From c52484859f724d0748ef23bbf49924869dfaf655 Mon Sep 17 00:00:00 2001 From: Erik Pique Date: Mon, 5 Aug 2019 15:03:57 +0200 Subject: [PATCH] change bff to 2.2 and fix mvc routing --- src/ApiGateways/ApiGw-Base/Dockerfile | 5 +- .../Mobile.Bff.Shopping/aggregator/Dockerfile | 4 +- .../Filters/AuthorizeCheckOperationFilter.cs | 19 ++-- .../Mobile.Shopping.HttpAggregator.csproj | 34 ++++++- .../Mobile.Bff.Shopping/aggregator/Startup.cs | 95 ++++++++++--------- .../Web.Bff.Shopping/aggregator/Dockerfile | 4 +- .../Filters/AuthorizeCheckOperationFilter.cs | 19 ++-- .../Web.Bff.Shopping/aggregator/Startup.cs | 60 +++++------- .../Web.Shopping.HttpAggregator.csproj | 33 ++++++- .../Devspaces.Support.csproj | 2 +- .../WebMVC/Controllers/AccountController.cs | 5 +- .../WebMVC/Controllers/CampaignsController.cs | 2 +- src/Web/WebMVC/Controllers/CartController.cs | 2 +- src/Web/WebMVC/Controllers/OrderController.cs | 2 +- .../Controllers/OrderManagementController.cs | 2 +- src/Web/WebMVC/Startup.cs | 34 ++++--- 16 files changed, 185 insertions(+), 137 deletions(-) diff --git a/src/ApiGateways/ApiGw-Base/Dockerfile b/src/ApiGateways/ApiGw-Base/Dockerfile index 0d66ada6b..7a5bb928c 100644 --- a/src/ApiGateways/ApiGw-Base/Dockerfile +++ b/src/ApiGateways/ApiGw-Base/Dockerfile @@ -1,10 +1,9 @@ -FROM mcr.microsoft.com/dotnet/core/aspnet:3.0-buster-slim AS base +FROM mcr.microsoft.com/dotnet/core/aspnet:2.2 AS base WORKDIR /app EXPOSE 80 -FROM mcr.microsoft.com/dotnet/core/sdk:3.0-buster AS build +FROM mcr.microsoft.com/dotnet/core/sdk:2.2 AS build WORKDIR /src - COPY scripts scripts/ COPY src/ApiGateways/*/*.csproj /src/csproj-files/ diff --git a/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Dockerfile b/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Dockerfile index 3d89c9b27..9b03eccbd 100644 --- a/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Dockerfile +++ b/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Dockerfile @@ -1,8 +1,8 @@ -FROM mcr.microsoft.com/dotnet/core/aspnet:3.0-buster-slim AS base +FROM mcr.microsoft.com/dotnet/core/aspnet:2.2 AS base WORKDIR /app EXPOSE 80 -FROM mcr.microsoft.com/dotnet/core/sdk:3.0-buster AS build +FROM mcr.microsoft.com/dotnet/core/sdk:2.2 AS build WORKDIR /src COPY scripts scripts/ diff --git a/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Filters/AuthorizeCheckOperationFilter.cs b/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Filters/AuthorizeCheckOperationFilter.cs index 3b8298bfe..21997360b 100644 --- a/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Filters/AuthorizeCheckOperationFilter.cs +++ b/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Filters/AuthorizeCheckOperationFilter.cs @@ -1,7 +1,7 @@ namespace Microsoft.eShopOnContainers.Mobile.Shopping.HttpAggregator.Filters { using Microsoft.AspNetCore.Authorization; - using Microsoft.OpenApi.Models; + using Swashbuckle.AspNetCore.Swagger; using Swashbuckle.AspNetCore.SwaggerGen; using System.Collections.Generic; using System.Linq; @@ -10,7 +10,7 @@ { public class AuthorizeCheckOperationFilter : IOperationFilter { - public void Apply(OpenApiOperation operation, OperationFilterContext context) + public void Apply(Operation operation, OperationFilterContext context) { // Check for authorize attribute var hasAuthorize = context.MethodInfo.DeclaringType.GetCustomAttributes(true).OfType().Any() || @@ -18,19 +18,14 @@ if (!hasAuthorize) return; - operation.Responses.TryAdd("401", new OpenApiResponse { Description = "Unauthorized" }); - operation.Responses.TryAdd("403", new OpenApiResponse { Description = "Forbidden" }); + operation.Responses.TryAdd("401", new Response { Description = "Unauthorized" }); + operation.Responses.TryAdd("403", new Response { Description = "Forbidden" }); - var oAuthScheme = new OpenApiSecurityScheme + operation.Security = new List>> { - Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "oauth2" } - }; - - operation.Security = new List - { - new OpenApiSecurityRequirement + new Dictionary> { - [ oAuthScheme ] = new [] { "Microsoft.eShopOnContainers.Mobile.Shopping.HttpAggregator" } + { "oauth2", new [] { "Microsoft.eShopOnContainers.Mobile.Shopping.HttpAggregator" } } } }; } diff --git a/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Mobile.Shopping.HttpAggregator.csproj b/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Mobile.Shopping.HttpAggregator.csproj index fdf05ab76..57efd4a9f 100644 --- a/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Mobile.Shopping.HttpAggregator.csproj +++ b/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Mobile.Shopping.HttpAggregator.csproj @@ -1,4 +1,4 @@ - + + + + + netcoreapp2.2 + Mobile.Shopping.HttpAggregator + Microsoft.eShopOnContainers.Mobile.Shopping.HttpAggregator + ..\..\..\docker-compose.dcproj + $(LangVersion) + + + + + + + + + + + + + + + + + + + + + + + diff --git a/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Startup.cs b/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Startup.cs index 602477dde..c60cb787a 100644 --- a/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Startup.cs +++ b/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Startup.cs @@ -5,6 +5,7 @@ using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Diagnostics.HealthChecks; using Microsoft.AspNetCore.Hosting; using Microsoft.AspNetCore.Http; +using Microsoft.AspNetCore.Mvc; using Microsoft.eShopOnContainers.Mobile.Shopping.HttpAggregator.Config; using Microsoft.eShopOnContainers.Mobile.Shopping.HttpAggregator.Filters.Basket.API.Infrastructure.Filters; using Microsoft.eShopOnContainers.Mobile.Shopping.HttpAggregator.Infrastructure; @@ -13,9 +14,9 @@ using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Diagnostics.HealthChecks; using Microsoft.Extensions.Logging; -using Microsoft.OpenApi.Models; using Polly; using Polly.Extensions.Http; +using Swashbuckle.AspNetCore.Swagger; using System; using System.Collections.Generic; using System.IdentityModel.Tokens.Jwt; @@ -45,12 +46,10 @@ namespace Microsoft.eShopOnContainers.Mobile.Shopping.HttpAggregator .AddUrlGroup(new Uri(Configuration["PaymentUrlHC"]), name: "paymentapi-check", tags: new string[] { "paymentapi" }) .AddUrlGroup(new Uri(Configuration["LocationUrlHC"]), name: "locationapi-check", tags: new string[] { "locationapi" }); - services.AddCustomRouting(Configuration) + services.AddCustomMvc(Configuration) .AddCustomAuthentication(Configuration) .AddDevspaces() .AddHttpServices(); - - services.AddControllers().AddNewtonsoftJson(); } // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. @@ -64,6 +63,17 @@ namespace Microsoft.eShopOnContainers.Mobile.Shopping.HttpAggregator app.UsePathBase(pathBase); } + app.UseHealthChecks("/hc", new HealthCheckOptions() + { + Predicate = _ => true, + ResponseWriter = UIResponseWriter.WriteHealthCheckUIResponse + }); + + app.UseHealthChecks("/liveness", new HealthCheckOptions + { + Predicate = r => r.Name.Contains("self") + }); + app.UseCors("CorsPolicy"); if (env.IsDevelopment()) @@ -76,68 +86,52 @@ namespace Microsoft.eShopOnContainers.Mobile.Shopping.HttpAggregator app.UseHsts(); } - app.UseHttpsRedirection(); - app.UseRouting(); app.UseAuthentication(); - app.UseAuthorization(); - app.UseEndpoints(endpoints => - { - endpoints.MapDefaultControllerRoute(); - endpoints.MapControllers(); - endpoints.MapHealthChecks("/hc", new HealthCheckOptions() - { - Predicate = _ => true, - ResponseWriter = UIResponseWriter.WriteHealthCheckUIResponse - }); - endpoints.MapHealthChecks("/liveness", new HealthCheckOptions - { - Predicate = r => r.Name.Contains("self") - }); - }); + app.UseHttpsRedirection(); + app.UseMvc(); app.UseSwagger().UseSwaggerUI(c => - { - c.SwaggerEndpoint($"{ (!string.IsNullOrEmpty(pathBase) ? pathBase : string.Empty) }/swagger/v1/swagger.json", "Purchase BFF V1"); - - c.OAuthClientId("Microsoft.eShopOnContainers.Mobile.Shopping.HttpAggregatorwaggerui"); - c.OAuthClientSecret(string.Empty); - c.OAuthRealm(string.Empty); - c.OAuthAppName("Purchase BFF Swagger UI"); - }); + { + c.SwaggerEndpoint($"{ (!string.IsNullOrEmpty(pathBase) ? pathBase : string.Empty) }/swagger/v1/swagger.json", "Purchase BFF V1"); + + c.OAuthClientId("Microsoft.eShopOnContainers.Mobile.Shopping.HttpAggregatorwaggerui"); + c.OAuthClientSecret(string.Empty); + c.OAuthRealm(string.Empty); + c.OAuthAppName("Purchase BFF Swagger UI"); + }); } } public static class ServiceCollectionExtensions { - public static IServiceCollection AddCustomRouting(this IServiceCollection services, IConfiguration configuration) + public static IServiceCollection AddCustomMvc(this IServiceCollection services, IConfiguration configuration) { services.AddOptions(); services.Configure(configuration.GetSection("urls")); - services.AddControllers().AddNewtonsoftJson(); + + services.AddMvc() + .SetCompatibilityVersion(CompatibilityVersion.Version_2_2); + services.AddSwaggerGen(options => { options.DescribeAllEnumsAsStrings(); - options.SwaggerDoc("v1", new OpenApiInfo + options.SwaggerDoc("v1", new Swashbuckle.AspNetCore.Swagger.Info { - Title = "eShopOnContainers - Shopping Aggregator for Mobile Clients", + Title = "Shopping Aggregator for Mobile Clients", Version = "v1", - Description = "Shopping Aggregator for Mobile Clients" + Description = "Shopping Aggregator for Mobile Clients", + TermsOfService = "Terms Of Service" }); - options.AddSecurityDefinition("oauth2", new OpenApiSecurityScheme + options.AddSecurityDefinition("oauth2", new OAuth2Scheme { - Type = SecuritySchemeType.OAuth2, - Flows = new OpenApiOAuthFlows() + Type = "oauth2", + Flow = "implicit", + AuthorizationUrl = $"{configuration.GetValue("IdentityUrlExternal")}/connect/authorize", + TokenUrl = $"{configuration.GetValue("IdentityUrlExternal")}/connect/token", + Scopes = new Dictionary() { - Implicit = new OpenApiOAuthFlow() - { - AuthorizationUrl = new Uri($"{configuration.GetValue("IdentityUrlExternal")}/connect/authorize"), - TokenUrl = new Uri($"{configuration.GetValue("IdentityUrlExternal")}/connect/token"), - Scopes = new Dictionary() - { - { "marketing", "Marketing API" } - } - } + { "mobileshoppingagg", "Shopping Aggregator for Mobile Clients" } } }); @@ -172,6 +166,15 @@ namespace Microsoft.eShopOnContainers.Mobile.Shopping.HttpAggregator options.Authority = identityUrl; options.RequireHttpsMetadata = false; options.Audience = "mobileshoppingagg"; + options.Events = new JwtBearerEvents() + { + OnAuthenticationFailed = async ctx => + { + }, + OnTokenValidated = async ctx => + { + } + }; }); return services; diff --git a/src/ApiGateways/Web.Bff.Shopping/aggregator/Dockerfile b/src/ApiGateways/Web.Bff.Shopping/aggregator/Dockerfile index 2a3b551a2..fbce2f0ab 100644 --- a/src/ApiGateways/Web.Bff.Shopping/aggregator/Dockerfile +++ b/src/ApiGateways/Web.Bff.Shopping/aggregator/Dockerfile @@ -1,8 +1,8 @@ -FROM mcr.microsoft.com/dotnet/core/aspnet:3.0-buster-slim AS base +FROM mcr.microsoft.com/dotnet/core/aspnet:2.2 AS base WORKDIR /app EXPOSE 80 -FROM mcr.microsoft.com/dotnet/core/sdk:3.0-buster AS build +FROM mcr.microsoft.com/dotnet/core/sdk:2.2 AS build WORKDIR /src COPY scripts scripts/ diff --git a/src/ApiGateways/Web.Bff.Shopping/aggregator/Filters/AuthorizeCheckOperationFilter.cs b/src/ApiGateways/Web.Bff.Shopping/aggregator/Filters/AuthorizeCheckOperationFilter.cs index 45c191104..e93ec157c 100644 --- a/src/ApiGateways/Web.Bff.Shopping/aggregator/Filters/AuthorizeCheckOperationFilter.cs +++ b/src/ApiGateways/Web.Bff.Shopping/aggregator/Filters/AuthorizeCheckOperationFilter.cs @@ -1,7 +1,7 @@ namespace Microsoft.eShopOnContainers.Web.Shopping.HttpAggregator.Filters { using Microsoft.AspNetCore.Authorization; - using Microsoft.OpenApi.Models; + using Swashbuckle.AspNetCore.Swagger; using Swashbuckle.AspNetCore.SwaggerGen; using System.Collections.Generic; using System.Linq; @@ -10,7 +10,7 @@ { public class AuthorizeCheckOperationFilter : IOperationFilter { - public void Apply(OpenApiOperation operation, OperationFilterContext context) + public void Apply(Operation operation, OperationFilterContext context) { // Check for authorize attribute var hasAuthorize = context.MethodInfo.DeclaringType.GetCustomAttributes(true).OfType().Any() || @@ -18,19 +18,14 @@ if (!hasAuthorize) return; - operation.Responses.TryAdd("401", new OpenApiResponse { Description = "Unauthorized" }); - operation.Responses.TryAdd("403", new OpenApiResponse { Description = "Forbidden" }); + operation.Responses.TryAdd("401", new Response { Description = "Unauthorized" }); + operation.Responses.TryAdd("403", new Response { Description = "Forbidden" }); - var oAuthScheme = new OpenApiSecurityScheme + operation.Security = new List>> { - Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "oauth2" } - }; - - operation.Security = new List - { - new OpenApiSecurityRequirement + new Dictionary> { - [ oAuthScheme ] = new [] { "Microsoft.eShopOnContainers.Web.Shopping.HttpAggregator" } + { "oauth2", new [] { "Microsoft.eShopOnContainers.Web.Shopping.HttpAggregator" } } } }; } diff --git a/src/ApiGateways/Web.Bff.Shopping/aggregator/Startup.cs b/src/ApiGateways/Web.Bff.Shopping/aggregator/Startup.cs index 257334aa3..9b144db48 100644 --- a/src/ApiGateways/Web.Bff.Shopping/aggregator/Startup.cs +++ b/src/ApiGateways/Web.Bff.Shopping/aggregator/Startup.cs @@ -14,9 +14,9 @@ using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Diagnostics.HealthChecks; using Microsoft.Extensions.Logging; -using Microsoft.OpenApi.Models; using Polly; using Polly.Extensions.Http; +using Swashbuckle.AspNetCore.Swagger; using System; using System.Collections.Generic; using System.IdentityModel.Tokens.Jwt; @@ -50,8 +50,6 @@ namespace Microsoft.eShopOnContainers.Web.Shopping.HttpAggregator .AddCustomAuthentication(Configuration) .AddDevspaces() .AddApplicationServices(); - - services.AddControllers().AddNewtonsoftJson(); } // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. @@ -64,6 +62,17 @@ namespace Microsoft.eShopOnContainers.Web.Shopping.HttpAggregator app.UsePathBase(pathBase); } + app.UseHealthChecks("/hc", new HealthCheckOptions() + { + Predicate = _ => true, + ResponseWriter = UIResponseWriter.WriteHealthCheckUIResponse + }); + + app.UseHealthChecks("/liveness", new HealthCheckOptions + { + Predicate = r => r.Name.Contains("self") + }); + app.UseCors("CorsPolicy"); if (env.IsDevelopment()) @@ -77,23 +86,8 @@ namespace Microsoft.eShopOnContainers.Web.Shopping.HttpAggregator } app.UseAuthentication(); - app.UseAuthorization(); app.UseHttpsRedirection(); - app.UseRouting(); - app.UseEndpoints(endpoints => - { - endpoints.MapDefaultControllerRoute(); - endpoints.MapControllers(); - endpoints.MapHealthChecks("/hc", new HealthCheckOptions() - { - Predicate = _ => true, - ResponseWriter = UIResponseWriter.WriteHealthCheckUIResponse - }); - endpoints.MapHealthChecks("/liveness", new HealthCheckOptions - { - Predicate = r => r.Name.Contains("self") - }); - }); + app.UseMvc(); app.UseSwagger() .UseSwaggerUI(c => @@ -142,32 +136,28 @@ namespace Microsoft.eShopOnContainers.Web.Shopping.HttpAggregator services.Configure(configuration.GetSection("urls")); services.AddMvc() - .SetCompatibilityVersion(CompatibilityVersion.Version_3_0); + .SetCompatibilityVersion(CompatibilityVersion.Version_2_2); services.AddSwaggerGen(options => { options.DescribeAllEnumsAsStrings(); - options.SwaggerDoc("v1", new OpenApiInfo + options.SwaggerDoc("v1", new Swashbuckle.AspNetCore.Swagger.Info { - Title = "eShopOnContainers - Shopping Aggregator for Web Clients", + Title = "Shopping Aggregator for Web Clients", Version = "v1", - Description = "Shopping Aggregator for Web Clients" + Description = "Shopping Aggregator for Web Clients", + TermsOfService = "Terms Of Service" }); - options.AddSecurityDefinition("oauth2", new OpenApiSecurityScheme + options.AddSecurityDefinition("oauth2", new OAuth2Scheme { - Type = SecuritySchemeType.OAuth2, - Flows = new OpenApiOAuthFlows() + Type = "oauth2", + Flow = "implicit", + AuthorizationUrl = $"{configuration.GetValue("IdentityUrlExternal")}/connect/authorize", + TokenUrl = $"{configuration.GetValue("IdentityUrlExternal")}/connect/token", + Scopes = new Dictionary() { - Implicit = new OpenApiOAuthFlow() - { - AuthorizationUrl = new Uri($"{configuration.GetValue("IdentityUrlExternal")}/connect/authorize"), - TokenUrl = new Uri($"{configuration.GetValue("IdentityUrlExternal")}/connect/token"), - Scopes = new Dictionary() - { - { "webshoppingagg", "Shopping Aggregator for Web Clients" } - } - } + { "webshoppingagg", "Shopping Aggregator for Web Clients" } } }); diff --git a/src/ApiGateways/Web.Bff.Shopping/aggregator/Web.Shopping.HttpAggregator.csproj b/src/ApiGateways/Web.Bff.Shopping/aggregator/Web.Shopping.HttpAggregator.csproj index a3eaa1ae6..ef610d572 100644 --- a/src/ApiGateways/Web.Bff.Shopping/aggregator/Web.Shopping.HttpAggregator.csproj +++ b/src/ApiGateways/Web.Bff.Shopping/aggregator/Web.Shopping.HttpAggregator.csproj @@ -1,4 +1,4 @@ - + + + + + netcoreapp2.2 + Web.Shopping.HttpAggregator + Microsoft.eShopOnContainers.Web.Shopping.HttpAggregator + ..\..\..\docker-compose.dcproj + $(LangVersion) + + + + + + + + + + + + + + + + + + + + + + diff --git a/src/BuildingBlocks/Devspaces.Support/Devspaces.Support.csproj b/src/BuildingBlocks/Devspaces.Support/Devspaces.Support.csproj index 05fc111a4..47c724f39 100644 --- a/src/BuildingBlocks/Devspaces.Support/Devspaces.Support.csproj +++ b/src/BuildingBlocks/Devspaces.Support/Devspaces.Support.csproj @@ -1,7 +1,7 @@  - $(NetStandardTargetVersion) + netstandard2.0 diff --git a/src/Web/WebMVC/Controllers/AccountController.cs b/src/Web/WebMVC/Controllers/AccountController.cs index de10770f5..8b82498ba 100644 --- a/src/Web/WebMVC/Controllers/AccountController.cs +++ b/src/Web/WebMVC/Controllers/AccountController.cs @@ -10,7 +10,7 @@ using System.Threading.Tasks; namespace Microsoft.eShopOnContainers.WebMVC.Controllers { - [Authorize] + [Authorize(AuthenticationSchemes = "OpenIdConnect")] public class AccountController : Controller { private readonly ILogger _logger; @@ -20,8 +20,7 @@ namespace Microsoft.eShopOnContainers.WebMVC.Controllers _logger = logger ?? throw new ArgumentNullException(nameof(logger)); } - [Authorize] - public async Task SignIn(string returnUrl) + [Authorize(AuthenticationSchemes = "OpenIdConnect")] public async Task SignIn(string returnUrl) { var user = User as ClaimsPrincipal; var token = await HttpContext.GetTokenAsync("access_token"); diff --git a/src/Web/WebMVC/Controllers/CampaignsController.cs b/src/Web/WebMVC/Controllers/CampaignsController.cs index d26e60f94..cf210318b 100644 --- a/src/Web/WebMVC/Controllers/CampaignsController.cs +++ b/src/Web/WebMVC/Controllers/CampaignsController.cs @@ -12,7 +12,7 @@ namespace Microsoft.eShopOnContainers.WebMVC.Controllers using ViewModels; using ViewModels.Pagination; - [Authorize] + [Authorize(AuthenticationSchemes = "OpenIdConnect")] public class CampaignsController : Controller { private readonly ICampaignService _campaignService; diff --git a/src/Web/WebMVC/Controllers/CartController.cs b/src/Web/WebMVC/Controllers/CartController.cs index 30ac77e8b..6887c8d41 100644 --- a/src/Web/WebMVC/Controllers/CartController.cs +++ b/src/Web/WebMVC/Controllers/CartController.cs @@ -9,7 +9,7 @@ using System.Threading.Tasks; namespace Microsoft.eShopOnContainers.WebMVC.Controllers { - [Authorize] + [Authorize(AuthenticationSchemes = "OpenIdConnect")] public class CartController : Controller { private readonly IBasketService _basketSvc; diff --git a/src/Web/WebMVC/Controllers/OrderController.cs b/src/Web/WebMVC/Controllers/OrderController.cs index cb5234e3c..6249492da 100644 --- a/src/Web/WebMVC/Controllers/OrderController.cs +++ b/src/Web/WebMVC/Controllers/OrderController.cs @@ -7,7 +7,7 @@ using System.Threading.Tasks; namespace Microsoft.eShopOnContainers.WebMVC.Controllers { - [Authorize] + [Authorize(AuthenticationSchemes = "OpenIdConnect")] public class OrderController : Controller { private IOrderingService _orderSvc; diff --git a/src/Web/WebMVC/Controllers/OrderManagementController.cs b/src/Web/WebMVC/Controllers/OrderManagementController.cs index 7d61b0221..a488dc4ae 100644 --- a/src/Web/WebMVC/Controllers/OrderManagementController.cs +++ b/src/Web/WebMVC/Controllers/OrderManagementController.cs @@ -10,7 +10,7 @@ using Microsoft.AspNetCore.Authorization; namespace WebMVC.Controllers { - [Authorize] + [Authorize(AuthenticationSchemes = "OpenIdConnect")] public class OrderManagementController : Controller { private IOrderingService _orderSvc; diff --git a/src/Web/WebMVC/Startup.cs b/src/Web/WebMVC/Startup.cs index 014dca9f6..321e88548 100644 --- a/src/Web/WebMVC/Startup.cs +++ b/src/Web/WebMVC/Startup.cs @@ -38,21 +38,24 @@ namespace Microsoft.eShopOnContainers.WebMVC // This method gets called by the runtime. Use this method to add services to the IoC container. public void ConfigureServices(IServiceCollection services) { - services.AddAppInsight(Configuration) - .AddHealthChecks(Configuration) - .AddCustomMvc(Configuration) - .AddDevspaces() - .AddHttpClientServices(Configuration) - //.AddHttpClientLogging(Configuration) //Opt-in HttpClientLogging config - .AddCustomAuthentication(Configuration); - + services.AddControllersWithViews() + .Services + .AddAppInsight(Configuration) + .AddHealthChecks(Configuration) + .AddCustomMvc(Configuration) + .AddDevspaces() + .AddHttpClientServices(Configuration); + //.AddHttpClientLogging(Configuration) //Opt-in HttpClientLogging config + services.AddControllers(); + + services.AddCustomAuthentication(Configuration); } // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory) { - JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear(); + JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Remove("sub"); //loggerFactory.AddAzureWebAppDiagnostics(); //loggerFactory.AddApplicationInsights(app.ApplicationServices, LogLevel.Trace); @@ -67,14 +70,15 @@ namespace Microsoft.eShopOnContainers.WebMVC } var pathBase = Configuration["PATH_BASE"]; + if (!string.IsNullOrEmpty(pathBase)) { loggerFactory.CreateLogger().LogDebug("Using PATH BASE '{PathBase}'", pathBase); app.UsePathBase(pathBase); } - app.UseSession(); app.UseStaticFiles(); + app.UseSession(); if (Configuration.GetValue("UseLoadTest")) { @@ -85,7 +89,10 @@ namespace Microsoft.eShopOnContainers.WebMVC app.UseHttpsRedirection(); app.UseRouting(); + app.UseAuthentication(); + app.UseAuthorization(); + app.UseEndpoints(endpoints => { endpoints.MapControllerRoute("default", "{controller=Catalog}/{action=Index}/{id?}"); @@ -130,11 +137,8 @@ namespace Microsoft.eShopOnContainers.WebMVC { services.AddOptions(); services.Configure(configuration); - - services.AddMvc() - .SetCompatibilityVersion(CompatibilityVersion.Version_3_0); - services.AddSession(); + services.AddDistributedMemoryCache(); if (configuration.GetValue("IsClusterEnv") == bool.TrueString) { @@ -144,6 +148,7 @@ namespace Microsoft.eShopOnContainers.WebMVC }) .PersistKeysToRedis(ConnectionMultiplexer.Connect(configuration["DPConnectionString"]), "DataProtection-Keys"); } + return services; } @@ -258,7 +263,6 @@ namespace Microsoft.eShopOnContainers.WebMVC .HandleTransientHttpError() .OrResult(msg => msg.StatusCode == System.Net.HttpStatusCode.NotFound) .WaitAndRetryAsync(6, retryAttempt => TimeSpan.FromSeconds(Math.Pow(2, retryAttempt))); - } static IAsyncPolicy GetCircuitBreakerPolicy() {