1. Specified RequireHttpsPermanent and SSL port to MVC pipeline (Line 74-77)

2. Add SetCompatibilityVersion to 2.1 in the MVC pipeline (Line 82) 3. Configured HttpsRedirection in the DI container (Line 83-85) and used HttpsRedirection MiddleWare (Line 106) 4. Use HSTS (Http Secured Transport Security) MiddleWare on Staging or Production (Line 101-103)
2018-09-01 03:50:55 +06:00 · 2018-09-01 03:50:55 +06:00 · 065b0112e6
commit 065b0112e6
parent 6226b4a6fa
2 changed files with 269 additions and 244 deletions
--- a/src/Services/Identity/Identity.API/Startup.cs
+++ b/src/Services/Identity/Identity.API/Startup.cs
@ -52,7 +52,14 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API

 			services.Configure<AppSettings>(Configuration);

-            services.AddMvc();
+			services
+				.AddMvc(opts=>
+				{
+					opts.SslPort = 4105;
+					opts.RequireHttpsPermanent = true;
+				})
+				.SetCompatibilityVersion(AspNetCore.Mvc.CompatibilityVersion.Version_2_1)
+				;

 			if (Configuration.GetValue<string>("IsClusterEnv") == bool.TrueString)
 			{
@ -65,8 +72,8 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API

 			services.AddHealthChecks(checks =>
 			{
-                var minutes = 1;
-                if (int.TryParse(Configuration["HealthCheck:Timeout"], out var minutesParsed))
+				int minutes = 1;
+				if (int.TryParse(Configuration["HealthCheck:Timeout"], out int minutesParsed))
 				{
 					minutes = minutesParsed;
 				}
@ -76,8 +83,8 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API
 			services.AddTransient<ILoginService<ApplicationUser>, EFLoginService>();
 			services.AddTransient<IRedirectService, RedirectService>();

-            var connectionString = Configuration["ConnectionString"];
-            var migrationsAssembly = typeof(Startup).GetTypeInfo().Assembly.GetName().Name;
+			string connectionString = Configuration["ConnectionString"];
+			string migrationsAssembly = typeof(Startup).GetTypeInfo().Assembly.GetName().Name;

 			// Adds IdentityServer
 			services.AddIdentityServer(x => x.IssuerUri = "null")
@ -105,7 +112,12 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API
 				})
 			    .Services.AddTransient<IProfileService, ProfileService>();

-            var container = new ContainerBuilder();
+			services.AddHttpsRedirection(opts =>
+			{
+				opts.HttpsPort = 4105;
+			});
+
+			ContainerBuilder container = new ContainerBuilder();
 			container.Populate(services);

 			return new AutofacServiceProvider(container.Build());
@ -127,9 +139,11 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API
 			else
 			{
 				app.UseExceptionHandler("/Home/Error");
+				app.UseHsts();
 			}

-            var pathBase = Configuration["PATH_BASE"];
+			app.UseHttpsRedirection();
+			string pathBase = Configuration["PATH_BASE"];
 			if (!string.IsNullOrEmpty(pathBase))
 			{
 				loggerFactory.CreateLogger("init").LogDebug($"Using PATH BASE '{pathBase}'");
@ -166,7 +180,7 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API
 		private void RegisterAppInsights(IServiceCollection services)
 		{
 			services.AddApplicationInsightsTelemetry(Configuration);
-            var orchestratorType = Configuration.GetValue<string>("OrchestratorType");
+			string orchestratorType = Configuration.GetValue<string>("OrchestratorType");

 			if (orchestratorType?.ToUpper() == "K8S")
 			{
--- a/src/Web/WebSPA/Startup.cs
+++ b/src/Web/WebSPA/Startup.cs
@ -26,12 +26,12 @@ namespace eShopConContainers.WebSPA

 		public IConfiguration Configuration { get; }

-        private IHostingEnvironment _hostingEnv;
+		private readonly IHostingEnvironment _hostingEnv;
 		public Startup(IHostingEnvironment env)
 		{
 			_hostingEnv = env;

-            var localPath = new Uri(Configuration["ASPNETCORE_URLS"])?.LocalPath ?? "/";
+			string localPath = new Uri(Configuration["ASPNETCORE_URLS"])?.LocalPath ?? "/";
 			Configuration["BaseUrl"] = localPath;
 		}

@ -43,8 +43,8 @@ namespace eShopConContainers.WebSPA

 			services.AddHealthChecks(checks =>
 			{
-                var minutes = 1;
-                if (int.TryParse(Configuration["HealthCheck:Timeout"], out var minutesParsed))
+				int minutes = 1;
+				if (int.TryParse(Configuration["HealthCheck:Timeout"], out int minutesParsed))
 				{
 					minutes = minutesParsed;
 				}
@ -74,6 +74,11 @@ namespace eShopConContainers.WebSPA
 			    .AddJsonOptions(options =>
 			    {
 				    options.SerializerSettings.ContractResolver = new CamelCasePropertyNamesContractResolver();
+			    })
+			    .SetCompatibilityVersion(Microsoft.AspNetCore.Mvc.CompatibilityVersion.Version_2_1);
+			services.AddHttpsRedirection(opts =>
+			{
+				opts.HttpsPort = 4104;
 			});
 		}

@ -89,6 +94,12 @@ namespace eShopConContainers.WebSPA
 			{
 				app.UseDeveloperExceptionPage();
 			}
+			else
+			{
+				app.UseHsts();
+			}
+
+			app.UseHttpsRedirection();

 			// Configure XSRF middleware, This pattern is for SPA style applications where XSRF token is added on Index page 
 			// load and passed back token on every subsequent async request            
@ -105,7 +116,7 @@ namespace eShopConContainers.WebSPA
 			//Seed Data
 			WebContextSeed.Seed(app, env, loggerFactory);

-            var pathBase = Configuration["PATH_BASE"];
+			string pathBase = Configuration["PATH_BASE"];
 			if (!string.IsNullOrEmpty(pathBase))
 			{
 				loggerFactory.CreateLogger("init").LogDebug($"Using PATH BASE '{pathBase}'");
@ -140,7 +151,7 @@ namespace eShopConContainers.WebSPA
 		private void RegisterAppInsights(IServiceCollection services)
 		{
 			services.AddApplicationInsightsTelemetry(Configuration);
-            var orchestratorType = Configuration.GetValue<string>("OrchestratorType");
+			string orchestratorType = Configuration.GetValue<string>("OrchestratorType");

 			if (orchestratorType?.ToUpper() == "K8S")
 			{