2022-03-21 15:33:02 +03:00
|
|
|
using Microsoft.AspNetCore.DataProtection;
|
2016-11-24 15:31:33 +01:00
|
|
|
|
2017-09-13 14:53:06 +02:00
|
|
|
namespace Microsoft.eShopOnContainers.Services.Identity.API
|
2016-11-24 15:31:33 +01:00
|
|
|
{
|
|
|
|
public class Startup
|
|
|
|
{
|
2017-09-12 13:44:52 +02:00
|
|
|
public Startup(IConfiguration configuration)
|
2016-11-24 15:31:33 +01:00
|
|
|
{
|
2017-09-12 13:44:52 +02:00
|
|
|
Configuration = configuration;
|
2017-08-29 18:11:30 +02:00
|
|
|
}
|
2017-08-29 12:12:45 +02:00
|
|
|
|
2017-09-12 13:44:52 +02:00
|
|
|
public IConfiguration Configuration { get; }
|
2016-11-24 15:31:33 +01:00
|
|
|
|
|
|
|
// This method gets called by the runtime. Use this method to add services to the container.
|
2017-05-11 13:44:38 +02:00
|
|
|
public IServiceProvider ConfigureServices(IServiceCollection services)
|
2017-08-29 18:11:30 +02:00
|
|
|
{
|
2017-10-13 11:35:26 +02:00
|
|
|
RegisterAppInsights(services);
|
2017-10-11 18:53:26 +02:00
|
|
|
|
2016-11-24 15:31:33 +01:00
|
|
|
// Add framework services.
|
|
|
|
services.AddDbContext<ApplicationDbContext>(options =>
|
2019-07-25 11:30:17 +02:00
|
|
|
options.UseSqlServer(Configuration["ConnectionString"],
|
|
|
|
sqlServerOptionsAction: sqlOptions =>
|
|
|
|
{
|
|
|
|
sqlOptions.MigrationsAssembly(typeof(Startup).GetTypeInfo().Assembly.GetName().Name);
|
|
|
|
//Configuring Connection Resiliency: https://docs.microsoft.com/en-us/ef/core/miscellaneous/connection-resiliency
|
|
|
|
sqlOptions.EnableRetryOnFailure(maxRetryCount: 15, maxRetryDelay: TimeSpan.FromSeconds(30), errorNumbersToAdd: null);
|
|
|
|
}));
|
2016-11-24 15:31:33 +01:00
|
|
|
|
|
|
|
services.AddIdentity<ApplicationUser, IdentityRole>()
|
|
|
|
.AddEntityFrameworkStores<ApplicationDbContext>()
|
2017-10-08 18:46:05 +01:00
|
|
|
.AddDefaultTokenProviders();
|
2016-12-19 10:20:02 +01:00
|
|
|
|
|
|
|
services.Configure<AppSettings>(Configuration);
|
2016-11-24 15:31:33 +01:00
|
|
|
|
2017-06-08 17:45:07 +02:00
|
|
|
if (Configuration.GetValue<string>("IsClusterEnv") == bool.TrueString)
|
2017-03-15 08:57:01 -07:00
|
|
|
{
|
2017-06-08 17:45:07 +02:00
|
|
|
services.AddDataProtection(opts =>
|
|
|
|
{
|
|
|
|
opts.ApplicationDiscriminator = "eshop.identity";
|
|
|
|
})
|
2021-01-13 13:14:59 +00:00
|
|
|
.PersistKeysToStackExchangeRedis(ConnectionMultiplexer.Connect(Configuration["DPConnectionString"]), "DataProtection-Keys");
|
2017-06-08 17:45:07 +02:00
|
|
|
}
|
2016-11-24 15:31:33 +01:00
|
|
|
|
2018-11-30 17:43:22 +01:00
|
|
|
services.AddHealthChecks()
|
2019-01-03 17:11:56 +01:00
|
|
|
.AddCheck("self", () => HealthCheckResult.Healthy())
|
2018-11-30 17:43:22 +01:00
|
|
|
.AddSqlServer(Configuration["ConnectionString"],
|
|
|
|
name: "IdentityDB-check",
|
|
|
|
tags: new string[] { "IdentityDB" });
|
2019-07-23 12:14:09 +02:00
|
|
|
|
2016-11-24 15:31:33 +01:00
|
|
|
services.AddTransient<ILoginService<ApplicationUser>, EFLoginService>();
|
2016-12-29 16:26:02 +01:00
|
|
|
services.AddTransient<IRedirectService, RedirectService>();
|
2016-11-24 15:31:33 +01:00
|
|
|
|
2017-09-08 12:12:49 +02:00
|
|
|
var connectionString = Configuration["ConnectionString"];
|
2017-06-05 21:54:03 +02:00
|
|
|
var migrationsAssembly = typeof(Startup).GetTypeInfo().Assembly.GetName().Name;
|
2016-12-07 13:57:31 +01:00
|
|
|
|
2016-11-24 15:31:33 +01:00
|
|
|
// Adds IdentityServer
|
2018-09-07 10:56:38 +02:00
|
|
|
services.AddIdentityServer(x =>
|
|
|
|
{
|
|
|
|
x.IssuerUri = "null";
|
|
|
|
x.Authentication.CookieLifetime = TimeSpan.FromHours(2);
|
|
|
|
})
|
2019-03-28 18:59:45 +01:00
|
|
|
.AddDevspacesIfNeeded(Configuration.GetValue("EnableDevspaces", false))
|
2018-09-07 10:56:38 +02:00
|
|
|
.AddSigningCredential(Certificate.Get())
|
|
|
|
.AddAspNetIdentity<ApplicationUser>()
|
|
|
|
.AddConfigurationStore(options =>
|
|
|
|
{
|
|
|
|
options.ConfigureDbContext = builder => builder.UseSqlServer(connectionString,
|
2019-02-18 11:06:46 +00:00
|
|
|
sqlServerOptionsAction: sqlOptions =>
|
|
|
|
{
|
|
|
|
sqlOptions.MigrationsAssembly(migrationsAssembly);
|
|
|
|
//Configuring Connection Resiliency: https://docs.microsoft.com/en-us/ef/core/miscellaneous/connection-resiliency
|
|
|
|
sqlOptions.EnableRetryOnFailure(maxRetryCount: 15, maxRetryDelay: TimeSpan.FromSeconds(30), errorNumbersToAdd: null);
|
|
|
|
});
|
2018-09-07 10:56:38 +02:00
|
|
|
})
|
|
|
|
.AddOperationalStore(options =>
|
2019-07-25 11:30:17 +02:00
|
|
|
{
|
|
|
|
options.ConfigureDbContext = builder => builder.UseSqlServer(connectionString,
|
|
|
|
sqlServerOptionsAction: sqlOptions =>
|
|
|
|
{
|
|
|
|
sqlOptions.MigrationsAssembly(migrationsAssembly);
|
|
|
|
//Configuring Connection Resiliency: https://docs.microsoft.com/en-us/ef/core/miscellaneous/connection-resiliency
|
|
|
|
sqlOptions.EnableRetryOnFailure(maxRetryCount: 15, maxRetryDelay: TimeSpan.FromSeconds(30), errorNumbersToAdd: null);
|
|
|
|
});
|
|
|
|
})
|
2018-09-07 10:56:38 +02:00
|
|
|
.Services.AddTransient<IProfileService, ProfileService>();
|
2017-05-11 13:44:38 +02:00
|
|
|
|
2019-07-26 08:18:51 +02:00
|
|
|
//services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_3_0);
|
2019-07-25 11:30:17 +02:00
|
|
|
services.AddControllers();
|
2019-07-26 08:18:51 +02:00
|
|
|
services.AddControllersWithViews();
|
|
|
|
services.AddRazorPages();
|
2019-07-25 11:30:17 +02:00
|
|
|
|
2022-03-22 01:00:36 +03:00
|
|
|
services.AddSwaggerGen(options =>
|
|
|
|
{
|
|
|
|
var basePath = AppDomain.CurrentDomain.BaseDirectory;
|
|
|
|
var fileName = typeof(Startup).GetTypeInfo().Assembly.GetName().Name + ".xml";
|
|
|
|
var xmlComments = Path.Combine(basePath, fileName);
|
|
|
|
options.IncludeXmlComments(xmlComments);
|
|
|
|
options.SwaggerDoc("v1", new OpenApiInfo
|
2022-03-21 18:02:47 +03:00
|
|
|
{
|
2022-03-22 01:00:36 +03:00
|
|
|
Title = "Microsoft - Identity HTTP API",
|
|
|
|
Version = "v1",
|
|
|
|
Description = "The Identity Service HTTP API",
|
|
|
|
TermsOfService = new Uri("https://microsoft.com/"),
|
|
|
|
Contact = new OpenApiContact
|
|
|
|
{
|
|
|
|
Name = "Microsoft Contact",
|
|
|
|
Url = new Uri("https://microsoft.com/")
|
|
|
|
},
|
|
|
|
License = new OpenApiLicense
|
|
|
|
{
|
|
|
|
Name = "Microsoft License",
|
|
|
|
Url = new Uri("https://microsoft.com/")
|
|
|
|
}
|
|
|
|
});
|
|
|
|
}
|
2017-05-11 13:44:38 +02:00
|
|
|
var container = new ContainerBuilder();
|
2021-11-15 19:02:23 +05:30
|
|
|
container.Populate(services);
|
2017-09-11 12:43:45 +02:00
|
|
|
|
2017-05-11 13:44:38 +02:00
|
|
|
return new AutofacServiceProvider(container.Build());
|
2016-11-24 15:31:33 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
|
2019-11-08 16:02:58 +00:00
|
|
|
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, ILoggerFactory loggerFactory)
|
2016-11-24 15:31:33 +01:00
|
|
|
{
|
2019-02-18 11:06:46 +00:00
|
|
|
//loggerFactory.AddConsole(Configuration.GetSection("Logging"));
|
|
|
|
//loggerFactory.AddDebug();
|
|
|
|
//loggerFactory.AddAzureWebAppDiagnostics();
|
|
|
|
//loggerFactory.AddApplicationInsights(app.ApplicationServices, LogLevel.Trace);
|
2017-10-11 16:26:44 +02:00
|
|
|
|
2016-11-24 15:31:33 +01:00
|
|
|
if (env.IsDevelopment())
|
|
|
|
{
|
|
|
|
app.UseDeveloperExceptionPage();
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
app.UseExceptionHandler("/Home/Error");
|
2021-11-15 19:02:23 +05:30
|
|
|
}
|
2016-11-24 15:31:33 +01:00
|
|
|
|
2017-09-07 19:18:53 +02:00
|
|
|
var pathBase = Configuration["PATH_BASE"];
|
|
|
|
if (!string.IsNullOrEmpty(pathBase))
|
|
|
|
{
|
2021-11-15 19:02:23 +05:30
|
|
|
//loggerFactory.CreateLogger<Startup>().LogDebug("Using PATH BASE '{pathBase}'", pathBase);
|
2017-09-07 19:18:53 +02:00
|
|
|
app.UsePathBase(pathBase);
|
2018-01-22 11:46:18 +01:00
|
|
|
}
|
|
|
|
|
2016-11-24 15:31:33 +01:00
|
|
|
app.UseStaticFiles();
|
|
|
|
|
2022-03-21 10:53:40 +03:00
|
|
|
// Make work identity server redirections in Edge and lastest versions of browsers. WARN: Not valid in a production environment.
|
2016-12-20 12:22:28 +01:00
|
|
|
app.Use(async (context, next) =>
|
|
|
|
{
|
|
|
|
context.Response.Headers.Add("Content-Security-Policy", "script-src 'unsafe-inline'");
|
|
|
|
await next();
|
|
|
|
});
|
|
|
|
|
2018-07-09 14:20:27 +02:00
|
|
|
app.UseForwardedHeaders();
|
2016-11-24 15:31:33 +01:00
|
|
|
// Adds IdentityServer
|
|
|
|
app.UseIdentityServer();
|
2020-04-02 14:17:34 +02:00
|
|
|
|
|
|
|
// Fix a problem with chrome. Chrome enabled a new feature "Cookies without SameSite must be secure",
|
2022-03-19 19:48:57 +03:00
|
|
|
// the cookies should be expired from https, but in eShop, the internal communication in aks and docker compose is http.
|
|
|
|
// To avoid this problem, the policy of cookies should be in Lax mode.
|
2020-04-02 14:17:34 +02:00
|
|
|
app.UseCookiePolicy(new CookiePolicyOptions { MinimumSameSitePolicy = AspNetCore.Http.SameSiteMode.Lax });
|
2019-07-23 15:23:26 +02:00
|
|
|
app.UseRouting();
|
2021-11-15 19:02:23 +05:30
|
|
|
|
2019-07-23 15:23:26 +02:00
|
|
|
app.UseEndpoints(endpoints =>
|
2016-11-24 15:31:33 +01:00
|
|
|
{
|
2019-07-25 11:30:17 +02:00
|
|
|
endpoints.MapDefaultControllerRoute();
|
|
|
|
endpoints.MapControllers();
|
2019-07-23 15:23:26 +02:00
|
|
|
endpoints.MapHealthChecks("/hc", new HealthCheckOptions()
|
|
|
|
{
|
|
|
|
Predicate = _ => true,
|
|
|
|
ResponseWriter = UIResponseWriter.WriteHealthCheckUIResponse
|
|
|
|
});
|
|
|
|
endpoints.MapHealthChecks("/liveness", new HealthCheckOptions
|
|
|
|
{
|
|
|
|
Predicate = r => r.Name.Contains("self")
|
|
|
|
});
|
2016-11-24 15:31:33 +01:00
|
|
|
});
|
2017-06-05 21:54:03 +02:00
|
|
|
}
|
2017-10-13 11:35:26 +02:00
|
|
|
|
|
|
|
private void RegisterAppInsights(IServiceCollection services)
|
|
|
|
{
|
|
|
|
services.AddApplicationInsightsTelemetry(Configuration);
|
2019-07-23 12:14:09 +02:00
|
|
|
services.AddApplicationInsightsKubernetesEnricher();
|
2017-10-13 11:35:26 +02:00
|
|
|
}
|
2016-11-24 15:31:33 +01:00
|
|
|
}
|
|
|
|
}
|