Merge branch 'features/migration-dotnet3' of https://github.com/dotnet-architecture/eShopOnContainers into features/migration-dotnet3

src/ApiGateways/ApiGw-Base/Dockerfile

@@ -1,10 +1,9 @@
-FROM mcr.microsoft.com/dotnet/core/aspnet:3.0-buster-slim AS base
+FROM mcr.microsoft.com/dotnet/core/aspnet:2.2 AS base
 WORKDIR /app
 EXPOSE 80
 
-FROM mcr.microsoft.com/dotnet/core/sdk:3.0-buster AS build
+FROM mcr.microsoft.com/dotnet/core/sdk:2.2 AS build
 WORKDIR /src
-
 COPY scripts scripts/
 
 COPY src/ApiGateways/*/*.csproj /src/csproj-files/

src/ApiGateways/ApiGw-Base/OcelotApiGw.csproj

@@ -1,19 +1,18 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
 
   <PropertyGroup>
-    <TargetFramework>$(NetCoreTargetVersion)</TargetFramework>
+    <TargetFramework>netcoreapp2.2</TargetFramework>
     <LangVersion>$(LangVersion)</LangVersion>
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="AspNetCore.HealthChecks.UI.Client" Version="$(AspNetCore_HealthChecks_UI_Client)" />
-    <PackageReference Include="AspNetCore.HealthChecks.Uris" Version="$(AspNetCore_HealthChecks_Uris)" />
-    <PackageReference Include="Microsoft.AspNetCore.Diagnostics.HealthChecks" Version="$(Microsoft_AspNetCore_Diagnostics_HealthChecks)" />
-    <PackageReference Include="Microsoft.AspNetCore.HealthChecks" Version="$(Microsoft_AspNetCore_HealthChecks)" />
-    <PackageReference Include="Microsoft.AspNetCore.Mvc.Formatters.Json" Version="$(Microsoft_AspNetCore_Mvc_Formatters_Json)" />
-    <PackageReference Include="Ocelot" Version="$(Ocelot)" />
-    <PackageReference Include="Serilog.AspNetCore" Version="$(Serilog_AspNetCore)" />
-    <PackageReference Include="Serilog.Sinks.Console" Version="$(Serilog_Sinks_Console)" />
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="$(Microsoft_AspNetCore_Authentication_JwtBearer)" />
+    <PackageReference Include="AspNetCore.HealthChecks.UI.Client" Version="2.2.2" />
+    <PackageReference Include="AspNetCore.HealthChecks.Uris" Version="2.2.0" />
+    <PackageReference Include="Microsoft.AspNetCore.App" Version="2.2.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Diagnostics.HealthChecks" Version="2.2.0" />
+    <PackageReference Include="Microsoft.AspNetCore.HealthChecks" Version="1.0.0" />
+    <PackageReference Include="Ocelot" Version="12.0.1" />
+    <PackageReference Include="Serilog.AspNetCore" Version="2.1.1" />
+    <PackageReference Include="Serilog.Sinks.Console" Version="3.1.1" />
   </ItemGroup>
 </Project>

src/ApiGateways/ApiGw-Base/Startup.cs

@@ -89,19 +89,15 @@ namespace OcelotApiGw
                 app.UseDeveloperExceptionPage();
             }
 
-            app.UseRouting();
-            app.UseEndpoints(endpoints =>
+            app.UseHealthChecks("/hc", new HealthCheckOptions()
             {
-                endpoints.MapControllers();
-                endpoints.MapHealthChecks("/hc", new HealthCheckOptions()
-                {
-                    Predicate = _ => true,
-                    ResponseWriter = UIResponseWriter.WriteHealthCheckUIResponse
-                });
-                endpoints.MapHealthChecks("/liveness", new HealthCheckOptions
-                {
-                    Predicate = r => r.Name.Contains("self")
-                });
+                Predicate = _ => true,
+                ResponseWriter = UIResponseWriter.WriteHealthCheckUIResponse
+            });
+
+            app.UseHealthChecks("/liveness", new HealthCheckOptions
+            {
+                Predicate = r => r.Name.Contains("self")
             });
 
             app.UseCors("CorsPolicy");

src/ApiGateways/Mobile.Bff.Shopping/aggregator/Dockerfile

@@ -1,8 +1,8 @@
-FROM mcr.microsoft.com/dotnet/core/aspnet:3.0-buster-slim AS base
+FROM mcr.microsoft.com/dotnet/core/aspnet:2.2 AS base
 WORKDIR /app
 EXPOSE 80
 
-FROM mcr.microsoft.com/dotnet/core/sdk:3.0-buster AS build
+FROM mcr.microsoft.com/dotnet/core/sdk:2.2 AS build
 WORKDIR /src
 
 COPY scripts scripts/

src/ApiGateways/Mobile.Bff.Shopping/aggregator/Filters/AuthorizeCheckOperationFilter.cs

@@ -1,7 +1,7 @@
 namespace Microsoft.eShopOnContainers.Mobile.Shopping.HttpAggregator.Filters
 {
     using Microsoft.AspNetCore.Authorization;
-    using Microsoft.OpenApi.Models;
+    using Swashbuckle.AspNetCore.Swagger;
     using Swashbuckle.AspNetCore.SwaggerGen;
     using System.Collections.Generic;
     using System.Linq;
@@ -10,7 +10,7 @@
     {
         public class AuthorizeCheckOperationFilter : IOperationFilter
         {
-            public void Apply(OpenApiOperation operation, OperationFilterContext context)
+            public void Apply(Operation operation, OperationFilterContext context)
             {
                 // Check for authorize attribute
                 var hasAuthorize = context.MethodInfo.DeclaringType.GetCustomAttributes(true).OfType<AuthorizeAttribute>().Any() ||
@@ -18,19 +18,14 @@
 
                 if (!hasAuthorize) return;
 
-                operation.Responses.TryAdd("401", new OpenApiResponse { Description = "Unauthorized" });
-                operation.Responses.TryAdd("403", new OpenApiResponse { Description = "Forbidden" });
+                operation.Responses.TryAdd("401", new Response { Description = "Unauthorized" });
+                operation.Responses.TryAdd("403", new Response { Description = "Forbidden" });
 
-                var oAuthScheme = new OpenApiSecurityScheme
+                operation.Security = new List<IDictionary<string, IEnumerable<string>>>
                 {
-                    Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "oauth2" }
-                };
-
-                operation.Security = new List<OpenApiSecurityRequirement>
-                {
-                    new OpenApiSecurityRequirement
+                    new Dictionary<string, IEnumerable<string>>
                     {
-                        [ oAuthScheme ] = new [] { "Microsoft.eShopOnContainers.Mobile.Shopping.HttpAggregator" }
+                        { "oauth2", new [] { "Microsoft.eShopOnContainers.Mobile.Shopping.HttpAggregator" } }
                     }
                 };
             }

src/ApiGateways/Mobile.Bff.Shopping/aggregator/Mobile.Shopping.HttpAggregator.csproj

@@ -1,4 +1,4 @@
-<Project Sdk="Microsoft.NET.Sdk.Web">
+<!--<Project Sdk="Microsoft.NET.Sdk.Web">
 
   <PropertyGroup>
     <TargetFramework>$(NetCoreTargetVersion)</TargetFramework>
@@ -30,4 +30,36 @@
     <ProjectReference Include="..\..\..\BuildingBlocks\Devspaces.Support\Devspaces.Support.csproj" />
   </ItemGroup>
 
+</Project>-->
+<Project Sdk="Microsoft.NET.Sdk.Web">
+
+  <PropertyGroup>
+    <TargetFramework>netcoreapp2.2</TargetFramework>
+    <AssemblyName>Mobile.Shopping.HttpAggregator</AssemblyName>
+    <RootNamespace>Microsoft.eShopOnContainers.Mobile.Shopping.HttpAggregator</RootNamespace>
+    <DockerComposeProjectPath>..\..\..\docker-compose.dcproj</DockerComposeProjectPath>
+    <LangVersion>$(LangVersion)</LangVersion>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <Folder Include="wwwroot\" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <PackageReference Include="AspNetCore.HealthChecks.Uris" Version="2.2.2" />
+    <PackageReference Include="AspNetCore.HealthChecks.UI.Client" Version="2.2.3" />
+    <PackageReference Include="Microsoft.AspNetCore.App" />
+    <PackageReference Include="Microsoft.AspNetCore.Diagnostics.HealthChecks" Version="2.2.0" />
+    <PackageReference Include="Microsoft.Extensions.Diagnostics.HealthChecks" Version="2.2.0" />
+    <PackageReference Include="Serilog.AspNetCore" Version="2.1.1" />
+    <PackageReference Include="Serilog.Sinks.Console" Version="3.1.1" />
+    <PackageReference Include="Swashbuckle.AspNetCore" Version="3.0.0" />
+    <PackageReference Include="Microsoft.Extensions.Http.Polly" Version="2.2.0" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\..\..\BuildingBlocks\Devspaces.Support\Devspaces.Support.csproj" />
+  </ItemGroup>
+
 </Project>
+

src/ApiGateways/Mobile.Bff.Shopping/aggregator/Startup.cs

@@ -5,6 +5,7 @@ using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Diagnostics.HealthChecks;
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
 using Microsoft.eShopOnContainers.Mobile.Shopping.HttpAggregator.Config;
 using Microsoft.eShopOnContainers.Mobile.Shopping.HttpAggregator.Filters.Basket.API.Infrastructure.Filters;
 using Microsoft.eShopOnContainers.Mobile.Shopping.HttpAggregator.Infrastructure;
@@ -13,9 +14,9 @@ using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Diagnostics.HealthChecks;
 using Microsoft.Extensions.Logging;
-using Microsoft.OpenApi.Models;
 using Polly;
 using Polly.Extensions.Http;
+using Swashbuckle.AspNetCore.Swagger;
 using System;
 using System.Collections.Generic;
 using System.IdentityModel.Tokens.Jwt;
@@ -45,12 +46,10 @@ namespace Microsoft.eShopOnContainers.Mobile.Shopping.HttpAggregator
                 .AddUrlGroup(new Uri(Configuration["PaymentUrlHC"]), name: "paymentapi-check", tags: new string[] { "paymentapi" })
                 .AddUrlGroup(new Uri(Configuration["LocationUrlHC"]), name: "locationapi-check", tags: new string[] { "locationapi" });
 
-            services.AddCustomRouting(Configuration)
+            services.AddCustomMvc(Configuration)
                  .AddCustomAuthentication(Configuration)
                  .AddDevspaces()
                  .AddHttpServices();
-
-            services.AddControllers();
         }
 
         // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
@@ -64,6 +63,17 @@ namespace Microsoft.eShopOnContainers.Mobile.Shopping.HttpAggregator
                 app.UsePathBase(pathBase);
             }
 
+            app.UseHealthChecks("/hc", new HealthCheckOptions()
+            {
+                Predicate = _ => true,
+                ResponseWriter = UIResponseWriter.WriteHealthCheckUIResponse
+            });
+
+            app.UseHealthChecks("/liveness", new HealthCheckOptions
+            {
+                Predicate = r => r.Name.Contains("self")
+            });
+
             app.UseCors("CorsPolicy");
 
             if (env.IsDevelopment())
@@ -76,67 +86,52 @@ namespace Microsoft.eShopOnContainers.Mobile.Shopping.HttpAggregator
                 app.UseHsts();
             }
 
-            app.UseHttpsRedirection();
-            app.UseRouting();
             app.UseAuthentication();
-            app.UseEndpoints(endpoints =>
-            {
-                endpoints.MapDefaultControllerRoute();
-                endpoints.MapControllers();
-                endpoints.MapHealthChecks("/hc", new HealthCheckOptions()
-                {
-                    Predicate = _ => true,
-                    ResponseWriter = UIResponseWriter.WriteHealthCheckUIResponse
-                });
-                endpoints.MapHealthChecks("/liveness", new HealthCheckOptions
-                {
-                    Predicate = r => r.Name.Contains("self")
-                });
-            });
+            app.UseHttpsRedirection();
+            app.UseMvc();
 
             app.UseSwagger().UseSwaggerUI(c =>
-           {
-               c.SwaggerEndpoint($"{ (!string.IsNullOrEmpty(pathBase) ? pathBase : string.Empty) }/swagger/v1/swagger.json", "Purchase BFF V1");
-
-               c.OAuthClientId("Microsoft.eShopOnContainers.Mobile.Shopping.HttpAggregatorwaggerui");
-               c.OAuthClientSecret(string.Empty);
-               c.OAuthRealm(string.Empty);
-               c.OAuthAppName("Purchase BFF Swagger UI");
-           });
+            {
+                c.SwaggerEndpoint($"{ (!string.IsNullOrEmpty(pathBase) ? pathBase : string.Empty) }/swagger/v1/swagger.json", "Purchase BFF V1");
+
+                c.OAuthClientId("Microsoft.eShopOnContainers.Mobile.Shopping.HttpAggregatorwaggerui");
+                c.OAuthClientSecret(string.Empty);
+                c.OAuthRealm(string.Empty);
+                c.OAuthAppName("Purchase BFF Swagger UI");
+            });
         }
     }
 
     public static class ServiceCollectionExtensions
     {
-        public static IServiceCollection AddCustomRouting(this IServiceCollection services, IConfiguration configuration)
+        public static IServiceCollection AddCustomMvc(this IServiceCollection services, IConfiguration configuration)
         {
             services.AddOptions();
             services.Configure<UrlsConfig>(configuration.GetSection("urls"));
-            services.AddControllers().AddNewtonsoftJson();
+
+            services.AddMvc()
+                .SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
+
             services.AddSwaggerGen(options =>
             {
                 options.DescribeAllEnumsAsStrings();
-                options.SwaggerDoc("v1", new OpenApiInfo
+                options.SwaggerDoc("v1", new Swashbuckle.AspNetCore.Swagger.Info
                 {
-                    Title = "eShopOnContainers - Shopping Aggregator for Mobile Clients",
+                    Title = "Shopping Aggregator for Mobile Clients",
                     Version = "v1",
-                    Description = "Shopping Aggregator for Mobile Clients"
+                    Description = "Shopping Aggregator for Mobile Clients",
+                    TermsOfService = "Terms Of Service"
                 });
 
-                options.AddSecurityDefinition("oauth2", new OpenApiSecurityScheme
+                options.AddSecurityDefinition("oauth2", new OAuth2Scheme
                 {
-                    Type = SecuritySchemeType.OAuth2,
-                    Flows = new OpenApiOAuthFlows()
+                    Type = "oauth2",
+                    Flow = "implicit",
+                    AuthorizationUrl = $"{configuration.GetValue<string>("IdentityUrlExternal")}/connect/authorize",
+                    TokenUrl = $"{configuration.GetValue<string>("IdentityUrlExternal")}/connect/token",
+                    Scopes = new Dictionary<string, string>()
                     {
-                        Implicit = new OpenApiOAuthFlow()
-                        {
-                            AuthorizationUrl = new Uri($"{configuration.GetValue<string>("IdentityUrlExternal")}/connect/authorize"),
-                            TokenUrl = new Uri($"{configuration.GetValue<string>("IdentityUrlExternal")}/connect/token"),
-                            Scopes = new Dictionary<string, string>()
-                            {
-                                { "marketing", "Marketing API" }
-                            }
-                        }
+                        { "mobileshoppingagg", "Shopping Aggregator for Mobile Clients" }
                     }
                 });
 
@@ -171,6 +166,15 @@ namespace Microsoft.eShopOnContainers.Mobile.Shopping.HttpAggregator
                 options.Authority = identityUrl;
                 options.RequireHttpsMetadata = false;
                 options.Audience = "mobileshoppingagg";
+                options.Events = new JwtBearerEvents()
+                {
+                    OnAuthenticationFailed = async ctx =>
+                    {
+                    },
+                    OnTokenValidated = async ctx =>
+                    {
+                    }
+                };
             });
 
             return services;

src/ApiGateways/Web.Bff.Shopping/aggregator/Dockerfile

@@ -1,8 +1,8 @@
-FROM mcr.microsoft.com/dotnet/core/aspnet:3.0-buster-slim AS base
+FROM mcr.microsoft.com/dotnet/core/aspnet:2.2 AS base
 WORKDIR /app
 EXPOSE 80
 
-FROM mcr.microsoft.com/dotnet/core/sdk:3.0-buster AS build
+FROM mcr.microsoft.com/dotnet/core/sdk:2.2 AS build
 WORKDIR /src
 
 COPY scripts scripts/

src/ApiGateways/Web.Bff.Shopping/aggregator/Filters/AuthorizeCheckOperationFilter.cs

@@ -1,7 +1,7 @@
 namespace Microsoft.eShopOnContainers.Web.Shopping.HttpAggregator.Filters
 {
     using Microsoft.AspNetCore.Authorization;
-    using Microsoft.OpenApi.Models;
+    using Swashbuckle.AspNetCore.Swagger;
     using Swashbuckle.AspNetCore.SwaggerGen;
     using System.Collections.Generic;
     using System.Linq;
@@ -10,7 +10,7 @@
     {
         public class AuthorizeCheckOperationFilter : IOperationFilter
         {
-            public void Apply(OpenApiOperation operation, OperationFilterContext context)
+            public void Apply(Operation operation, OperationFilterContext context)
             {
                 // Check for authorize attribute
                 var hasAuthorize = context.MethodInfo.DeclaringType.GetCustomAttributes(true).OfType<AuthorizeAttribute>().Any() ||
@@ -18,19 +18,14 @@
 
                 if (!hasAuthorize) return;
 
-                operation.Responses.TryAdd("401", new OpenApiResponse { Description = "Unauthorized" });
-                operation.Responses.TryAdd("403", new OpenApiResponse { Description = "Forbidden" });
+                operation.Responses.TryAdd("401", new Response { Description = "Unauthorized" });
+                operation.Responses.TryAdd("403", new Response { Description = "Forbidden" });
 
-                var oAuthScheme = new OpenApiSecurityScheme
+                operation.Security = new List<IDictionary<string, IEnumerable<string>>>
                 {
-                    Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "oauth2" }
-                };
-
-                operation.Security = new List<OpenApiSecurityRequirement>
-                {
-                    new OpenApiSecurityRequirement
+                    new Dictionary<string, IEnumerable<string>>
                     {
-                        [ oAuthScheme ] = new [] { "Microsoft.eShopOnContainers.Web.Shopping.HttpAggregator" }
+                        { "oauth2", new [] { "Microsoft.eShopOnContainers.Web.Shopping.HttpAggregator" } }
                     }
                 };
             }

src/ApiGateways/Web.Bff.Shopping/aggregator/Startup.cs

@@ -14,9 +14,9 @@ using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Diagnostics.HealthChecks;
 using Microsoft.Extensions.Logging;
-using Microsoft.OpenApi.Models;
 using Polly;
 using Polly.Extensions.Http;
+using Swashbuckle.AspNetCore.Swagger;
 using System;
 using System.Collections.Generic;
 using System.IdentityModel.Tokens.Jwt;
@@ -50,8 +50,6 @@ namespace Microsoft.eShopOnContainers.Web.Shopping.HttpAggregator
                 .AddCustomAuthentication(Configuration)
                 .AddDevspaces()
                 .AddApplicationServices();
-
-            services.AddControllers();
         }
 
         // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
@@ -64,6 +62,17 @@ namespace Microsoft.eShopOnContainers.Web.Shopping.HttpAggregator
                 app.UsePathBase(pathBase);
             }
 
+            app.UseHealthChecks("/hc", new HealthCheckOptions()
+            {
+                Predicate = _ => true,
+                ResponseWriter = UIResponseWriter.WriteHealthCheckUIResponse
+            });
+
+            app.UseHealthChecks("/liveness", new HealthCheckOptions
+            {
+                Predicate = r => r.Name.Contains("self")
+            });
+
             app.UseCors("CorsPolicy");
 
             if (env.IsDevelopment())
@@ -78,21 +87,7 @@ namespace Microsoft.eShopOnContainers.Web.Shopping.HttpAggregator
 
             app.UseAuthentication();
             app.UseHttpsRedirection();
-            app.UseRouting();
-            app.UseEndpoints(endpoints =>
-            {
-                endpoints.MapDefaultControllerRoute();
-                endpoints.MapControllers();
-                endpoints.MapHealthChecks("/hc", new HealthCheckOptions()
-                {
-                    Predicate = _ => true,
-                    ResponseWriter = UIResponseWriter.WriteHealthCheckUIResponse
-                });
-                endpoints.MapHealthChecks("/liveness", new HealthCheckOptions
-                {
-                    Predicate = r => r.Name.Contains("self")
-                });
-            });
+            app.UseMvc();
 
             app.UseSwagger()
                 .UseSwaggerUI(c =>
@@ -141,32 +136,28 @@ namespace Microsoft.eShopOnContainers.Web.Shopping.HttpAggregator
             services.Configure<UrlsConfig>(configuration.GetSection("urls"));
 
             services.AddMvc()
-                .SetCompatibilityVersion(CompatibilityVersion.Version_3_0);
+                .SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
 
             services.AddSwaggerGen(options =>
             {
                 options.DescribeAllEnumsAsStrings();
-                options.SwaggerDoc("v1", new OpenApiInfo
+                options.SwaggerDoc("v1", new Swashbuckle.AspNetCore.Swagger.Info
                 {
-                    Title = "eShopOnContainers - Shopping Aggregator for Web Clients",
+                    Title = "Shopping Aggregator for Web Clients",
                     Version = "v1",
-                    Description = "Shopping Aggregator for Web Clients"
+                    Description = "Shopping Aggregator for Web Clients",
+                    TermsOfService = "Terms Of Service"
                 });
 
-                options.AddSecurityDefinition("oauth2", new OpenApiSecurityScheme
+                options.AddSecurityDefinition("oauth2", new OAuth2Scheme
                 {
-                    Type = SecuritySchemeType.OAuth2,
-                    Flows = new OpenApiOAuthFlows()
+                    Type = "oauth2",
+                    Flow = "implicit",
+                    AuthorizationUrl = $"{configuration.GetValue<string>("IdentityUrlExternal")}/connect/authorize",
+                    TokenUrl = $"{configuration.GetValue<string>("IdentityUrlExternal")}/connect/token",
+                    Scopes = new Dictionary<string, string>()
                     {
-                        Implicit = new OpenApiOAuthFlow()
-                        {
-                            AuthorizationUrl = new Uri($"{configuration.GetValue<string>("IdentityUrlExternal")}/connect/authorize"),
-                            TokenUrl = new Uri($"{configuration.GetValue<string>("IdentityUrlExternal")}/connect/token"),
-                            Scopes = new Dictionary<string, string>()
-                            {
-                                { "webshoppingagg", "Shopping Aggregator for Web Clients" }
-                            }
-                        }
+                        { "webshoppingagg", "Shopping Aggregator for Web Clients" }
                     }
                 });
 

src/ApiGateways/Web.Bff.Shopping/aggregator/Web.Shopping.HttpAggregator.csproj

@@ -1,4 +1,4 @@
-<Project Sdk="Microsoft.NET.Sdk.Web">
+<!--<Project Sdk="Microsoft.NET.Sdk.Web">
 
   <PropertyGroup>
     <TargetFramework>$(NetCoreTargetVersion)</TargetFramework>
@@ -29,4 +29,35 @@
     <ProjectReference Include="..\..\..\BuildingBlocks\Devspaces.Support\Devspaces.Support.csproj" />
   </ItemGroup>
 
+</Project>-->
+<Project Sdk="Microsoft.NET.Sdk.Web">
+
+  <PropertyGroup>
+    <TargetFramework>netcoreapp2.2</TargetFramework>
+    <AssemblyName>Web.Shopping.HttpAggregator</AssemblyName>
+    <RootNamespace>Microsoft.eShopOnContainers.Web.Shopping.HttpAggregator</RootNamespace>
+    <DockerComposeProjectPath>..\..\..\docker-compose.dcproj</DockerComposeProjectPath>
+    <LangVersion>$(LangVersion)</LangVersion>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <Folder Include="wwwroot\" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <PackageReference Include="AspNetCore.HealthChecks.Uris" Version="2.2.2" />
+    <PackageReference Include="AspNetCore.HealthChecks.UI.Client" Version="2.2.3" />
+    <PackageReference Include="Microsoft.AspNetCore.App" Version="2.2.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Diagnostics.HealthChecks" Version="2.2.0" />
+    <PackageReference Include="Serilog.AspNetCore" Version="2.1.1" />
+    <PackageReference Include="Serilog.Sinks.Console" Version="3.1.1" />
+    <PackageReference Include="Swashbuckle.AspNetCore" Version="3.0.0" />
+    <PackageReference Include="Microsoft.Extensions.Http.Polly" Version="2.2.0" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\..\..\BuildingBlocks\Devspaces.Support\Devspaces.Support.csproj" />
+  </ItemGroup>
+
 </Project>
+

src/BuildingBlocks/Devspaces.Support/Devspaces.Support.csproj

@@ -1,7 +1,7 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
-    <TargetFramework>$(NetStandardTargetVersion)</TargetFramework>
+    <TargetFramework>netstandard2.0</TargetFramework>
   </PropertyGroup>
   <ItemGroup>
     <PackageReference Include="Microsoft.AspNetCore.Http.Abstractions" Version="$(Microsoft_AspNetCore_Http_Abstractions)" />

src/Services/Catalog/Catalog.API/Program.cs

@@ -33,7 +33,7 @@ namespace Microsoft.eShopOnContainers.Services.Catalog.API
             try
             {
                 Log.Information("Configuring web host ({ApplicationContext})...", AppName);
-                var host = CreateHostBuilder(configuration, args).Build();
+                var host = CreateHostBuilder(configuration, args);
 
                 Log.Information("Applying migrations ({ApplicationContext})...", AppName);
                 host.MigrateDbContext<CatalogContext>((context, services) =>
@@ -64,33 +64,29 @@ namespace Microsoft.eShopOnContainers.Services.Catalog.API
             }
         }
 
-
-        private static IHostBuilder CreateHostBuilder(IConfiguration configuration, string[] args) =>
-            Host.CreateDefaultBuilder(args)
-                .ConfigureServices(services => services.AddAutofac())
-                .ConfigureWebHostDefaults(builder =>
+        private static IWebHost CreateHostBuilder(IConfiguration configuration, string[] args) =>
+            WebHost.CreateDefaultBuilder(args)
+                .UseConfiguration(configuration)
+                .CaptureStartupErrors(false)
+                .ConfigureKestrel(options =>
                 {
-                    builder.CaptureStartupErrors(false)
-                    .UseConfiguration(configuration)
-                    .ConfigureKestrel(options =>
+                    var ports = GetDefinedPorts(configuration);
+                    options.Listen(IPAddress.Any, ports.httpPort, listenOptions =>
+                    {
+                        listenOptions.Protocols = HttpProtocols.Http1AndHttp2;
+                    });
+                    options.Listen(IPAddress.Any, ports.grpcPort, listenOptions =>
                     {
-                        var ports = GetDefinedPorts(configuration);
-                        options.Listen(IPAddress.Any, ports.httpPort, listenOptions =>
-                        {
-                            listenOptions.Protocols = HttpProtocols.Http1AndHttp2;
-                        });
-                        options.Listen(IPAddress.Any, ports.grpcPort, listenOptions =>
-                        {
-                            listenOptions.Protocols = HttpProtocols.Http2;
-                        });
-
-                    })
-                    .UseStartup<Startup>()
-                    .UseApplicationInsights()
-                    .UseContentRoot(Directory.GetCurrentDirectory())
-                    .UseWebRoot("Pics")
-                    .UseSerilog();
-                });
+                        listenOptions.Protocols = HttpProtocols.Http2;
+                    });
+
+                })
+                .UseStartup<Startup>()
+                .UseApplicationInsights()
+                .UseContentRoot(Directory.GetCurrentDirectory())
+                .UseWebRoot("Pics")
+                .UseSerilog()
+                .Build();
 
         private static Serilog.ILogger CreateSerilogLogger(IConfiguration configuration)
         {

src/Web/WebMVC/Controllers/AccountController.cs

@@ -10,7 +10,7 @@ using System.Threading.Tasks;
 
 namespace Microsoft.eShopOnContainers.WebMVC.Controllers
 {
-    [Authorize]
+    [Authorize(AuthenticationSchemes = "OpenIdConnect")]
     public class AccountController : Controller
     {
         private readonly ILogger<AccountController> _logger;
@@ -20,8 +20,7 @@ namespace Microsoft.eShopOnContainers.WebMVC.Controllers
             _logger = logger ?? throw new ArgumentNullException(nameof(logger));
         }
 
-        [Authorize]
-        public async Task<IActionResult> SignIn(string returnUrl)
+        [Authorize(AuthenticationSchemes = "OpenIdConnect")]        public async Task<IActionResult> SignIn(string returnUrl)
         {
             var user = User as ClaimsPrincipal;
             var token = await HttpContext.GetTokenAsync("access_token");

src/Web/WebMVC/Controllers/CampaignsController.cs

@@ -12,7 +12,7 @@ namespace Microsoft.eShopOnContainers.WebMVC.Controllers
     using ViewModels;
     using ViewModels.Pagination;
 
-    [Authorize]
+    [Authorize(AuthenticationSchemes = "OpenIdConnect")]
     public class CampaignsController : Controller
     {
         private readonly ICampaignService _campaignService;

src/Web/WebMVC/Controllers/CartController.cs

@@ -9,7 +9,7 @@ using System.Threading.Tasks;
 
 namespace Microsoft.eShopOnContainers.WebMVC.Controllers
 {
-    [Authorize]
+    [Authorize(AuthenticationSchemes = "OpenIdConnect")]
     public class CartController : Controller
     {
         private readonly IBasketService _basketSvc;

src/Web/WebMVC/Controllers/OrderController.cs

@@ -7,7 +7,7 @@ using System.Threading.Tasks;
 
 namespace Microsoft.eShopOnContainers.WebMVC.Controllers
 {
-    [Authorize]
+    [Authorize(AuthenticationSchemes = "OpenIdConnect")]
     public class OrderController : Controller
     {
         private IOrderingService _orderSvc;

src/Web/WebMVC/Controllers/OrderManagementController.cs

@@ -10,7 +10,7 @@ using Microsoft.AspNetCore.Authorization;
 
 namespace WebMVC.Controllers
 {
-    [Authorize]
+    [Authorize(AuthenticationSchemes = "OpenIdConnect")]
     public class OrderManagementController : Controller
     {
         private IOrderingService _orderSvc;

src/Web/WebMVC/Startup.cs

@@ -38,21 +38,24 @@ namespace Microsoft.eShopOnContainers.WebMVC
         // This method gets called by the runtime. Use this method to add services to the IoC container.
         public void ConfigureServices(IServiceCollection services)
         {
-            services.AddAppInsight(Configuration)
-                    .AddHealthChecks(Configuration)
-                    .AddCustomMvc(Configuration)
-                    .AddDevspaces()
-                    .AddHttpClientServices(Configuration)
-                    //.AddHttpClientLogging(Configuration)  //Opt-in HttpClientLogging config
-                    .AddCustomAuthentication(Configuration);
-
+            services.AddControllersWithViews()
+                .Services
+                .AddAppInsight(Configuration)
+                .AddHealthChecks(Configuration)
+                .AddCustomMvc(Configuration)
+                .AddDevspaces()
+                .AddHttpClientServices(Configuration);
+                //.AddHttpClientLogging(Configuration)  //Opt-in HttpClientLogging config
+                
             services.AddControllers();
+
+            services.AddCustomAuthentication(Configuration);
         }
 
         // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
         public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
         {
-            JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
+            JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Remove("sub");
 
             //loggerFactory.AddAzureWebAppDiagnostics();
             //loggerFactory.AddApplicationInsights(app.ApplicationServices, LogLevel.Trace);
@@ -67,14 +70,15 @@ namespace Microsoft.eShopOnContainers.WebMVC
             }
 
             var pathBase = Configuration["PATH_BASE"];
+
             if (!string.IsNullOrEmpty(pathBase))
             {
                 loggerFactory.CreateLogger<Startup>().LogDebug("Using PATH BASE '{PathBase}'", pathBase);
                 app.UsePathBase(pathBase);
             }
 
-            app.UseSession();
             app.UseStaticFiles();
+            app.UseSession();
 
             if (Configuration.GetValue<bool>("UseLoadTest"))
             {
@@ -85,7 +89,10 @@ namespace Microsoft.eShopOnContainers.WebMVC
 
             app.UseHttpsRedirection();
             app.UseRouting();
+            
             app.UseAuthentication();
+            app.UseAuthorization();
+
             app.UseEndpoints(endpoints =>
             {
                 endpoints.MapControllerRoute("default", "{controller=Catalog}/{action=Index}/{id?}");
@@ -130,11 +137,8 @@ namespace Microsoft.eShopOnContainers.WebMVC
         {
             services.AddOptions();
             services.Configure<AppSettings>(configuration);
-
-            services.AddMvc()
-                .SetCompatibilityVersion(CompatibilityVersion.Version_3_0);
-
             services.AddSession();
+            services.AddDistributedMemoryCache();
 
             if (configuration.GetValue<string>("IsClusterEnv") == bool.TrueString)
             {
@@ -144,6 +148,7 @@ namespace Microsoft.eShopOnContainers.WebMVC
                 })
                 .PersistKeysToRedis(ConnectionMultiplexer.Connect(configuration["DPConnectionString"]), "DataProtection-Keys");
             }
+
             return services;
         }
 
@@ -258,7 +263,6 @@ namespace Microsoft.eShopOnContainers.WebMVC
               .HandleTransientHttpError()
               .OrResult(msg => msg.StatusCode == System.Net.HttpStatusCode.NotFound)
               .WaitAndRetryAsync(6, retryAttempt => TimeSpan.FromSeconds(Math.Pow(2, retryAttempt)));
-
         }
         static IAsyncPolicy<HttpResponseMessage> GetCircuitBreakerPolicy()
         {