diff --git a/src/Services/Identity/Identity.API/Startup.cs b/src/Services/Identity/Identity.API/Startup.cs index 255bb82b5..3bd0bbedc 100644 --- a/src/Services/Identity/Identity.API/Startup.cs +++ b/src/Services/Identity/Identity.API/Startup.cs @@ -1,184 +1,178 @@ -using Autofac; -using Autofac.Extensions.DependencyInjection; -using IdentityServer4.Services; -using Microsoft.ApplicationInsights.Extensibility; -using Microsoft.ApplicationInsights.ServiceFabric; -using Microsoft.AspNetCore.Builder; -using Microsoft.AspNetCore.DataProtection; -using Microsoft.AspNetCore.Hosting; -using Microsoft.AspNetCore.Identity; -using Microsoft.EntityFrameworkCore; -using Microsoft.eShopOnContainers.Services.Identity.API.Certificates; +using Microsoft.eShopOnContainers.Services.Identity.API.Certificates; using Microsoft.eShopOnContainers.Services.Identity.API.Data; using Microsoft.eShopOnContainers.Services.Identity.API.Models; using Microsoft.eShopOnContainers.Services.Identity.API.Services; -using Microsoft.Extensions.Configuration; -using Microsoft.Extensions.DependencyInjection; -using Microsoft.Extensions.HealthChecks; -using Microsoft.Extensions.Logging; -using StackExchange.Redis; -using System; -using System.Reflection; namespace Microsoft.eShopOnContainers.Services.Identity.API { - public class Startup - { - public Startup(IConfiguration configuration) - { - Configuration = configuration; - } - - public IConfiguration Configuration { get; } - - // This method gets called by the runtime. Use this method to add services to the container. - public IServiceProvider ConfigureServices(IServiceCollection services) - { - RegisterAppInsights(services); - - // Add framework services. - services.AddDbContext(options => - options.UseSqlServer(Configuration["ConnectionString"], - sqlServerOptionsAction: sqlOptions => - { - sqlOptions.MigrationsAssembly(typeof(Startup).GetTypeInfo().Assembly.GetName().Name); - //Configuring Connection Resiliency: https://docs.microsoft.com/en-us/ef/core/miscellaneous/connection-resiliency - sqlOptions.EnableRetryOnFailure(maxRetryCount: 15, maxRetryDelay: TimeSpan.FromSeconds(30), errorNumbersToAdd: null); - })); - - services.AddIdentity() - .AddEntityFrameworkStores() - .AddDefaultTokenProviders(); - - services.Configure(Configuration); - - services.AddMvc(); - - if (Configuration.GetValue("IsClusterEnv") == bool.TrueString) - { - services.AddDataProtection(opts => - { - opts.ApplicationDiscriminator = "eshop.identity"; - }) - .PersistKeysToRedis(ConnectionMultiplexer.Connect(Configuration["DPConnectionString"]), "DataProtection-Keys"); - } - - services.AddHealthChecks(checks => - { - var minutes = 1; - if (int.TryParse(Configuration["HealthCheck:Timeout"], out var minutesParsed)) - { - minutes = minutesParsed; - } - checks.AddSqlCheck("Identity_Db", Configuration["ConnectionString"], TimeSpan.FromMinutes(minutes)); - }); - - services.AddTransient, EFLoginService>(); - services.AddTransient(); - - var connectionString = Configuration["ConnectionString"]; - var migrationsAssembly = typeof(Startup).GetTypeInfo().Assembly.GetName().Name; - - // Adds IdentityServer - services.AddIdentityServer(x => x.IssuerUri = "null") - .AddSigningCredential(Certificate.Get()) - .AddAspNetIdentity() - .AddConfigurationStore(options => - { - options.ConfigureDbContext = builder => builder.UseSqlServer(connectionString, - sqlServerOptionsAction: sqlOptions => - { - sqlOptions.MigrationsAssembly(migrationsAssembly); - //Configuring Connection Resiliency: https://docs.microsoft.com/en-us/ef/core/miscellaneous/connection-resiliency - sqlOptions.EnableRetryOnFailure(maxRetryCount: 15, maxRetryDelay: TimeSpan.FromSeconds(30), errorNumbersToAdd: null); - }); - }) - .AddOperationalStore(options => - { - options.ConfigureDbContext = builder => builder.UseSqlServer(connectionString, - sqlServerOptionsAction: sqlOptions => - { - sqlOptions.MigrationsAssembly(migrationsAssembly); - //Configuring Connection Resiliency: https://docs.microsoft.com/en-us/ef/core/miscellaneous/connection-resiliency - sqlOptions.EnableRetryOnFailure(maxRetryCount: 15, maxRetryDelay: TimeSpan.FromSeconds(30), errorNumbersToAdd: null); - }); - }) - .Services.AddTransient(); - - var container = new ContainerBuilder(); - container.Populate(services); - - return new AutofacServiceProvider(container.Build()); - } - - // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. - public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory) - { - loggerFactory.AddConsole(Configuration.GetSection("Logging")); - loggerFactory.AddDebug(); - loggerFactory.AddAzureWebAppDiagnostics(); - loggerFactory.AddApplicationInsights(app.ApplicationServices, LogLevel.Trace); - - if (env.IsDevelopment()) - { - app.UseDeveloperExceptionPage(); - app.UseDatabaseErrorPage(); - } - else - { - app.UseExceptionHandler("/Home/Error"); - } - - var pathBase = Configuration["PATH_BASE"]; - if (!string.IsNullOrEmpty(pathBase)) - { - loggerFactory.CreateLogger("init").LogDebug($"Using PATH BASE '{pathBase}'"); - app.UsePathBase(pathBase); - } + public class Startup + { + public Startup(IConfiguration configuration) + { + Configuration = configuration; + } + + public IConfiguration Configuration { get; } + + // This method gets called by the runtime. Use this method to add services to the container. + public IServiceProvider ConfigureServices(IServiceCollection services) + { + RegisterAppInsights(services); + + // Add framework services. + services.AddDbContext(options => + options.UseSqlServer(Configuration["ConnectionString"], + sqlServerOptionsAction: sqlOptions => + { + sqlOptions.MigrationsAssembly(typeof(Startup).GetTypeInfo().Assembly.GetName().Name); + //Configuring Connection Resiliency: https://docs.microsoft.com/en-us/ef/core/miscellaneous/connection-resiliency + sqlOptions.EnableRetryOnFailure(maxRetryCount: 15, maxRetryDelay: TimeSpan.FromSeconds(30), errorNumbersToAdd: null); + })); + + services.AddIdentity() + .AddEntityFrameworkStores() + .AddDefaultTokenProviders(); + + services.Configure(Configuration); + + services.AddMvc(opts => + { + opts.SslPort = 4105; + opts.RequireHttpsPermanent = true; + }); + + services.AddHttpsRedirection(opts => + { + opts.HttpsPort = 4105; + }); + + if (Configuration.GetValue("IsClusterEnv") == bool.TrueString) + { + services.AddDataProtection(opts => + { + opts.ApplicationDiscriminator = "eshop.identity"; + }) + .PersistKeysToRedis(ConnectionMultiplexer.Connect(Configuration["DPConnectionString"]), "DataProtection-Keys"); + } + + services.AddHealthChecks(checks => + { + var minutes = 1; + if (int.TryParse(Configuration["HealthCheck:Timeout"], out var minutesParsed)) + { + minutes = minutesParsed; + } + checks.AddSqlCheck("Identity_Db", Configuration["ConnectionString"], TimeSpan.FromMinutes(minutes)); + }); + + services.AddTransient, EFLoginService>(); + services.AddTransient(); + + var connectionString = Configuration["ConnectionString"]; + var migrationsAssembly = typeof(Startup).GetTypeInfo().Assembly.GetName().Name; + + // Adds IdentityServer + services.AddIdentityServer(x => x.IssuerUri = "null") + .AddSigningCredential(Certificate.Get()) + .AddAspNetIdentity() + .AddConfigurationStore(options => + { + options.ConfigureDbContext = builder => builder.UseSqlServer(connectionString, + sqlServerOptionsAction: sqlOptions => + { + sqlOptions.MigrationsAssembly(migrationsAssembly); + //Configuring Connection Resiliency: https://docs.microsoft.com/en-us/ef/core/miscellaneous/connection-resiliency + sqlOptions.EnableRetryOnFailure(maxRetryCount: 15, maxRetryDelay: TimeSpan.FromSeconds(30), errorNumbersToAdd: null); + }); + }) + .AddOperationalStore(options => + { + options.ConfigureDbContext = builder => builder.UseSqlServer(connectionString, + sqlServerOptionsAction: sqlOptions => + { + sqlOptions.MigrationsAssembly(migrationsAssembly); + //Configuring Connection Resiliency: https://docs.microsoft.com/en-us/ef/core/miscellaneous/connection-resiliency + sqlOptions.EnableRetryOnFailure(maxRetryCount: 15, maxRetryDelay: TimeSpan.FromSeconds(30), errorNumbersToAdd: null); + }); + }) + .Services.AddTransient(); + + var container = new ContainerBuilder(); + container.Populate(services); + + return new AutofacServiceProvider(container.Build()); + } + + // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. + public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory) + { + loggerFactory.AddConsole(Configuration.GetSection("Logging")); + loggerFactory.AddDebug(); + loggerFactory.AddAzureWebAppDiagnostics(); + loggerFactory.AddApplicationInsights(app.ApplicationServices, LogLevel.Trace); + + if (env.IsDevelopment()) + { + app.UseDeveloperExceptionPage(); + app.UseDatabaseErrorPage(); + } + else + { + app.UseExceptionHandler("/Home/Error"); + } + + app.UseHttpsRedirection(); + + var pathBase = Configuration["PATH_BASE"]; + if (!string.IsNullOrEmpty(pathBase)) + { + loggerFactory.CreateLogger("init").LogDebug($"Using PATH BASE '{pathBase}'"); + app.UsePathBase(pathBase); + } #pragma warning disable CS1998 // Async method lacks 'await' operators and will run synchronously - app.Map("/liveness", lapp => lapp.Run(async ctx => ctx.Response.StatusCode = 200)); + app.Map("/liveness", lapp => lapp.Run(async ctx => ctx.Response.StatusCode = 200)); #pragma warning restore CS1998 // Async method lacks 'await' operators and will run synchronously - app.UseStaticFiles(); - - - // Make work identity server redirections in Edge and lastest versions of browers. WARN: Not valid in a production environment. - app.Use(async (context, next) => - { - context.Response.Headers.Add("Content-Security-Policy", "script-src 'unsafe-inline'"); - await next(); - }); - - app.UseForwardedHeaders(); - // Adds IdentityServer - app.UseIdentityServer(); - - app.UseMvc(routes => - { - routes.MapRoute( - name: "default", - template: "{controller=Home}/{action=Index}/{id?}"); - }); - } - - private void RegisterAppInsights(IServiceCollection services) - { - services.AddApplicationInsightsTelemetry(Configuration); - var orchestratorType = Configuration.GetValue("OrchestratorType"); - - if (orchestratorType?.ToUpper() == "K8S") - { - // Enable K8s telemetry initializer - services.EnableKubernetes(); - } - if (orchestratorType?.ToUpper() == "SF") - { - // Enable SF telemetry initializer - services.AddSingleton((serviceProvider) => - new FabricTelemetryInitializer()); - } - } - } + app.UseStaticFiles(); + + + // Make work identity server redirections in Edge and lastest versions of browers. WARN: Not valid in a production environment. + app.Use(async (context, next) => + { + context.Response.Headers.Add("Content-Security-Policy", "script-src 'unsafe-inline'"); + await next(); + }); + + app.UseForwardedHeaders(); + // Adds IdentityServer + app.UseIdentityServer(); + + app.UseMvc(routes => + { + routes.MapRoute( + name: "default", + template: "{controller=Home}/{action=Index}/{id?}"); + }); + } + + private void RegisterAppInsights(IServiceCollection services) + { + services.AddApplicationInsightsTelemetry(Configuration); + var orchestratorType = Configuration.GetValue("OrchestratorType"); + + if (orchestratorType?.ToUpper() == "K8S") + { + // Enable K8s telemetry initializer + services.EnableKubernetes(); + } + if (orchestratorType?.ToUpper() == "SF") + { + // Enable SF telemetry initializer + services.AddSingleton((serviceProvider) => + new FabricTelemetryInitializer()); + } + } + } } diff --git a/src/Web/WebMVC/Startup.cs b/src/Web/WebMVC/Startup.cs index 3b1f87cb2..d6b044ce7 100644 --- a/src/Web/WebMVC/Startup.cs +++ b/src/Web/WebMVC/Startup.cs @@ -41,6 +41,10 @@ namespace Microsoft.eShopOnContainers.WebMVC opts.CheckConsentNeeded = context => true; opts.MinimumSameSitePolicy = SameSiteMode.None; }); + services.AddHttpsRedirection(opts=> + { + opts.HttpsPort = 4100; + }); services.AddAppInsight(Configuration) .AddHealthChecks(Configuration) .AddCustomMvc(Configuration) @@ -73,7 +77,7 @@ namespace Microsoft.eShopOnContainers.WebMVC app.UsePathBase(pathBase); } - + app.UseHttpsRedirection(); app.UseCookiePolicy(); #pragma warning disable CS1998 // Async method lacks 'await' operators and will run synchronously @@ -156,7 +160,11 @@ namespace Microsoft.eShopOnContainers.WebMVC services.AddOptions(); services.Configure(configuration); - services.AddMvc(); + services.AddMvc(opts=> + { + opts.SslPort = 4100; + opts.RequireHttpsPermanent = true; + }); services.AddSession(); diff --git a/src/Web/WebSPA/Startup.cs b/src/Web/WebSPA/Startup.cs index f49eba772..434ea3a97 100644 --- a/src/Web/WebSPA/Startup.cs +++ b/src/Web/WebSPA/Startup.cs @@ -1,158 +1,156 @@ using eShopOnContainers.WebSPA; -using Microsoft.ApplicationInsights.Extensibility; -using Microsoft.ApplicationInsights.ServiceFabric; -using Microsoft.AspNetCore.Antiforgery; -using Microsoft.AspNetCore.Builder; -using Microsoft.AspNetCore.DataProtection; -using Microsoft.AspNetCore.Hosting; -using Microsoft.Extensions.Configuration; -using Microsoft.Extensions.DependencyInjection; -using Microsoft.Extensions.HealthChecks; -using Microsoft.Extensions.Logging; -using Newtonsoft.Json.Serialization; -using StackExchange.Redis; -using System; -using System.IO; using WebSPA.Infrastructure; namespace eShopConContainers.WebSPA { - public class Startup - { - public Startup(IConfiguration configuration) - { - Configuration = configuration; - } - - public IConfiguration Configuration { get; } - - private IHostingEnvironment _hostingEnv; - public Startup(IHostingEnvironment env) - { - _hostingEnv = env; - - var localPath = new Uri(Configuration["ASPNETCORE_URLS"])?.LocalPath ?? "/"; - Configuration["BaseUrl"] = localPath; - } - - // This method gets called by the runtime. Use this method to add services to the container. - // For more information on how to configure your application, visit http://go.microsoft.com/fwlink/?LinkID=398940 - public void ConfigureServices(IServiceCollection services) - { - RegisterAppInsights(services); - - services.AddHealthChecks(checks => - { - var minutes = 1; - if (int.TryParse(Configuration["HealthCheck:Timeout"], out var minutesParsed)) - { - minutes = minutesParsed; - } - - checks.AddUrlCheck(Configuration["CatalogUrlHC"], TimeSpan.FromMinutes(minutes)); - checks.AddUrlCheck(Configuration["OrderingUrlHC"], TimeSpan.FromMinutes(minutes)); - checks.AddUrlCheck(Configuration["BasketUrlHC"], TimeSpan.Zero); //No cache for this HealthCheck, better just for demos - checks.AddUrlCheck(Configuration["IdentityUrlHC"], TimeSpan.FromMinutes(minutes)); - checks.AddUrlCheck(Configuration["MarketingUrlHC"], TimeSpan.FromMinutes(minutes)); - - }); - - services.Configure(Configuration); - - if (Configuration.GetValue("IsClusterEnv") == bool.TrueString) - { - services.AddDataProtection(opts => - { - opts.ApplicationDiscriminator = "eshop.webspa"; - }) - .PersistKeysToRedis(ConnectionMultiplexer.Connect(Configuration["DPConnectionString"]), "DataProtection-Keys"); - } - - services.AddAntiforgery(options => options.HeaderName = "X-XSRF-TOKEN"); - - services.AddMvc() - .AddJsonOptions(options => - { - options.SerializerSettings.ContractResolver = new CamelCasePropertyNamesContractResolver(); - }); - } - - - // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. - public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory, IAntiforgery antiforgery) - { - - loggerFactory.AddAzureWebAppDiagnostics(); - loggerFactory.AddApplicationInsights(app.ApplicationServices, LogLevel.Trace); - - if (env.IsDevelopment()) - { - app.UseDeveloperExceptionPage(); - } - - // Configure XSRF middleware, This pattern is for SPA style applications where XSRF token is added on Index page - // load and passed back token on every subsequent async request - // app.Use(async (context, next) => - // { - // if (string.Equals(context.Request.Path.Value, "/", StringComparison.OrdinalIgnoreCase)) - // { - // var tokens = antiforgery.GetAndStoreTokens(context); - // context.Response.Cookies.Append("XSRF-TOKEN", tokens.RequestToken, new CookieOptions() { HttpOnly = false }); - // } - // await next.Invoke(); - // }); - - //Seed Data - WebContextSeed.Seed(app, env, loggerFactory); - - var pathBase = Configuration["PATH_BASE"]; - if (!string.IsNullOrEmpty(pathBase)) - { - loggerFactory.CreateLogger("init").LogDebug($"Using PATH BASE '{pathBase}'"); - app.UsePathBase(pathBase); - } + public class Startup + { + public Startup(IConfiguration configuration) + { + Configuration = configuration; + } + + public IConfiguration Configuration { get; } + + private readonly IHostingEnvironment _hostingEnv; + public Startup(IHostingEnvironment env) + { + _hostingEnv = env; + + var localPath = new Uri(Configuration["ASPNETCORE_URLS"])?.LocalPath ?? "/"; + Configuration["BaseUrl"] = localPath; + } + + // This method gets called by the runtime. Use this method to add services to the container. + // For more information on how to configure your application, visit http://go.microsoft.com/fwlink/?LinkID=398940 + public void ConfigureServices(IServiceCollection services) + { + RegisterAppInsights(services); + + services.AddHealthChecks(checks => + { + var minutes = 1; + if (int.TryParse(Configuration["HealthCheck:Timeout"], out var minutesParsed)) + { + minutes = minutesParsed; + } + + checks.AddUrlCheck(Configuration["CatalogUrlHC"], TimeSpan.FromMinutes(minutes)); + checks.AddUrlCheck(Configuration["OrderingUrlHC"], TimeSpan.FromMinutes(minutes)); + checks.AddUrlCheck(Configuration["BasketUrlHC"], TimeSpan.Zero); //No cache for this HealthCheck, better just for demos + checks.AddUrlCheck(Configuration["IdentityUrlHC"], TimeSpan.FromMinutes(minutes)); + checks.AddUrlCheck(Configuration["MarketingUrlHC"], TimeSpan.FromMinutes(minutes)); + + }); + + services.Configure(Configuration); + + if (Configuration.GetValue("IsClusterEnv") == bool.TrueString) + { + services.AddDataProtection(opts => + { + opts.ApplicationDiscriminator = "eshop.webspa"; + }) + .PersistKeysToRedis(ConnectionMultiplexer.Connect(Configuration["DPConnectionString"]), "DataProtection-Keys"); + } + + services.AddAntiforgery(options => options.HeaderName = "X-XSRF-TOKEN"); + + services + .AddMvc(opts => + { + opts.SslPort = 4104; + opts.RequireHttpsPermanent = true; + }) + .AddJsonOptions(options => + { + options.SerializerSettings.ContractResolver = new CamelCasePropertyNamesContractResolver(); + }); + + services.AddHttpsRedirection(opts => + { + opts.HttpsPort = 4104; + }); + } + + + // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. + public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory, IAntiforgery antiforgery) + { + + loggerFactory.AddAzureWebAppDiagnostics(); + loggerFactory.AddApplicationInsights(app.ApplicationServices, LogLevel.Trace); + + if (env.IsDevelopment()) + { + app.UseDeveloperExceptionPage(); + } + + app.UseHttpsRedirection(); + + // Configure XSRF middleware, This pattern is for SPA style applications where XSRF token is added on Index page + // load and passed back token on every subsequent async request + // app.Use(async (context, next) => + // { + // if (string.Equals(context.Request.Path.Value, "/", StringComparison.OrdinalIgnoreCase)) + // { + // var tokens = antiforgery.GetAndStoreTokens(context); + // context.Response.Cookies.Append("XSRF-TOKEN", tokens.RequestToken, new CookieOptions() { HttpOnly = false }); + // } + // await next.Invoke(); + // }); + + //Seed Data + WebContextSeed.Seed(app, env, loggerFactory); + + var pathBase = Configuration["PATH_BASE"]; + if (!string.IsNullOrEmpty(pathBase)) + { + loggerFactory.CreateLogger("init").LogDebug($"Using PATH BASE '{pathBase}'"); + app.UsePathBase(pathBase); + } #pragma warning disable CS1998 // Async method lacks 'await' operators and will run synchronously - app.Map("/liveness", lapp => lapp.Run(async ctx => ctx.Response.StatusCode = 200)); + app.Map("/liveness", lapp => lapp.Run(async ctx => ctx.Response.StatusCode = 200)); #pragma warning restore CS1998 // Async method lacks 'await' operators and will run synchronously - app.Use(async (context, next) => - { - await next(); - - // If there's no available file and the request doesn't contain an extension, we're probably trying to access a page. - // Rewrite request to use app root - if (context.Response.StatusCode == 404 && !Path.HasExtension(context.Request.Path.Value) && !context.Request.Path.Value.StartsWith("/api")) - { - context.Request.Path = "/index.html"; - context.Response.StatusCode = 200; // Make sure we update the status code, otherwise it returns 404 - await next(); - } - }); - - app.UseDefaultFiles(); - app.UseStaticFiles(); - - app.UseMvcWithDefaultRoute(); - } - - private void RegisterAppInsights(IServiceCollection services) - { - services.AddApplicationInsightsTelemetry(Configuration); - var orchestratorType = Configuration.GetValue("OrchestratorType"); - - if (orchestratorType?.ToUpper() == "K8S") - { - // Enable K8s telemetry initializer - services.EnableKubernetes(); - } - if (orchestratorType?.ToUpper() == "SF") - { - // Enable SF telemetry initializer - services.AddSingleton((serviceProvider) => - new FabricTelemetryInitializer()); - } - } - } + app.Use(async (context, next) => + { + await next(); + + // If there's no available file and the request doesn't contain an extension, we're probably trying to access a page. + // Rewrite request to use app root + if (context.Response.StatusCode == 404 && !Path.HasExtension(context.Request.Path.Value) && !context.Request.Path.Value.StartsWith("/api")) + { + context.Request.Path = "/index.html"; + context.Response.StatusCode = 200; // Make sure we update the status code, otherwise it returns 404 + await next(); + } + }); + + app.UseDefaultFiles(); + app.UseStaticFiles(); + + app.UseMvcWithDefaultRoute(); + } + + private void RegisterAppInsights(IServiceCollection services) + { + services.AddApplicationInsightsTelemetry(Configuration); + var orchestratorType = Configuration.GetValue("OrchestratorType"); + + if (orchestratorType?.ToUpper() == "K8S") + { + // Enable K8s telemetry initializer + services.EnableKubernetes(); + } + if (orchestratorType?.ToUpper() == "SF") + { + // Enable SF telemetry initializer + services.AddSingleton((serviceProvider) => + new FabricTelemetryInitializer()); + } + } + } }