Include="IdentityServer4" Version="2.0.1" />
-    <PackageReference Include="Microsoft.AspNetCore.Identity" Version="1.1.2" />
+    <PackageReference Include="Microsoft.AspNetCore.Identity" Version="2.0.0" />
     <PackageReference Include="Microsoft.Win32.Registry" Version="4.4.0" />
     <PackageReference Include="MongoDB.Driver" Version="2.4.4" />
     <PackageReference Include="RefactoringEssentials" Version="5.2.0" />

src/Squidex.Domain.Users/Squidex.Domain.Users.csproj

@@ -11,7 +11,7 @@
     <ProjectReference Include="..\Squidex.Shared\Squidex.Shared.csproj" />
   </ItemGroup>
   <ItemGroup>
-    <PackageReference Include="Microsoft.AspNetCore.Identity" Version="1.1.2" />
+    <PackageReference Include="Microsoft.AspNetCore.Identity" Version="2.0.0" />
     <PackageReference Include="Microsoft.Win32.Registry" Version="4.4.0" />
     <PackageReference Include="RefactoringEssentials" Version="5.2.0" />
     <PackageReference Include="StyleCop.Analyzers" Version="1.0.2" />

src/Squidex.Infrastructure.GetEventStore/Squidex.Infrastructure.GetEventStore.csproj

@@ -8,7 +8,7 @@
     <DebugSymbols>True</DebugSymbols>
   </PropertyGroup>
   <ItemGroup>
-    <PackageReference Include="EventStore.ClientAPI.NetCore" Version="4.0.0-alpha-1" />
+    <PackageReference Include="EventStore.ClientAPI.NetCore" Version="4.0.2-rc" />
     <PackageReference Include="RefactoringEssentials" Version="5.2.0" />
     <PackageReference Include="StyleCop.Analyzers" Version="1.0.2" />
   </ItemGroup>

src/Squidex.Infrastructure/Squidex.Infrastructure.csproj

@@ -8,10 +8,10 @@
     <DebugSymbols>True</DebugSymbols>
   </PropertyGroup>
   <ItemGroup>
-    <PackageReference Include="Microsoft.Extensions.Caching.Abstractions" Version="1.1.2" />
+    <PackageReference Include="Microsoft.Extensions.Caching.Abstractions" Version="2.0.0" />
-    <PackageReference Include="Microsoft.Extensions.Logging" Version="1.1.2" />
+    <PackageReference Include="Microsoft.Extensions.Logging" Version="2.0.0" />
     <PackageReference Include="Newtonsoft.Json" Version="10.0.3" />
-    <PackageReference Include="NodaTime" Version="2.2.0" />
+    <PackageReference Include="NodaTime" Version="2.2.1" />
     <PackageReference Include="RefactoringEssentials" Version="5.2.0" />
     <PackageReference Include="SixLabors.ImageSharp" Version="1.0.0-beta0001" />
     <PackageReference Include="StyleCop.Analyzers" Version="1.0.2" />

src/Squidex/Config/Identity/AuthenticationServices.cs

@@ -0,0 +1,62 @@
+// ==========================================================================
+//  AuthenticationServices.cs
+//  Squidex Headless CMS
+// ==========================================================================
+//  Copyright (c) Squidex Group
+//  All rights reserved.
+// ==========================================================================
+
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Builder;
+using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.DependencyInjection;
+using Squidex.Infrastructure;
+
+namespace Squidex.Config.Identity
+{
+    public static class AuthenticationServices
+    {
+        public static IServiceCollection AddMyAuthentication(this IServiceCollection services, IConfiguration configuration)
+        {
+            var identityOptions = configuration.GetSection("identity").Get<MyIdentityOptions>();
+
+            services.AddAuthentication()
+                .AddMyGoogleAuthentication(identityOptions)
+                .AddMyMicrosoftAuthentication(identityOptions)
+                .AddMyApiProtection(identityOptions, configuration);
+
+            return services;
+        }
+
+        public static AuthenticationBuilder AddMyApiProtection(this AuthenticationBuilder authBuilder, MyIdentityOptions identityOptions, IConfiguration configuration)
+        {
+            var apiScope = Constants.ApiScope;
+
+            var urlsOptions = configuration.GetSection("urls").Get<MyUrlsOptions>();
+
+            if (!string.IsNullOrWhiteSpace(urlsOptions.BaseUrl))
+            {
+                string apiAuthorityUrl;
+
+                if (!string.IsNullOrWhiteSpace(identityOptions.AuthorityUrl))
+                {
+                    apiAuthorityUrl = identityOptions.AuthorityUrl.BuildFullUrl(Constants.IdentityPrefix);
+                }
+                else
+                {
+                    apiAuthorityUrl = urlsOptions.BuildUrl(Constants.IdentityPrefix);
+                }
+
+                authBuilder.AddIdentityServerAuthentication(options =>
+                {
+                    options.Authority = apiAuthorityUrl;
+                    options.ApiName = apiScope;
+                    options.ApiSecret = null;
+                    options.RequireHttpsMetadata = identityOptions.RequiresHttps;
+                });
+            }
+
+            return authBuilder;
+        }
+    }
+}

src/Squidex/Config/Identity/AuthenticationUsage.cs

@@ -0,0 +1,22 @@
+// ==========================================================================
+//  AuthenticationUsage.cs
+//  Squidex Headless CMS
+// ==========================================================================
+//  Copyright (c) Squidex Group
+//  All rights reserved.
+// ==========================================================================
+
+using Microsoft.AspNetCore.Builder;
+
+namespace Squidex.Config.Identity
+{
+    public static class AuthenticationUsage
+    {
+        public static IApplicationBuilder UseMyAuthentication(this IApplicationBuilder app)
+        {
+            app.UseAuthentication();
+
+            return app;
+        }
+    }
+}

src/Squidex/Config/Identity/GithubHandler.cs

@@ -1,42 +0,0 @@
-// ==========================================================================
-//  GithubHandler.cs
-//  Squidex Headless CMS
-// ==========================================================================
-//  Copyright (c) Squidex Group
-//  All rights reserved.
-// ==========================================================================
-
-using System.Security.Claims;
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Authentication.OAuth;
-using Squidex.Shared.Identity;
-
-namespace Squidex.Config.Identity
-{
-    public sealed class GitHubHandler : OAuthEvents
-    {
-        public override Task CreatingTicket(OAuthCreatingTicketContext context)
-        {
-            var userLogin = context.User.Value<string>("login");
-            var userName = context.User.Value<string>("name");
-
-            if (!string.IsNullOrEmpty(userName))
-            {
-                context.Identity.AddClaim(new Claim(SquidexClaimTypes.SquidexDisplayName, userName));
-            }
-            else if (!string.IsNullOrWhiteSpace(userLogin))
-            {
-                context.Identity.AddClaim(new Claim(SquidexClaimTypes.SquidexDisplayName, userName));
-            }
-
-            var pictureUrl = context.User.Value<string>("avatar_url");
-
-            if (!string.IsNullOrEmpty(pictureUrl))
-            {
-                context.Identity.AddClaim(new Claim(SquidexClaimTypes.SquidexPictureUrl, pictureUrl));
-            }
-
-            return base.CreatingTicket(context);
-        }
-    }
-}

src/Squidex/Config/Identity/GithubIdentityUsage.cs

@@ -1,37 +0,0 @@
-// ==========================================================================
-//  GithubIdentityUsage.cs
-//  Squidex Headless CMS
-// ==========================================================================
-//  Copyright (c) Squidex Group
-//  All rights reserved.
-// ==========================================================================
-
-using AspNet.Security.OAuth.GitHub;
-using Microsoft.AspNetCore.Builder;
-using Microsoft.Extensions.DependencyInjection;
-using Microsoft.Extensions.Options;
-
-namespace Squidex.Config.Identity
-{
-    public static class GitHubIdentityUsage
-    {
-        public static IApplicationBuilder UseMyGithubAuthentication(this IApplicationBuilder app)
-        {
-            var options = app.ApplicationServices.GetService<IOptions<MyIdentityOptions>>().Value;
-
-            if (options.IsGithubAuthConfigured())
-            {
-                var githubOptions =
-                    new GitHubAuthenticationOptions
-                    {
-                        ClientId = options.GithubClient,
-                        ClientSecret = options.GithubSecret
-                    };
-
-                app.UseGitHubAuthentication(githubOptions);
-            }
-
-            return app;
-        }
-    }
-}

src/Squidex/Config/Identity/GoogleAuthenticationServices.cs

@@ -0,0 +1,31 @@
+// ==========================================================================
+//  GoogleAuthenticationServices.cs
+//  Squidex Headless CMS
+// ==========================================================================
+//  Copyright (c) Squidex Group
+//  All rights reserved.
+// ==========================================================================
+
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.Extensions.DependencyInjection;
+
+namespace Squidex.Config.Identity
+{
+    public static class GoogleAuthenticationServices
+    {
+        public static AuthenticationBuilder AddMyGoogleAuthentication(this AuthenticationBuilder authBuilder, MyIdentityOptions identityOptions)
+        {
+            if (identityOptions.IsGoogleAuthConfigured())
+            {
+                authBuilder.AddGoogle(options =>
+                {
+                    options.ClientId = identityOptions.GoogleClient;
+                    options.ClientSecret = identityOptions.GoogleSecret;
+                    options.Events = new GoogleHandler();
+                });
+            }
+
+            return authBuilder;
+        }
+    }
+}

src/Squidex/Config/Identity/GoogleHandler.cs

@@ -9,6 +9,7 @@
 using System.Linq;
 using System.Security.Claims;
 using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authentication.OAuth;
 using Squidex.Infrastructure.Tasks;
 using Squidex.Shared.Identity;
@@ -17,7 +18,7 @@ namespace Squidex.Config.Identity
 {
     public sealed class GoogleHandler : OAuthEvents
     {
-        public override Task RedirectToAuthorizationEndpoint(OAuthRedirectToAuthorizationContext context)
+        public override Task RedirectToAuthorizationEndpoint(RedirectContext<OAuthOptions> context)
         {
             context.Response.Redirect(context.RedirectUri + "&prompt=select_account");
 

src/Squidex/Config/Identity/GoogleIdentityUsage.cs

@@ -1,37 +0,0 @@
-// ==========================================================================
-//  GoogleIdentityUsage.cs
-//  Squidex Headless CMS
-// ==========================================================================
-//  Copyright (c) Squidex Group
-//  All rights reserved.
-// ==========================================================================
-
-using Microsoft.AspNetCore.Builder;
-using Microsoft.Extensions.DependencyInjection;
-using Microsoft.Extensions.Options;
-
-namespace Squidex.Config.Identity
-{
-    public static class GoogleIdentityUsage
-    {
-        public static IApplicationBuilder UseMyGoogleAuthentication(this IApplicationBuilder app)
-        {
-            var options = app.ApplicationServices.GetService<IOptions<MyIdentityOptions>>().Value;
-
-            if (options.IsGoogleAuthConfigured())
-            {
-                var googleOptions =
-                    new GoogleOptions
-                    {
-                        ClientId = options.GoogleClient,
-                        ClientSecret = options.GoogleSecret,
-                        Events = new GoogleHandler()
-                    };
-
-                app.UseGoogleAuthentication(googleOptions);
-            }
-
-            return app;
-        }
-    }
-}

src/Squidex/Config/Identity/IdentityServices.cs

@@ -113,7 +113,8 @@ namespace Squidex.Config.Identity
 
         public static IServiceCollection AddMyIdentity(this IServiceCollection services)
         {
-            services.AddIdentity<IUser, IRole>().AddDefaultTokenProviders();
+            services.AddIdentity<IUser, IRole>()
+                .AddDefaultTokenProviders();
 
             return services;
         }

src/Squidex/Config/Identity/IdentityUsage.cs

@@ -14,7 +14,6 @@ using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Options;
 using Squidex.Domain.Users;
-using Squidex.Infrastructure;
 using Squidex.Infrastructure.Log;
 using Squidex.Shared.Identity;
 using Squidex.Shared.Users;
@@ -23,13 +22,6 @@ namespace Squidex.Config.Identity
 {
     public static class IdentityUsage
     {
-        public static IApplicationBuilder UseMyIdentity(this IApplicationBuilder app)
-        {
-            app.UseIdentity();
-
-            return app;
-        }
-
         public static IApplicationBuilder UseMyIdentityServer(this IApplicationBuilder app)
         {
              app.UseIdentityServer();
@@ -83,38 +75,5 @@ namespace Squidex.Config.Identity
 
             return app;
         }
-
-        public static IApplicationBuilder UseMyApiProtection(this IApplicationBuilder app)
-        {
-            var apiScope = Constants.ApiScope;
-
-            var urlsOptions = app.ApplicationServices.GetService<IOptions<MyUrlsOptions>>().Value;
-
-            if (!string.IsNullOrWhiteSpace(urlsOptions.BaseUrl))
-            {
-                var identityOptions = app.ApplicationServices.GetService<IOptions<MyIdentityOptions>>().Value;
-
-                string apiAuthorityUrl;
-
-                if (!string.IsNullOrWhiteSpace(identityOptions.AuthorityUrl))
-                {
-                    apiAuthorityUrl = identityOptions.AuthorityUrl.BuildFullUrl(Constants.IdentityPrefix);
-                }
-                else
-                {
-                    apiAuthorityUrl = urlsOptions.BuildUrl(Constants.IdentityPrefix);
-                }
-
-                app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
-                {
-                    Authority = apiAuthorityUrl,
-                    ApiName = apiScope,
-                    ApiSecret = null,
-                    RequireHttpsMetadata = identityOptions.RequiresHttps
-                });
-            }
-
-            return app;
-        }
     }
 }

src/Squidex/Config/Identity/MicrosoftAuthenticationServices.cs

@@ -0,0 +1,31 @@
+// ==========================================================================
+//  MicrosoftAuthenticationServices.cs
+//  Squidex Headless CMS
+// ==========================================================================
+//  Copyright (c) Squidex Group
+//  All rights reserved.
+// ==========================================================================
+
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.Extensions.DependencyInjection;
+
+namespace Squidex.Config.Identity
+{
+    public static class MicrosoftAuthenticationServices
+    {
+        public static AuthenticationBuilder AddMyMicrosoftAuthentication(this AuthenticationBuilder authBuilder, MyIdentityOptions identityOptions)
+        {
+            if (identityOptions.IsMicrosoftAuthConfigured())
+            {
+                authBuilder.AddMicrosoftAccount(options =>
+                {
+                    options.ClientId = identityOptions.MicrosoftClient;
+                    options.ClientSecret = identityOptions.MicrosoftSecret;
+                    options.Events = new MicrosoftHandler();
+                });
+            }
+
+            return authBuilder;
+        }
+    }
+}

src/Squidex/Config/Identity/MicrosoftIdentityUsage.cs

@@ -1,37 +0,0 @@
-// ==========================================================================
-//  MicrosoftIdentityUsage.cs
-//  Squidex Headless CMS
-// ==========================================================================
-//  Copyright (c) Squidex Group
-//  All rights reserved.
-// ==========================================================================
-
-using Microsoft.AspNetCore.Builder;
-using Microsoft.Extensions.DependencyInjection;
-using Microsoft.Extensions.Options;
-
-namespace Squidex.Config.Identity
-{
-    public static class MicrosoftIdentityUsage
-    {
-        public static IApplicationBuilder UseMyMicrosoftAuthentication(this IApplicationBuilder app)
-        {
-            var options = app.ApplicationServices.GetService<IOptions<MyIdentityOptions>>().Value;
-
-            if (options.IsMicrosoftAuthConfigured())
-            {
-                var googleOptions =
-                    new MicrosoftAccountOptions
-                    {
-                        ClientId = options.MicrosoftClient,
-                        ClientSecret = options.MicrosoftSecret,
-                        Events = new MicrosoftHandler()
-                    };
-
-                app.UseMicrosoftAccountAuthentication(googleOptions);
-            }
-
-            return app;
-        }
-    }
-}

src/Squidex/Config/Identity/MyIdentityOptions.cs

@@ -18,10 +18,6 @@ namespace Squidex.Config.Identity
 
         public string GoogleSecret { get; set; }
 
-        public string GithubClient { get; set; }
-
-        public string GithubSecret { get; set; }
-
         public string MicrosoftClient { get; set; }
 
         public string MicrosoftSecret { get; set; }
@@ -39,11 +35,6 @@ namespace Squidex.Config.Identity
             return !string.IsNullOrWhiteSpace(AdminEmail) && !string.IsNullOrWhiteSpace(AdminPassword);
         }
 
-        public bool IsGithubAuthConfigured()
-        {
-            return !string.IsNullOrWhiteSpace(GithubClient) && !string.IsNullOrWhiteSpace(GithubSecret);
-        }
-
         public bool IsGoogleAuthConfigured()
         {
             return !string.IsNullOrWhiteSpace(GoogleClient) && !string.IsNullOrWhiteSpace(GoogleSecret);

src/Squidex/Controllers/Api/Apps/AppsController.cs

@@ -9,7 +9,6 @@
 using System;
 using System.Linq;
 using System.Threading.Tasks;
-using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using NSwag.Annotations;
 using Squidex.Controllers.Api.Apps.Models;
@@ -25,7 +24,7 @@ namespace Squidex.Controllers.Api.Apps
     /// <summary>
     /// Manages and configures apps.
     /// </summary>
-    [Authorize]
+    [ApiAuthorize]
     [ApiExceptionFilter]
     [SwaggerTag(nameof(Apps))]
     public sealed class AppsController : ControllerBase

src/Squidex/Controllers/Api/Languages/LanguagesController.cs

@@ -7,7 +7,6 @@
 // ==========================================================================
 
 using System.Linq;
-using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using NSwag.Annotations;
 using Squidex.Infrastructure;
@@ -19,7 +18,7 @@ namespace Squidex.Controllers.Api.Languages
     /// <summary>
     /// Readonly API to the supported langauges.
     /// </summary>
-    [Authorize]
+    [ApiAuthorize]
     [ApiExceptionFilter]
     [SwaggerTag(nameof(Languages))]
     public sealed class LanguagesController : Controller

src/Squidex/Controllers/Api/Users/UsersController.cs

@@ -11,7 +11,6 @@ using System.Linq;
 using System.Net.Http;
 using System.Reflection;
 using System.Threading.Tasks;
-using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
 using NSwag.Annotations;
@@ -62,7 +61,7 @@ namespace Squidex.Controllers.Api.Users
         /// <returns>
         /// 200 => Users returned.
         /// </returns>
-        [Authorize]
+        [ApiAuthorize]
         [HttpGet]
         [Route("users/")]
         [ProducesResponseType(typeof(UserDto[]), 200)]
@@ -83,7 +82,7 @@ namespace Squidex.Controllers.Api.Users
         /// 200 => User found.
         /// 404 => User not found.
         /// </returns>
-        [Authorize]
+        [ApiAuthorize]
         [HttpGet]
         [Route("users/{id}/")]
         [ProducesResponseType(typeof(UserDto), 200)]

src/Squidex/Controllers/UI/Account/AccountController.cs

@@ -129,16 +129,16 @@ namespace Squidex.Controllers.UI.Account
 
         [HttpGet]
         [Route("account/signup/")]
-        public IActionResult Signup(string returnUrl = null)
+        public Task<IActionResult> Signup(string returnUrl = null)
         {
-            return LoginView(returnUrl, false, false);
+            return LoginViewAsync(returnUrl, false, false);
         }
 
         [HttpGet]
         [Route("account/login/")]
-        public IActionResult Login(string returnUrl = null)
+        public Task<IActionResult> Login(string returnUrl = null)
         {
-            return LoginView(returnUrl, true, false);
+            return LoginViewAsync(returnUrl, true, false);
         }
 
         [HttpPost]
@@ -147,14 +147,14 @@ namespace Squidex.Controllers.UI.Account
         {
             if (!ModelState.IsValid)
             {
-                return LoginView(returnUrl, true, true);
+                return await LoginViewAsync(returnUrl, true, true);
             }
 
             var result = await signInManager.PasswordSignInAsync(model.Email, model.Password, true, true);
 
             if (!result.Succeeded)
             {
-                return LoginView(returnUrl, true, true);
+                return await LoginViewAsync(returnUrl, true, true);
             }
             else if (!string.IsNullOrWhiteSpace(returnUrl))
             {
@@ -166,21 +166,20 @@ namespace Squidex.Controllers.UI.Account
             }
         }
 
-        private IActionResult LoginView(string returnUrl, bool isLogin, bool isFailed)
+        private async Task<IActionResult> LoginViewAsync(string returnUrl, bool isLogin, bool isFailed)
         {
             var allowPasswordAuth = identityOptions.Value.AllowPasswordAuth;
 
-            var providers =
+            var externalSchemes = await signInManager.GetExternalAuthenticationSchemesAsync();
-                signInManager.GetExternalAuthenticationSchemes()
+            var externalProviders = externalSchemes.Select(x => new ExternalProvider(x.Name, x.DisplayName)).ToList();
-                    .Select(x => new ExternalProvider(x.AuthenticationScheme, x.DisplayName)).ToList();
 
             var vm = new LoginVM
             {
-                ExternalProviders = providers,
+                ExternalProviders = externalProviders,
                 IsLogin = isLogin,
                 IsFailed = isFailed,
                 HasPasswordAuth = allowPasswordAuth,
-                HasPasswordAndExternal = allowPasswordAuth && providers.Any(),
+                HasPasswordAndExternal = allowPasswordAuth && externalProviders.Any(),
                 ReturnUrl = returnUrl
             };
 

src/Squidex/Controllers/UI/Profile/ProfileController.cs

@@ -11,6 +11,7 @@ using System.Collections.Generic;
 using System.IO;
 using System.Linq;
 using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Identity;
@@ -34,19 +35,16 @@ namespace Squidex.Controllers.UI.Profile
         private readonly IUserPictureStore userPictureStore;
         private readonly IAssetThumbnailGenerator assetThumbnailGenerator;
         private readonly IOptions<MyIdentityOptions> identityOptions;
-        private readonly IOptions<IdentityCookieOptions> identityCookieOptions;
 
         public ProfileController(
             SignInManager<IUser> signInManager,
             UserManager<IUser> userManager,
             IUserPictureStore userPictureStore,
             IAssetThumbnailGenerator assetThumbnailGenerator,
-            IOptions<MyIdentityOptions> identityOptions,
+            IOptions<MyIdentityOptions> identityOptions)
-            IOptions<IdentityCookieOptions> identityCookieOptions)
         {
             this.signInManager = signInManager;
             this.identityOptions = identityOptions;
-            this.identityCookieOptions = identityCookieOptions;
             this.userManager = userManager;
             this.userPictureStore = userPictureStore;
             this.assetThumbnailGenerator = assetThumbnailGenerator;
@@ -65,7 +63,7 @@ namespace Squidex.Controllers.UI.Profile
         [Route("/account/profile/login-add/")]
         public async Task<IActionResult> AddLogin(string provider)
         {
-            await HttpContext.Authentication.SignOutAsync(identityCookieOptions.Value.ExternalCookieAuthenticationScheme);
+            await HttpContext.SignOutAsync(IdentityConstants.ExternalScheme);
 
             var properties =
                 signInManager.ConfigureExternalAuthenticationProperties(provider,
@@ -182,9 +180,8 @@ namespace Squidex.Controllers.UI.Profile
 
         private async Task<ProfileVM> GetProfileVM(IUser user, ChangeProfileModel model = null, string errorMessage = null, string successMessage = null)
         {
-            var providers =
+            var externalSchemes = await signInManager.GetExternalAuthenticationSchemesAsync();
-                signInManager.GetExternalAuthenticationSchemes()
+            var externalProviders = externalSchemes.Select(x => new ExternalProvider(x.Name, x.DisplayName)).ToList();
-                    .Select(x => new ExternalProvider(x.AuthenticationScheme, x.DisplayName)).ToList();
 
             var result = new ProfileVM
             {
@@ -192,7 +189,7 @@ namespace Squidex.Controllers.UI.Profile
                 Email = user.Email,
                 ErrorMessage = errorMessage,
                 ExternalLogins = user.Logins,
-                ExternalProviders = providers,
+                ExternalProviders = externalProviders,
                 DisplayName = user.DisplayName(),
                 HasPassword = await userManager.HasPasswordAsync(user),
                 HasPasswordAuth = identityOptions.Value.AllowPasswordAuth,

src/Squidex/Pipeline/ApiAuthorizeAttribute.cs

@@ -0,0 +1,21 @@
+// ==========================================================================
+//  ApiAuthorizeAttribute.cs
+//  Squidex Headless CMS
+// ==========================================================================
+//  Copyright (c) Squidex Group
+//  All rights reserved.
+// ==========================================================================
+
+using IdentityServer4.AccessTokenValidation;
+using Microsoft.AspNetCore.Authorization;
+
+namespace Squidex.Pipeline
+{
+    public class ApiAuthorizeAttribute : AuthorizeAttribute
+    {
+        public ApiAuthorizeAttribute()
+        {
+            AuthenticationSchemes = IdentityServerAuthenticationDefaults.AuthenticationScheme;
+        }
+    }
+}

src/Squidex/Pipeline/FileCallbackResultExecutor.cs

@@ -25,7 +25,7 @@ namespace Squidex.Pipeline
         {
             try
             {
-                SetHeadersAndLog(context, result);
+                SetHeadersAndLog(context, result, null);
 
                 await result.Callback(context.HttpContext.Response.Body);
             }

src/Squidex/Pipeline/MustBeAdministratorAttribute.cs

@@ -6,12 +6,11 @@
 //  All rights reserved.
 // ==========================================================================
 
-using Microsoft.AspNetCore.Authorization;
 using Squidex.Shared.Identity;
 
 namespace Squidex.Pipeline
 {
-    public sealed class MustBeAdministratorAttribute : AuthorizeAttribute
+    public sealed class MustBeAdministratorAttribute : ApiAuthorizeAttribute
     {
         public MustBeAdministratorAttribute()
         {

src/Squidex/Pipeline/MustBeAppDeveloperAttribute.cs

@@ -6,12 +6,11 @@
 //  All rights reserved.
 // ==========================================================================
 
-using Microsoft.AspNetCore.Authorization;
 using Squidex.Shared.Identity;
 
 namespace Squidex.Pipeline
 {
-    public sealed class MustBeAppDeveloperAttribute : AuthorizeAttribute
+    public sealed class MustBeAppDeveloperAttribute : ApiAuthorizeAttribute
     {
         public MustBeAppDeveloperAttribute()
         {

src/Squidex/Pipeline/MustBeAppEditorAttribute.cs

@@ -6,12 +6,11 @@
 //  All rights reserved.
 // ==========================================================================
 
-using Microsoft.AspNetCore.Authorization;
 using Squidex.Shared.Identity;
 
 namespace Squidex.Pipeline
 {
-    public sealed class MustBeAppEditorAttribute : AuthorizeAttribute
+    public sealed class MustBeAppEditorAttribute : ApiAuthorizeAttribute
     {
         public MustBeAppEditorAttribute()
         {

src/Squidex/Pipeline/MustBeAppOwnerAttribute.cs

@@ -6,12 +6,11 @@
 //  All rights reserved.
 // ==========================================================================
 
-using Microsoft.AspNetCore.Authorization;
 using Squidex.Shared.Identity;
 
 namespace Squidex.Pipeline
 {
-    public sealed class MustBeAppOwnerAttribute : AuthorizeAttribute
+    public sealed class MustBeAppOwnerAttribute : ApiAuthorizeAttribute
     {
         public MustBeAppOwnerAttribute()
         {

src/Squidex/Pipeline/MustBeAppReaderAttribute.cs

@@ -6,12 +6,11 @@
 //  All rights reserved.
 // ==========================================================================
 
-using Microsoft.AspNetCore.Authorization;
 using Squidex.Shared.Identity;
 
 namespace Squidex.Pipeline
 {
-    public sealed class MustBeAppReaderAttribute : AuthorizeAttribute
+    public sealed class MustBeAppReaderAttribute : ApiAuthorizeAttribute
     {
         public MustBeAppReaderAttribute()
         {

src/Squidex/Program.cs

@@ -8,6 +8,7 @@
 
 using System.IO;
 using Microsoft.AspNetCore.Hosting;
+using Microsoft.Extensions.Configuration;
 
 namespace Squidex
 {
@@ -20,6 +21,14 @@ namespace Squidex
                 .UseContentRoot(Directory.GetCurrentDirectory())
                 .UseIISIntegration()
                 .UseStartup<Startup>()
+                .ConfigureAppConfiguration((hostContext, options) =>
+                {
+                    options.Sources.Clear();
+                    options.AddJsonFile("appsettings.json", true, true);
+                    options.AddJsonFile($"appsettings.{hostContext.HostingEnvironment.EnvironmentName}.json", true);
+                    options.AddEnvironmentVariables();
+                    options.AddCommandLine(args);
+                })
                 .Build()
                 .Run();
         }

src/Squidex/Squidex.csproj

@@ -15,9 +15,14 @@
     <EmbeddedResource Include="Config\Identity\Cert\*.*;Docs\*.md" />
     <EmbeddedResource Include="Controllers\Api\Users\Assets\Avatar.png" />
     <EmbeddedResource Remove="Assets\**" />
+	
     <Compile Remove="Assets\**" />
     <Content Remove="Assets\**" />
+	
     <None Remove="Assets\**" />
+  </ItemGroup>
+
+  <ItemGroup>
 	<None Update="dockerfile">
       <CopyToPublishDirectory>PreserveNewest</CopyToPublishDirectory>
     </None>
@@ -42,43 +47,33 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="AspNet.Security.OAuth.GitHub" Version="1.0.0-rc1-final" />
+    <PackageReference Include="Autofac" Version="4.6.2" />
-    <PackageReference Include="Autofac" Version="4.6.1" />
     <PackageReference Include="Autofac.Extensions.DependencyInjection" Version="4.2.0" />
-    <PackageReference Include="EventStore.ClientAPI.NetCore" Version="4.0.0-alpha-1" />
+    <PackageReference Include="EventStore.ClientAPI.NetCore" Version="4.0.2-rc" />
-    <PackageReference Include="IdentityServer4" Version="1.5.2" />
+    <PackageReference Include="IdentityServer4" Version="2.0.1" />
-    <PackageReference Include="IdentityServer4.AccessTokenValidation" Version="1.2.1" />
+    <PackageReference Include="IdentityServer4.AccessTokenValidation" Version="2.0.0" />
-    <PackageReference Include="IdentityServer4.AspNetIdentity" Version="1.0.1" />
+    <PackageReference Include="IdentityServer4.AspNetIdentity" Version="2.0.0" />
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.Cookies" Version="1.1.2" />
+    <PackageReference Include="Microsoft.AspNetCore" Version="2.0.0" />
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.Google" Version="1.1.2" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.Cookies" Version="2.0.0" />
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.MicrosoftAccount" Version="1.1.2" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.Google" Version="2.0.0" />
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="1.1.2" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.MicrosoftAccount" Version="2.0.0" />
-    <PackageReference Include="Microsoft.AspNetCore.DataProtection.Redis" Version="0.1.2" />
+    <PackageReference Include="Microsoft.AspNetCore.DataProtection.Redis" Version="0.3.0" />
-    <PackageReference Include="Microsoft.AspNetCore.Diagnostics" Version="1.1.2" />
+    <PackageReference Include="Microsoft.AspNetCore.HttpOverrides" Version="2.0.0" />
-    <PackageReference Include="Microsoft.AspNetCore.HttpOverrides" Version="1.1.2" />
+    <PackageReference Include="Microsoft.AspNetCore.Identity" Version="2.0.0" />
-    <PackageReference Include="Microsoft.AspNetCore.Identity" Version="1.1.2" />
+    <PackageReference Include="Microsoft.AspNetCore.Mvc" Version="2.0.0" />
-    <PackageReference Include="Microsoft.AspNetCore.Mvc" Version="1.1.3" />
+	<PackageReference Include="Microsoft.AspNetCore.Mvc.Razor.ViewCompilation" Version="2.0.0" />
-    <PackageReference Include="Microsoft.AspNetCore.Server.IISIntegration" Version="1.1.2" />
+    <PackageReference Include="Microsoft.AspNetCore.StaticFiles" Version="2.0.0" />
-    <PackageReference Include="Microsoft.AspNetCore.Server.IISIntegration.Tools" Version="1.1.0-preview4-final" />
-    <PackageReference Include="Microsoft.AspNetCore.Server.Kestrel" Version="1.1.2" />
-    <PackageReference Include="Microsoft.AspNetCore.StaticFiles" Version="1.1.2" />
-	<PackageReference Include="Microsoft.AspNetCore.Mvc.Razor.ViewCompilation" Version="1.1.1" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.EnvironmentVariables" Version="1.1.2" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="1.1.2" />
     <PackageReference Include="Microsoft.Extensions.DependencyModel" Version="2.0.0" />
-    <PackageReference Include="Microsoft.Extensions.Logging" Version="1.1.2" />
+    <PackageReference Include="Microsoft.Extensions.Options.ConfigurationExtensions" Version="2.0.0" />
-    <PackageReference Include="Microsoft.Extensions.Logging.Console" Version="1.1.2" />
-    <PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="1.1.2" />
-    <PackageReference Include="Microsoft.Extensions.Options.ConfigurationExtensions" Version="1.1.2" />
     <PackageReference Include="Microsoft.Data.Edm" Version="5.8.3" />
     <PackageReference Include="Microsoft.OData.Core" Version="7.3.1" />
     <PackageReference Include="MongoDB.Driver" Version="2.4.4" />
-    <PackageReference Include="NJsonSchema" Version="9.7.3" />
+    <PackageReference Include="NJsonSchema" Version="9.8.3" />
     <PackageReference Include="NodaTime.Serialization.JsonNet" Version="2.0.0" />
-    <PackageReference Include="NSwag.AspNetCore" Version="11.9.1" />
+    <PackageReference Include="NSwag.AspNetCore" Version="11.10.0" />
     <PackageReference Include="OpenCover" Version="4.6.519" />
     <PackageReference Include="RefactoringEssentials" Version="5.2.0" />
-    <PackageReference Include="ReportGenerator" Version="3.0.1" />
+    <PackageReference Include="ReportGenerator" Version="3.0.2" />
     <PackageReference Include="StackExchange.Redis.StrongName" Version="1.2.6" />
     <PackageReference Include="StyleCop.Analyzers" Version="1.0.2" />
     <PackageReference Include="System.Linq" Version="4.3.0" />

src/Squidex/Startup.cs

@@ -25,6 +25,8 @@ using Squidex.Config.Web;
 using Squidex.Infrastructure.Log;
 using Squidex.Infrastructure.Log.Adapter;
 
+#pragma warning disable RECS0002 // Convert anonymous method to method group
+
 namespace Squidex
 {
     public class Startup
@@ -37,21 +39,15 @@ namespace Squidex
             "/error"
         };
 
-        private IConfigurationRoot Configuration { get; }
+        private IConfiguration Configuration { get; }
 
         private IHostingEnvironment Environment { get; }
 
-        public Startup(IHostingEnvironment env)
+        public Startup(IHostingEnvironment env, IConfiguration config)
         {
             Environment = env;
 
-            var builder = new ConfigurationBuilder()
+            Configuration = config;
-                .SetBasePath(env.ContentRootPath)
-                .AddJsonFile("appsettings.json", true, true)
-                .AddJsonFile($"appsettings.{env.EnvironmentName}.json", true)
-                .AddEnvironmentVariables();
-
-            Configuration = builder.Build();
         }
 
         public IServiceProvider ConfigureServices(IServiceCollection services)
@@ -59,6 +55,7 @@ namespace Squidex
             services.AddMySwaggerSettings();
             services.AddMyEventFormatter();
             services.AddMyDataProtectection(Configuration);
+            services.AddMyAuthentication(Configuration);
             services.AddMyIdentity();
             services.AddMyIdentityServer();
             services.AddMyMvc();
@@ -142,14 +139,10 @@ namespace Squidex
                     identityApp.UseExceptionHandler("/error");
                 }
 
-                identityApp.UseMyIdentity();
+                identityApp.UseMyAuthentication();
                 identityApp.UseMyIdentityServer();
                 identityApp.UseMyAdminRole();
                 identityApp.UseMyAdmin();
-                identityApp.UseMyApiProtection();
-                identityApp.UseMyGoogleAuthentication();
-                identityApp.UseMyGithubAuthentication();
-                identityApp.UseMyMicrosoftAuthentication();
                 identityApp.UseStaticFiles();
 
                 identityApp.MapWhen(x => IsIdentityRequest(x), mvcApp =>
@@ -169,7 +162,6 @@ namespace Squidex
                 }
 
                 appApi.UseMySwagger();
-                appApi.UseMyApiProtection();
 
                 appApi.MapWhen(x => !IsIdentityRequest(x), mvcApp =>
                 {

tests/Squidex.Domain.Apps.Core.Tests/Squidex.Domain.Apps.Core.Tests.csproj

@@ -11,7 +11,6 @@
   <ItemGroup>
     <PackageReference Include="FluentAssertions" Version="4.19.4" />
     <PackageReference Include="Microsoft.NET.Test.Sdk" Version="15.3.0" />
-    <PackageReference Include="Moq" Version="4.7.137" />
     <PackageReference Include="RefactoringEssentials" Version="5.2.0" />
     <PackageReference Include="StyleCop.Analyzers" Version="1.0.2" />
     <PackageReference Include="System.ValueTuple" Version="4.4.0" />

tests/Squidex.Domain.Apps.Read.Tests/Squidex.Domain.Apps.Read.Tests.csproj

@@ -17,7 +17,7 @@
     <ProjectReference Include="..\..\src\Squidex.Domain.Apps.Read.MongoDb\Squidex.Domain.Apps.Read.MongoDb.csproj" />
   </ItemGroup>
   <ItemGroup>
-    <PackageReference Include="FakeItEasy" Version="4.0.0" />
+    <PackageReference Include="FakeItEasy" Version="4.1.0" />
     <PackageReference Include="FluentAssertions" Version="4.19.4" />
     <PackageReference Include="Microsoft.NET.Test.Sdk" Version="15.3.0" />
     <PackageReference Include="MongoDB.Driver" Version="2.4.4" />

tests/Squidex.Domain.Apps.Write.Tests/Squidex.Domain.Apps.Write.Tests.csproj

@@ -10,7 +10,7 @@
     <ProjectReference Include="..\..\src\Squidex.Domain.Apps.Write\Squidex.Domain.Apps.Write.csproj" />
   </ItemGroup>
   <ItemGroup>
-    <PackageReference Include="FakeItEasy" Version="4.0.0" />
+    <PackageReference Include="FakeItEasy" Version="4.1.0" />
     <PackageReference Include="FluentAssertions" Version="4.19.4" />
     <PackageReference Include="Microsoft.NET.Test.Sdk" Version="15.3.0" />
     <PackageReference Include="RefactoringEssentials" Version="5.2.0" />

tests/Squidex.Domain.Users.Tests/Squidex.Domain.Users.Tests.csproj

@@ -11,7 +11,7 @@
     <ProjectReference Include="..\..\src\Squidex.Shared\Squidex.Shared.csproj" />
   </ItemGroup>
   <ItemGroup>
-    <PackageReference Include="FakeItEasy" Version="4.0.0" />
+    <PackageReference Include="FakeItEasy" Version="4.1.0" />
     <PackageReference Include="FluentAssertions" Version="4.19.4" />
     <PackageReference Include="Microsoft.NET.Test.Sdk" Version="15.3.0" />
     <PackageReference Include="RefactoringEssentials" Version="5.2.0" />

tests/Squidex.Infrastructure.Tests/Squidex.Infrastructure.Tests.csproj

@@ -11,11 +11,11 @@
     <ProjectReference Include="..\..\src\Squidex.Infrastructure\Squidex.Infrastructure.csproj" />
   </ItemGroup>
   <ItemGroup>
-    <PackageReference Include="FakeItEasy" Version="4.0.0" />
+    <PackageReference Include="FakeItEasy" Version="4.1.0" />
     <PackageReference Include="FluentAssertions" Version="4.19.4" />
     <PackageReference Include="Google.Cloud.Storage.V1" Version="2.0.0" />
-    <PackageReference Include="Microsoft.Extensions.Caching.Abstractions" Version="1.1.2" />
+    <PackageReference Include="Microsoft.Extensions.Caching.Abstractions" Version="2.0.0" />
-    <PackageReference Include="Microsoft.Extensions.Caching.Memory" Version="1.1.2" />
+    <PackageReference Include="Microsoft.Extensions.Caching.Memory" Version="2.0.0" />
     <PackageReference Include="Microsoft.NET.Test.Sdk" Version="15.3.0" />
     <PackageReference Include="RefactoringEssentials" Version="5.2.0" />
     <PackageReference Include="StyleCop.Analyzers" Version="1.0.2" />

tests/Squidex.Infrastructure.Tests/UsageTracking/BackgroundUsageTrackerTests.cs

@@ -114,7 +114,7 @@ namespace Squidex.Infrastructure.UsageTracking
             sut.Next();
             sut.Dispose();
 
-            A.CallTo(() => usageStore.TrackUsagesAsync(A<DateTime>.Ignored, A<string>.Ignored, A<double>.Ignored, A<long>.Ignored)).MustNotHaveHappened();
+            A.CallTo(() => usageStore.TrackUsagesAsync(A<DateTime>.Ignored, A<string>.Ignored, A<double>.Ignored, A<double>.Ignored)).MustNotHaveHappened();
         }
 
         [Fact]