ayan.poddar/eShopOnContainers
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #155 from andrelmp/master

Browse Source 
Upgrade to Identity Server 4 rtm
This commit is contained in:
Eduard Tomàs 2017-04-05 16:39:18 +02:00 committed by GitHub
commit d934185ebf
7 changed files with 49 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
src/Services/Identity/Identity.API/Configuration/Config.cs
View File

@ -1,31 +1,30 @@
using IdentityServer4.Models;
using Microsoft.Extensions.Options;
using System.Collections.Generic;
using IdentityServer4;
namespace Identity.API.Configuration
{
public class Config
{
// scopes define the resources in your system
public static IEnumerable<Scope> GetScopes()
// ApiResources define the apis in your system
public static IEnumerable<ApiResource> GetApis()
{
return new List<Scope>
return new List<ApiResource>
{
//Authentication OpenId uses this scopes;
StandardScopes.OpenId,
StandardScopes.Profile,
new ApiResource("orders", "Orders Service"),
new ApiResource("basket", "Basket Service")
};
}
//Each api we want to securice;
new Scope
{
Name = "orders",
Description = "Orders Service"
},
new Scope
{
Name = "basket",
Description = "Basket Service"
}
// Identity resources are data like user ID, name, or email address of a user
// see: http://docs.identityserver.io/en/release/configuration/resources.html
public static IEnumerable<IdentityResource> GetResources()
{
return new List<IdentityResource>
{
new IdentityResources.OpenId(),
new IdentityResources.Profile()
};
}
@ -47,8 +46,8 @@ namespace Identity.API.Configuration
AllowedCorsOrigins = { $"{clientsUrl["Spa"]}" },
AllowedScopes =
{
StandardScopes.OpenId.Name,
StandardScopes.Profile.Name,
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
"orders",
"basket"
}
@ -65,8 +64,8 @@ namespace Identity.API.Configuration
AllowedCorsOrigins = { "http://eshopxamarin" },
AllowedScopes =
{
StandardScopes.OpenId.Name,
StandardScopes.Profile.Name,
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
"orders",
"basket"
}
@ -82,6 +81,7 @@ namespace Identity.API.Configuration
ClientUri = $"{clientsUrl["Mvc"]}", // public uri of the client
AllowedGrantTypes = GrantTypes.Hybrid,
RequireConsent = false,
AllowOfflineAccess = true,
RedirectUris = new List<string>
{
$"{clientsUrl["Mvc"]}/signin-oidc",
@ -96,9 +96,9 @@ namespace Identity.API.Configuration
},
AllowedScopes = new List<string>
{
StandardScopes.OpenId.Name,
StandardScopes.Profile.Name,
StandardScopes.OfflineAccess.Name,
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
IdentityServerConstants.StandardScopes.OfflineAccess,
"orders",
"basket",
},

1
src/Services/Identity/Identity.API/Controllers/AccountController.cs
View File

@ -5,7 +5,6 @@
using IdentityModel;
using IdentityServer4.Quickstart.UI.Models;
using IdentityServer4.Services;
using IdentityServer4.Services.InMemory;
using Microsoft.AspNetCore.Http.Authentication;
using Microsoft.AspNetCore.Mvc;
using System;

12
src/Services/Identity/Identity.API/Controllers/ConsentController.cs
View File

@ -22,7 +22,7 @@ namespace IdentityServer4.Quickstart.UI.Controllers
{
private readonly ILogger<ConsentController> _logger;
private readonly IClientStore _clientStore;
private readonly IScopeStore _scopeStore;
private readonly IResourceStore _resourceStore;
private readonly IIdentityServerInteractionService _interaction;
@ -30,12 +30,12 @@ namespace IdentityServer4.Quickstart.UI.Controllers
ILogger<ConsentController> logger,
IIdentityServerInteractionService interaction,
IClientStore clientStore,
IScopeStore scopeStore)
IResourceStore resourceStore)
{
_logger = logger;
_interaction = interaction;
_clientStore = clientStore;
_scopeStore = scopeStore;
_resourceStore = resourceStore;
}
/// <summary>
@ -120,10 +120,10 @@ namespace IdentityServer4.Quickstart.UI.Controllers
var client = await _clientStore.FindEnabledClientByIdAsync(request.ClientId);
if (client != null)
{
var scopes = await _scopeStore.FindEnabledScopesAsync(request.ScopesRequested);
if (scopes != null && scopes.Any())
var resources = await _resourceStore.FindEnabledResourcesByScopeAsync(request.ScopesRequested);
if (resources != null && (resources.IdentityResources.Any() || resources.ApiResources.Any()))
{
return new ConsentViewModel(model, returnUrl, request, client, scopes);
return new ConsentViewModel(model, returnUrl, request, client, resources);
}
else
{

4
src/Services/Identity/Identity.API/Identity.API.csproj
View File

@ -41,8 +41,8 @@
<PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="1.1.0-msbuild3-final">
<PrivateAssets>All</PrivateAssets>
</PackageReference>
<PackageReference Include="IdentityServer4.AspNetIdentity" Version="1.0.0-rc3" />
<PackageReference Include="IdentityServer4.EntityFramework" Version="1.0.0-rc3" />
<PackageReference Include="IdentityServer4.AspNetIdentity" Version="1.0.0" />
<PackageReference Include="IdentityServer4.EntityFramework" Version="1.0.0" />
</ItemGroup>
<Target Name="PrepublishScript" BeforeTargets="PrepareForPublish">

16
src/Services/Identity/Identity.API/Models/AccountViewModels/ConsentViewModel.cs
View File

@ -10,7 +10,7 @@ namespace Identity.API.Models.AccountViewModels
{
public class ConsentViewModel : ConsentInputModel
{
public ConsentViewModel(ConsentInputModel model, string returnUrl, AuthorizationRequest request, Client client, IEnumerable<Scope> scopes)
public ConsentViewModel(ConsentInputModel model, string returnUrl, AuthorizationRequest request, Client client, Resources resources)
{
RememberConsent = model?.RememberConsent ?? true;
ScopesConsented = model?.ScopesConsented ?? Enumerable.Empty<string>();
@ -22,8 +22,8 @@ namespace Identity.API.Models.AccountViewModels
ClientLogoUrl = client.LogoUri;
AllowRememberConsent = client.AllowRememberConsent;
IdentityScopes = scopes.Where(x => x.Type == ScopeType.Identity).Select(x => new ScopeViewModel(x, ScopesConsented.Contains(x.Name) || model == null)).ToArray();
ResourceScopes = scopes.Where(x => x.Type == ScopeType.Resource).Select(x => new ScopeViewModel(x, ScopesConsented.Contains(x.Name) || model == null)).ToArray();
IdentityScopes = resources.IdentityResources.Select(x => new ScopeViewModel(x, ScopesConsented.Contains(x.Name) || model == null)).ToArray();
ResourceScopes = resources.ApiResources.SelectMany(x => x.Scopes).Select(x => new ScopeViewModel(x, ScopesConsented.Contains(x.Name) || model == null)).ToArray();
}
public string ClientName { get; set; }
@ -47,6 +47,16 @@ namespace Identity.API.Models.AccountViewModels
Checked = check || scope.Required;
}
public ScopeViewModel(IdentityResource identity, bool check)
{
Name = identity.Name;
DisplayName = identity.DisplayName;
Description = identity.Description;
Emphasize = identity.Emphasize;
Required = identity.Required;
Checked = check || identity.Required;
}
public string Name { get; set; }
public string DisplayName { get; set; }
public string Description { get; set; }

3
src/Services/Identity/Identity.API/Startup.cs
View File

@ -77,7 +77,8 @@ namespace eShopOnContainers.Identity
// Adds IdentityServer
services.AddIdentityServer(x => x.IssuerUri = "null")
.AddSigningCredential(Certificate.Get())
.AddInMemoryScopes(Config.GetScopes())
.AddInMemoryApiResources(Config.GetApis())
.AddInMemoryIdentityResources(Config.GetResources())
.AddInMemoryClients(Config.GetClients(clientUrls))
.AddAspNetIdentity<ApplicationUser>()
.Services.AddTransient<IProfileService, ProfileService>();

9
src/Web/WebMVC/Startup.cs
View File

@ -112,15 +112,10 @@ namespace Microsoft.eShopOnContainers.WebMVC
ResponseType = "code id_token",
SaveTokens = true,
GetClaimsFromUserInfoEndpoint = true,
RequireHttpsMetadata = false,
RequireHttpsMetadata = false,
Scope = { "openid", "profile", "orders", "basket" }
};
oidcOptions.Scope.Clear();
oidcOptions.Scope.Add("openid");
oidcOptions.Scope.Add("profile");
oidcOptions.Scope.Add("orders");
oidcOptions.Scope.Add("basket");
//Wait untill identity service is ready on compose.
app.UseOpenIdConnectAuthentication(oidcOptions);