From ea24ac57bf447ec5b906d1f0660bdc3eb78c8584 Mon Sep 17 00:00:00 2001 From: Tarun Jain Date: Tue, 11 Oct 2022 17:03:47 +0530 Subject: [PATCH 01/14] update basket.api, Basket.UnitTests, Basket.FunctionalTests & Application.FunctionalTests --- .../Basket/Basket.API/Basket.API.csproj | 44 +++++++++---------- src/Services/Basket/Basket.API/Dockerfile | 4 +- .../Basket.FunctionalTests.csproj | 2 +- .../Basket.UnitTests/Basket.UnitTests.csproj | 2 +- .../Application.FunctionalTests.csproj | 2 +- 5 files changed, 27 insertions(+), 27 deletions(-) diff --git a/src/Services/Basket/Basket.API/Basket.API.csproj b/src/Services/Basket/Basket.API/Basket.API.csproj index ebb224824..410e9676a 100644 --- a/src/Services/Basket/Basket.API/Basket.API.csproj +++ b/src/Services/Basket/Basket.API/Basket.API.csproj @@ -1,6 +1,6 @@  - net6.0 + net7.0 $(AssetTargetFallback);portable-net45+win8+wp8+wpa81; ..\..\..\..\docker-compose.dcproj false @@ -14,36 +14,36 @@ - + - - - - - - - - - - - - - - + + + + + + + + + + + + + + - - - - + + + + - - + + diff --git a/src/Services/Basket/Basket.API/Dockerfile b/src/Services/Basket/Basket.API/Dockerfile index 9cd4abba8..078257cc0 100644 --- a/src/Services/Basket/Basket.API/Dockerfile +++ b/src/Services/Basket/Basket.API/Dockerfile @@ -1,8 +1,8 @@ -FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base +FROM mcr.microsoft.com/dotnet/aspnet:7.0 AS base WORKDIR /app EXPOSE 80 -FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build +FROM mcr.microsoft.com/dotnet/sdk:7.0 AS build WORKDIR /src # It's important to keep lines from here down to "COPY . ." identical in all Dockerfiles diff --git a/src/Services/Basket/Basket.FunctionalTests/Basket.FunctionalTests.csproj b/src/Services/Basket/Basket.FunctionalTests/Basket.FunctionalTests.csproj index db0b48fdb..38e79e686 100644 --- a/src/Services/Basket/Basket.FunctionalTests/Basket.FunctionalTests.csproj +++ b/src/Services/Basket/Basket.FunctionalTests/Basket.FunctionalTests.csproj @@ -1,7 +1,7 @@  - net6.0 + net7.0 false diff --git a/src/Services/Basket/Basket.UnitTests/Basket.UnitTests.csproj b/src/Services/Basket/Basket.UnitTests/Basket.UnitTests.csproj index 039258c2f..1243c4949 100644 --- a/src/Services/Basket/Basket.UnitTests/Basket.UnitTests.csproj +++ b/src/Services/Basket/Basket.UnitTests/Basket.UnitTests.csproj @@ -1,7 +1,7 @@  - net6.0 + net7.0 false false diff --git a/src/Tests/Services/Application.FunctionalTests/Application.FunctionalTests.csproj b/src/Tests/Services/Application.FunctionalTests/Application.FunctionalTests.csproj index c8be1e5f8..aa795760d 100644 --- a/src/Tests/Services/Application.FunctionalTests/Application.FunctionalTests.csproj +++ b/src/Tests/Services/Application.FunctionalTests/Application.FunctionalTests.csproj @@ -1,7 +1,7 @@  - net6.0 + net7.0 true false false From e38abbfba814eea7537b3cd0168b5bfce005447c Mon Sep 17 00:00:00 2001 From: Tarun Jain Date: Thu, 27 Oct 2022 17:56:07 +0530 Subject: [PATCH 02/14] update Services\Ordering and services\Catalog --- src/Services/Catalog/Catalog.API/Catalog.API.csproj | 4 ++-- src/Services/Catalog/Catalog.API/Dockerfile | 4 ++-- .../Catalog.FunctionalTests/Catalog.FunctionalTests.csproj | 2 +- .../Catalog/Catalog.UnitTests/Catalog.UnitTests.csproj | 2 +- src/Services/Ordering/Ordering.API/Dockerfile | 4 ++-- src/Services/Ordering/Ordering.API/Ordering.API.csproj | 2 +- src/Services/Ordering/Ordering.BackgroundTasks/Dockerfile | 4 ++-- .../Ordering.BackgroundTasks/Ordering.BackgroundTasks.csproj | 2 +- src/Services/Ordering/Ordering.Domain/Ordering.Domain.csproj | 2 +- .../Ordering.FunctionalTests/Ordering.FunctionalTests.csproj | 2 +- .../Ordering.Infrastructure/Ordering.Infrastructure.csproj | 2 +- src/Services/Ordering/Ordering.SignalrHub/Dockerfile | 4 ++-- .../Ordering/Ordering.SignalrHub/Ordering.SignalrHub.csproj | 2 +- .../Ordering/Ordering.UnitTests/Ordering.UnitTests.csproj | 2 +- 14 files changed, 19 insertions(+), 19 deletions(-) diff --git a/src/Services/Catalog/Catalog.API/Catalog.API.csproj b/src/Services/Catalog/Catalog.API/Catalog.API.csproj index b78ce2af3..556c32c50 100644 --- a/src/Services/Catalog/Catalog.API/Catalog.API.csproj +++ b/src/Services/Catalog/Catalog.API/Catalog.API.csproj @@ -1,7 +1,7 @@  - net6.0 + net7.0 portable true Catalog.API @@ -56,7 +56,7 @@ - + diff --git a/src/Services/Catalog/Catalog.API/Dockerfile b/src/Services/Catalog/Catalog.API/Dockerfile index e491c2110..f7ab4232c 100644 --- a/src/Services/Catalog/Catalog.API/Dockerfile +++ b/src/Services/Catalog/Catalog.API/Dockerfile @@ -1,9 +1,9 @@ -FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base +FROM mcr.microsoft.com/dotnet/aspnet:7.0 AS base WORKDIR /app EXPOSE 80 EXPOSE 443 -FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build +FROM mcr.microsoft.com/dotnet/sdk:7.0 AS build WORKDIR /src # It's important to keep lines from here down to "COPY . ." identical in all Dockerfiles diff --git a/src/Services/Catalog/Catalog.FunctionalTests/Catalog.FunctionalTests.csproj b/src/Services/Catalog/Catalog.FunctionalTests/Catalog.FunctionalTests.csproj index cb8ec5630..37e9324fc 100644 --- a/src/Services/Catalog/Catalog.FunctionalTests/Catalog.FunctionalTests.csproj +++ b/src/Services/Catalog/Catalog.FunctionalTests/Catalog.FunctionalTests.csproj @@ -1,7 +1,7 @@  - net6.0 + net7.0 false diff --git a/src/Services/Catalog/Catalog.UnitTests/Catalog.UnitTests.csproj b/src/Services/Catalog/Catalog.UnitTests/Catalog.UnitTests.csproj index 513174e1d..5544928cd 100644 --- a/src/Services/Catalog/Catalog.UnitTests/Catalog.UnitTests.csproj +++ b/src/Services/Catalog/Catalog.UnitTests/Catalog.UnitTests.csproj @@ -1,7 +1,7 @@  - net6.0 + net7.0 false false diff --git a/src/Services/Ordering/Ordering.API/Dockerfile b/src/Services/Ordering/Ordering.API/Dockerfile index 905d3bcd0..650e54cc6 100644 --- a/src/Services/Ordering/Ordering.API/Dockerfile +++ b/src/Services/Ordering/Ordering.API/Dockerfile @@ -1,8 +1,8 @@ -FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base +FROM mcr.microsoft.com/dotnet/aspnet:7.0 AS base WORKDIR /app EXPOSE 80 -FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build +FROM mcr.microsoft.com/dotnet/sdk:7.0 AS build WORKDIR /src # It's important to keep lines from here down to "COPY . ." identical in all Dockerfiles diff --git a/src/Services/Ordering/Ordering.API/Ordering.API.csproj b/src/Services/Ordering/Ordering.API/Ordering.API.csproj index 5d779ffc0..454900a7e 100644 --- a/src/Services/Ordering/Ordering.API/Ordering.API.csproj +++ b/src/Services/Ordering/Ordering.API/Ordering.API.csproj @@ -1,7 +1,7 @@  - net6.0 + net7.0 aspnet-Ordering.API-20161122013547 $(AssetTargetFallback);portable-net45+win8+wp8+wpa81; ..\..\..\..\docker-compose.dcproj diff --git a/src/Services/Ordering/Ordering.BackgroundTasks/Dockerfile b/src/Services/Ordering/Ordering.BackgroundTasks/Dockerfile index 0a5ce8f0c..43348d40c 100644 --- a/src/Services/Ordering/Ordering.BackgroundTasks/Dockerfile +++ b/src/Services/Ordering/Ordering.BackgroundTasks/Dockerfile @@ -1,8 +1,8 @@ -FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base +FROM mcr.microsoft.com/dotnet/aspnet:7.0 AS base WORKDIR /app EXPOSE 80 -FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build +FROM mcr.microsoft.com/dotnet/sdk:7.0 AS build WORKDIR /src # It's important to keep lines from here down to "COPY . ." identical in all Dockerfiles diff --git a/src/Services/Ordering/Ordering.BackgroundTasks/Ordering.BackgroundTasks.csproj b/src/Services/Ordering/Ordering.BackgroundTasks/Ordering.BackgroundTasks.csproj index 617ccda32..4b1145242 100644 --- a/src/Services/Ordering/Ordering.BackgroundTasks/Ordering.BackgroundTasks.csproj +++ b/src/Services/Ordering/Ordering.BackgroundTasks/Ordering.BackgroundTasks.csproj @@ -1,7 +1,7 @@  - net6.0 + net7.0 dotnet-Ordering.BackgroundTasks-9D3E1DD6-405B-447F-8AAB-1708B36D260E false Linux diff --git a/src/Services/Ordering/Ordering.Domain/Ordering.Domain.csproj b/src/Services/Ordering/Ordering.Domain/Ordering.Domain.csproj index 994789d3b..68b8caf94 100644 --- a/src/Services/Ordering/Ordering.Domain/Ordering.Domain.csproj +++ b/src/Services/Ordering/Ordering.Domain/Ordering.Domain.csproj @@ -1,7 +1,7 @@  - net6.0 + net7.0 diff --git a/src/Services/Ordering/Ordering.FunctionalTests/Ordering.FunctionalTests.csproj b/src/Services/Ordering/Ordering.FunctionalTests/Ordering.FunctionalTests.csproj index b55420205..2c87f42a9 100644 --- a/src/Services/Ordering/Ordering.FunctionalTests/Ordering.FunctionalTests.csproj +++ b/src/Services/Ordering/Ordering.FunctionalTests/Ordering.FunctionalTests.csproj @@ -1,7 +1,7 @@  - net6.0 + net7.0 false diff --git a/src/Services/Ordering/Ordering.Infrastructure/Ordering.Infrastructure.csproj b/src/Services/Ordering/Ordering.Infrastructure/Ordering.Infrastructure.csproj index f09024baa..a74f43b32 100644 --- a/src/Services/Ordering/Ordering.Infrastructure/Ordering.Infrastructure.csproj +++ b/src/Services/Ordering/Ordering.Infrastructure/Ordering.Infrastructure.csproj @@ -1,7 +1,7 @@  - net6.0 + net7.0 diff --git a/src/Services/Ordering/Ordering.SignalrHub/Dockerfile b/src/Services/Ordering/Ordering.SignalrHub/Dockerfile index 33771bf1f..82cb625a7 100644 --- a/src/Services/Ordering/Ordering.SignalrHub/Dockerfile +++ b/src/Services/Ordering/Ordering.SignalrHub/Dockerfile @@ -1,8 +1,8 @@ -FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base +FROM mcr.microsoft.com/dotnet/aspnet:7.0 AS base WORKDIR /app EXPOSE 80 -FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build +FROM mcr.microsoft.com/dotnet/sdk:7.0 AS build WORKDIR /src # It's important to keep lines from here down to "COPY . ." identical in all Dockerfiles diff --git a/src/Services/Ordering/Ordering.SignalrHub/Ordering.SignalrHub.csproj b/src/Services/Ordering/Ordering.SignalrHub/Ordering.SignalrHub.csproj index bdf40a7de..b60c81897 100644 --- a/src/Services/Ordering/Ordering.SignalrHub/Ordering.SignalrHub.csproj +++ b/src/Services/Ordering/Ordering.SignalrHub/Ordering.SignalrHub.csproj @@ -1,7 +1,7 @@  - net6.0 + net7.0 ..\..\..\..\docker-compose.dcproj false true diff --git a/src/Services/Ordering/Ordering.UnitTests/Ordering.UnitTests.csproj b/src/Services/Ordering/Ordering.UnitTests/Ordering.UnitTests.csproj index 6c3cfe2bf..4e683a6af 100644 --- a/src/Services/Ordering/Ordering.UnitTests/Ordering.UnitTests.csproj +++ b/src/Services/Ordering/Ordering.UnitTests/Ordering.UnitTests.csproj @@ -1,7 +1,7 @@  - net6.0 + net7.0 false false From 218759a5de052d64f930eb54f332be8ba8b0477a Mon Sep 17 00:00:00 2001 From: Tarun Jain Date: Thu, 27 Oct 2022 18:55:55 +0530 Subject: [PATCH 03/14] update webapps --- src/ApiGateways/Mobile.Bff.Shopping/aggregator/Dockerfile | 4 ++-- .../aggregator/Mobile.Shopping.HttpAggregator.csproj | 2 +- src/ApiGateways/Web.Bff.Shopping/aggregator/Dockerfile | 4 ++-- .../aggregator/Web.Shopping.HttpAggregator.csproj | 2 +- .../EventBus/EventBus.Tests/EventBus.Tests.csproj | 2 +- src/BuildingBlocks/EventBus/EventBus/EventBus.csproj | 2 +- .../EventBus/EventBusRabbitMQ/EventBusRabbitMQ.csproj | 2 +- .../EventBus/EventBusServiceBus/EventBusServiceBus.csproj | 2 +- .../IntegrationEventLogEF/IntegrationEventLogEF.csproj | 2 +- .../WebHost.Customization/WebHost.Customization.csproj | 2 +- src/Services/Payment/Payment.API/Dockerfile | 4 ++-- src/Services/Payment/Payment.API/Payment.API.csproj | 2 +- src/Services/Webhooks/Webhooks.API/Webhooks.API.csproj | 2 +- src/Web/WebMVC/Dockerfile | 4 ++-- src/Web/WebMVC/WebMVC.csproj | 2 +- src/Web/WebSPA/Dockerfile | 4 ++-- src/Web/WebSPA/WebSPA.csproj | 2 +- src/Web/WebStatus/Dockerfile | 4 ++-- src/Web/WebStatus/WebStatus.csproj | 2 +- src/Web/WebhookClient/Dockerfile | 4 ++-- src/Web/WebhookClient/WebhookClient.csproj | 2 +- 21 files changed, 28 insertions(+), 28 deletions(-) diff --git a/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Dockerfile b/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Dockerfile index aab4164b7..294e04375 100644 --- a/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Dockerfile +++ b/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Dockerfile @@ -1,8 +1,8 @@ -FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base +FROM mcr.microsoft.com/dotnet/aspnet:7.0 AS base WORKDIR /app EXPOSE 80 -FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build +FROM mcr.microsoft.com/dotnet/sdk:7.0 AS build WORKDIR /src # It's important to keep lines from here down to "COPY . ." identical in all Dockerfiles diff --git a/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Mobile.Shopping.HttpAggregator.csproj b/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Mobile.Shopping.HttpAggregator.csproj index 13c443025..9a5fa6258 100644 --- a/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Mobile.Shopping.HttpAggregator.csproj +++ b/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Mobile.Shopping.HttpAggregator.csproj @@ -1,7 +1,7 @@  - net6.0 + net7.0 Mobile.Shopping.HttpAggregator Microsoft.eShopOnContainers.Mobile.Shopping.HttpAggregator ..\..\..\docker-compose.dcproj diff --git a/src/ApiGateways/Web.Bff.Shopping/aggregator/Dockerfile b/src/ApiGateways/Web.Bff.Shopping/aggregator/Dockerfile index 8761763a1..5cf1c7332 100644 --- a/src/ApiGateways/Web.Bff.Shopping/aggregator/Dockerfile +++ b/src/ApiGateways/Web.Bff.Shopping/aggregator/Dockerfile @@ -1,8 +1,8 @@ -FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base +FROM mcr.microsoft.com/dotnet/aspnet:7.0 AS base WORKDIR /app EXPOSE 80 -FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build +FROM mcr.microsoft.com/dotnet/sdk:7.0 AS build WORKDIR /src # It's important to keep lines from here down to "COPY . ." identical in all Dockerfiles diff --git a/src/ApiGateways/Web.Bff.Shopping/aggregator/Web.Shopping.HttpAggregator.csproj b/src/ApiGateways/Web.Bff.Shopping/aggregator/Web.Shopping.HttpAggregator.csproj index 921d5b709..c80ca96a9 100644 --- a/src/ApiGateways/Web.Bff.Shopping/aggregator/Web.Shopping.HttpAggregator.csproj +++ b/src/ApiGateways/Web.Bff.Shopping/aggregator/Web.Shopping.HttpAggregator.csproj @@ -1,7 +1,7 @@  - net6.0 + net7.0 Web.Shopping.HttpAggregator Microsoft.eShopOnContainers.Web.Shopping.HttpAggregator ..\..\..\docker-compose.dcproj diff --git a/src/BuildingBlocks/EventBus/EventBus.Tests/EventBus.Tests.csproj b/src/BuildingBlocks/EventBus/EventBus.Tests/EventBus.Tests.csproj index 7b75841ec..46ac5a285 100644 --- a/src/BuildingBlocks/EventBus/EventBus.Tests/EventBus.Tests.csproj +++ b/src/BuildingBlocks/EventBus/EventBus.Tests/EventBus.Tests.csproj @@ -1,7 +1,7 @@  - net6.0 + net7.0 diff --git a/src/BuildingBlocks/EventBus/EventBus/EventBus.csproj b/src/BuildingBlocks/EventBus/EventBus/EventBus.csproj index 37396d3ec..6d33cff34 100644 --- a/src/BuildingBlocks/EventBus/EventBus/EventBus.csproj +++ b/src/BuildingBlocks/EventBus/EventBus/EventBus.csproj @@ -1,7 +1,7 @@  - net6.0 + net7.0 Microsoft.eShopOnContainers.BuildingBlocks.EventBus diff --git a/src/BuildingBlocks/EventBus/EventBusRabbitMQ/EventBusRabbitMQ.csproj b/src/BuildingBlocks/EventBus/EventBusRabbitMQ/EventBusRabbitMQ.csproj index b6b23483c..c91224777 100644 --- a/src/BuildingBlocks/EventBus/EventBusRabbitMQ/EventBusRabbitMQ.csproj +++ b/src/BuildingBlocks/EventBus/EventBusRabbitMQ/EventBusRabbitMQ.csproj @@ -1,7 +1,7 @@  - net6.0 + net7.0 Microsoft.eShopOnContainers.BuildingBlocks.EventBusRabbitMQ diff --git a/src/BuildingBlocks/EventBus/EventBusServiceBus/EventBusServiceBus.csproj b/src/BuildingBlocks/EventBus/EventBusServiceBus/EventBusServiceBus.csproj index e725de1c7..eb6fc667d 100644 --- a/src/BuildingBlocks/EventBus/EventBusServiceBus/EventBusServiceBus.csproj +++ b/src/BuildingBlocks/EventBus/EventBusServiceBus/EventBusServiceBus.csproj @@ -1,7 +1,7 @@  - net6.0 + net7.0 Microsoft.eShopOnContainers.BuildingBlocks.EventBusServiceBus diff --git a/src/BuildingBlocks/EventBus/IntegrationEventLogEF/IntegrationEventLogEF.csproj b/src/BuildingBlocks/EventBus/IntegrationEventLogEF/IntegrationEventLogEF.csproj index c68db458e..ba899ad65 100644 --- a/src/BuildingBlocks/EventBus/IntegrationEventLogEF/IntegrationEventLogEF.csproj +++ b/src/BuildingBlocks/EventBus/IntegrationEventLogEF/IntegrationEventLogEF.csproj @@ -1,7 +1,7 @@  - net6.0 + net7.0 Microsoft.eShopOnContainers.BuildingBlocks.IntegrationEventLogEF diff --git a/src/BuildingBlocks/WebHostCustomization/WebHost.Customization/WebHost.Customization.csproj b/src/BuildingBlocks/WebHostCustomization/WebHost.Customization/WebHost.Customization.csproj index 5c094de1e..b332583b8 100644 --- a/src/BuildingBlocks/WebHostCustomization/WebHost.Customization/WebHost.Customization.csproj +++ b/src/BuildingBlocks/WebHostCustomization/WebHost.Customization/WebHost.Customization.csproj @@ -1,7 +1,7 @@  - net6.0 + net7.0 false diff --git a/src/Services/Payment/Payment.API/Dockerfile b/src/Services/Payment/Payment.API/Dockerfile index e91ed767b..4b17cb3bd 100644 --- a/src/Services/Payment/Payment.API/Dockerfile +++ b/src/Services/Payment/Payment.API/Dockerfile @@ -1,8 +1,8 @@ -FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base +FROM mcr.microsoft.com/dotnet/aspnet:7.0 AS base WORKDIR /app EXPOSE 80 -FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build +FROM mcr.microsoft.com/dotnet/sdk:7.0 AS build WORKDIR /src # It's important to keep lines from here down to "COPY . ." identical in all Dockerfiles diff --git a/src/Services/Payment/Payment.API/Payment.API.csproj b/src/Services/Payment/Payment.API/Payment.API.csproj index ad930772a..616a8b21d 100644 --- a/src/Services/Payment/Payment.API/Payment.API.csproj +++ b/src/Services/Payment/Payment.API/Payment.API.csproj @@ -1,7 +1,7 @@  - net6.0 + net7.0 ..\..\..\..\docker-compose.dcproj $(AssetTargetFallback);portable-net45+win8+wp8+wpa81; false diff --git a/src/Services/Webhooks/Webhooks.API/Webhooks.API.csproj b/src/Services/Webhooks/Webhooks.API/Webhooks.API.csproj index c05884309..82eec7886 100644 --- a/src/Services/Webhooks/Webhooks.API/Webhooks.API.csproj +++ b/src/Services/Webhooks/Webhooks.API/Webhooks.API.csproj @@ -1,7 +1,7 @@  - net6.0 + net7.0 InProcess Linux $(AssetTargetFallback);portable-net45+win8+wp8+wpa81; diff --git a/src/Web/WebMVC/Dockerfile b/src/Web/WebMVC/Dockerfile index 470de25d2..9170a2c41 100644 --- a/src/Web/WebMVC/Dockerfile +++ b/src/Web/WebMVC/Dockerfile @@ -1,8 +1,8 @@ -FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base +FROM mcr.microsoft.com/dotnet/aspnet:7.0 AS base WORKDIR /app EXPOSE 80 -FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build +FROM mcr.microsoft.com/dotnet/sdk:7.0 AS build WORKDIR /src # It's important to keep lines from here down to "COPY . ." identical in all Dockerfiles diff --git a/src/Web/WebMVC/WebMVC.csproj b/src/Web/WebMVC/WebMVC.csproj index db6ad97db..81b1c3150 100644 --- a/src/Web/WebMVC/WebMVC.csproj +++ b/src/Web/WebMVC/WebMVC.csproj @@ -1,7 +1,7 @@ - net6.0 + net7.0 aspnet-Microsoft.eShopOnContainers-946ae052-8305-4a99-965b-ec8636ddbae3 ..\..\..\docker-compose.dcproj 3.0 diff --git a/src/Web/WebSPA/Dockerfile b/src/Web/WebSPA/Dockerfile index 00ff8b3b5..f3e23d919 100644 --- a/src/Web/WebSPA/Dockerfile +++ b/src/Web/WebSPA/Dockerfile @@ -1,7 +1,7 @@ #See https://aka.ms/containerfastmode to understand how Visual Studio uses this Dockerfile to build your images for faster debugging. ARG NODE_IMAGE=node:12.0 -FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base +FROM mcr.microsoft.com/dotnet/aspnet:7.0 AS base WORKDIR /app EXPOSE 80 @@ -14,7 +14,7 @@ RUN npm install COPY Web/WebSPA/Client . RUN npm run build:prod -FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build +FROM mcr.microsoft.com/dotnet/sdk:7.0 AS build WORKDIR /src # Create this "restore-solution" section by running ./Create-DockerfileSolutionRestore.ps1, to optimize build cache reuse diff --git a/src/Web/WebSPA/WebSPA.csproj b/src/Web/WebSPA/WebSPA.csproj index f44c06dd8..fb516058a 100644 --- a/src/Web/WebSPA/WebSPA.csproj +++ b/src/Web/WebSPA/WebSPA.csproj @@ -1,7 +1,7 @@  - net6.0 + net7.0 aspnetcorespa-c23d27a4-eb88-4b18-9b77-2a93f3b15119 false true diff --git a/src/Web/WebStatus/Dockerfile b/src/Web/WebStatus/Dockerfile index 47ecbd9e4..325c7e7cd 100644 --- a/src/Web/WebStatus/Dockerfile +++ b/src/Web/WebStatus/Dockerfile @@ -1,8 +1,8 @@ -FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base +FROM mcr.microsoft.com/dotnet/aspnet:7.0 AS base WORKDIR /app EXPOSE 80 -FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build +FROM mcr.microsoft.com/dotnet/sdk:7.0 AS build WORKDIR /src # It's important to keep lines from here down to "COPY . ." identical in all Dockerfiles diff --git a/src/Web/WebStatus/WebStatus.csproj b/src/Web/WebStatus/WebStatus.csproj index bd365da55..5dbcf81c5 100644 --- a/src/Web/WebStatus/WebStatus.csproj +++ b/src/Web/WebStatus/WebStatus.csproj @@ -1,6 +1,6 @@  - net6.0 + net7.0 $(AssetTargetFallback);portable-net45+win8+wp8+wpa81; ..\..\..\docker-compose.dcproj true diff --git a/src/Web/WebhookClient/Dockerfile b/src/Web/WebhookClient/Dockerfile index c25957029..82871380e 100644 --- a/src/Web/WebhookClient/Dockerfile +++ b/src/Web/WebhookClient/Dockerfile @@ -1,9 +1,9 @@ -FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base +FROM mcr.microsoft.com/dotnet/aspnet:7.0 AS base WORKDIR /app EXPOSE 80 EXPOSE 443 -FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build +FROM mcr.microsoft.com/dotnet/sdk:7.0 AS build WORKDIR /src # It's important to keep lines from here down to "COPY . ." identical in all Dockerfiles diff --git a/src/Web/WebhookClient/WebhookClient.csproj b/src/Web/WebhookClient/WebhookClient.csproj index 8a1b9bdd3..90632e4ff 100644 --- a/src/Web/WebhookClient/WebhookClient.csproj +++ b/src/Web/WebhookClient/WebhookClient.csproj @@ -1,7 +1,7 @@  - net6.0 + net7.0 InProcess Linux 36215d41-f31a-4aa6-9929-bd67d650e7b5 From 390d737235baf837d646cf0631c9907cf14bf7c6 Mon Sep 17 00:00:00 2001 From: Tarun Jain Date: Thu, 27 Oct 2022 20:17:06 +0530 Subject: [PATCH 04/14] update webhooks.api --- src/Services/Webhooks/Webhooks.API/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Services/Webhooks/Webhooks.API/Dockerfile b/src/Services/Webhooks/Webhooks.API/Dockerfile index b5fb88684..5db5f3f90 100644 --- a/src/Services/Webhooks/Webhooks.API/Dockerfile +++ b/src/Services/Webhooks/Webhooks.API/Dockerfile @@ -1,8 +1,8 @@ -FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base +FROM mcr.microsoft.com/dotnet/aspnet:7.0 AS base WORKDIR /app EXPOSE 80 -FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build +FROM mcr.microsoft.com/dotnet/sdk:7.0 AS build WORKDIR /src # It's important to keep lines from here down to "COPY . ." identical in all Dockerfiles From 2de2ddc041b9717841b1e58511cdcb6c557ac6e4 Mon Sep 17 00:00:00 2001 From: Tarun Jain Date: Mon, 7 Nov 2022 12:45:49 +0530 Subject: [PATCH 05/14] update identity.api --- src/Services/Identity/Identity.API/Dockerfile | 4 ++-- src/Services/Identity/Identity.API/Identity.API.csproj | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/Services/Identity/Identity.API/Dockerfile b/src/Services/Identity/Identity.API/Dockerfile index 674cc4ec1..aca2e1e81 100644 --- a/src/Services/Identity/Identity.API/Dockerfile +++ b/src/Services/Identity/Identity.API/Dockerfile @@ -1,8 +1,8 @@ -FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base +FROM mcr.microsoft.com/dotnet/aspnet:7.0 AS base WORKDIR /app EXPOSE 80 -FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build +FROM mcr.microsoft.com/dotnet/sdk:7.0 AS build WORKDIR /src # It's important to keep lines from here down to "COPY . ." identical in all Dockerfiles diff --git a/src/Services/Identity/Identity.API/Identity.API.csproj b/src/Services/Identity/Identity.API/Identity.API.csproj index 67d46a95f..40d93927f 100644 --- a/src/Services/Identity/Identity.API/Identity.API.csproj +++ b/src/Services/Identity/Identity.API/Identity.API.csproj @@ -1,7 +1,7 @@  - net6.0 + net7.0 aspnet-eShopOnContainers.Identity-90487118-103c-4ff0-b9da-e5e26f7ab0c5 ..\..\..\..\docker-compose.dcproj false From b5b667b3856528736e3885e29399710724a8d9f1 Mon Sep 17 00:00:00 2001 From: Tarun Jain Date: Mon, 28 Nov 2022 17:32:59 +0530 Subject: [PATCH 06/14] commit to update IdentityServer 3.1 to Duende.IdentityServer 6.2.0 --- .../aggregator/GlobalUsings.cs | 1 + .../Mobile.Bff.Shopping/aggregator/Startup.cs | 4 + .../aggregator/GlobalUsings.cs | 1 + .../Web.Bff.Shopping/aggregator/Startup.cs | 4 + .../Basket/Basket.API/GlobalUsings.cs | 3 +- src/Services/Basket/Basket.API/Startup.cs | 4 + .../Identity.API/Configuration/Config.cs | 24 +- .../Controllers/AccountController.cs | 4 +- .../Controllers/ConsentController.cs | 210 ++- .../Data/ConfigurationDbContextSeed.cs | 12 +- .../DevspacesRedirectUriValidator.cs | 4 +- .../Identity.API/Extensions/Extension.cs | 23 + .../ConfigurationDbContextFactory.cs | 2 +- .../PersistedGrantDbContextFactory.cs | 2 +- .../Identity/Identity.API/GlobalUsings.cs | 16 +- .../Identity/Identity.API/Identity.API.csproj | 46 +- .../ApplicationDbContextModelSnapshot.cs | 2 +- ...0210813072543_InitialMigration.Designer.cs | 911 ---------- ...nitialConfigurationDbMigration.Designer.cs | 1096 +++++++++++ ...152912_InitialConfigurationDbMigration.cs} | 299 ++- .../ConfigurationDbContextModelSnapshot.cs | 1599 +++++++++-------- ...0210813072513_InitialMigration.Designer.cs | 108 -- .../20210813072513_InitialMigration.cs | 75 - ...itialPersistedGrantDbMigration.Designer.cs | 240 +++ ...152905_InitialPersistedGrantDbMigration.cs | 177 ++ .../PersistedGrantDbContextModelSnapshot.cs | 262 ++- .../AccountViewModels/ConsentInputModel.cs | 10 - .../AccountViewModels/ConsentViewModel.cs | 61 - .../AccountViewModels/RedirectViewModel.cs | 7 + .../ConsentViewModels/ConsentInputModel.cs | 13 + .../ConsentViewModels/ConsentOptions.cs | 12 + .../ConsentViewModels/ConsentViewModel.cs | 15 + .../ConsentViewModels/ProcessConsentResult.cs | 17 + .../ConsentViewModels/ScopeViewModel.cs | 12 + src/Services/Identity/Identity.API/Startup.cs | 4 + .../Identity.API/Views/Consent/Index.cshtml | 138 +- .../Views/Consent/_ScopeListItem.cshtml | 12 +- .../Identity.API/Views/Home/Index.cshtml | 6 +- .../Identity/Identity.API/appsettings.json | 2 +- .../Ordering/Ordering.API/GlobalUsings.cs | 1 + src/Services/Ordering/Ordering.API/Startup.cs | 4 + .../Webhooks/Webhooks.API/GlobalUsings.cs | 1 + src/Services/Webhooks/Webhooks.API/Startup.cs | 4 + src/Web/WebMVC/Startup.cs | 2 +- src/docker-compose.override.yml | 10 +- 45 files changed, 3264 insertions(+), 2196 deletions(-) create mode 100644 src/Services/Identity/Identity.API/Extensions/Extension.cs delete mode 100644 src/Services/Identity/Identity.API/Migrations/ConfigurationDb/20210813072543_InitialMigration.Designer.cs create mode 100644 src/Services/Identity/Identity.API/Migrations/ConfigurationDb/20220324152912_InitialConfigurationDbMigration.Designer.cs rename src/Services/Identity/Identity.API/Migrations/ConfigurationDb/{20210813072543_InitialMigration.cs => 20220324152912_InitialConfigurationDbMigration.cs} (74%) delete mode 100644 src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20210813072513_InitialMigration.Designer.cs delete mode 100644 src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20210813072513_InitialMigration.cs create mode 100644 src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20220324152905_InitialPersistedGrantDbMigration.Designer.cs create mode 100644 src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20220324152905_InitialPersistedGrantDbMigration.cs delete mode 100644 src/Services/Identity/Identity.API/Models/AccountViewModels/ConsentInputModel.cs delete mode 100644 src/Services/Identity/Identity.API/Models/AccountViewModels/ConsentViewModel.cs create mode 100644 src/Services/Identity/Identity.API/Models/AccountViewModels/RedirectViewModel.cs create mode 100644 src/Services/Identity/Identity.API/Models/ConsentViewModels/ConsentInputModel.cs create mode 100644 src/Services/Identity/Identity.API/Models/ConsentViewModels/ConsentOptions.cs create mode 100644 src/Services/Identity/Identity.API/Models/ConsentViewModels/ConsentViewModel.cs create mode 100644 src/Services/Identity/Identity.API/Models/ConsentViewModels/ProcessConsentResult.cs create mode 100644 src/Services/Identity/Identity.API/Models/ConsentViewModels/ScopeViewModel.cs diff --git a/src/ApiGateways/Mobile.Bff.Shopping/aggregator/GlobalUsings.cs b/src/ApiGateways/Mobile.Bff.Shopping/aggregator/GlobalUsings.cs index 881670f5e..ecae40e62 100644 --- a/src/ApiGateways/Mobile.Bff.Shopping/aggregator/GlobalUsings.cs +++ b/src/ApiGateways/Mobile.Bff.Shopping/aggregator/GlobalUsings.cs @@ -39,3 +39,4 @@ global using System.Text.Json; global using System.Threading.Tasks; global using System.Threading; global using System; +global using Microsoft.IdentityModel.Tokens; \ No newline at end of file diff --git a/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Startup.cs b/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Startup.cs index 3f988395a..3046e8f3f 100644 --- a/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Startup.cs +++ b/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Startup.cs @@ -143,6 +143,10 @@ public static class ServiceCollectionExtensions options.Authority = identityUrl; options.RequireHttpsMetadata = false; options.Audience = "mobileshoppingagg"; + options.TokenValidationParameters = new TokenValidationParameters + { + ValidateAudience = false + }; }); return services; diff --git a/src/ApiGateways/Web.Bff.Shopping/aggregator/GlobalUsings.cs b/src/ApiGateways/Web.Bff.Shopping/aggregator/GlobalUsings.cs index 6162c557e..58765400a 100644 --- a/src/ApiGateways/Web.Bff.Shopping/aggregator/GlobalUsings.cs +++ b/src/ApiGateways/Web.Bff.Shopping/aggregator/GlobalUsings.cs @@ -39,3 +39,4 @@ global using System.Text.Json; global using System.Threading.Tasks; global using System.Threading; global using System; +global using Microsoft.IdentityModel.Tokens; diff --git a/src/ApiGateways/Web.Bff.Shopping/aggregator/Startup.cs b/src/ApiGateways/Web.Bff.Shopping/aggregator/Startup.cs index 6e8e66931..9d937ffea 100644 --- a/src/ApiGateways/Web.Bff.Shopping/aggregator/Startup.cs +++ b/src/ApiGateways/Web.Bff.Shopping/aggregator/Startup.cs @@ -94,6 +94,10 @@ public static class ServiceCollectionExtensions options.Authority = identityUrl; options.RequireHttpsMetadata = false; options.Audience = "webshoppingagg"; + options.TokenValidationParameters = new TokenValidationParameters + { + ValidateAudience = false + }; }); return services; diff --git a/src/Services/Basket/Basket.API/GlobalUsings.cs b/src/Services/Basket/Basket.API/GlobalUsings.cs index 75f7a878e..b2e13ab17 100644 --- a/src/Services/Basket/Basket.API/GlobalUsings.cs +++ b/src/Services/Basket/Basket.API/GlobalUsings.cs @@ -58,4 +58,5 @@ global using System.Net; global using System.Security.Claims; global using System.Text.Json; global using System.Threading.Tasks; -global using System; \ No newline at end of file +global using System; +global using Microsoft.IdentityModel.Tokens; \ No newline at end of file diff --git a/src/Services/Basket/Basket.API/Startup.cs b/src/Services/Basket/Basket.API/Startup.cs index 7e0142c2c..049baf03e 100644 --- a/src/Services/Basket/Basket.API/Startup.cs +++ b/src/Services/Basket/Basket.API/Startup.cs @@ -224,6 +224,10 @@ public class Startup options.Authority = identityUrl; options.RequireHttpsMetadata = false; options.Audience = "basket"; + options.TokenValidationParameters = new TokenValidationParameters + { + ValidateAudience = false + }; }); } diff --git a/src/Services/Identity/Identity.API/Configuration/Config.cs b/src/Services/Identity/Identity.API/Configuration/Config.cs index 6d5393bde..046bcd7d4 100644 --- a/src/Services/Identity/Identity.API/Configuration/Config.cs +++ b/src/Services/Identity/Identity.API/Configuration/Config.cs @@ -1,4 +1,4 @@ -using IdentityServer4.Models; +using Duende.IdentityServer.Models; namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration { @@ -6,7 +6,7 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration { // ApiResources define the apis in your system public static IEnumerable GetApis() - { + { return new List { new ApiResource("orders", "Orders Service"), @@ -18,6 +18,21 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration }; } + // ApiScope is used to protect the API + //The effect is the same as that of API resources in IdentityServer 3.x + public static IEnumerable GetApiScopes() + { + return new List + { + new ApiScope("orders", "Orders Service"), + new ApiScope("basket", "Basket Service"), + new ApiScope("mobileshoppingagg", "Mobile Shopping Aggregator"), + new ApiScope("webshoppingagg", "Web Shopping Aggregator"), + new ApiScope("orders.signalrhub", "Ordering Signalr Hub"), + new ApiScope("webhooks", "Webhooks registration Service"), + }; + } + // Identity resources are data like user ID, name, or email address of a user // see: http://docs.identityserver.io/en/release/configuration/resources.html public static IEnumerable GetResources() @@ -63,7 +78,7 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration AllowedGrantTypes = GrantTypes.Hybrid, //Used to retrieve the access token on the back channel. ClientSecrets = - { + { new Secret("secret".Sha256()) }, RedirectUris = { clientsUrl["Xamarin"] }, @@ -91,7 +106,7 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration ClientName = "MVC Client", ClientSecrets = new List { - + new Secret("secret".Sha256()) }, ClientUri = $"{clientsUrl["Mvc"]}", // public uri of the client @@ -100,6 +115,7 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration RequireConsent = false, AllowOfflineAccess = true, AlwaysIncludeUserClaimsInIdToken = true, + RequirePkce = false, RedirectUris = new List { $"{clientsUrl["Mvc"]}/signin-oidc" diff --git a/src/Services/Identity/Identity.API/Controllers/AccountController.cs b/src/Services/Identity/Identity.API/Controllers/AccountController.cs index 22e347fb9..a4943a3ba 100644 --- a/src/Services/Identity/Identity.API/Controllers/AccountController.cs +++ b/src/Services/Identity/Identity.API/Controllers/AccountController.cs @@ -107,9 +107,9 @@ private async Task BuildLoginViewModelAsync(string returnUrl, AuthorizationRequest context) { var allowLocal = true; - if (context?.ClientId != null) + if (context?.Client.ClientId != null) { - var client = await _clientStore.FindEnabledClientByIdAsync(context.ClientId); + var client = await _clientStore.FindEnabledClientByIdAsync(context.Client.ClientId); if (client != null) { allowLocal = client.EnableLocalLogin; diff --git a/src/Services/Identity/Identity.API/Controllers/ConsentController.cs b/src/Services/Identity/Identity.API/Controllers/ConsentController.cs index 76c27cd23..3bd1cd239 100644 --- a/src/Services/Identity/Identity.API/Controllers/ConsentController.cs +++ b/src/Services/Identity/Identity.API/Controllers/ConsentController.cs @@ -1,4 +1,9 @@ -namespace Microsoft.eShopOnContainers.Services.Identity.API.Controllers +using Duende.IdentityServer.Events; +using Duende.IdentityServer.Extensions; +using Identity.API.Extensions; +using Microsoft.eShopOnContainers.Services.Identity.API.Models.ConsentViewModels; + +namespace Microsoft.eShopOnContainers.Services.Identity.API.Controllers { /// /// This controller implements the consent logic @@ -6,21 +11,17 @@ public class ConsentController : Controller { private readonly ILogger _logger; - private readonly IClientStore _clientStore; - private readonly IResourceStore _resourceStore; private readonly IIdentityServerInteractionService _interaction; - + private readonly IEventService _events; public ConsentController( ILogger logger, IIdentityServerInteractionService interaction, - IClientStore clientStore, - IResourceStore resourceStore) + IEventService events) { - _logger = logger; _interaction = interaction; - _clientStore = clientStore; - _resourceStore = resourceStore; + _events = events; + _logger = logger; } /// @@ -32,7 +33,7 @@ public async Task Index(string returnUrl) { var vm = await BuildViewModelAsync(returnUrl); - ViewData["ReturnUrl"] = returnUrl; + if (vm != null) { return View("Index", vm); @@ -48,77 +49,111 @@ [ValidateAntiForgeryToken] public async Task Index(ConsentInputModel model) { - // parse the return URL back to an AuthorizeRequest object + var result = await ProcessConsent(model); + + if (result.IsRedirect) + { + var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); + if (context?.IsNativeClient() == true) + { + // The client is native, so this change in how to + // return the response is for better UX for the end user. + return this.LoadingPage("Redirect", result.RedirectUri); + } + + return Redirect(result.RedirectUri); + } + + if (result.HasValidationError) + { + ModelState.AddModelError(string.Empty, result.ValidationError); + } + + if (result.ShowView) + { + return View("Index", result.ViewModel); + } + + return View("Error"); + } + + /*****************************************/ + /* helper APIs for the ConsentController */ + /*****************************************/ + private async Task ProcessConsent(ConsentInputModel model) + { + var result = new ProcessConsentResult(); + + // validate return url is still valid var request = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); - ConsentResponse response = null; + if (request == null) return result; + + ConsentResponse grantedConsent = null; // user clicked 'no' - send back the standard 'access_denied' response - if (model.Button == "no") + if (model?.Button == "no") { - response = ConsentResponse.Denied; + grantedConsent = new ConsentResponse { Error = AuthorizationError.AccessDenied }; + + // emit event + await _events.RaiseAsync(new ConsentDeniedEvent(User.GetSubjectId(), request.Client.ClientId, request.ValidatedResources.RawScopeValues)); } // user clicked 'yes' - validate the data - else if (model.Button == "yes") + else if (model?.Button == "yes") { // if the user consented to some scope, build the response model if (model.ScopesConsented != null && model.ScopesConsented.Any()) { - response = new ConsentResponse + var scopes = model.ScopesConsented; + if (ConsentOptions.EnableOfflineAccess == false) + { + scopes = scopes.Where(x => x != Duende.IdentityServer.IdentityServerConstants.StandardScopes.OfflineAccess); + } + + grantedConsent = new ConsentResponse { RememberConsent = model.RememberConsent, - ScopesConsented = model.ScopesConsented + ScopesValuesConsented = scopes.ToArray(), + Description = model.Description }; + + // emit event + await _events.RaiseAsync(new ConsentGrantedEvent(User.GetSubjectId(), request.Client.ClientId, request.ValidatedResources.RawScopeValues, grantedConsent.ScopesValuesConsented, grantedConsent.RememberConsent)); } else { - ModelState.AddModelError("", "You must pick at least one permission."); + result.ValidationError = ConsentOptions.MustChooseOneErrorMessage; } } else { - ModelState.AddModelError("", "Invalid Selection"); + result.ValidationError = ConsentOptions.InvalidSelectionErrorMessage; } - if (response != null) + if (grantedConsent != null) { // communicate outcome of consent back to identityserver - await _interaction.GrantConsentAsync(request, response); + await _interaction.GrantConsentAsync(request, grantedConsent); - // redirect back to authorization endpoint - return Redirect(model.ReturnUrl); + // indicate that's it ok to redirect back to authorization endpoint + result.RedirectUri = model.ReturnUrl; + result.Client = request.Client; } - - var vm = await BuildViewModelAsync(model.ReturnUrl, model); - if (vm != null) + else { - return View("Index", vm); + // we need to redisplay the consent UI + result.ViewModel = await BuildViewModelAsync(model.ReturnUrl, model); } - return View("Error"); + return result; } - async Task BuildViewModelAsync(string returnUrl, ConsentInputModel model = null) + private async Task BuildViewModelAsync(string returnUrl, ConsentInputModel model = null) { var request = await _interaction.GetAuthorizationContextAsync(returnUrl); if (request != null) { - var client = await _clientStore.FindEnabledClientByIdAsync(request.ClientId); - if (client != null) - { - var resources = await _resourceStore.FindEnabledResourcesByScopeAsync(request.ScopesRequested); - if (resources != null && (resources.IdentityResources.Any() || resources.ApiResources.Any())) - { - return new ConsentViewModel(model, returnUrl, request, client, resources); - } - else - { - _logger.LogError("No scopes matching: {0}", request.ScopesRequested.Aggregate((x, y) => x + ", " + y)); - } - } - else - { - _logger.LogError("Invalid client id: {0}", request.ClientId); - } + return CreateConsentViewModel(model, returnUrl, request); } else { @@ -127,5 +162,88 @@ return null; } + + private ConsentViewModel CreateConsentViewModel( + ConsentInputModel model, string returnUrl, + AuthorizationRequest request) + { + var vm = new ConsentViewModel + { + RememberConsent = model?.RememberConsent ?? true, + ScopesConsented = model?.ScopesConsented ?? Enumerable.Empty(), + Description = model?.Description, + + ReturnUrl = returnUrl, + + ClientName = request.Client.ClientName ?? request.Client.ClientId, + ClientUrl = request.Client.ClientUri, + ClientLogoUrl = request.Client.LogoUri, + AllowRememberConsent = request.Client.AllowRememberConsent + }; + + vm.IdentityScopes = request.ValidatedResources.Resources.IdentityResources.Select(x => CreateScopeViewModel(x, vm.ScopesConsented.Contains(x.Name) || model == null)).ToArray(); + + var apiScopes = new List(); + foreach (var parsedScope in request.ValidatedResources.ParsedScopes) + { + var apiScope = request.ValidatedResources.Resources.FindApiScope(parsedScope.ParsedName); + if (apiScope != null) + { + var scopeVm = CreateScopeViewModel(parsedScope, apiScope, vm.ScopesConsented.Contains(parsedScope.RawValue) || model == null); + apiScopes.Add(scopeVm); + } + } + if (ConsentOptions.EnableOfflineAccess && request.ValidatedResources.Resources.OfflineAccess) + { + apiScopes.Add(GetOfflineAccessScope(vm.ScopesConsented.Contains(IdentityServerConstants.StandardScopes.OfflineAccess) || model == null)); + } + vm.ApiScopes = apiScopes; + + return vm; + } + + private ScopeViewModel CreateScopeViewModel(IdentityResource identity, bool check) + { + return new ScopeViewModel + { + Value = identity.Name, + DisplayName = identity.DisplayName ?? identity.Name, + Description = identity.Description, + Emphasize = identity.Emphasize, + Required = identity.Required, + Checked = check || identity.Required + }; + } + + public ScopeViewModel CreateScopeViewModel(ParsedScopeValue parsedScopeValue, ApiScope apiScope, bool check) + { + var displayName = apiScope.DisplayName ?? apiScope.Name; + if (!String.IsNullOrWhiteSpace(parsedScopeValue.ParsedParameter)) + { + displayName += ":" + parsedScopeValue.ParsedParameter; + } + + return new ScopeViewModel + { + Value = parsedScopeValue.RawValue, + DisplayName = displayName, + Description = apiScope.Description, + Emphasize = apiScope.Emphasize, + Required = apiScope.Required, + Checked = check || apiScope.Required + }; + } + + private ScopeViewModel GetOfflineAccessScope(bool check) + { + return new ScopeViewModel + { + Value = Duende.IdentityServer.IdentityServerConstants.StandardScopes.OfflineAccess, + DisplayName = ConsentOptions.OfflineAccessDisplayName, + Description = ConsentOptions.OfflineAccessDescription, + Emphasize = true, + Checked = check + }; + } } } \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Data/ConfigurationDbContextSeed.cs b/src/Services/Identity/Identity.API/Data/ConfigurationDbContextSeed.cs index e3df90fdd..4f68013e0 100644 --- a/src/Services/Identity/Identity.API/Data/ConfigurationDbContextSeed.cs +++ b/src/Services/Identity/Identity.API/Data/ConfigurationDbContextSeed.cs @@ -1,4 +1,4 @@ -using IdentityServer4.EntityFramework.Entities; +using Duende.IdentityServer.EntityFramework.Entities; namespace Microsoft.eShopOnContainers.Services.Identity.API.Data { @@ -68,6 +68,16 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Data await context.SaveChangesAsync(); } + + if (!context.ApiScopes.Any()) + { + foreach (var apiScope in Config.GetApiScopes()) + { + context.ApiScopes.Add(apiScope.ToEntity()); + } + + await context.SaveChangesAsync(); + } } } } diff --git a/src/Services/Identity/Identity.API/Devspaces/DevspacesRedirectUriValidator.cs b/src/Services/Identity/Identity.API/Devspaces/DevspacesRedirectUriValidator.cs index 8912882f4..e366a7a65 100644 --- a/src/Services/Identity/Identity.API/Devspaces/DevspacesRedirectUriValidator.cs +++ b/src/Services/Identity/Identity.API/Devspaces/DevspacesRedirectUriValidator.cs @@ -10,14 +10,14 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Devspaces _logger = logger; } - public Task IsPostLogoutRedirectUriValidAsync(string requestedUri, IdentityServer4.Models.Client client) + public Task IsPostLogoutRedirectUriValidAsync(string requestedUri, Duende.IdentityServer.Models.Client client) { _logger.LogInformation("Client {ClientName} used post logout uri {RequestedUri}.", client.ClientName, requestedUri); return Task.FromResult(true); } - public Task IsRedirectUriValidAsync(string requestedUri, IdentityServer4.Models.Client client) + public Task IsRedirectUriValidAsync(string requestedUri, Duende.IdentityServer.Models.Client client) { _logger.LogInformation("Client {ClientName} used post logout uri {RequestedUri}.", client.ClientName, requestedUri); return Task.FromResult(true); diff --git a/src/Services/Identity/Identity.API/Extensions/Extension.cs b/src/Services/Identity/Identity.API/Extensions/Extension.cs new file mode 100644 index 000000000..1ed98c98c --- /dev/null +++ b/src/Services/Identity/Identity.API/Extensions/Extension.cs @@ -0,0 +1,23 @@ +namespace Identity.API.Extensions +{ + public static class Extensions + { + /// + /// Checks if the redirect URI is for a native client. + /// + /// + public static bool IsNativeClient(this AuthorizationRequest context) + { + return !context.RedirectUri.StartsWith("https", StringComparison.Ordinal) + && !context.RedirectUri.StartsWith("http", StringComparison.Ordinal); + } + + public static IActionResult LoadingPage(this Controller controller, string viewName, string redirectUri) + { + controller.HttpContext.Response.StatusCode = 200; + controller.HttpContext.Response.Headers["Location"] = ""; + + return controller.View(viewName, new RedirectViewModel { RedirectUrl = redirectUri }); + } + } +} diff --git a/src/Services/Identity/Identity.API/Factories/ConfigurationDbContextFactory.cs b/src/Services/Identity/Identity.API/Factories/ConfigurationDbContextFactory.cs index 0fdbe8598..cc9e9aed8 100644 --- a/src/Services/Identity/Identity.API/Factories/ConfigurationDbContextFactory.cs +++ b/src/Services/Identity/Identity.API/Factories/ConfigurationDbContextFactory.cs @@ -15,7 +15,7 @@ optionsBuilder.UseSqlServer(config["ConnectionString"], sqlServerOptionsAction: o => o.MigrationsAssembly("Identity.API")); - return new ConfigurationDbContext(optionsBuilder.Options, storeOptions); + return new ConfigurationDbContext(optionsBuilder.Options); } } } \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Factories/PersistedGrantDbContextFactory.cs b/src/Services/Identity/Identity.API/Factories/PersistedGrantDbContextFactory.cs index 83380dfd0..daeea610e 100644 --- a/src/Services/Identity/Identity.API/Factories/PersistedGrantDbContextFactory.cs +++ b/src/Services/Identity/Identity.API/Factories/PersistedGrantDbContextFactory.cs @@ -15,7 +15,7 @@ optionsBuilder.UseSqlServer(config["ConnectionString"], sqlServerOptionsAction: o => o.MigrationsAssembly("Identity.API")); - return new PersistedGrantDbContext(optionsBuilder.Options, operationOptions); + return new PersistedGrantDbContext(optionsBuilder.Options); } } } \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/GlobalUsings.cs b/src/Services/Identity/Identity.API/GlobalUsings.cs index bfbb354db..96fe67a8e 100644 --- a/src/Services/Identity/Identity.API/GlobalUsings.cs +++ b/src/Services/Identity/Identity.API/GlobalUsings.cs @@ -6,14 +6,14 @@ global using Azure.Core; global using Azure.Identity; global using HealthChecks.UI.Client; global using IdentityModel; -global using IdentityServer4.EntityFramework.DbContexts; -global using IdentityServer4.EntityFramework.Mappers; -global using IdentityServer4.EntityFramework.Options; -global using IdentityServer4.Models; -global using IdentityServer4.Services; -global using IdentityServer4.Stores; -global using IdentityServer4.Validation; -global using IdentityServer4; +global using Duende.IdentityServer.EntityFramework.DbContexts; +global using Duende.IdentityServer.EntityFramework.Mappers; +global using Duende.IdentityServer.EntityFramework.Options; +global using Duende.IdentityServer.Models; +global using Duende.IdentityServer.Services; +global using Duende.IdentityServer.Stores; +global using Duende.IdentityServer.Validation; +global using Duende.IdentityServer; global using Microsoft.AspNetCore.Authentication; global using Microsoft.AspNetCore.Authorization; global using Microsoft.AspNetCore.Builder; diff --git a/src/Services/Identity/Identity.API/Identity.API.csproj b/src/Services/Identity/Identity.API/Identity.API.csproj index 40d93927f..e8095a609 100644 --- a/src/Services/Identity/Identity.API/Identity.API.csproj +++ b/src/Services/Identity/Identity.API/Identity.API.csproj @@ -15,30 +15,30 @@ - - - - - - - - + + + + + + + + - - + + - - + + all runtime; build; native; contentfiles; analyzers; buildtransitive - - + + - + @@ -50,9 +50,9 @@ - + - + @@ -65,8 +65,12 @@ - - - - + + + + + + + + diff --git a/src/Services/Identity/Identity.API/Migrations/ApplicationDbContextModelSnapshot.cs b/src/Services/Identity/Identity.API/Migrations/ApplicationDbContextModelSnapshot.cs index 0076eb5bf..6334d4e55 100644 --- a/src/Services/Identity/Identity.API/Migrations/ApplicationDbContextModelSnapshot.cs +++ b/src/Services/Identity/Identity.API/Migrations/ApplicationDbContextModelSnapshot.cs @@ -16,7 +16,7 @@ namespace Identity.API.Migrations #pragma warning disable 612, 618 modelBuilder .HasAnnotation("Relational:MaxIdentifierLength", 128) - .HasAnnotation("ProductVersion", "6.0.0") + .HasAnnotation("ProductVersion", "6.2.0") .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRole", b => diff --git a/src/Services/Identity/Identity.API/Migrations/ConfigurationDb/20210813072543_InitialMigration.Designer.cs b/src/Services/Identity/Identity.API/Migrations/ConfigurationDb/20210813072543_InitialMigration.Designer.cs deleted file mode 100644 index c5e7b3457..000000000 --- a/src/Services/Identity/Identity.API/Migrations/ConfigurationDb/20210813072543_InitialMigration.Designer.cs +++ /dev/null @@ -1,911 +0,0 @@ -// -using System; -using IdentityServer4.EntityFramework.DbContexts; -using Microsoft.EntityFrameworkCore; -using Microsoft.EntityFrameworkCore.Infrastructure; -using Microsoft.EntityFrameworkCore.Metadata; -using Microsoft.EntityFrameworkCore.Migrations; -using Microsoft.EntityFrameworkCore.Storage.ValueConversion; - -namespace Identity.API.Migrations.ConfigurationDb -{ - [DbContext(typeof(ConfigurationDbContext))] - [Migration("20210813072543_InitialMigration")] - partial class InitialMigration - { - protected override void BuildTargetModel(ModelBuilder modelBuilder) - { -#pragma warning disable 612, 618 - modelBuilder - .HasAnnotation("Relational:MaxIdentifierLength", 128) - .HasAnnotation("ProductVersion", "6.0.0") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiResource", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); - - b.Property("Created") - .HasColumnType("datetime2"); - - b.Property("Description") - .HasMaxLength(1000) - .HasColumnType("nvarchar(1000)"); - - b.Property("DisplayName") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("Enabled") - .HasColumnType("bit"); - - b.Property("LastAccessed") - .HasColumnType("datetime2"); - - b.Property("Name") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("NonEditable") - .HasColumnType("bit"); - - b.Property("Updated") - .HasColumnType("datetime2"); - - b.HasKey("Id"); - - b.HasIndex("Name") - .IsUnique(); - - b.ToTable("ApiResources", (string)null); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiResourceClaim", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); - - b.Property("ApiResourceId") - .HasColumnType("int"); - - b.Property("Type") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.HasKey("Id"); - - b.HasIndex("ApiResourceId"); - - b.ToTable("ApiClaims", (string)null); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiResourceProperty", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); - - b.Property("ApiResourceId") - .HasColumnType("int"); - - b.Property("Key") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); - - b.Property("Value") - .IsRequired() - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.HasKey("Id"); - - b.HasIndex("ApiResourceId"); - - b.ToTable("ApiProperties", (string)null); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiScope", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); - - b.Property("ApiResourceId") - .HasColumnType("int"); - - b.Property("Description") - .HasMaxLength(1000) - .HasColumnType("nvarchar(1000)"); - - b.Property("DisplayName") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("Emphasize") - .HasColumnType("bit"); - - b.Property("Name") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("Required") - .HasColumnType("bit"); - - b.Property("ShowInDiscoveryDocument") - .HasColumnType("bit"); - - b.HasKey("Id"); - - b.HasIndex("ApiResourceId"); - - b.HasIndex("Name") - .IsUnique(); - - b.ToTable("ApiScopes", (string)null); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiScopeClaim", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); - - b.Property("ApiScopeId") - .HasColumnType("int"); - - b.Property("Type") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.HasKey("Id"); - - b.HasIndex("ApiScopeId"); - - b.ToTable("ApiScopeClaims", (string)null); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiSecret", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); - - b.Property("ApiResourceId") - .HasColumnType("int"); - - b.Property("Created") - .HasColumnType("datetime2"); - - b.Property("Description") - .HasMaxLength(1000) - .HasColumnType("nvarchar(1000)"); - - b.Property("Expiration") - .HasColumnType("datetime2"); - - b.Property("Type") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); - - b.Property("Value") - .IsRequired() - .HasMaxLength(4000) - .HasColumnType("nvarchar(4000)"); - - b.HasKey("Id"); - - b.HasIndex("ApiResourceId"); - - b.ToTable("ApiSecrets", (string)null); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.Client", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); - - b.Property("AbsoluteRefreshTokenLifetime") - .HasColumnType("int"); - - b.Property("AccessTokenLifetime") - .HasColumnType("int"); - - b.Property("AccessTokenType") - .HasColumnType("int"); - - b.Property("AllowAccessTokensViaBrowser") - .HasColumnType("bit"); - - b.Property("AllowOfflineAccess") - .HasColumnType("bit"); - - b.Property("AllowPlainTextPkce") - .HasColumnType("bit"); - - b.Property("AllowRememberConsent") - .HasColumnType("bit"); - - b.Property("AlwaysIncludeUserClaimsInIdToken") - .HasColumnType("bit"); - - b.Property("AlwaysSendClientClaims") - .HasColumnType("bit"); - - b.Property("AuthorizationCodeLifetime") - .HasColumnType("int"); - - b.Property("BackChannelLogoutSessionRequired") - .HasColumnType("bit"); - - b.Property("BackChannelLogoutUri") - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.Property("ClientClaimsPrefix") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("ClientId") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("ClientName") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("ClientUri") - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.Property("ConsentLifetime") - .HasColumnType("int"); - - b.Property("Created") - .HasColumnType("datetime2"); - - b.Property("Description") - .HasMaxLength(1000) - .HasColumnType("nvarchar(1000)"); - - b.Property("DeviceCodeLifetime") - .HasColumnType("int"); - - b.Property("EnableLocalLogin") - .HasColumnType("bit"); - - b.Property("Enabled") - .HasColumnType("bit"); - - b.Property("FrontChannelLogoutSessionRequired") - .HasColumnType("bit"); - - b.Property("FrontChannelLogoutUri") - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.Property("IdentityTokenLifetime") - .HasColumnType("int"); - - b.Property("IncludeJwtId") - .HasColumnType("bit"); - - b.Property("LastAccessed") - .HasColumnType("datetime2"); - - b.Property("LogoUri") - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.Property("NonEditable") - .HasColumnType("bit"); - - b.Property("PairWiseSubjectSalt") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("ProtocolType") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("RefreshTokenExpiration") - .HasColumnType("int"); - - b.Property("RefreshTokenUsage") - .HasColumnType("int"); - - b.Property("RequireClientSecret") - .HasColumnType("bit"); - - b.Property("RequireConsent") - .HasColumnType("bit"); - - b.Property("RequirePkce") - .HasColumnType("bit"); - - b.Property("SlidingRefreshTokenLifetime") - .HasColumnType("int"); - - b.Property("UpdateAccessTokenClaimsOnRefresh") - .HasColumnType("bit"); - - b.Property("Updated") - .HasColumnType("datetime2"); - - b.Property("UserCodeType") - .HasMaxLength(100) - .HasColumnType("nvarchar(100)"); - - b.Property("UserSsoLifetime") - .HasColumnType("int"); - - b.HasKey("Id"); - - b.HasIndex("ClientId") - .IsUnique(); - - b.ToTable("Clients", (string)null); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientClaim", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); - - b.Property("ClientId") - .HasColumnType("int"); - - b.Property("Type") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); - - b.Property("Value") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); - - b.HasKey("Id"); - - b.HasIndex("ClientId"); - - b.ToTable("ClientClaims", (string)null); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientCorsOrigin", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); - - b.Property("ClientId") - .HasColumnType("int"); - - b.Property("Origin") - .IsRequired() - .HasMaxLength(150) - .HasColumnType("nvarchar(150)"); - - b.HasKey("Id"); - - b.HasIndex("ClientId"); - - b.ToTable("ClientCorsOrigins", (string)null); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientGrantType", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); - - b.Property("ClientId") - .HasColumnType("int"); - - b.Property("GrantType") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); - - b.HasKey("Id"); - - b.HasIndex("ClientId"); - - b.ToTable("ClientGrantTypes", (string)null); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientIdPRestriction", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); - - b.Property("ClientId") - .HasColumnType("int"); - - b.Property("Provider") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.HasKey("Id"); - - b.HasIndex("ClientId"); - - b.ToTable("ClientIdPRestrictions", (string)null); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientPostLogoutRedirectUri", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); - - b.Property("ClientId") - .HasColumnType("int"); - - b.Property("PostLogoutRedirectUri") - .IsRequired() - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.HasKey("Id"); - - b.HasIndex("ClientId"); - - b.ToTable("ClientPostLogoutRedirectUris", (string)null); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientProperty", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); - - b.Property("ClientId") - .HasColumnType("int"); - - b.Property("Key") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); - - b.Property("Value") - .IsRequired() - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.HasKey("Id"); - - b.HasIndex("ClientId"); - - b.ToTable("ClientProperties", (string)null); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientRedirectUri", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); - - b.Property("ClientId") - .HasColumnType("int"); - - b.Property("RedirectUri") - .IsRequired() - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.HasKey("Id"); - - b.HasIndex("ClientId"); - - b.ToTable("ClientRedirectUris", (string)null); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientScope", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); - - b.Property("ClientId") - .HasColumnType("int"); - - b.Property("Scope") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.HasKey("Id"); - - b.HasIndex("ClientId"); - - b.ToTable("ClientScopes", (string)null); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientSecret", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); - - b.Property("ClientId") - .HasColumnType("int"); - - b.Property("Created") - .HasColumnType("datetime2"); - - b.Property("Description") - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.Property("Expiration") - .HasColumnType("datetime2"); - - b.Property("Type") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); - - b.Property("Value") - .IsRequired() - .HasMaxLength(4000) - .HasColumnType("nvarchar(4000)"); - - b.HasKey("Id"); - - b.HasIndex("ClientId"); - - b.ToTable("ClientSecrets", (string)null); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.IdentityClaim", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); - - b.Property("IdentityResourceId") - .HasColumnType("int"); - - b.Property("Type") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.HasKey("Id"); - - b.HasIndex("IdentityResourceId"); - - b.ToTable("IdentityClaims", (string)null); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.IdentityResource", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); - - b.Property("Created") - .HasColumnType("datetime2"); - - b.Property("Description") - .HasMaxLength(1000) - .HasColumnType("nvarchar(1000)"); - - b.Property("DisplayName") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("Emphasize") - .HasColumnType("bit"); - - b.Property("Enabled") - .HasColumnType("bit"); - - b.Property("Name") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("NonEditable") - .HasColumnType("bit"); - - b.Property("Required") - .HasColumnType("bit"); - - b.Property("ShowInDiscoveryDocument") - .HasColumnType("bit"); - - b.Property("Updated") - .HasColumnType("datetime2"); - - b.HasKey("Id"); - - b.HasIndex("Name") - .IsUnique(); - - b.ToTable("IdentityResources", (string)null); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.IdentityResourceProperty", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); - - b.Property("IdentityResourceId") - .HasColumnType("int"); - - b.Property("Key") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); - - b.Property("Value") - .IsRequired() - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.HasKey("Id"); - - b.HasIndex("IdentityResourceId"); - - b.ToTable("IdentityProperties", (string)null); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiResourceClaim", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.ApiResource", "ApiResource") - .WithMany("UserClaims") - .HasForeignKey("ApiResourceId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("ApiResource"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiResourceProperty", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.ApiResource", "ApiResource") - .WithMany("Properties") - .HasForeignKey("ApiResourceId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("ApiResource"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiScope", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.ApiResource", "ApiResource") - .WithMany("Scopes") - .HasForeignKey("ApiResourceId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("ApiResource"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiScopeClaim", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.ApiScope", "ApiScope") - .WithMany("UserClaims") - .HasForeignKey("ApiScopeId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("ApiScope"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiSecret", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.ApiResource", "ApiResource") - .WithMany("Secrets") - .HasForeignKey("ApiResourceId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("ApiResource"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientClaim", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") - .WithMany("Claims") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientCorsOrigin", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") - .WithMany("AllowedCorsOrigins") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientGrantType", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") - .WithMany("AllowedGrantTypes") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientIdPRestriction", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") - .WithMany("IdentityProviderRestrictions") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientPostLogoutRedirectUri", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") - .WithMany("PostLogoutRedirectUris") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientProperty", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") - .WithMany("Properties") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientRedirectUri", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") - .WithMany("RedirectUris") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientScope", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") - .WithMany("AllowedScopes") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientSecret", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") - .WithMany("ClientSecrets") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.IdentityClaim", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.IdentityResource", "IdentityResource") - .WithMany("UserClaims") - .HasForeignKey("IdentityResourceId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("IdentityResource"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.IdentityResourceProperty", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.IdentityResource", "IdentityResource") - .WithMany("Properties") - .HasForeignKey("IdentityResourceId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("IdentityResource"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiResource", b => - { - b.Navigation("Properties"); - - b.Navigation("Scopes"); - - b.Navigation("Secrets"); - - b.Navigation("UserClaims"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiScope", b => - { - b.Navigation("UserClaims"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.Client", b => - { - b.Navigation("AllowedCorsOrigins"); - - b.Navigation("AllowedGrantTypes"); - - b.Navigation("AllowedScopes"); - - b.Navigation("Claims"); - - b.Navigation("ClientSecrets"); - - b.Navigation("IdentityProviderRestrictions"); - - b.Navigation("PostLogoutRedirectUris"); - - b.Navigation("Properties"); - - b.Navigation("RedirectUris"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.IdentityResource", b => - { - b.Navigation("Properties"); - - b.Navigation("UserClaims"); - }); -#pragma warning restore 612, 618 - } - } -} diff --git a/src/Services/Identity/Identity.API/Migrations/ConfigurationDb/20220324152912_InitialConfigurationDbMigration.Designer.cs b/src/Services/Identity/Identity.API/Migrations/ConfigurationDb/20220324152912_InitialConfigurationDbMigration.Designer.cs new file mode 100644 index 000000000..eae3e63d3 --- /dev/null +++ b/src/Services/Identity/Identity.API/Migrations/ConfigurationDb/20220324152912_InitialConfigurationDbMigration.Designer.cs @@ -0,0 +1,1096 @@ +// +using System; +using Duende.IdentityServer.EntityFramework.DbContexts; +using Microsoft.EntityFrameworkCore; +using Microsoft.EntityFrameworkCore.Infrastructure; +using Microsoft.EntityFrameworkCore.Metadata; +using Microsoft.EntityFrameworkCore.Migrations; +using Microsoft.EntityFrameworkCore.Storage.ValueConversion; + +#nullable disable + +namespace Identity.API.Migrations.ConfigurationDb +{ + [DbContext(typeof(ConfigurationDbContext))] + [Migration("20220324152912_Configuration")] + partial class Configuration + { + protected override void BuildTargetModel(ModelBuilder modelBuilder) + { +#pragma warning disable 612, 618 + modelBuilder + .HasAnnotation("ProductVersion", "6.0.0") + .HasAnnotation("Relational:MaxIdentifierLength", 128); + + SqlServerModelBuilderExtensions.UseIdentityColumns(modelBuilder, 1L, 1); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResource", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("AllowedAccessTokenSigningAlgorithms") + .HasMaxLength(100) + .HasColumnType("nvarchar(100)"); + + b.Property("Created") + .HasColumnType("datetime2"); + + b.Property("Description") + .HasMaxLength(1000) + .HasColumnType("nvarchar(1000)"); + + b.Property("DisplayName") + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("Enabled") + .HasColumnType("bit"); + + b.Property("LastAccessed") + .HasColumnType("datetime2"); + + b.Property("Name") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("NonEditable") + .HasColumnType("bit"); + + b.Property("RequireResourceIndicator") + .HasColumnType("bit"); + + b.Property("ShowInDiscoveryDocument") + .HasColumnType("bit"); + + b.Property("Updated") + .HasColumnType("datetime2"); + + b.HasKey("Id"); + + b.HasIndex("Name") + .IsUnique(); + + b.ToTable("ApiResources", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceClaim", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("ApiResourceId") + .HasColumnType("int"); + + b.Property("Type") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.HasKey("Id"); + + b.HasIndex("ApiResourceId", "Type") + .IsUnique(); + + b.ToTable("ApiResourceClaims", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceProperty", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("ApiResourceId") + .HasColumnType("int"); + + b.Property("Key") + .IsRequired() + .HasMaxLength(250) + .HasColumnType("nvarchar(250)"); + + b.Property("Value") + .IsRequired() + .HasMaxLength(2000) + .HasColumnType("nvarchar(2000)"); + + b.HasKey("Id"); + + b.HasIndex("ApiResourceId", "Key") + .IsUnique(); + + b.ToTable("ApiResourceProperties", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceScope", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("ApiResourceId") + .HasColumnType("int"); + + b.Property("Scope") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.HasKey("Id"); + + b.HasIndex("ApiResourceId", "Scope") + .IsUnique(); + + b.ToTable("ApiResourceScopes", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceSecret", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("ApiResourceId") + .HasColumnType("int"); + + b.Property("Created") + .HasColumnType("datetime2"); + + b.Property("Description") + .HasMaxLength(1000) + .HasColumnType("nvarchar(1000)"); + + b.Property("Expiration") + .HasColumnType("datetime2"); + + b.Property("Type") + .IsRequired() + .HasMaxLength(250) + .HasColumnType("nvarchar(250)"); + + b.Property("Value") + .IsRequired() + .HasMaxLength(4000) + .HasColumnType("nvarchar(4000)"); + + b.HasKey("Id"); + + b.HasIndex("ApiResourceId"); + + b.ToTable("ApiResourceSecrets", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiScope", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("Created") + .HasColumnType("datetime2"); + + b.Property("Description") + .HasMaxLength(1000) + .HasColumnType("nvarchar(1000)"); + + b.Property("DisplayName") + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("Emphasize") + .HasColumnType("bit"); + + b.Property("Enabled") + .HasColumnType("bit"); + + b.Property("LastAccessed") + .HasColumnType("datetime2"); + + b.Property("Name") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("NonEditable") + .HasColumnType("bit"); + + b.Property("Required") + .HasColumnType("bit"); + + b.Property("ShowInDiscoveryDocument") + .HasColumnType("bit"); + + b.Property("Updated") + .HasColumnType("datetime2"); + + b.HasKey("Id"); + + b.HasIndex("Name") + .IsUnique(); + + b.ToTable("ApiScopes", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiScopeClaim", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("ScopeId") + .HasColumnType("int"); + + b.Property("Type") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.HasKey("Id"); + + b.HasIndex("ScopeId", "Type") + .IsUnique(); + + b.ToTable("ApiScopeClaims", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiScopeProperty", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("Key") + .IsRequired() + .HasMaxLength(250) + .HasColumnType("nvarchar(250)"); + + b.Property("ScopeId") + .HasColumnType("int"); + + b.Property("Value") + .IsRequired() + .HasMaxLength(2000) + .HasColumnType("nvarchar(2000)"); + + b.HasKey("Id"); + + b.HasIndex("ScopeId", "Key") + .IsUnique(); + + b.ToTable("ApiScopeProperties", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.Client", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("AbsoluteRefreshTokenLifetime") + .HasColumnType("int"); + + b.Property("AccessTokenLifetime") + .HasColumnType("int"); + + b.Property("AccessTokenType") + .HasColumnType("int"); + + b.Property("AllowAccessTokensViaBrowser") + .HasColumnType("bit"); + + b.Property("AllowOfflineAccess") + .HasColumnType("bit"); + + b.Property("AllowPlainTextPkce") + .HasColumnType("bit"); + + b.Property("AllowRememberConsent") + .HasColumnType("bit"); + + b.Property("AllowedIdentityTokenSigningAlgorithms") + .HasMaxLength(100) + .HasColumnType("nvarchar(100)"); + + b.Property("AlwaysIncludeUserClaimsInIdToken") + .HasColumnType("bit"); + + b.Property("AlwaysSendClientClaims") + .HasColumnType("bit"); + + b.Property("AuthorizationCodeLifetime") + .HasColumnType("int"); + + b.Property("BackChannelLogoutSessionRequired") + .HasColumnType("bit"); + + b.Property("BackChannelLogoutUri") + .HasMaxLength(2000) + .HasColumnType("nvarchar(2000)"); + + b.Property("CibaLifetime") + .HasColumnType("int"); + + b.Property("ClientClaimsPrefix") + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("ClientId") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("ClientName") + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("ClientUri") + .HasMaxLength(2000) + .HasColumnType("nvarchar(2000)"); + + b.Property("ConsentLifetime") + .HasColumnType("int"); + + b.Property("CoordinateLifetimeWithUserSession") + .HasColumnType("bit"); + + b.Property("Created") + .HasColumnType("datetime2"); + + b.Property("Description") + .HasMaxLength(1000) + .HasColumnType("nvarchar(1000)"); + + b.Property("DeviceCodeLifetime") + .HasColumnType("int"); + + b.Property("EnableLocalLogin") + .HasColumnType("bit"); + + b.Property("Enabled") + .HasColumnType("bit"); + + b.Property("FrontChannelLogoutSessionRequired") + .HasColumnType("bit"); + + b.Property("FrontChannelLogoutUri") + .HasMaxLength(2000) + .HasColumnType("nvarchar(2000)"); + + b.Property("IdentityTokenLifetime") + .HasColumnType("int"); + + b.Property("IncludeJwtId") + .HasColumnType("bit"); + + b.Property("LastAccessed") + .HasColumnType("datetime2"); + + b.Property("LogoUri") + .HasMaxLength(2000) + .HasColumnType("nvarchar(2000)"); + + b.Property("NonEditable") + .HasColumnType("bit"); + + b.Property("PairWiseSubjectSalt") + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("PollingInterval") + .HasColumnType("int"); + + b.Property("ProtocolType") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("RefreshTokenExpiration") + .HasColumnType("int"); + + b.Property("RefreshTokenUsage") + .HasColumnType("int"); + + b.Property("RequireClientSecret") + .HasColumnType("bit"); + + b.Property("RequireConsent") + .HasColumnType("bit"); + + b.Property("RequirePkce") + .HasColumnType("bit"); + + b.Property("RequireRequestObject") + .HasColumnType("bit"); + + b.Property("SlidingRefreshTokenLifetime") + .HasColumnType("int"); + + b.Property("UpdateAccessTokenClaimsOnRefresh") + .HasColumnType("bit"); + + b.Property("Updated") + .HasColumnType("datetime2"); + + b.Property("UserCodeType") + .HasMaxLength(100) + .HasColumnType("nvarchar(100)"); + + b.Property("UserSsoLifetime") + .HasColumnType("int"); + + b.HasKey("Id"); + + b.HasIndex("ClientId") + .IsUnique(); + + b.ToTable("Clients", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientClaim", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("ClientId") + .HasColumnType("int"); + + b.Property("Type") + .IsRequired() + .HasMaxLength(250) + .HasColumnType("nvarchar(250)"); + + b.Property("Value") + .IsRequired() + .HasMaxLength(250) + .HasColumnType("nvarchar(250)"); + + b.HasKey("Id"); + + b.HasIndex("ClientId", "Type", "Value") + .IsUnique(); + + b.ToTable("ClientClaims", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientCorsOrigin", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("ClientId") + .HasColumnType("int"); + + b.Property("Origin") + .IsRequired() + .HasMaxLength(150) + .HasColumnType("nvarchar(150)"); + + b.HasKey("Id"); + + b.HasIndex("ClientId", "Origin") + .IsUnique(); + + b.ToTable("ClientCorsOrigins", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientGrantType", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("ClientId") + .HasColumnType("int"); + + b.Property("GrantType") + .IsRequired() + .HasMaxLength(250) + .HasColumnType("nvarchar(250)"); + + b.HasKey("Id"); + + b.HasIndex("ClientId", "GrantType") + .IsUnique(); + + b.ToTable("ClientGrantTypes", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientIdPRestriction", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("ClientId") + .HasColumnType("int"); + + b.Property("Provider") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.HasKey("Id"); + + b.HasIndex("ClientId", "Provider") + .IsUnique(); + + b.ToTable("ClientIdPRestrictions", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientPostLogoutRedirectUri", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("ClientId") + .HasColumnType("int"); + + b.Property("PostLogoutRedirectUri") + .IsRequired() + .HasMaxLength(400) + .HasColumnType("nvarchar(400)"); + + b.HasKey("Id"); + + b.HasIndex("ClientId", "PostLogoutRedirectUri") + .IsUnique(); + + b.ToTable("ClientPostLogoutRedirectUris", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientProperty", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("ClientId") + .HasColumnType("int"); + + b.Property("Key") + .IsRequired() + .HasMaxLength(250) + .HasColumnType("nvarchar(250)"); + + b.Property("Value") + .IsRequired() + .HasMaxLength(2000) + .HasColumnType("nvarchar(2000)"); + + b.HasKey("Id"); + + b.HasIndex("ClientId", "Key") + .IsUnique(); + + b.ToTable("ClientProperties", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientRedirectUri", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("ClientId") + .HasColumnType("int"); + + b.Property("RedirectUri") + .IsRequired() + .HasMaxLength(400) + .HasColumnType("nvarchar(400)"); + + b.HasKey("Id"); + + b.HasIndex("ClientId", "RedirectUri") + .IsUnique(); + + b.ToTable("ClientRedirectUris", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientScope", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("ClientId") + .HasColumnType("int"); + + b.Property("Scope") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.HasKey("Id"); + + b.HasIndex("ClientId", "Scope") + .IsUnique(); + + b.ToTable("ClientScopes", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientSecret", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("ClientId") + .HasColumnType("int"); + + b.Property("Created") + .HasColumnType("datetime2"); + + b.Property("Description") + .HasMaxLength(2000) + .HasColumnType("nvarchar(2000)"); + + b.Property("Expiration") + .HasColumnType("datetime2"); + + b.Property("Type") + .IsRequired() + .HasMaxLength(250) + .HasColumnType("nvarchar(250)"); + + b.Property("Value") + .IsRequired() + .HasMaxLength(4000) + .HasColumnType("nvarchar(4000)"); + + b.HasKey("Id"); + + b.HasIndex("ClientId"); + + b.ToTable("ClientSecrets", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityProvider", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("Created") + .HasColumnType("datetime2"); + + b.Property("DisplayName") + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("Enabled") + .HasColumnType("bit"); + + b.Property("LastAccessed") + .HasColumnType("datetime2"); + + b.Property("NonEditable") + .HasColumnType("bit"); + + b.Property("Properties") + .HasColumnType("nvarchar(max)"); + + b.Property("Scheme") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("Type") + .IsRequired() + .HasMaxLength(20) + .HasColumnType("nvarchar(20)"); + + b.Property("Updated") + .HasColumnType("datetime2"); + + b.HasKey("Id"); + + b.HasIndex("Scheme") + .IsUnique(); + + b.ToTable("IdentityProviders", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityResource", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("Created") + .HasColumnType("datetime2"); + + b.Property("Description") + .HasMaxLength(1000) + .HasColumnType("nvarchar(1000)"); + + b.Property("DisplayName") + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("Emphasize") + .HasColumnType("bit"); + + b.Property("Enabled") + .HasColumnType("bit"); + + b.Property("Name") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("NonEditable") + .HasColumnType("bit"); + + b.Property("Required") + .HasColumnType("bit"); + + b.Property("ShowInDiscoveryDocument") + .HasColumnType("bit"); + + b.Property("Updated") + .HasColumnType("datetime2"); + + b.HasKey("Id"); + + b.HasIndex("Name") + .IsUnique(); + + b.ToTable("IdentityResources", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityResourceClaim", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("IdentityResourceId") + .HasColumnType("int"); + + b.Property("Type") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.HasKey("Id"); + + b.HasIndex("IdentityResourceId", "Type") + .IsUnique(); + + b.ToTable("IdentityResourceClaims", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityResourceProperty", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("IdentityResourceId") + .HasColumnType("int"); + + b.Property("Key") + .IsRequired() + .HasMaxLength(250) + .HasColumnType("nvarchar(250)"); + + b.Property("Value") + .IsRequired() + .HasMaxLength(2000) + .HasColumnType("nvarchar(2000)"); + + b.HasKey("Id"); + + b.HasIndex("IdentityResourceId", "Key") + .IsUnique(); + + b.ToTable("IdentityResourceProperties", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceClaim", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.ApiResource", "ApiResource") + .WithMany("UserClaims") + .HasForeignKey("ApiResourceId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("ApiResource"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceProperty", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.ApiResource", "ApiResource") + .WithMany("Properties") + .HasForeignKey("ApiResourceId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("ApiResource"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceScope", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.ApiResource", "ApiResource") + .WithMany("Scopes") + .HasForeignKey("ApiResourceId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("ApiResource"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceSecret", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.ApiResource", "ApiResource") + .WithMany("Secrets") + .HasForeignKey("ApiResourceId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("ApiResource"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiScopeClaim", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.ApiScope", "Scope") + .WithMany("UserClaims") + .HasForeignKey("ScopeId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("Scope"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiScopeProperty", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.ApiScope", "Scope") + .WithMany("Properties") + .HasForeignKey("ScopeId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("Scope"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientClaim", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") + .WithMany("Claims") + .HasForeignKey("ClientId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("Client"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientCorsOrigin", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") + .WithMany("AllowedCorsOrigins") + .HasForeignKey("ClientId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("Client"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientGrantType", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") + .WithMany("AllowedGrantTypes") + .HasForeignKey("ClientId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("Client"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientIdPRestriction", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") + .WithMany("IdentityProviderRestrictions") + .HasForeignKey("ClientId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("Client"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientPostLogoutRedirectUri", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") + .WithMany("PostLogoutRedirectUris") + .HasForeignKey("ClientId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("Client"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientProperty", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") + .WithMany("Properties") + .HasForeignKey("ClientId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("Client"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientRedirectUri", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") + .WithMany("RedirectUris") + .HasForeignKey("ClientId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("Client"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientScope", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") + .WithMany("AllowedScopes") + .HasForeignKey("ClientId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("Client"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientSecret", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") + .WithMany("ClientSecrets") + .HasForeignKey("ClientId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("Client"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityResourceClaim", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.IdentityResource", "IdentityResource") + .WithMany("UserClaims") + .HasForeignKey("IdentityResourceId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("IdentityResource"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityResourceProperty", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.IdentityResource", "IdentityResource") + .WithMany("Properties") + .HasForeignKey("IdentityResourceId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("IdentityResource"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResource", b => + { + b.Navigation("Properties"); + + b.Navigation("Scopes"); + + b.Navigation("Secrets"); + + b.Navigation("UserClaims"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiScope", b => + { + b.Navigation("Properties"); + + b.Navigation("UserClaims"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.Client", b => + { + b.Navigation("AllowedCorsOrigins"); + + b.Navigation("AllowedGrantTypes"); + + b.Navigation("AllowedScopes"); + + b.Navigation("Claims"); + + b.Navigation("ClientSecrets"); + + b.Navigation("IdentityProviderRestrictions"); + + b.Navigation("PostLogoutRedirectUris"); + + b.Navigation("Properties"); + + b.Navigation("RedirectUris"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityResource", b => + { + b.Navigation("Properties"); + + b.Navigation("UserClaims"); + }); +#pragma warning restore 612, 618 + } + } +} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Migrations/ConfigurationDb/20210813072543_InitialMigration.cs b/src/Services/Identity/Identity.API/Migrations/ConfigurationDb/20220324152912_InitialConfigurationDbMigration.cs similarity index 74% rename from src/Services/Identity/Identity.API/Migrations/ConfigurationDb/20210813072543_InitialMigration.cs rename to src/Services/Identity/Identity.API/Migrations/ConfigurationDb/20220324152912_InitialConfigurationDbMigration.cs index 57f508711..636e0589e 100644 --- a/src/Services/Identity/Identity.API/Migrations/ConfigurationDb/20210813072543_InitialMigration.cs +++ b/src/Services/Identity/Identity.API/Migrations/ConfigurationDb/20220324152912_InitialConfigurationDbMigration.cs @@ -1,9 +1,11 @@ using System; using Microsoft.EntityFrameworkCore.Migrations; +#nullable disable + namespace Identity.API.Migrations.ConfigurationDb { - public partial class InitialMigration : Migration + public partial class Configuration : Migration { protected override void Up(MigrationBuilder migrationBuilder) { @@ -17,6 +19,9 @@ namespace Identity.API.Migrations.ConfigurationDb Name = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false), DisplayName = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: true), Description = table.Column(type: "nvarchar(1000)", maxLength: 1000, nullable: true), + AllowedAccessTokenSigningAlgorithms = table.Column(type: "nvarchar(100)", maxLength: 100, nullable: true), + ShowInDiscoveryDocument = table.Column(type: "bit", nullable: false), + RequireResourceIndicator = table.Column(type: "bit", nullable: false), Created = table.Column(type: "datetime2", nullable: false), Updated = table.Column(type: "datetime2", nullable: true), LastAccessed = table.Column(type: "datetime2", nullable: true), @@ -27,6 +32,29 @@ namespace Identity.API.Migrations.ConfigurationDb table.PrimaryKey("PK_ApiResources", x => x.Id); }); + migrationBuilder.CreateTable( + name: "ApiScopes", + columns: table => new + { + Id = table.Column(type: "int", nullable: false) + .Annotation("SqlServer:Identity", "1, 1"), + Enabled = table.Column(type: "bit", nullable: false), + Name = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false), + DisplayName = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: true), + Description = table.Column(type: "nvarchar(1000)", maxLength: 1000, nullable: true), + Required = table.Column(type: "bit", nullable: false), + Emphasize = table.Column(type: "bit", nullable: false), + ShowInDiscoveryDocument = table.Column(type: "bit", nullable: false), + Created = table.Column(type: "datetime2", nullable: false), + Updated = table.Column(type: "datetime2", nullable: true), + LastAccessed = table.Column(type: "datetime2", nullable: true), + NonEditable = table.Column(type: "bit", nullable: false) + }, + constraints: table => + { + table.PrimaryKey("PK_ApiScopes", x => x.Id); + }); + migrationBuilder.CreateTable( name: "Clients", columns: table => new @@ -46,6 +74,7 @@ namespace Identity.API.Migrations.ConfigurationDb AlwaysIncludeUserClaimsInIdToken = table.Column(type: "bit", nullable: false), RequirePkce = table.Column(type: "bit", nullable: false), AllowPlainTextPkce = table.Column(type: "bit", nullable: false), + RequireRequestObject = table.Column(type: "bit", nullable: false), AllowAccessTokensViaBrowser = table.Column(type: "bit", nullable: false), FrontChannelLogoutUri = table.Column(type: "nvarchar(2000)", maxLength: 2000, nullable: true), FrontChannelLogoutSessionRequired = table.Column(type: "bit", nullable: false), @@ -53,6 +82,7 @@ namespace Identity.API.Migrations.ConfigurationDb BackChannelLogoutSessionRequired = table.Column(type: "bit", nullable: false), AllowOfflineAccess = table.Column(type: "bit", nullable: false), IdentityTokenLifetime = table.Column(type: "int", nullable: false), + AllowedIdentityTokenSigningAlgorithms = table.Column(type: "nvarchar(100)", maxLength: 100, nullable: true), AccessTokenLifetime = table.Column(type: "int", nullable: false), AuthorizationCodeLifetime = table.Column(type: "int", nullable: false), ConsentLifetime = table.Column(type: "int", nullable: true), @@ -67,12 +97,15 @@ namespace Identity.API.Migrations.ConfigurationDb AlwaysSendClientClaims = table.Column(type: "bit", nullable: false), ClientClaimsPrefix = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: true), PairWiseSubjectSalt = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: true), - Created = table.Column(type: "datetime2", nullable: false), - Updated = table.Column(type: "datetime2", nullable: true), - LastAccessed = table.Column(type: "datetime2", nullable: true), UserSsoLifetime = table.Column(type: "int", nullable: true), UserCodeType = table.Column(type: "nvarchar(100)", maxLength: 100, nullable: true), DeviceCodeLifetime = table.Column(type: "int", nullable: false), + CibaLifetime = table.Column(type: "int", nullable: true), + PollingInterval = table.Column(type: "int", nullable: true), + CoordinateLifetimeWithUserSession = table.Column(type: "bit", nullable: true), + Created = table.Column(type: "datetime2", nullable: false), + Updated = table.Column(type: "datetime2", nullable: true), + LastAccessed = table.Column(type: "datetime2", nullable: true), NonEditable = table.Column(type: "bit", nullable: false) }, constraints: table => @@ -80,6 +113,27 @@ namespace Identity.API.Migrations.ConfigurationDb table.PrimaryKey("PK_Clients", x => x.Id); }); + migrationBuilder.CreateTable( + name: "IdentityProviders", + columns: table => new + { + Id = table.Column(type: "int", nullable: false) + .Annotation("SqlServer:Identity", "1, 1"), + Scheme = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false), + DisplayName = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: true), + Enabled = table.Column(type: "bit", nullable: false), + Type = table.Column(type: "nvarchar(20)", maxLength: 20, nullable: false), + Properties = table.Column(type: "nvarchar(max)", nullable: true), + Created = table.Column(type: "datetime2", nullable: false), + Updated = table.Column(type: "datetime2", nullable: true), + LastAccessed = table.Column(type: "datetime2", nullable: true), + NonEditable = table.Column(type: "bit", nullable: false) + }, + constraints: table => + { + table.PrimaryKey("PK_IdentityProviders", x => x.Id); + }); + migrationBuilder.CreateTable( name: "IdentityResources", columns: table => new @@ -103,7 +157,7 @@ namespace Identity.API.Migrations.ConfigurationDb }); migrationBuilder.CreateTable( - name: "ApiClaims", + name: "ApiResourceClaims", columns: table => new { Id = table.Column(type: "int", nullable: false) @@ -113,9 +167,9 @@ namespace Identity.API.Migrations.ConfigurationDb }, constraints: table => { - table.PrimaryKey("PK_ApiClaims", x => x.Id); + table.PrimaryKey("PK_ApiResourceClaims", x => x.Id); table.ForeignKey( - name: "FK_ApiClaims_ApiResources_ApiResourceId", + name: "FK_ApiResourceClaims_ApiResources_ApiResourceId", column: x => x.ApiResourceId, principalTable: "ApiResources", principalColumn: "Id", @@ -123,7 +177,7 @@ namespace Identity.API.Migrations.ConfigurationDb }); migrationBuilder.CreateTable( - name: "ApiProperties", + name: "ApiResourceProperties", columns: table => new { Id = table.Column(type: "int", nullable: false) @@ -134,9 +188,9 @@ namespace Identity.API.Migrations.ConfigurationDb }, constraints: table => { - table.PrimaryKey("PK_ApiProperties", x => x.Id); + table.PrimaryKey("PK_ApiResourceProperties", x => x.Id); table.ForeignKey( - name: "FK_ApiProperties_ApiResources_ApiResourceId", + name: "FK_ApiResourceProperties_ApiResources_ApiResourceId", column: x => x.ApiResourceId, principalTable: "ApiResources", principalColumn: "Id", @@ -144,24 +198,19 @@ namespace Identity.API.Migrations.ConfigurationDb }); migrationBuilder.CreateTable( - name: "ApiScopes", + name: "ApiResourceScopes", columns: table => new { Id = table.Column(type: "int", nullable: false) .Annotation("SqlServer:Identity", "1, 1"), - Name = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false), - DisplayName = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: true), - Description = table.Column(type: "nvarchar(1000)", maxLength: 1000, nullable: true), - Required = table.Column(type: "bit", nullable: false), - Emphasize = table.Column(type: "bit", nullable: false), - ShowInDiscoveryDocument = table.Column(type: "bit", nullable: false), + Scope = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false), ApiResourceId = table.Column(type: "int", nullable: false) }, constraints: table => { - table.PrimaryKey("PK_ApiScopes", x => x.Id); + table.PrimaryKey("PK_ApiResourceScopes", x => x.Id); table.ForeignKey( - name: "FK_ApiScopes_ApiResources_ApiResourceId", + name: "FK_ApiResourceScopes_ApiResources_ApiResourceId", column: x => x.ApiResourceId, principalTable: "ApiResources", principalColumn: "Id", @@ -169,7 +218,7 @@ namespace Identity.API.Migrations.ConfigurationDb }); migrationBuilder.CreateTable( - name: "ApiSecrets", + name: "ApiResourceSecrets", columns: table => new { Id = table.Column(type: "int", nullable: false) @@ -183,15 +232,56 @@ namespace Identity.API.Migrations.ConfigurationDb }, constraints: table => { - table.PrimaryKey("PK_ApiSecrets", x => x.Id); + table.PrimaryKey("PK_ApiResourceSecrets", x => x.Id); table.ForeignKey( - name: "FK_ApiSecrets_ApiResources_ApiResourceId", + name: "FK_ApiResourceSecrets_ApiResources_ApiResourceId", column: x => x.ApiResourceId, principalTable: "ApiResources", principalColumn: "Id", onDelete: ReferentialAction.Cascade); }); + migrationBuilder.CreateTable( + name: "ApiScopeClaims", + columns: table => new + { + Id = table.Column(type: "int", nullable: false) + .Annotation("SqlServer:Identity", "1, 1"), + ScopeId = table.Column(type: "int", nullable: false), + Type = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false) + }, + constraints: table => + { + table.PrimaryKey("PK_ApiScopeClaims", x => x.Id); + table.ForeignKey( + name: "FK_ApiScopeClaims_ApiScopes_ScopeId", + column: x => x.ScopeId, + principalTable: "ApiScopes", + principalColumn: "Id", + onDelete: ReferentialAction.Cascade); + }); + + migrationBuilder.CreateTable( + name: "ApiScopeProperties", + columns: table => new + { + Id = table.Column(type: "int", nullable: false) + .Annotation("SqlServer:Identity", "1, 1"), + ScopeId = table.Column(type: "int", nullable: false), + Key = table.Column(type: "nvarchar(250)", maxLength: 250, nullable: false), + Value = table.Column(type: "nvarchar(2000)", maxLength: 2000, nullable: false) + }, + constraints: table => + { + table.PrimaryKey("PK_ApiScopeProperties", x => x.Id); + table.ForeignKey( + name: "FK_ApiScopeProperties_ApiScopes_ScopeId", + column: x => x.ScopeId, + principalTable: "ApiScopes", + principalColumn: "Id", + onDelete: ReferentialAction.Cascade); + }); + migrationBuilder.CreateTable( name: "ClientClaims", columns: table => new @@ -279,7 +369,7 @@ namespace Identity.API.Migrations.ConfigurationDb { Id = table.Column(type: "int", nullable: false) .Annotation("SqlServer:Identity", "1, 1"), - PostLogoutRedirectUri = table.Column(type: "nvarchar(2000)", maxLength: 2000, nullable: false), + PostLogoutRedirectUri = table.Column(type: "nvarchar(400)", maxLength: 400, nullable: false), ClientId = table.Column(type: "int", nullable: false) }, constraints: table => @@ -320,7 +410,7 @@ namespace Identity.API.Migrations.ConfigurationDb { Id = table.Column(type: "int", nullable: false) .Annotation("SqlServer:Identity", "1, 1"), - RedirectUri = table.Column(type: "nvarchar(2000)", maxLength: 2000, nullable: false), + RedirectUri = table.Column(type: "nvarchar(400)", maxLength: 400, nullable: false), ClientId = table.Column(type: "int", nullable: false) }, constraints: table => @@ -379,7 +469,7 @@ namespace Identity.API.Migrations.ConfigurationDb }); migrationBuilder.CreateTable( - name: "IdentityClaims", + name: "IdentityResourceClaims", columns: table => new { Id = table.Column(type: "int", nullable: false) @@ -389,9 +479,9 @@ namespace Identity.API.Migrations.ConfigurationDb }, constraints: table => { - table.PrimaryKey("PK_IdentityClaims", x => x.Id); + table.PrimaryKey("PK_IdentityResourceClaims", x => x.Id); table.ForeignKey( - name: "FK_IdentityClaims_IdentityResources_IdentityResourceId", + name: "FK_IdentityResourceClaims_IdentityResources_IdentityResourceId", column: x => x.IdentityResourceId, principalTable: "IdentityResources", principalColumn: "Id", @@ -399,7 +489,7 @@ namespace Identity.API.Migrations.ConfigurationDb }); migrationBuilder.CreateTable( - name: "IdentityProperties", + name: "IdentityResourceProperties", columns: table => new { Id = table.Column(type: "int", nullable: false) @@ -410,44 +500,26 @@ namespace Identity.API.Migrations.ConfigurationDb }, constraints: table => { - table.PrimaryKey("PK_IdentityProperties", x => x.Id); + table.PrimaryKey("PK_IdentityResourceProperties", x => x.Id); table.ForeignKey( - name: "FK_IdentityProperties_IdentityResources_IdentityResourceId", + name: "FK_IdentityResourceProperties_IdentityResources_IdentityResourceId", column: x => x.IdentityResourceId, principalTable: "IdentityResources", principalColumn: "Id", onDelete: ReferentialAction.Cascade); }); - migrationBuilder.CreateTable( - name: "ApiScopeClaims", - columns: table => new - { - Id = table.Column(type: "int", nullable: false) - .Annotation("SqlServer:Identity", "1, 1"), - ApiScopeId = table.Column(type: "int", nullable: false), - Type = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_ApiScopeClaims", x => x.Id); - table.ForeignKey( - name: "FK_ApiScopeClaims_ApiScopes_ApiScopeId", - column: x => x.ApiScopeId, - principalTable: "ApiScopes", - principalColumn: "Id", - onDelete: ReferentialAction.Cascade); - }); - migrationBuilder.CreateIndex( - name: "IX_ApiClaims_ApiResourceId", - table: "ApiClaims", - column: "ApiResourceId"); + name: "IX_ApiResourceClaims_ApiResourceId_Type", + table: "ApiResourceClaims", + columns: new[] { "ApiResourceId", "Type" }, + unique: true); migrationBuilder.CreateIndex( - name: "IX_ApiProperties_ApiResourceId", - table: "ApiProperties", - column: "ApiResourceId"); + name: "IX_ApiResourceProperties_ApiResourceId_Key", + table: "ApiResourceProperties", + columns: new[] { "ApiResourceId", "Key" }, + unique: true); migrationBuilder.CreateIndex( name: "IX_ApiResources_Name", @@ -456,15 +528,28 @@ namespace Identity.API.Migrations.ConfigurationDb unique: true); migrationBuilder.CreateIndex( - name: "IX_ApiScopeClaims_ApiScopeId", - table: "ApiScopeClaims", - column: "ApiScopeId"); + name: "IX_ApiResourceScopes_ApiResourceId_Scope", + table: "ApiResourceScopes", + columns: new[] { "ApiResourceId", "Scope" }, + unique: true); migrationBuilder.CreateIndex( - name: "IX_ApiScopes_ApiResourceId", - table: "ApiScopes", + name: "IX_ApiResourceSecrets_ApiResourceId", + table: "ApiResourceSecrets", column: "ApiResourceId"); + migrationBuilder.CreateIndex( + name: "IX_ApiScopeClaims_ScopeId_Type", + table: "ApiScopeClaims", + columns: new[] { "ScopeId", "Type" }, + unique: true); + + migrationBuilder.CreateIndex( + name: "IX_ApiScopeProperties_ScopeId_Key", + table: "ApiScopeProperties", + columns: new[] { "ScopeId", "Key" }, + unique: true); + migrationBuilder.CreateIndex( name: "IX_ApiScopes_Name", table: "ApiScopes", @@ -472,44 +557,46 @@ namespace Identity.API.Migrations.ConfigurationDb unique: true); migrationBuilder.CreateIndex( - name: "IX_ApiSecrets_ApiResourceId", - table: "ApiSecrets", - column: "ApiResourceId"); - - migrationBuilder.CreateIndex( - name: "IX_ClientClaims_ClientId", + name: "IX_ClientClaims_ClientId_Type_Value", table: "ClientClaims", - column: "ClientId"); + columns: new[] { "ClientId", "Type", "Value" }, + unique: true); migrationBuilder.CreateIndex( - name: "IX_ClientCorsOrigins_ClientId", + name: "IX_ClientCorsOrigins_ClientId_Origin", table: "ClientCorsOrigins", - column: "ClientId"); + columns: new[] { "ClientId", "Origin" }, + unique: true); migrationBuilder.CreateIndex( - name: "IX_ClientGrantTypes_ClientId", + name: "IX_ClientGrantTypes_ClientId_GrantType", table: "ClientGrantTypes", - column: "ClientId"); + columns: new[] { "ClientId", "GrantType" }, + unique: true); migrationBuilder.CreateIndex( - name: "IX_ClientIdPRestrictions_ClientId", + name: "IX_ClientIdPRestrictions_ClientId_Provider", table: "ClientIdPRestrictions", - column: "ClientId"); + columns: new[] { "ClientId", "Provider" }, + unique: true); migrationBuilder.CreateIndex( - name: "IX_ClientPostLogoutRedirectUris_ClientId", + name: "IX_ClientPostLogoutRedirectUris_ClientId_PostLogoutRedirectUri", table: "ClientPostLogoutRedirectUris", - column: "ClientId"); + columns: new[] { "ClientId", "PostLogoutRedirectUri" }, + unique: true); migrationBuilder.CreateIndex( - name: "IX_ClientProperties_ClientId", + name: "IX_ClientProperties_ClientId_Key", table: "ClientProperties", - column: "ClientId"); + columns: new[] { "ClientId", "Key" }, + unique: true); migrationBuilder.CreateIndex( - name: "IX_ClientRedirectUris_ClientId", + name: "IX_ClientRedirectUris_ClientId_RedirectUri", table: "ClientRedirectUris", - column: "ClientId"); + columns: new[] { "ClientId", "RedirectUri" }, + unique: true); migrationBuilder.CreateIndex( name: "IX_Clients_ClientId", @@ -518,9 +605,10 @@ namespace Identity.API.Migrations.ConfigurationDb unique: true); migrationBuilder.CreateIndex( - name: "IX_ClientScopes_ClientId", + name: "IX_ClientScopes_ClientId_Scope", table: "ClientScopes", - column: "ClientId"); + columns: new[] { "ClientId", "Scope" }, + unique: true); migrationBuilder.CreateIndex( name: "IX_ClientSecrets_ClientId", @@ -528,14 +616,22 @@ namespace Identity.API.Migrations.ConfigurationDb column: "ClientId"); migrationBuilder.CreateIndex( - name: "IX_IdentityClaims_IdentityResourceId", - table: "IdentityClaims", - column: "IdentityResourceId"); + name: "IX_IdentityProviders_Scheme", + table: "IdentityProviders", + column: "Scheme", + unique: true); + + migrationBuilder.CreateIndex( + name: "IX_IdentityResourceClaims_IdentityResourceId_Type", + table: "IdentityResourceClaims", + columns: new[] { "IdentityResourceId", "Type" }, + unique: true); migrationBuilder.CreateIndex( - name: "IX_IdentityProperties_IdentityResourceId", - table: "IdentityProperties", - column: "IdentityResourceId"); + name: "IX_IdentityResourceProperties_IdentityResourceId_Key", + table: "IdentityResourceProperties", + columns: new[] { "IdentityResourceId", "Key" }, + unique: true); migrationBuilder.CreateIndex( name: "IX_IdentityResources_Name", @@ -547,16 +643,22 @@ namespace Identity.API.Migrations.ConfigurationDb protected override void Down(MigrationBuilder migrationBuilder) { migrationBuilder.DropTable( - name: "ApiClaims"); + name: "ApiResourceClaims"); migrationBuilder.DropTable( - name: "ApiProperties"); + name: "ApiResourceProperties"); + + migrationBuilder.DropTable( + name: "ApiResourceScopes"); + + migrationBuilder.DropTable( + name: "ApiResourceSecrets"); migrationBuilder.DropTable( name: "ApiScopeClaims"); migrationBuilder.DropTable( - name: "ApiSecrets"); + name: "ApiScopeProperties"); migrationBuilder.DropTable( name: "ClientClaims"); @@ -586,10 +688,16 @@ namespace Identity.API.Migrations.ConfigurationDb name: "ClientSecrets"); migrationBuilder.DropTable( - name: "IdentityClaims"); + name: "IdentityProviders"); + + migrationBuilder.DropTable( + name: "IdentityResourceClaims"); migrationBuilder.DropTable( - name: "IdentityProperties"); + name: "IdentityResourceProperties"); + + migrationBuilder.DropTable( + name: "ApiResources"); migrationBuilder.DropTable( name: "ApiScopes"); @@ -599,9 +707,6 @@ namespace Identity.API.Migrations.ConfigurationDb migrationBuilder.DropTable( name: "IdentityResources"); - - migrationBuilder.DropTable( - name: "ApiResources"); } } -} +} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Migrations/ConfigurationDb/ConfigurationDbContextModelSnapshot.cs b/src/Services/Identity/Identity.API/Migrations/ConfigurationDb/ConfigurationDbContextModelSnapshot.cs index 7eb4d34e4..55aef548d 100644 --- a/src/Services/Identity/Identity.API/Migrations/ConfigurationDb/ConfigurationDbContextModelSnapshot.cs +++ b/src/Services/Identity/Identity.API/Migrations/ConfigurationDb/ConfigurationDbContextModelSnapshot.cs @@ -1,11 +1,13 @@ // using System; -using IdentityServer4.EntityFramework.DbContexts; +using Duende.IdentityServer.EntityFramework.DbContexts; using Microsoft.EntityFrameworkCore; using Microsoft.EntityFrameworkCore.Infrastructure; using Microsoft.EntityFrameworkCore.Metadata; using Microsoft.EntityFrameworkCore.Storage.ValueConversion; +#nullable disable + namespace Identity.API.Migrations.ConfigurationDb { [DbContext(typeof(ConfigurationDbContext))] @@ -15,895 +17,1078 @@ namespace Identity.API.Migrations.ConfigurationDb { #pragma warning disable 612, 618 modelBuilder - .HasAnnotation("Relational:MaxIdentifierLength", 128) - .HasAnnotation("ProductVersion", "6.0.0") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); + .HasAnnotation("ProductVersion", "6.2.0") + .HasAnnotation("Relational:MaxIdentifierLength", 128); + + SqlServerModelBuilderExtensions.UseIdentityColumns(modelBuilder, 1L, 1); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResource", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("AllowedAccessTokenSigningAlgorithms") + .HasMaxLength(100) + .HasColumnType("nvarchar(100)"); + + b.Property("Created") + .HasColumnType("datetime2"); + + b.Property("Description") + .HasMaxLength(1000) + .HasColumnType("nvarchar(1000)"); + + b.Property("DisplayName") + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("Enabled") + .HasColumnType("bit"); + + b.Property("LastAccessed") + .HasColumnType("datetime2"); + + b.Property("Name") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("NonEditable") + .HasColumnType("bit"); + + b.Property("RequireResourceIndicator") + .HasColumnType("bit"); + + b.Property("ShowInDiscoveryDocument") + .HasColumnType("bit"); + + b.Property("Updated") + .HasColumnType("datetime2"); + + b.HasKey("Id"); + + b.HasIndex("Name") + .IsUnique(); + + b.ToTable("ApiResources", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceClaim", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("ApiResourceId") + .HasColumnType("int"); + + b.Property("Type") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.HasKey("Id"); + + b.HasIndex("ApiResourceId", "Type") + .IsUnique(); + + b.ToTable("ApiResourceClaims", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceProperty", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("ApiResourceId") + .HasColumnType("int"); + + b.Property("Key") + .IsRequired() + .HasMaxLength(250) + .HasColumnType("nvarchar(250)"); + + b.Property("Value") + .IsRequired() + .HasMaxLength(2000) + .HasColumnType("nvarchar(2000)"); + + b.HasKey("Id"); + + b.HasIndex("ApiResourceId", "Key") + .IsUnique(); + + b.ToTable("ApiResourceProperties", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceScope", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("ApiResourceId") + .HasColumnType("int"); + + b.Property("Scope") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.HasKey("Id"); + + b.HasIndex("ApiResourceId", "Scope") + .IsUnique(); + + b.ToTable("ApiResourceScopes", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceSecret", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("ApiResourceId") + .HasColumnType("int"); + + b.Property("Created") + .HasColumnType("datetime2"); + + b.Property("Description") + .HasMaxLength(1000) + .HasColumnType("nvarchar(1000)"); + + b.Property("Expiration") + .HasColumnType("datetime2"); + + b.Property("Type") + .IsRequired() + .HasMaxLength(250) + .HasColumnType("nvarchar(250)"); + + b.Property("Value") + .IsRequired() + .HasMaxLength(4000) + .HasColumnType("nvarchar(4000)"); + + b.HasKey("Id"); + + b.HasIndex("ApiResourceId"); + + b.ToTable("ApiResourceSecrets", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiScope", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("Created") + .HasColumnType("datetime2"); + + b.Property("Description") + .HasMaxLength(1000) + .HasColumnType("nvarchar(1000)"); + + b.Property("DisplayName") + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("Emphasize") + .HasColumnType("bit"); + + b.Property("Enabled") + .HasColumnType("bit"); + + b.Property("LastAccessed") + .HasColumnType("datetime2"); + + b.Property("Name") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("NonEditable") + .HasColumnType("bit"); + + b.Property("Required") + .HasColumnType("bit"); + + b.Property("ShowInDiscoveryDocument") + .HasColumnType("bit"); + + b.Property("Updated") + .HasColumnType("datetime2"); + + b.HasKey("Id"); + + b.HasIndex("Name") + .IsUnique(); + + b.ToTable("ApiScopes", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiScopeClaim", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("ScopeId") + .HasColumnType("int"); + + b.Property("Type") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.HasKey("Id"); - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiResource", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); + b.HasIndex("ScopeId", "Type") + .IsUnique(); - b.Property("Created") - .HasColumnType("datetime2"); + b.ToTable("ApiScopeClaims", (string)null); + }); - b.Property("Description") - .HasMaxLength(1000) - .HasColumnType("nvarchar(1000)"); + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiScopeProperty", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); - b.Property("DisplayName") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - b.Property("Enabled") - .HasColumnType("bit"); + b.Property("Key") + .IsRequired() + .HasMaxLength(250) + .HasColumnType("nvarchar(250)"); - b.Property("LastAccessed") - .HasColumnType("datetime2"); + b.Property("ScopeId") + .HasColumnType("int"); - b.Property("Name") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); + b.Property("Value") + .IsRequired() + .HasMaxLength(2000) + .HasColumnType("nvarchar(2000)"); - b.Property("NonEditable") - .HasColumnType("bit"); + b.HasKey("Id"); - b.Property("Updated") - .HasColumnType("datetime2"); + b.HasIndex("ScopeId", "Key") + .IsUnique(); - b.HasKey("Id"); + b.ToTable("ApiScopeProperties", (string)null); + }); - b.HasIndex("Name") - .IsUnique(); + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.Client", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); - b.ToTable("ApiResources", (string)null); - }); + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiResourceClaim", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); + b.Property("AbsoluteRefreshTokenLifetime") + .HasColumnType("int"); - b.Property("ApiResourceId") - .HasColumnType("int"); + b.Property("AccessTokenLifetime") + .HasColumnType("int"); - b.Property("Type") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); + b.Property("AccessTokenType") + .HasColumnType("int"); - b.HasKey("Id"); + b.Property("AllowAccessTokensViaBrowser") + .HasColumnType("bit"); - b.HasIndex("ApiResourceId"); + b.Property("AllowOfflineAccess") + .HasColumnType("bit"); - b.ToTable("ApiClaims", (string)null); - }); + b.Property("AllowPlainTextPkce") + .HasColumnType("bit"); - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiResourceProperty", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); + b.Property("AllowRememberConsent") + .HasColumnType("bit"); - b.Property("ApiResourceId") - .HasColumnType("int"); + b.Property("AllowedIdentityTokenSigningAlgorithms") + .HasMaxLength(100) + .HasColumnType("nvarchar(100)"); - b.Property("Key") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); + b.Property("AlwaysIncludeUserClaimsInIdToken") + .HasColumnType("bit"); - b.Property("Value") - .IsRequired() - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); + b.Property("AlwaysSendClientClaims") + .HasColumnType("bit"); - b.HasKey("Id"); + b.Property("AuthorizationCodeLifetime") + .HasColumnType("int"); - b.HasIndex("ApiResourceId"); + b.Property("BackChannelLogoutSessionRequired") + .HasColumnType("bit"); - b.ToTable("ApiProperties", (string)null); - }); + b.Property("BackChannelLogoutUri") + .HasMaxLength(2000) + .HasColumnType("nvarchar(2000)"); - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiScope", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); + b.Property("CibaLifetime") + .HasColumnType("int"); - b.Property("ApiResourceId") - .HasColumnType("int"); + b.Property("ClientClaimsPrefix") + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); - b.Property("Description") - .HasMaxLength(1000) - .HasColumnType("nvarchar(1000)"); + b.Property("ClientId") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); - b.Property("DisplayName") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); + b.Property("ClientName") + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); - b.Property("Emphasize") - .HasColumnType("bit"); + b.Property("ClientUri") + .HasMaxLength(2000) + .HasColumnType("nvarchar(2000)"); - b.Property("Name") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); + b.Property("ConsentLifetime") + .HasColumnType("int"); - b.Property("Required") - .HasColumnType("bit"); + b.Property("CoordinateLifetimeWithUserSession") + .HasColumnType("bit"); - b.Property("ShowInDiscoveryDocument") - .HasColumnType("bit"); + b.Property("Created") + .HasColumnType("datetime2"); - b.HasKey("Id"); + b.Property("Description") + .HasMaxLength(1000) + .HasColumnType("nvarchar(1000)"); - b.HasIndex("ApiResourceId"); + b.Property("DeviceCodeLifetime") + .HasColumnType("int"); - b.HasIndex("Name") - .IsUnique(); + b.Property("EnableLocalLogin") + .HasColumnType("bit"); - b.ToTable("ApiScopes", (string)null); - }); + b.Property("Enabled") + .HasColumnType("bit"); - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiScopeClaim", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); + b.Property("FrontChannelLogoutSessionRequired") + .HasColumnType("bit"); - b.Property("ApiScopeId") - .HasColumnType("int"); + b.Property("FrontChannelLogoutUri") + .HasMaxLength(2000) + .HasColumnType("nvarchar(2000)"); - b.Property("Type") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); + b.Property("IdentityTokenLifetime") + .HasColumnType("int"); - b.HasKey("Id"); + b.Property("IncludeJwtId") + .HasColumnType("bit"); - b.HasIndex("ApiScopeId"); + b.Property("LastAccessed") + .HasColumnType("datetime2"); - b.ToTable("ApiScopeClaims", (string)null); - }); + b.Property("LogoUri") + .HasMaxLength(2000) + .HasColumnType("nvarchar(2000)"); - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiSecret", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); + b.Property("NonEditable") + .HasColumnType("bit"); - b.Property("ApiResourceId") - .HasColumnType("int"); + b.Property("PairWiseSubjectSalt") + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); - b.Property("Created") - .HasColumnType("datetime2"); + b.Property("PollingInterval") + .HasColumnType("int"); - b.Property("Description") - .HasMaxLength(1000) - .HasColumnType("nvarchar(1000)"); + b.Property("ProtocolType") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); - b.Property("Expiration") - .HasColumnType("datetime2"); + b.Property("RefreshTokenExpiration") + .HasColumnType("int"); - b.Property("Type") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); + b.Property("RefreshTokenUsage") + .HasColumnType("int"); - b.Property("Value") - .IsRequired() - .HasMaxLength(4000) - .HasColumnType("nvarchar(4000)"); + b.Property("RequireClientSecret") + .HasColumnType("bit"); - b.HasKey("Id"); + b.Property("RequireConsent") + .HasColumnType("bit"); - b.HasIndex("ApiResourceId"); + b.Property("RequirePkce") + .HasColumnType("bit"); - b.ToTable("ApiSecrets", (string)null); - }); + b.Property("RequireRequestObject") + .HasColumnType("bit"); - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.Client", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); + b.Property("SlidingRefreshTokenLifetime") + .HasColumnType("int"); - b.Property("AbsoluteRefreshTokenLifetime") - .HasColumnType("int"); + b.Property("UpdateAccessTokenClaimsOnRefresh") + .HasColumnType("bit"); - b.Property("AccessTokenLifetime") - .HasColumnType("int"); + b.Property("Updated") + .HasColumnType("datetime2"); - b.Property("AccessTokenType") - .HasColumnType("int"); + b.Property("UserCodeType") + .HasMaxLength(100) + .HasColumnType("nvarchar(100)"); - b.Property("AllowAccessTokensViaBrowser") - .HasColumnType("bit"); + b.Property("UserSsoLifetime") + .HasColumnType("int"); - b.Property("AllowOfflineAccess") - .HasColumnType("bit"); + b.HasKey("Id"); - b.Property("AllowPlainTextPkce") - .HasColumnType("bit"); + b.HasIndex("ClientId") + .IsUnique(); - b.Property("AllowRememberConsent") - .HasColumnType("bit"); + b.ToTable("Clients", (string)null); + }); - b.Property("AlwaysIncludeUserClaimsInIdToken") - .HasColumnType("bit"); + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientClaim", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); - b.Property("AlwaysSendClientClaims") - .HasColumnType("bit"); + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - b.Property("AuthorizationCodeLifetime") - .HasColumnType("int"); + b.Property("ClientId") + .HasColumnType("int"); - b.Property("BackChannelLogoutSessionRequired") - .HasColumnType("bit"); + b.Property("Type") + .IsRequired() + .HasMaxLength(250) + .HasColumnType("nvarchar(250)"); - b.Property("BackChannelLogoutUri") - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); + b.Property("Value") + .IsRequired() + .HasMaxLength(250) + .HasColumnType("nvarchar(250)"); - b.Property("ClientClaimsPrefix") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); + b.HasKey("Id"); - b.Property("ClientId") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); + b.HasIndex("ClientId", "Type", "Value") + .IsUnique(); - b.Property("ClientName") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); + b.ToTable("ClientClaims", (string)null); + }); - b.Property("ClientUri") - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientCorsOrigin", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); - b.Property("ConsentLifetime") - .HasColumnType("int"); + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - b.Property("Created") - .HasColumnType("datetime2"); + b.Property("ClientId") + .HasColumnType("int"); - b.Property("Description") - .HasMaxLength(1000) - .HasColumnType("nvarchar(1000)"); + b.Property("Origin") + .IsRequired() + .HasMaxLength(150) + .HasColumnType("nvarchar(150)"); - b.Property("DeviceCodeLifetime") - .HasColumnType("int"); + b.HasKey("Id"); - b.Property("EnableLocalLogin") - .HasColumnType("bit"); + b.HasIndex("ClientId", "Origin") + .IsUnique(); - b.Property("Enabled") - .HasColumnType("bit"); + b.ToTable("ClientCorsOrigins", (string)null); + }); - b.Property("FrontChannelLogoutSessionRequired") - .HasColumnType("bit"); + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientGrantType", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); - b.Property("FrontChannelLogoutUri") - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - b.Property("IdentityTokenLifetime") - .HasColumnType("int"); + b.Property("ClientId") + .HasColumnType("int"); - b.Property("IncludeJwtId") - .HasColumnType("bit"); + b.Property("GrantType") + .IsRequired() + .HasMaxLength(250) + .HasColumnType("nvarchar(250)"); - b.Property("LastAccessed") - .HasColumnType("datetime2"); + b.HasKey("Id"); - b.Property("LogoUri") - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); + b.HasIndex("ClientId", "GrantType") + .IsUnique(); - b.Property("NonEditable") - .HasColumnType("bit"); + b.ToTable("ClientGrantTypes", (string)null); + }); - b.Property("PairWiseSubjectSalt") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientIdPRestriction", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); - b.Property("ProtocolType") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - b.Property("RefreshTokenExpiration") - .HasColumnType("int"); + b.Property("ClientId") + .HasColumnType("int"); - b.Property("RefreshTokenUsage") - .HasColumnType("int"); + b.Property("Provider") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); - b.Property("RequireClientSecret") - .HasColumnType("bit"); + b.HasKey("Id"); - b.Property("RequireConsent") - .HasColumnType("bit"); + b.HasIndex("ClientId", "Provider") + .IsUnique(); - b.Property("RequirePkce") - .HasColumnType("bit"); + b.ToTable("ClientIdPRestrictions", (string)null); + }); - b.Property("SlidingRefreshTokenLifetime") - .HasColumnType("int"); + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientPostLogoutRedirectUri", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); - b.Property("UpdateAccessTokenClaimsOnRefresh") - .HasColumnType("bit"); + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - b.Property("Updated") - .HasColumnType("datetime2"); + b.Property("ClientId") + .HasColumnType("int"); - b.Property("UserCodeType") - .HasMaxLength(100) - .HasColumnType("nvarchar(100)"); + b.Property("PostLogoutRedirectUri") + .IsRequired() + .HasMaxLength(400) + .HasColumnType("nvarchar(400)"); - b.Property("UserSsoLifetime") - .HasColumnType("int"); + b.HasKey("Id"); - b.HasKey("Id"); + b.HasIndex("ClientId", "PostLogoutRedirectUri") + .IsUnique(); - b.HasIndex("ClientId") - .IsUnique(); + b.ToTable("ClientPostLogoutRedirectUris", (string)null); + }); - b.ToTable("Clients", (string)null); - }); + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientProperty", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientClaim", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - b.Property("ClientId") - .HasColumnType("int"); + b.Property("ClientId") + .HasColumnType("int"); - b.Property("Type") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); + b.Property("Key") + .IsRequired() + .HasMaxLength(250) + .HasColumnType("nvarchar(250)"); - b.Property("Value") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); + b.Property("Value") + .IsRequired() + .HasMaxLength(2000) + .HasColumnType("nvarchar(2000)"); - b.HasKey("Id"); + b.HasKey("Id"); - b.HasIndex("ClientId"); + b.HasIndex("ClientId", "Key") + .IsUnique(); - b.ToTable("ClientClaims", (string)null); - }); + b.ToTable("ClientProperties", (string)null); + }); - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientCorsOrigin", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientRedirectUri", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); - b.Property("ClientId") - .HasColumnType("int"); + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - b.Property("Origin") - .IsRequired() - .HasMaxLength(150) - .HasColumnType("nvarchar(150)"); + b.Property("ClientId") + .HasColumnType("int"); - b.HasKey("Id"); + b.Property("RedirectUri") + .IsRequired() + .HasMaxLength(400) + .HasColumnType("nvarchar(400)"); - b.HasIndex("ClientId"); + b.HasKey("Id"); - b.ToTable("ClientCorsOrigins", (string)null); - }); + b.HasIndex("ClientId", "RedirectUri") + .IsUnique(); - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientGrantType", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); + b.ToTable("ClientRedirectUris", (string)null); + }); - b.Property("ClientId") - .HasColumnType("int"); + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientScope", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); - b.Property("GrantType") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - b.HasKey("Id"); + b.Property("ClientId") + .HasColumnType("int"); - b.HasIndex("ClientId"); + b.Property("Scope") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); - b.ToTable("ClientGrantTypes", (string)null); - }); + b.HasKey("Id"); - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientIdPRestriction", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); + b.HasIndex("ClientId", "Scope") + .IsUnique(); - b.Property("ClientId") - .HasColumnType("int"); + b.ToTable("ClientScopes", (string)null); + }); - b.Property("Provider") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientSecret", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); - b.HasKey("Id"); + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - b.HasIndex("ClientId"); + b.Property("ClientId") + .HasColumnType("int"); - b.ToTable("ClientIdPRestrictions", (string)null); - }); + b.Property("Created") + .HasColumnType("datetime2"); - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientPostLogoutRedirectUri", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); + b.Property("Description") + .HasMaxLength(2000) + .HasColumnType("nvarchar(2000)"); - b.Property("ClientId") - .HasColumnType("int"); + b.Property("Expiration") + .HasColumnType("datetime2"); - b.Property("PostLogoutRedirectUri") - .IsRequired() - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); + b.Property("Type") + .IsRequired() + .HasMaxLength(250) + .HasColumnType("nvarchar(250)"); - b.HasKey("Id"); + b.Property("Value") + .IsRequired() + .HasMaxLength(4000) + .HasColumnType("nvarchar(4000)"); - b.HasIndex("ClientId"); + b.HasKey("Id"); - b.ToTable("ClientPostLogoutRedirectUris", (string)null); - }); + b.HasIndex("ClientId"); - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientProperty", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); + b.ToTable("ClientSecrets", (string)null); + }); - b.Property("ClientId") - .HasColumnType("int"); + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityProvider", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); - b.Property("Key") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - b.Property("Value") - .IsRequired() - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); + b.Property("Created") + .HasColumnType("datetime2"); - b.HasKey("Id"); + b.Property("DisplayName") + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); - b.HasIndex("ClientId"); + b.Property("Enabled") + .HasColumnType("bit"); - b.ToTable("ClientProperties", (string)null); - }); + b.Property("LastAccessed") + .HasColumnType("datetime2"); - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientRedirectUri", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); + b.Property("NonEditable") + .HasColumnType("bit"); - b.Property("ClientId") - .HasColumnType("int"); + b.Property("Properties") + .HasColumnType("nvarchar(max)"); - b.Property("RedirectUri") - .IsRequired() - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); + b.Property("Scheme") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); - b.HasKey("Id"); + b.Property("Type") + .IsRequired() + .HasMaxLength(20) + .HasColumnType("nvarchar(20)"); - b.HasIndex("ClientId"); + b.Property("Updated") + .HasColumnType("datetime2"); - b.ToTable("ClientRedirectUris", (string)null); - }); + b.HasKey("Id"); - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientScope", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); + b.HasIndex("Scheme") + .IsUnique(); - b.Property("ClientId") - .HasColumnType("int"); + b.ToTable("IdentityProviders", (string)null); + }); - b.Property("Scope") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityResource", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); - b.HasKey("Id"); + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - b.HasIndex("ClientId"); + b.Property("Created") + .HasColumnType("datetime2"); - b.ToTable("ClientScopes", (string)null); - }); + b.Property("Description") + .HasMaxLength(1000) + .HasColumnType("nvarchar(1000)"); - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientSecret", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); + b.Property("DisplayName") + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); - b.Property("ClientId") - .HasColumnType("int"); + b.Property("Emphasize") + .HasColumnType("bit"); - b.Property("Created") - .HasColumnType("datetime2"); + b.Property("Enabled") + .HasColumnType("bit"); - b.Property("Description") - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); + b.Property("Name") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); - b.Property("Expiration") - .HasColumnType("datetime2"); + b.Property("NonEditable") + .HasColumnType("bit"); - b.Property("Type") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); + b.Property("Required") + .HasColumnType("bit"); - b.Property("Value") - .IsRequired() - .HasMaxLength(4000) - .HasColumnType("nvarchar(4000)"); + b.Property("ShowInDiscoveryDocument") + .HasColumnType("bit"); - b.HasKey("Id"); + b.Property("Updated") + .HasColumnType("datetime2"); - b.HasIndex("ClientId"); + b.HasKey("Id"); - b.ToTable("ClientSecrets", (string)null); - }); + b.HasIndex("Name") + .IsUnique(); - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.IdentityClaim", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); + b.ToTable("IdentityResources", (string)null); + }); - b.Property("IdentityResourceId") - .HasColumnType("int"); + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityResourceClaim", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); - b.Property("Type") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - b.HasKey("Id"); + b.Property("IdentityResourceId") + .HasColumnType("int"); - b.HasIndex("IdentityResourceId"); + b.Property("Type") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); - b.ToTable("IdentityClaims", (string)null); - }); + b.HasKey("Id"); - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.IdentityResource", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); + b.HasIndex("IdentityResourceId", "Type") + .IsUnique(); - b.Property("Created") - .HasColumnType("datetime2"); + b.ToTable("IdentityResourceClaims", (string)null); + }); - b.Property("Description") - .HasMaxLength(1000) - .HasColumnType("nvarchar(1000)"); + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityResourceProperty", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); - b.Property("DisplayName") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - b.Property("Emphasize") - .HasColumnType("bit"); + b.Property("IdentityResourceId") + .HasColumnType("int"); + + b.Property("Key") + .IsRequired() + .HasMaxLength(250) + .HasColumnType("nvarchar(250)"); + + b.Property("Value") + .IsRequired() + .HasMaxLength(2000) + .HasColumnType("nvarchar(2000)"); + + b.HasKey("Id"); + + b.HasIndex("IdentityResourceId", "Key") + .IsUnique(); + + b.ToTable("IdentityResourceProperties", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceClaim", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.ApiResource", "ApiResource") + .WithMany("UserClaims") + .HasForeignKey("ApiResourceId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("ApiResource"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceProperty", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.ApiResource", "ApiResource") + .WithMany("Properties") + .HasForeignKey("ApiResourceId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("ApiResource"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceScope", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.ApiResource", "ApiResource") + .WithMany("Scopes") + .HasForeignKey("ApiResourceId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("ApiResource"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceSecret", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.ApiResource", "ApiResource") + .WithMany("Secrets") + .HasForeignKey("ApiResourceId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("ApiResource"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiScopeClaim", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.ApiScope", "Scope") + .WithMany("UserClaims") + .HasForeignKey("ScopeId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("Scope"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiScopeProperty", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.ApiScope", "Scope") + .WithMany("Properties") + .HasForeignKey("ScopeId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("Scope"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientClaim", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") + .WithMany("Claims") + .HasForeignKey("ClientId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("Client"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientCorsOrigin", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") + .WithMany("AllowedCorsOrigins") + .HasForeignKey("ClientId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("Client"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientGrantType", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") + .WithMany("AllowedGrantTypes") + .HasForeignKey("ClientId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("Client"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientIdPRestriction", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") + .WithMany("IdentityProviderRestrictions") + .HasForeignKey("ClientId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("Client"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientPostLogoutRedirectUri", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") + .WithMany("PostLogoutRedirectUris") + .HasForeignKey("ClientId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("Client"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientProperty", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") + .WithMany("Properties") + .HasForeignKey("ClientId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("Client"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientRedirectUri", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") + .WithMany("RedirectUris") + .HasForeignKey("ClientId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("Client"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientScope", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") + .WithMany("AllowedScopes") + .HasForeignKey("ClientId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("Client"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientSecret", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") + .WithMany("ClientSecrets") + .HasForeignKey("ClientId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("Client"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityResourceClaim", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.IdentityResource", "IdentityResource") + .WithMany("UserClaims") + .HasForeignKey("IdentityResourceId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("IdentityResource"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityResourceProperty", b => + { + b.HasOne("Duende.IdentityServer.EntityFramework.Entities.IdentityResource", "IdentityResource") + .WithMany("Properties") + .HasForeignKey("IdentityResourceId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("IdentityResource"); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResource", b => + { + b.Navigation("Properties"); + + b.Navigation("Scopes"); + + b.Navigation("Secrets"); - b.Property("Enabled") - .HasColumnType("bit"); + b.Navigation("UserClaims"); + }); - b.Property("Name") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiScope", b => + { + b.Navigation("Properties"); - b.Property("NonEditable") - .HasColumnType("bit"); + b.Navigation("UserClaims"); + }); - b.Property("Required") - .HasColumnType("bit"); + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.Client", b => + { + b.Navigation("AllowedCorsOrigins"); - b.Property("ShowInDiscoveryDocument") - .HasColumnType("bit"); - - b.Property("Updated") - .HasColumnType("datetime2"); - - b.HasKey("Id"); - - b.HasIndex("Name") - .IsUnique(); - - b.ToTable("IdentityResources", (string)null); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.IdentityResourceProperty", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); - - b.Property("IdentityResourceId") - .HasColumnType("int"); - - b.Property("Key") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); - - b.Property("Value") - .IsRequired() - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.HasKey("Id"); - - b.HasIndex("IdentityResourceId"); - - b.ToTable("IdentityProperties", (string)null); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiResourceClaim", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.ApiResource", "ApiResource") - .WithMany("UserClaims") - .HasForeignKey("ApiResourceId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("ApiResource"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiResourceProperty", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.ApiResource", "ApiResource") - .WithMany("Properties") - .HasForeignKey("ApiResourceId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("ApiResource"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiScope", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.ApiResource", "ApiResource") - .WithMany("Scopes") - .HasForeignKey("ApiResourceId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("ApiResource"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiScopeClaim", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.ApiScope", "ApiScope") - .WithMany("UserClaims") - .HasForeignKey("ApiScopeId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("ApiScope"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiSecret", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.ApiResource", "ApiResource") - .WithMany("Secrets") - .HasForeignKey("ApiResourceId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("ApiResource"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientClaim", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") - .WithMany("Claims") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientCorsOrigin", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") - .WithMany("AllowedCorsOrigins") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientGrantType", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") - .WithMany("AllowedGrantTypes") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientIdPRestriction", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") - .WithMany("IdentityProviderRestrictions") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientPostLogoutRedirectUri", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") - .WithMany("PostLogoutRedirectUris") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientProperty", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") - .WithMany("Properties") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientRedirectUri", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") - .WithMany("RedirectUris") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientScope", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") - .WithMany("AllowedScopes") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientSecret", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") - .WithMany("ClientSecrets") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.IdentityClaim", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.IdentityResource", "IdentityResource") - .WithMany("UserClaims") - .HasForeignKey("IdentityResourceId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("IdentityResource"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.IdentityResourceProperty", b => - { - b.HasOne("IdentityServer4.EntityFramework.Entities.IdentityResource", "IdentityResource") - .WithMany("Properties") - .HasForeignKey("IdentityResourceId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("IdentityResource"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiResource", b => - { - b.Navigation("Properties"); - - b.Navigation("Scopes"); - - b.Navigation("Secrets"); - - b.Navigation("UserClaims"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiScope", b => - { - b.Navigation("UserClaims"); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.Client", b => - { - b.Navigation("AllowedCorsOrigins"); + b.Navigation("AllowedGrantTypes"); - b.Navigation("AllowedGrantTypes"); + b.Navigation("AllowedScopes"); - b.Navigation("AllowedScopes"); - - b.Navigation("Claims"); + b.Navigation("Claims"); - b.Navigation("ClientSecrets"); + b.Navigation("ClientSecrets"); - b.Navigation("IdentityProviderRestrictions"); + b.Navigation("IdentityProviderRestrictions"); - b.Navigation("PostLogoutRedirectUris"); + b.Navigation("PostLogoutRedirectUris"); - b.Navigation("Properties"); + b.Navigation("Properties"); - b.Navigation("RedirectUris"); - }); + b.Navigation("RedirectUris"); + }); - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.IdentityResource", b => - { - b.Navigation("Properties"); + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityResource", b => + { + b.Navigation("Properties"); - b.Navigation("UserClaims"); - }); + b.Navigation("UserClaims"); + }); #pragma warning restore 612, 618 } } -} +} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20210813072513_InitialMigration.Designer.cs b/src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20210813072513_InitialMigration.Designer.cs deleted file mode 100644 index 6e2567b4a..000000000 --- a/src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20210813072513_InitialMigration.Designer.cs +++ /dev/null @@ -1,108 +0,0 @@ -// -using System; -using IdentityServer4.EntityFramework.DbContexts; -using Microsoft.EntityFrameworkCore; -using Microsoft.EntityFrameworkCore.Infrastructure; -using Microsoft.EntityFrameworkCore.Metadata; -using Microsoft.EntityFrameworkCore.Migrations; -using Microsoft.EntityFrameworkCore.Storage.ValueConversion; - -namespace Identity.API.Migrations.PersistedGrantDb -{ - [DbContext(typeof(PersistedGrantDbContext))] - [Migration("20210813072513_InitialMigration")] - partial class InitialMigration - { - protected override void BuildTargetModel(ModelBuilder modelBuilder) - { -#pragma warning disable 612, 618 - modelBuilder - .HasAnnotation("Relational:MaxIdentifierLength", 128) - .HasAnnotation("ProductVersion", "6.0.0") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.DeviceFlowCodes", b => - { - b.Property("UserCode") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("ClientId") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("CreationTime") - .HasColumnType("datetime2"); - - b.Property("Data") - .IsRequired() - .HasMaxLength(50000) - .HasColumnType("nvarchar(max)"); - - b.Property("DeviceCode") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("Expiration") - .IsRequired() - .HasColumnType("datetime2"); - - b.Property("SubjectId") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.HasKey("UserCode"); - - b.HasIndex("DeviceCode") - .IsUnique(); - - b.HasIndex("Expiration"); - - b.ToTable("DeviceCodes", (string)null); - }); - - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.PersistedGrant", b => - { - b.Property("Key") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("ClientId") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("CreationTime") - .HasColumnType("datetime2"); - - b.Property("Data") - .IsRequired() - .HasMaxLength(50000) - .HasColumnType("nvarchar(max)"); - - b.Property("Expiration") - .HasColumnType("datetime2"); - - b.Property("SubjectId") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("Type") - .IsRequired() - .HasMaxLength(50) - .HasColumnType("nvarchar(50)"); - - b.HasKey("Key"); - - b.HasIndex("Expiration"); - - b.HasIndex("SubjectId", "ClientId", "Type"); - - b.ToTable("PersistedGrants", (string)null); - }); -#pragma warning restore 612, 618 - } - } -} diff --git a/src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20210813072513_InitialMigration.cs b/src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20210813072513_InitialMigration.cs deleted file mode 100644 index e81f8a197..000000000 --- a/src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20210813072513_InitialMigration.cs +++ /dev/null @@ -1,75 +0,0 @@ -using System; -using Microsoft.EntityFrameworkCore.Migrations; - -namespace Identity.API.Migrations.PersistedGrantDb -{ - public partial class InitialMigration : Migration - { - protected override void Up(MigrationBuilder migrationBuilder) - { - migrationBuilder.CreateTable( - name: "DeviceCodes", - columns: table => new - { - UserCode = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false), - DeviceCode = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false), - SubjectId = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: true), - ClientId = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false), - CreationTime = table.Column(type: "datetime2", nullable: false), - Expiration = table.Column(type: "datetime2", nullable: false), - Data = table.Column(type: "nvarchar(max)", maxLength: 50000, nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_DeviceCodes", x => x.UserCode); - }); - - migrationBuilder.CreateTable( - name: "PersistedGrants", - columns: table => new - { - Key = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false), - Type = table.Column(type: "nvarchar(50)", maxLength: 50, nullable: false), - SubjectId = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: true), - ClientId = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false), - CreationTime = table.Column(type: "datetime2", nullable: false), - Expiration = table.Column(type: "datetime2", nullable: true), - Data = table.Column(type: "nvarchar(max)", maxLength: 50000, nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_PersistedGrants", x => x.Key); - }); - - migrationBuilder.CreateIndex( - name: "IX_DeviceCodes_DeviceCode", - table: "DeviceCodes", - column: "DeviceCode", - unique: true); - - migrationBuilder.CreateIndex( - name: "IX_DeviceCodes_Expiration", - table: "DeviceCodes", - column: "Expiration"); - - migrationBuilder.CreateIndex( - name: "IX_PersistedGrants_Expiration", - table: "PersistedGrants", - column: "Expiration"); - - migrationBuilder.CreateIndex( - name: "IX_PersistedGrants_SubjectId_ClientId_Type", - table: "PersistedGrants", - columns: new[] { "SubjectId", "ClientId", "Type" }); - } - - protected override void Down(MigrationBuilder migrationBuilder) - { - migrationBuilder.DropTable( - name: "DeviceCodes"); - - migrationBuilder.DropTable( - name: "PersistedGrants"); - } - } -} diff --git a/src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20220324152905_InitialPersistedGrantDbMigration.Designer.cs b/src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20220324152905_InitialPersistedGrantDbMigration.Designer.cs new file mode 100644 index 000000000..c8adfecef --- /dev/null +++ b/src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20220324152905_InitialPersistedGrantDbMigration.Designer.cs @@ -0,0 +1,240 @@ +// +using System; +using Duende.IdentityServer.EntityFramework.DbContexts; +using Microsoft.EntityFrameworkCore; +using Microsoft.EntityFrameworkCore.Infrastructure; +using Microsoft.EntityFrameworkCore.Metadata; +using Microsoft.EntityFrameworkCore.Migrations; +using Microsoft.EntityFrameworkCore.Storage.ValueConversion; + +#nullable disable + +namespace Identity.API.Migrations.PersistedGrantDb +{ + [DbContext(typeof(PersistedGrantDbContext))] + [Migration("20220324152905_Grants")] + partial class Grants + { + protected override void BuildTargetModel(ModelBuilder modelBuilder) + { +#pragma warning disable 612, 618 + modelBuilder + .HasAnnotation("ProductVersion", "6.0.0") + .HasAnnotation("Relational:MaxIdentifierLength", 128); + + SqlServerModelBuilderExtensions.UseIdentityColumns(modelBuilder, 1L, 1); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.DeviceFlowCodes", b => + { + b.Property("UserCode") + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("ClientId") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("CreationTime") + .HasColumnType("datetime2"); + + b.Property("Data") + .IsRequired() + .HasMaxLength(50000) + .HasColumnType("nvarchar(max)"); + + b.Property("Description") + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("DeviceCode") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("Expiration") + .IsRequired() + .HasColumnType("datetime2"); + + b.Property("SessionId") + .HasMaxLength(100) + .HasColumnType("nvarchar(100)"); + + b.Property("SubjectId") + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.HasKey("UserCode"); + + b.HasIndex("DeviceCode") + .IsUnique(); + + b.HasIndex("Expiration"); + + b.ToTable("DeviceCodes", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.Key", b => + { + b.Property("Id") + .HasColumnType("nvarchar(450)"); + + b.Property("Algorithm") + .IsRequired() + .HasMaxLength(100) + .HasColumnType("nvarchar(100)"); + + b.Property("Created") + .HasColumnType("datetime2"); + + b.Property("Data") + .IsRequired() + .HasColumnType("nvarchar(max)"); + + b.Property("DataProtected") + .HasColumnType("bit"); + + b.Property("IsX509Certificate") + .HasColumnType("bit"); + + b.Property("Use") + .HasColumnType("nvarchar(450)"); + + b.Property("Version") + .HasColumnType("int"); + + b.HasKey("Id"); + + b.HasIndex("Use"); + + b.ToTable("Keys", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.PersistedGrant", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("bigint"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("ClientId") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("ConsumedTime") + .HasColumnType("datetime2"); + + b.Property("CreationTime") + .HasColumnType("datetime2"); + + b.Property("Data") + .IsRequired() + .HasMaxLength(50000) + .HasColumnType("nvarchar(max)"); + + b.Property("Description") + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("Expiration") + .HasColumnType("datetime2"); + + b.Property("Key") + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("SessionId") + .HasMaxLength(100) + .HasColumnType("nvarchar(100)"); + + b.Property("SubjectId") + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("Type") + .IsRequired() + .HasMaxLength(50) + .HasColumnType("nvarchar(50)"); + + b.HasKey("Id"); + + b.HasIndex("ConsumedTime"); + + b.HasIndex("Expiration"); + + b.HasIndex("Key") + .IsUnique() + .HasFilter("[Key] IS NOT NULL"); + + b.HasIndex("SubjectId", "ClientId", "Type"); + + b.HasIndex("SubjectId", "SessionId", "Type"); + + b.ToTable("PersistedGrants", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ServerSideSession", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("Created") + .HasColumnType("datetime2"); + + b.Property("Data") + .IsRequired() + .HasColumnType("nvarchar(max)"); + + b.Property("DisplayName") + .HasMaxLength(100) + .HasColumnType("nvarchar(100)"); + + b.Property("Expires") + .HasColumnType("datetime2"); + + b.Property("Key") + .IsRequired() + .HasMaxLength(100) + .HasColumnType("nvarchar(100)"); + + b.Property("Renewed") + .HasColumnType("datetime2"); + + b.Property("Scheme") + .IsRequired() + .HasMaxLength(100) + .HasColumnType("nvarchar(100)"); + + b.Property("SessionId") + .HasMaxLength(100) + .HasColumnType("nvarchar(100)"); + + b.Property("SubjectId") + .IsRequired() + .HasMaxLength(100) + .HasColumnType("nvarchar(100)"); + + b.HasKey("Id"); + + b.HasIndex("DisplayName"); + + b.HasIndex("Expires"); + + b.HasIndex("Key") + .IsUnique(); + + b.HasIndex("SessionId"); + + b.HasIndex("SubjectId"); + + b.ToTable("ServerSideSessions", (string)null); + }); +#pragma warning restore 612, 618 + } + } +} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20220324152905_InitialPersistedGrantDbMigration.cs b/src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20220324152905_InitialPersistedGrantDbMigration.cs new file mode 100644 index 000000000..8fd5cf3fb --- /dev/null +++ b/src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20220324152905_InitialPersistedGrantDbMigration.cs @@ -0,0 +1,177 @@ +using System; +using Microsoft.EntityFrameworkCore.Migrations; + +#nullable disable + +namespace Identity.API.Migrations.PersistedGrantDb +{ + public partial class Grants : Migration + { + protected override void Up(MigrationBuilder migrationBuilder) + { + migrationBuilder.CreateTable( + name: "DeviceCodes", + columns: table => new + { + UserCode = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false), + DeviceCode = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false), + SubjectId = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: true), + SessionId = table.Column(type: "nvarchar(100)", maxLength: 100, nullable: true), + ClientId = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false), + Description = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: true), + CreationTime = table.Column(type: "datetime2", nullable: false), + Expiration = table.Column(type: "datetime2", nullable: false), + Data = table.Column(type: "nvarchar(max)", maxLength: 50000, nullable: false) + }, + constraints: table => + { + table.PrimaryKey("PK_DeviceCodes", x => x.UserCode); + }); + + migrationBuilder.CreateTable( + name: "Keys", + columns: table => new + { + Id = table.Column(type: "nvarchar(450)", nullable: false), + Version = table.Column(type: "int", nullable: false), + Created = table.Column(type: "datetime2", nullable: false), + Use = table.Column(type: "nvarchar(450)", nullable: true), + Algorithm = table.Column(type: "nvarchar(100)", maxLength: 100, nullable: false), + IsX509Certificate = table.Column(type: "bit", nullable: false), + DataProtected = table.Column(type: "bit", nullable: false), + Data = table.Column(type: "nvarchar(max)", nullable: false) + }, + constraints: table => + { + table.PrimaryKey("PK_Keys", x => x.Id); + }); + + migrationBuilder.CreateTable( + name: "PersistedGrants", + columns: table => new + { + Id = table.Column(type: "bigint", nullable: false) + .Annotation("SqlServer:Identity", "1, 1"), + Key = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: true), + Type = table.Column(type: "nvarchar(50)", maxLength: 50, nullable: false), + SubjectId = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: true), + SessionId = table.Column(type: "nvarchar(100)", maxLength: 100, nullable: true), + ClientId = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false), + Description = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: true), + CreationTime = table.Column(type: "datetime2", nullable: false), + Expiration = table.Column(type: "datetime2", nullable: true), + ConsumedTime = table.Column(type: "datetime2", nullable: true), + Data = table.Column(type: "nvarchar(max)", maxLength: 50000, nullable: false) + }, + constraints: table => + { + table.PrimaryKey("PK_PersistedGrants", x => x.Id); + }); + + migrationBuilder.CreateTable( + name: "ServerSideSessions", + columns: table => new + { + Id = table.Column(type: "int", nullable: false) + .Annotation("SqlServer:Identity", "1, 1"), + Key = table.Column(type: "nvarchar(100)", maxLength: 100, nullable: false), + Scheme = table.Column(type: "nvarchar(100)", maxLength: 100, nullable: false), + SubjectId = table.Column(type: "nvarchar(100)", maxLength: 100, nullable: false), + SessionId = table.Column(type: "nvarchar(100)", maxLength: 100, nullable: true), + DisplayName = table.Column(type: "nvarchar(100)", maxLength: 100, nullable: true), + Created = table.Column(type: "datetime2", nullable: false), + Renewed = table.Column(type: "datetime2", nullable: false), + Expires = table.Column(type: "datetime2", nullable: true), + Data = table.Column(type: "nvarchar(max)", nullable: false) + }, + constraints: table => + { + table.PrimaryKey("PK_ServerSideSessions", x => x.Id); + }); + + migrationBuilder.CreateIndex( + name: "IX_DeviceCodes_DeviceCode", + table: "DeviceCodes", + column: "DeviceCode", + unique: true); + + migrationBuilder.CreateIndex( + name: "IX_DeviceCodes_Expiration", + table: "DeviceCodes", + column: "Expiration"); + + migrationBuilder.CreateIndex( + name: "IX_Keys_Use", + table: "Keys", + column: "Use"); + + migrationBuilder.CreateIndex( + name: "IX_PersistedGrants_ConsumedTime", + table: "PersistedGrants", + column: "ConsumedTime"); + + migrationBuilder.CreateIndex( + name: "IX_PersistedGrants_Expiration", + table: "PersistedGrants", + column: "Expiration"); + + migrationBuilder.CreateIndex( + name: "IX_PersistedGrants_Key", + table: "PersistedGrants", + column: "Key", + unique: true, + filter: "[Key] IS NOT NULL"); + + migrationBuilder.CreateIndex( + name: "IX_PersistedGrants_SubjectId_ClientId_Type", + table: "PersistedGrants", + columns: new[] { "SubjectId", "ClientId", "Type" }); + + migrationBuilder.CreateIndex( + name: "IX_PersistedGrants_SubjectId_SessionId_Type", + table: "PersistedGrants", + columns: new[] { "SubjectId", "SessionId", "Type" }); + + migrationBuilder.CreateIndex( + name: "IX_ServerSideSessions_DisplayName", + table: "ServerSideSessions", + column: "DisplayName"); + + migrationBuilder.CreateIndex( + name: "IX_ServerSideSessions_Expires", + table: "ServerSideSessions", + column: "Expires"); + + migrationBuilder.CreateIndex( + name: "IX_ServerSideSessions_Key", + table: "ServerSideSessions", + column: "Key", + unique: true); + + migrationBuilder.CreateIndex( + name: "IX_ServerSideSessions_SessionId", + table: "ServerSideSessions", + column: "SessionId"); + + migrationBuilder.CreateIndex( + name: "IX_ServerSideSessions_SubjectId", + table: "ServerSideSessions", + column: "SubjectId"); + } + + protected override void Down(MigrationBuilder migrationBuilder) + { + migrationBuilder.DropTable( + name: "DeviceCodes"); + + migrationBuilder.DropTable( + name: "Keys"); + + migrationBuilder.DropTable( + name: "PersistedGrants"); + + migrationBuilder.DropTable( + name: "ServerSideSessions"); + } + } +} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/PersistedGrantDbContextModelSnapshot.cs b/src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/PersistedGrantDbContextModelSnapshot.cs index 769f60a5a..e6351064f 100644 --- a/src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/PersistedGrantDbContextModelSnapshot.cs +++ b/src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/PersistedGrantDbContextModelSnapshot.cs @@ -1,11 +1,13 @@ // using System; -using IdentityServer4.EntityFramework.DbContexts; +using Duende.IdentityServer.EntityFramework.DbContexts; using Microsoft.EntityFrameworkCore; using Microsoft.EntityFrameworkCore.Infrastructure; using Microsoft.EntityFrameworkCore.Metadata; using Microsoft.EntityFrameworkCore.Storage.ValueConversion; +#nullable disable + namespace Identity.API.Migrations.PersistedGrantDb { [DbContext(typeof(PersistedGrantDbContext))] @@ -15,92 +17,222 @@ namespace Identity.API.Migrations.PersistedGrantDb { #pragma warning disable 612, 618 modelBuilder - .HasAnnotation("Relational:MaxIdentifierLength", 128) - .HasAnnotation("ProductVersion", "6.0.0") - .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); + .HasAnnotation("ProductVersion", "6.2.0") + .HasAnnotation("Relational:MaxIdentifierLength", 128); + + SqlServerModelBuilderExtensions.UseIdentityColumns(modelBuilder, 1L, 1); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.DeviceFlowCodes", b => + { + b.Property("UserCode") + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("ClientId") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("CreationTime") + .HasColumnType("datetime2"); + + b.Property("Data") + .IsRequired() + .HasMaxLength(50000) + .HasColumnType("nvarchar(max)"); + + b.Property("Description") + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("DeviceCode") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("Expiration") + .IsRequired() + .HasColumnType("datetime2"); + + b.Property("SessionId") + .HasMaxLength(100) + .HasColumnType("nvarchar(100)"); + + b.Property("SubjectId") + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.HasKey("UserCode"); + + b.HasIndex("DeviceCode") + .IsUnique(); + + b.HasIndex("Expiration"); + + b.ToTable("DeviceCodes", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.Key", b => + { + b.Property("Id") + .HasColumnType("nvarchar(450)"); + + b.Property("Algorithm") + .IsRequired() + .HasMaxLength(100) + .HasColumnType("nvarchar(100)"); + + b.Property("Created") + .HasColumnType("datetime2"); + + b.Property("Data") + .IsRequired() + .HasColumnType("nvarchar(max)"); + + b.Property("DataProtected") + .HasColumnType("bit"); + + b.Property("IsX509Certificate") + .HasColumnType("bit"); + + b.Property("Use") + .HasColumnType("nvarchar(450)"); + + b.Property("Version") + .HasColumnType("int"); + + b.HasKey("Id"); + + b.HasIndex("Use"); + + b.ToTable("Keys", (string)null); + }); + + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.PersistedGrant", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("bigint"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); + + b.Property("ClientId") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("ConsumedTime") + .HasColumnType("datetime2"); + + b.Property("CreationTime") + .HasColumnType("datetime2"); + + b.Property("Data") + .IsRequired() + .HasMaxLength(50000) + .HasColumnType("nvarchar(max)"); + + b.Property("Description") + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("Expiration") + .HasColumnType("datetime2"); + + b.Property("Key") + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("SessionId") + .HasMaxLength(100) + .HasColumnType("nvarchar(100)"); + + b.Property("SubjectId") + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("Type") + .IsRequired() + .HasMaxLength(50) + .HasColumnType("nvarchar(50)"); + + b.HasKey("Id"); + + b.HasIndex("ConsumedTime"); + + b.HasIndex("Expiration"); - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.DeviceFlowCodes", b => - { - b.Property("UserCode") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); + b.HasIndex("Key") + .IsUnique() + .HasFilter("[Key] IS NOT NULL"); - b.Property("ClientId") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); + b.HasIndex("SubjectId", "ClientId", "Type"); - b.Property("CreationTime") - .HasColumnType("datetime2"); + b.HasIndex("SubjectId", "SessionId", "Type"); - b.Property("Data") - .IsRequired() - .HasMaxLength(50000) - .HasColumnType("nvarchar(max)"); + b.ToTable("PersistedGrants", (string)null); + }); - b.Property("DeviceCode") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); + modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ServerSideSession", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); - b.Property("Expiration") - .IsRequired() - .HasColumnType("datetime2"); + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - b.Property("SubjectId") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); + b.Property("Created") + .HasColumnType("datetime2"); - b.HasKey("UserCode"); + b.Property("Data") + .IsRequired() + .HasColumnType("nvarchar(max)"); - b.HasIndex("DeviceCode") - .IsUnique(); + b.Property("DisplayName") + .HasMaxLength(100) + .HasColumnType("nvarchar(100)"); - b.HasIndex("Expiration"); + b.Property("Expires") + .HasColumnType("datetime2"); - b.ToTable("DeviceCodes", (string)null); - }); + b.Property("Key") + .IsRequired() + .HasMaxLength(100) + .HasColumnType("nvarchar(100)"); - modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.PersistedGrant", b => - { - b.Property("Key") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); + b.Property("Renewed") + .HasColumnType("datetime2"); - b.Property("ClientId") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); + b.Property("Scheme") + .IsRequired() + .HasMaxLength(100) + .HasColumnType("nvarchar(100)"); - b.Property("CreationTime") - .HasColumnType("datetime2"); + b.Property("SessionId") + .HasMaxLength(100) + .HasColumnType("nvarchar(100)"); - b.Property("Data") - .IsRequired() - .HasMaxLength(50000) - .HasColumnType("nvarchar(max)"); + b.Property("SubjectId") + .IsRequired() + .HasMaxLength(100) + .HasColumnType("nvarchar(100)"); - b.Property("Expiration") - .HasColumnType("datetime2"); + b.HasKey("Id"); - b.Property("SubjectId") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); + b.HasIndex("DisplayName"); - b.Property("Type") - .IsRequired() - .HasMaxLength(50) - .HasColumnType("nvarchar(50)"); + b.HasIndex("Expires"); - b.HasKey("Key"); + b.HasIndex("Key") + .IsUnique(); - b.HasIndex("Expiration"); + b.HasIndex("SessionId"); - b.HasIndex("SubjectId", "ClientId", "Type"); + b.HasIndex("SubjectId"); - b.ToTable("PersistedGrants", (string)null); - }); + b.ToTable("ServerSideSessions", (string)null); + }); #pragma warning restore 612, 618 } } -} +} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Models/AccountViewModels/ConsentInputModel.cs b/src/Services/Identity/Identity.API/Models/AccountViewModels/ConsentInputModel.cs deleted file mode 100644 index fd4e524cf..000000000 --- a/src/Services/Identity/Identity.API/Models/AccountViewModels/ConsentInputModel.cs +++ /dev/null @@ -1,10 +0,0 @@ -namespace Microsoft.eShopOnContainers.Services.Identity.API.Models.AccountViewModels -{ - public record ConsentInputModel - { - public string Button { get; init; } - public IEnumerable ScopesConsented { get; init; } - public bool RememberConsent { get; init; } - public string ReturnUrl { get; init; } - } -} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Models/AccountViewModels/ConsentViewModel.cs b/src/Services/Identity/Identity.API/Models/AccountViewModels/ConsentViewModel.cs deleted file mode 100644 index 6e9e46fe6..000000000 --- a/src/Services/Identity/Identity.API/Models/AccountViewModels/ConsentViewModel.cs +++ /dev/null @@ -1,61 +0,0 @@ -using IdentityServer4.Models; - -namespace Microsoft.eShopOnContainers.Services.Identity.API.Models.AccountViewModels -{ - public record ConsentViewModel : ConsentInputModel - { - public ConsentViewModel(ConsentInputModel model, string returnUrl, AuthorizationRequest request, Client client, Resources resources) - { - RememberConsent = model?.RememberConsent ?? true; - ScopesConsented = model?.ScopesConsented ?? Enumerable.Empty(); - - ReturnUrl = returnUrl; - - ClientName = client.ClientName; - ClientUrl = client.ClientUri; - ClientLogoUrl = client.LogoUri; - AllowRememberConsent = client.AllowRememberConsent; - - IdentityScopes = resources.IdentityResources.Select(x => new ScopeViewModel(x, ScopesConsented.Contains(x.Name) || model == null)).ToArray(); - ResourceScopes = resources.ApiResources.SelectMany(x => x.Scopes).Select(x => new ScopeViewModel(x, ScopesConsented.Contains(x.Name) || model == null)).ToArray(); - } - - public string ClientName { get; init; } - public string ClientUrl { get; init; } - public string ClientLogoUrl { get; init; } - public bool AllowRememberConsent { get; init; } - - public IEnumerable IdentityScopes { get; init; } - public IEnumerable ResourceScopes { get; init; } - } - - public record ScopeViewModel - { - public ScopeViewModel(Scope scope, bool check) - { - Name = scope.Name; - DisplayName = scope.DisplayName; - Description = scope.Description; - Emphasize = scope.Emphasize; - Required = scope.Required; - Checked = check || scope.Required; - } - - public ScopeViewModel(IdentityResource identity, bool check) - { - Name = identity.Name; - DisplayName = identity.DisplayName; - Description = identity.Description; - Emphasize = identity.Emphasize; - Required = identity.Required; - Checked = check || identity.Required; - } - - public string Name { get; init; } - public string DisplayName { get; init; } - public string Description { get; init; } - public bool Emphasize { get; init; } - public bool Required { get; init; } - public bool Checked { get; init; } - } -} diff --git a/src/Services/Identity/Identity.API/Models/AccountViewModels/RedirectViewModel.cs b/src/Services/Identity/Identity.API/Models/AccountViewModels/RedirectViewModel.cs new file mode 100644 index 000000000..1693abb7d --- /dev/null +++ b/src/Services/Identity/Identity.API/Models/AccountViewModels/RedirectViewModel.cs @@ -0,0 +1,7 @@ +namespace Microsoft.eShopOnContainers.Services.Identity.API.Models.AccountViewModels +{ + public class RedirectViewModel + { + public string RedirectUrl { get; set; } + } +} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Models/ConsentViewModels/ConsentInputModel.cs b/src/Services/Identity/Identity.API/Models/ConsentViewModels/ConsentInputModel.cs new file mode 100644 index 000000000..38592c36f --- /dev/null +++ b/src/Services/Identity/Identity.API/Models/ConsentViewModels/ConsentInputModel.cs @@ -0,0 +1,13 @@ +using System.Collections.Generic; + +namespace Microsoft.eShopOnContainers.Services.Identity.API.Models.ConsentViewModels +{ + public class ConsentInputModel + { + public string Button { get; set; } + public IEnumerable ScopesConsented { get; set; } + public bool RememberConsent { get; set; } + public string ReturnUrl { get; set; } + public string Description { get; set; } + } +} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Models/ConsentViewModels/ConsentOptions.cs b/src/Services/Identity/Identity.API/Models/ConsentViewModels/ConsentOptions.cs new file mode 100644 index 000000000..065b1825c --- /dev/null +++ b/src/Services/Identity/Identity.API/Models/ConsentViewModels/ConsentOptions.cs @@ -0,0 +1,12 @@ +namespace Microsoft.eShopOnContainers.Services.Identity.API.Models.ConsentViewModels +{ + public class ConsentOptions + { + public static bool EnableOfflineAccess = true; + public static string OfflineAccessDisplayName = "Offline Access"; + public static string OfflineAccessDescription = "Access to your applications and resources, even when you are offline"; + + public static readonly string MustChooseOneErrorMessage = "You must pick at least one permission"; + public static readonly string InvalidSelectionErrorMessage = "Invalid selection"; + } +} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Models/ConsentViewModels/ConsentViewModel.cs b/src/Services/Identity/Identity.API/Models/ConsentViewModels/ConsentViewModel.cs new file mode 100644 index 000000000..8f3b7594c --- /dev/null +++ b/src/Services/Identity/Identity.API/Models/ConsentViewModels/ConsentViewModel.cs @@ -0,0 +1,15 @@ +using System.Collections.Generic; + +namespace Microsoft.eShopOnContainers.Services.Identity.API.Models.ConsentViewModels +{ + public class ConsentViewModel : ConsentInputModel + { + public string ClientName { get; set; } + public string ClientUrl { get; set; } + public string ClientLogoUrl { get; set; } + public bool AllowRememberConsent { get; set; } + + public IEnumerable IdentityScopes { get; set; } + public IEnumerable ApiScopes { get; set; } + } +} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Models/ConsentViewModels/ProcessConsentResult.cs b/src/Services/Identity/Identity.API/Models/ConsentViewModels/ProcessConsentResult.cs new file mode 100644 index 000000000..cecfc6898 --- /dev/null +++ b/src/Services/Identity/Identity.API/Models/ConsentViewModels/ProcessConsentResult.cs @@ -0,0 +1,17 @@ +using Duende.IdentityServer.Models; + +namespace Microsoft.eShopOnContainers.Services.Identity.API.Models.ConsentViewModels +{ + public class ProcessConsentResult + { + public bool IsRedirect => RedirectUri != null; + public string RedirectUri { get; set; } + public Client Client { get; set; } + + public bool ShowView => ViewModel != null; + public ConsentViewModel ViewModel { get; set; } + + public bool HasValidationError => ValidationError != null; + public string ValidationError { get; set; } + } +} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Models/ConsentViewModels/ScopeViewModel.cs b/src/Services/Identity/Identity.API/Models/ConsentViewModels/ScopeViewModel.cs new file mode 100644 index 000000000..55c842dc9 --- /dev/null +++ b/src/Services/Identity/Identity.API/Models/ConsentViewModels/ScopeViewModel.cs @@ -0,0 +1,12 @@ +namespace Microsoft.eShopOnContainers.Services.Identity.API.Models.ConsentViewModels +{ + public class ScopeViewModel + { + public string Value { get; set; } + public string DisplayName { get; set; } + public string Description { get; set; } + public bool Emphasize { get; set; } + public bool Required { get; set; } + public bool Checked { get; set; } + } +} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Startup.cs b/src/Services/Identity/Identity.API/Startup.cs index 43662acdd..95af7e501 100644 --- a/src/Services/Identity/Identity.API/Startup.cs +++ b/src/Services/Identity/Identity.API/Startup.cs @@ -59,6 +59,7 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API x.IssuerUri = "null"; x.Authentication.CookieLifetime = TimeSpan.FromHours(2); }) + .AddServerSideSessions() .AddDevspacesIfNeeded(Configuration.GetValue("EnableDevspaces", false)) .AddSigningCredential(Certificate.Get()) .AddAspNetIdentity() @@ -125,6 +126,9 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API app.Use(async (context, next) => { context.Response.Headers.Add("Content-Security-Policy", "script-src 'unsafe-inline'"); + context.Response.Headers.Add("Access-Control-Allow-Origin", "*"); + context.Response.Headers.Add("Access-Control-Allow-Headers", "*"); + context.Response.Headers.Add("Access-Control-Allow-Methods", "GET, POST, PUT, OPTIONS"); await next(); }); diff --git a/src/Services/Identity/Identity.API/Views/Consent/Index.cshtml b/src/Services/Identity/Identity.API/Views/Consent/Index.cshtml index 08c316553..001cc1bd2 100644 --- a/src/Services/Identity/Identity.API/Views/Consent/Index.cshtml +++ b/src/Services/Identity/Identity.API/Views/Consent/Index.cshtml @@ -1,82 +1,104 @@ -@model Microsoft.eShopOnContainers.Services.Identity.API.Models.AccountViewModels.ConsentViewModel +@model Microsoft.eShopOnContainers.Services.Identity.API.Models.ConsentViewModels.ConsentViewModel -
-
-
- @if (Model.ClientLogoUrl != null) - { - - } -

- @Model.ClientName - is requesting your permission -

-
+
+
+ @if (Model.ClientLogoUrl != null) + { + + } +

+ @Model.ClientName + is requesting your permission +

+

Uncheck the permissions you do not wish to grant.

- - -
- + +
+
-
Uncheck the permissions you do not wish to grant.
- + + +
+
@if (Model.IdentityScopes.Any()) { -
-
- - Personal Information +
+
+
+ + Personal Information +
+
    + @foreach (var scope in Model.IdentityScopes) + { + + } +
-
    - @foreach (var scope in Model.IdentityScopes) - { - - } -
} - @if (Model.ResourceScopes.Any()) + @if (Model.ApiScopes.Any()) { -
-
- - Application Access +
+
+
+ + Application Access +
+
    + @foreach (var scope in Model.ApiScopes) + { + + } +
-
    - @foreach (var scope in Model.ResourceScopes) - { - - } -
} +
+
+
+ + Description +
+
+ +
+
+
+ @if (Model.AllowRememberConsent) { -
- +
+
+ + +
} +
+
-
- - - @if (Model.ClientUrl != null) - { - - - @Model.ClientName - - } -
- +
+
+ + +
+
+ @if (Model.ClientUrl != null) + { + + + @Model.ClientName + + } +
-
+
\ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Views/Consent/_ScopeListItem.cshtml b/src/Services/Identity/Identity.API/Views/Consent/_ScopeListItem.cshtml index 2910fdba9..0dd53a368 100644 --- a/src/Services/Identity/Identity.API/Views/Consent/_ScopeListItem.cshtml +++ b/src/Services/Identity/Identity.API/Views/Consent/_ScopeListItem.cshtml @@ -1,19 +1,19 @@ -@model Microsoft.eShopOnContainers.Services.Identity.API.Models.AccountViewModels.ScopeViewModel +@model Microsoft.eShopOnContainers.Services.Identity.API.Models.ConsentViewModels.ScopeViewModel
    • \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Views/Home/Index.cshtml b/src/Services/Identity/Identity.API/Views/Home/Index.cshtml index bd2846075..4e3a0712f 100644 --- a/src/Services/Identity/Identity.API/Views/Home/Index.cshtml +++ b/src/Services/Identity/Identity.API/Views/Home/Index.cshtml @@ -3,7 +3,7 @@

    - Welcome to IdentityServer4 + Welcome to Duende.IdentityServer @*(build {version})*@

    @@ -22,8 +22,8 @@

    Here are links to the - source code repository, - and ready to use samples. + source code repository, + and ready to use samples.

    diff --git a/src/Services/Identity/Identity.API/appsettings.json b/src/Services/Identity/Identity.API/appsettings.json index 2c66caece..4f71246b8 100644 --- a/src/Services/Identity/Identity.API/appsettings.json +++ b/src/Services/Identity/Identity.API/appsettings.json @@ -1,5 +1,5 @@ { - "ConnectionString": "Server=tcp:127.0.0.1,5433;Database=Microsoft.eShopOnContainers.Services.IdentityDb;User Id=sa;Password=Pass@word;", + "ConnectionString": "Server=tcp:127.0.0.1,5433;Database=Microsoft.eShopOnContainers.Services.IdentityDb;User Id=sa;Password=Pass@word;Encrypt=False;", "IsClusterEnv": "False", "MvcClient": "http://localhost:5100", "SpaClient": "http://localhost:5104", diff --git a/src/Services/Ordering/Ordering.API/GlobalUsings.cs b/src/Services/Ordering/Ordering.API/GlobalUsings.cs index a9ac5683a..434ef8273 100644 --- a/src/Services/Ordering/Ordering.API/GlobalUsings.cs +++ b/src/Services/Ordering/Ordering.API/GlobalUsings.cs @@ -84,3 +84,4 @@ global using System.Threading.Tasks; global using System.Threading; global using System; global using System.Collections.Generic; +global using Microsoft.IdentityModel.Tokens; diff --git a/src/Services/Ordering/Ordering.API/Startup.cs b/src/Services/Ordering/Ordering.API/Startup.cs index a4bfacca1..6130bda73 100644 --- a/src/Services/Ordering/Ordering.API/Startup.cs +++ b/src/Services/Ordering/Ordering.API/Startup.cs @@ -382,6 +382,10 @@ static class CustomExtensionsMethods options.Authority = identityUrl; options.RequireHttpsMetadata = false; options.Audience = "orders"; + options.TokenValidationParameters = new TokenValidationParameters + { + ValidateAudience = false + }; }); return services; diff --git a/src/Services/Webhooks/Webhooks.API/GlobalUsings.cs b/src/Services/Webhooks/Webhooks.API/GlobalUsings.cs index c575b7235..90840639b 100644 --- a/src/Services/Webhooks/Webhooks.API/GlobalUsings.cs +++ b/src/Services/Webhooks/Webhooks.API/GlobalUsings.cs @@ -48,3 +48,4 @@ global using Webhooks.API.IntegrationEvents; global using Webhooks.API.Model; global using Webhooks.API.Services; global using Webhooks.API; +global using Microsoft.IdentityModel.Tokens; diff --git a/src/Services/Webhooks/Webhooks.API/Startup.cs b/src/Services/Webhooks/Webhooks.API/Startup.cs index 07325bcbc..9ad3a834a 100644 --- a/src/Services/Webhooks/Webhooks.API/Startup.cs +++ b/src/Services/Webhooks/Webhooks.API/Startup.cs @@ -303,6 +303,10 @@ internal static class CustomExtensionMethods options.Authority = identityUrl; options.RequireHttpsMetadata = false; options.Audience = "webhooks"; + options.TokenValidationParameters = new TokenValidationParameters + { + ValidateAudience = false + }; }); return services; diff --git a/src/Web/WebMVC/Startup.cs b/src/Web/WebMVC/Startup.cs index b42b0bc28..b0a3878fb 100644 --- a/src/Web/WebMVC/Startup.cs +++ b/src/Web/WebMVC/Startup.cs @@ -161,7 +161,7 @@ static class ServiceCollectionExtensions services.AddAuthentication(options => { options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme; - options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; + options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme; }) .AddCookie(setup => setup.ExpireTimeSpan = TimeSpan.FromMinutes(sessionCookieLifetime)) .AddOpenIdConnect(options => diff --git a/src/docker-compose.override.yml b/src/docker-compose.override.yml index 8251636e9..421231107 100644 --- a/src/docker-compose.override.yml +++ b/src/docker-compose.override.yml @@ -44,7 +44,7 @@ services: - ASPNETCORE_URLS=http://0.0.0.0:80 - SpaClient=http://${ESHOP_EXTERNAL_DNS_NAME_OR_IP}:5104 - XamarinCallback=http://${ESHOP_PROD_EXTERNAL_DNS_NAME_OR_IP}:5105/xamarincallback - - ConnectionString=${ESHOP_AZURE_IDENTITY_DB:-Server=sqldata;Database=Microsoft.eShopOnContainers.Service.IdentityDb;User Id=sa;Password=Pass@word} + - ConnectionString=${ESHOP_AZURE_IDENTITY_DB:-Server=sqldata;Database=Microsoft.eShopOnContainers.Service.IdentityDb;User Id=sa;Password=Pass@word;Encrypt=False} - MvcClient=http://${ESHOP_EXTERNAL_DNS_NAME_OR_IP}:5100 - BasketApiClient=http://${ESHOP_EXTERNAL_DNS_NAME_OR_IP}:5103 - OrderingApiClient=http://${ESHOP_EXTERNAL_DNS_NAME_OR_IP}:5102 @@ -82,7 +82,7 @@ services: catalog-api: environment: - ASPNETCORE_ENVIRONMENT=Development - - ConnectionString=${ESHOP_AZURE_CATALOG_DB:-Server=sqldata;Database=Microsoft.eShopOnContainers.Services.CatalogDb;User Id=sa;Password=Pass@word} + - ConnectionString=${ESHOP_AZURE_CATALOG_DB:-Server=sqldata;Database=Microsoft.eShopOnContainers.Services.CatalogDb;User Id=sa;Password=Pass@word;Encrypt=False} - PicBaseUrl=${ESHOP_STORAGE_CATALOG_URL} - EventBusConnection=${ESHOP_AZURE_SERVICE_BUS:-rabbitmq} - EventBusUserName=${ESHOP_SERVICE_BUS_USERNAME} @@ -105,7 +105,7 @@ services: environment: - ASPNETCORE_ENVIRONMENT=Development - ASPNETCORE_URLS=http://0.0.0.0:80 - - ConnectionString=${ESHOP_AZURE_ORDERING_DB:-Server=sqldata;Database=Microsoft.eShopOnContainers.Services.OrderingDb;User Id=sa;Password=Pass@word} + - ConnectionString=${ESHOP_AZURE_ORDERING_DB:-Server=sqldata;Database=Microsoft.eShopOnContainers.Services.OrderingDb;User Id=sa;Password=Pass@word;Encrypt=False} - identityUrl=http://identity-api - IdentityUrlExternal=http://${ESHOP_EXTERNAL_DNS_NAME_OR_IP}:5105 - EventBusConnection=${ESHOP_AZURE_SERVICE_BUS:-rabbitmq} @@ -130,7 +130,7 @@ services: environment: - ASPNETCORE_ENVIRONMENT=Development - ASPNETCORE_URLS=http://0.0.0.0:80 - - ConnectionString=${ESHOP_AZURE_ORDERING_DB:-Server=sqldata;Database=Microsoft.eShopOnContainers.Services.OrderingDb;User Id=sa;Password=Pass@word} + - ConnectionString=${ESHOP_AZURE_ORDERING_DB:-Server=sqldata;Database=Microsoft.eShopOnContainers.Services.OrderingDb;User Id=sa;Password=Pass@word;Encrypt=False} - EventBusConnection=${ESHOP_AZURE_SERVICE_BUS:-rabbitmq} - EventBusUserName=${ESHOP_SERVICE_BUS_USERNAME} - EventBusPassword=${ESHOP_SERVICE_BUS_PASSWORD} @@ -164,7 +164,7 @@ services: environment: - ASPNETCORE_ENVIRONMENT=Development - ASPNETCORE_URLS=http://0.0.0.0:80 - - ConnectionString=${ESHOP_AZURE_WEBHOOKS_DB:-Server=sqldata;Database=Microsoft.eShopOnContainers.Services.WebhooksDb;User Id=sa;Password=Pass@word} + - ConnectionString=${ESHOP_AZURE_WEBHOOKS_DB:-Server=sqldata;Database=Microsoft.eShopOnContainers.Services.WebhooksDb;User Id=sa;Password=Pass@word;Encrypt=False} - EventBusConnection=${ESHOP_AZURE_SERVICE_BUS:-rabbitmq} - EventBusUserName=${ESHOP_SERVICE_BUS_USERNAME} - EventBusPassword=${ESHOP_SERVICE_BUS_PASSWORD} From 9b3e00d75634e5c3c14425d386f8ff0455a67bbc Mon Sep 17 00:00:00 2001 From: Tarun Jain Date: Tue, 29 Nov 2022 00:56:35 +0530 Subject: [PATCH 07/14] update nuget packages for complete solution --- .../Mobile.Shopping.HttpAggregator.csproj | 24 ++++---- .../Web.Shopping.HttpAggregator.csproj | 26 ++++---- .../Devspaces.Support.csproj | 4 +- .../EventBus.Tests/EventBus.Tests.csproj | 6 +- .../EventBusRabbitMQ/EventBusRabbitMQ.csproj | 8 +-- .../EventBusServiceBus.csproj | 6 +- .../IntegrationEventLogEF.csproj | 8 +-- .../WebHost.Customization.csproj | 16 ++--- .../Basket/Basket.API/Basket.API.csproj | 32 +++++----- .../Basket.FunctionalTests.csproj | 14 ++--- .../Basket.UnitTests/Basket.UnitTests.csproj | 16 ++--- .../Catalog/Catalog.API/Catalog.API.csproj | 61 ++++++++++--------- .../Catalog.FunctionalTests.csproj | 10 +-- .../Catalog.UnitTests.csproj | 12 ++-- .../Identity/Identity.API/Identity.API.csproj | 28 ++++----- .../Ordering/Ordering.API/Ordering.API.csproj | 56 ++++++++--------- .../Ordering.BackgroundTasks.csproj | 32 +++++----- .../Ordering.Domain/Ordering.Domain.csproj | 4 +- .../Ordering.FunctionalTests.csproj | 10 +-- .../Ordering.Infrastructure.csproj | 10 +-- .../Ordering.SignalrHub.csproj | 34 +++++------ .../Ordering.UnitTests.csproj | 12 ++-- .../Payment/Payment.API/Payment.API.csproj | 32 +++++----- .../Webhooks/Webhooks.API/Webhooks.API.csproj | 20 +++--- .../Application.FunctionalTests.csproj | 8 +-- src/Web/WebMVC/WebMVC.csproj | 34 +++++------ src/Web/WebSPA/WebSPA.csproj | 26 ++++---- src/Web/WebStatus/WebStatus.csproj | 32 +++++----- src/Web/WebhookClient/WebhookClient.csproj | 8 +-- src/eShopOnContainers-ServicesAndWebApps.sln | 4 +- 30 files changed, 298 insertions(+), 295 deletions(-) diff --git a/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Mobile.Shopping.HttpAggregator.csproj b/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Mobile.Shopping.HttpAggregator.csproj index 9a5fa6258..68e66ba8a 100644 --- a/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Mobile.Shopping.HttpAggregator.csproj +++ b/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Mobile.Shopping.HttpAggregator.csproj @@ -14,19 +14,19 @@ - - - - - - - - + + + + + + + + - - - - + + + + diff --git a/src/ApiGateways/Web.Bff.Shopping/aggregator/Web.Shopping.HttpAggregator.csproj b/src/ApiGateways/Web.Bff.Shopping/aggregator/Web.Shopping.HttpAggregator.csproj index c80ca96a9..ff9cbca53 100644 --- a/src/ApiGateways/Web.Bff.Shopping/aggregator/Web.Shopping.HttpAggregator.csproj +++ b/src/ApiGateways/Web.Bff.Shopping/aggregator/Web.Shopping.HttpAggregator.csproj @@ -14,20 +14,20 @@ - - - - - - - - - + + + + + + + + + - - - - + + + + diff --git a/src/BuildingBlocks/Devspaces.Support/Devspaces.Support.csproj b/src/BuildingBlocks/Devspaces.Support/Devspaces.Support.csproj index 3398f17e6..f1f64f9a8 100644 --- a/src/BuildingBlocks/Devspaces.Support/Devspaces.Support.csproj +++ b/src/BuildingBlocks/Devspaces.Support/Devspaces.Support.csproj @@ -5,7 +5,7 @@ - - + + diff --git a/src/BuildingBlocks/EventBus/EventBus.Tests/EventBus.Tests.csproj b/src/BuildingBlocks/EventBus/EventBus.Tests/EventBus.Tests.csproj index 46ac5a285..c1c2ae2db 100644 --- a/src/BuildingBlocks/EventBus/EventBus.Tests/EventBus.Tests.csproj +++ b/src/BuildingBlocks/EventBus/EventBus.Tests/EventBus.Tests.csproj @@ -5,12 +5,12 @@ - - + + all runtime; build; native; contentfiles; analyzers; buildtransitive - + diff --git a/src/BuildingBlocks/EventBus/EventBusRabbitMQ/EventBusRabbitMQ.csproj b/src/BuildingBlocks/EventBus/EventBusRabbitMQ/EventBusRabbitMQ.csproj index c91224777..6a1b9a477 100644 --- a/src/BuildingBlocks/EventBus/EventBusRabbitMQ/EventBusRabbitMQ.csproj +++ b/src/BuildingBlocks/EventBus/EventBusRabbitMQ/EventBusRabbitMQ.csproj @@ -6,11 +6,11 @@ - + - - - + + + diff --git a/src/BuildingBlocks/EventBus/EventBusServiceBus/EventBusServiceBus.csproj b/src/BuildingBlocks/EventBus/EventBusServiceBus/EventBusServiceBus.csproj index eb6fc667d..4b02b0d90 100644 --- a/src/BuildingBlocks/EventBus/EventBusServiceBus/EventBusServiceBus.csproj +++ b/src/BuildingBlocks/EventBus/EventBusServiceBus/EventBusServiceBus.csproj @@ -6,10 +6,10 @@ - - + + - + diff --git a/src/BuildingBlocks/EventBus/IntegrationEventLogEF/IntegrationEventLogEF.csproj b/src/BuildingBlocks/EventBus/IntegrationEventLogEF/IntegrationEventLogEF.csproj index ba899ad65..0343bb20c 100644 --- a/src/BuildingBlocks/EventBus/IntegrationEventLogEF/IntegrationEventLogEF.csproj +++ b/src/BuildingBlocks/EventBus/IntegrationEventLogEF/IntegrationEventLogEF.csproj @@ -6,13 +6,13 @@ - + all runtime; build; native; contentfiles; analyzers; buildtransitive - - - + + + diff --git a/src/BuildingBlocks/WebHostCustomization/WebHost.Customization/WebHost.Customization.csproj b/src/BuildingBlocks/WebHostCustomization/WebHost.Customization/WebHost.Customization.csproj index b332583b8..c3bad0c69 100644 --- a/src/BuildingBlocks/WebHostCustomization/WebHost.Customization/WebHost.Customization.csproj +++ b/src/BuildingBlocks/WebHostCustomization/WebHost.Customization/WebHost.Customization.csproj @@ -10,17 +10,17 @@ - + all runtime; build; native; contentfiles; analyzers; buildtransitive - - - - - - - + + + + + + + diff --git a/src/Services/Basket/Basket.API/Basket.API.csproj b/src/Services/Basket/Basket.API/Basket.API.csproj index 410e9676a..eefe39eef 100644 --- a/src/Services/Basket/Basket.API/Basket.API.csproj +++ b/src/Services/Basket/Basket.API/Basket.API.csproj @@ -14,7 +14,7 @@ - + @@ -22,26 +22,26 @@ - - - - - - - - + + + + + + + + - + - + - + - - - - + + + + diff --git a/src/Services/Basket/Basket.FunctionalTests/Basket.FunctionalTests.csproj b/src/Services/Basket/Basket.FunctionalTests/Basket.FunctionalTests.csproj index 38e79e686..002bd16c4 100644 --- a/src/Services/Basket/Basket.FunctionalTests/Basket.FunctionalTests.csproj +++ b/src/Services/Basket/Basket.FunctionalTests/Basket.FunctionalTests.csproj @@ -16,16 +16,16 @@ - - - - - - + + + + + + all runtime; build; native; contentfiles; analyzers - + diff --git a/src/Services/Basket/Basket.UnitTests/Basket.UnitTests.csproj b/src/Services/Basket/Basket.UnitTests/Basket.UnitTests.csproj index 1243c4949..73a4a773f 100644 --- a/src/Services/Basket/Basket.UnitTests/Basket.UnitTests.csproj +++ b/src/Services/Basket/Basket.UnitTests/Basket.UnitTests.csproj @@ -7,17 +7,17 @@ - - - - - - - + + + + + + + all runtime; build; native; contentfiles; analyzers - + diff --git a/src/Services/Catalog/Catalog.API/Catalog.API.csproj b/src/Services/Catalog/Catalog.API/Catalog.API.csproj index 556c32c50..362401a4d 100644 --- a/src/Services/Catalog/Catalog.API/Catalog.API.csproj +++ b/src/Services/Catalog/Catalog.API/Catalog.API.csproj @@ -41,37 +41,40 @@ - - - - - - - - - - - - - - + + + + + + + + + + + + + + - - - - - + + + + + - - - - - - - - - - + + + + + + + + + + + all + runtime; build; native; contentfiles; analyzers; buildtransitive + diff --git a/src/Services/Catalog/Catalog.FunctionalTests/Catalog.FunctionalTests.csproj b/src/Services/Catalog/Catalog.FunctionalTests/Catalog.FunctionalTests.csproj index 37e9324fc..9597df839 100644 --- a/src/Services/Catalog/Catalog.FunctionalTests/Catalog.FunctionalTests.csproj +++ b/src/Services/Catalog/Catalog.FunctionalTests/Catalog.FunctionalTests.csproj @@ -33,14 +33,14 @@ - - - - + + + + all runtime; build; native; contentfiles; analyzers - + diff --git a/src/Services/Catalog/Catalog.UnitTests/Catalog.UnitTests.csproj b/src/Services/Catalog/Catalog.UnitTests/Catalog.UnitTests.csproj index 5544928cd..b2d5f0b77 100644 --- a/src/Services/Catalog/Catalog.UnitTests/Catalog.UnitTests.csproj +++ b/src/Services/Catalog/Catalog.UnitTests/Catalog.UnitTests.csproj @@ -7,15 +7,15 @@ - - - - - + + + + + all runtime; build; native; contentfiles; analyzers - + diff --git a/src/Services/Identity/Identity.API/Identity.API.csproj b/src/Services/Identity/Identity.API/Identity.API.csproj index e8095a609..ef956e09a 100644 --- a/src/Services/Identity/Identity.API/Identity.API.csproj +++ b/src/Services/Identity/Identity.API/Identity.API.csproj @@ -23,9 +23,9 @@ - - - + + + @@ -37,21 +37,21 @@ - + - + - - + + - - - - - - + + + + + + - + diff --git a/src/Services/Ordering/Ordering.API/Ordering.API.csproj b/src/Services/Ordering/Ordering.API/Ordering.API.csproj index 454900a7e..f7f0a359c 100644 --- a/src/Services/Ordering/Ordering.API/Ordering.API.csproj +++ b/src/Services/Ordering/Ordering.API/Ordering.API.csproj @@ -36,37 +36,37 @@ - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + - - - - + + + + - - - - - - + + + + + + diff --git a/src/Services/Ordering/Ordering.BackgroundTasks/Ordering.BackgroundTasks.csproj b/src/Services/Ordering/Ordering.BackgroundTasks/Ordering.BackgroundTasks.csproj index 4b1145242..fe7da8680 100644 --- a/src/Services/Ordering/Ordering.BackgroundTasks/Ordering.BackgroundTasks.csproj +++ b/src/Services/Ordering/Ordering.BackgroundTasks/Ordering.BackgroundTasks.csproj @@ -8,23 +8,23 @@ - - - - - - - + + + + + + + - - - - - - - - - + + + + + + + + + diff --git a/src/Services/Ordering/Ordering.Domain/Ordering.Domain.csproj b/src/Services/Ordering/Ordering.Domain/Ordering.Domain.csproj index 68b8caf94..c6508b17b 100644 --- a/src/Services/Ordering/Ordering.Domain/Ordering.Domain.csproj +++ b/src/Services/Ordering/Ordering.Domain/Ordering.Domain.csproj @@ -5,8 +5,8 @@ - - + + diff --git a/src/Services/Ordering/Ordering.FunctionalTests/Ordering.FunctionalTests.csproj b/src/Services/Ordering/Ordering.FunctionalTests/Ordering.FunctionalTests.csproj index 2c87f42a9..9b9e67a58 100644 --- a/src/Services/Ordering/Ordering.FunctionalTests/Ordering.FunctionalTests.csproj +++ b/src/Services/Ordering/Ordering.FunctionalTests/Ordering.FunctionalTests.csproj @@ -17,14 +17,14 @@ - - - - + + + + all runtime; build; native; contentfiles; analyzers - + diff --git a/src/Services/Ordering/Ordering.Infrastructure/Ordering.Infrastructure.csproj b/src/Services/Ordering/Ordering.Infrastructure/Ordering.Infrastructure.csproj index a74f43b32..bcf3ba5a5 100644 --- a/src/Services/Ordering/Ordering.Infrastructure/Ordering.Infrastructure.csproj +++ b/src/Services/Ordering/Ordering.Infrastructure/Ordering.Infrastructure.csproj @@ -9,11 +9,11 @@ - - - - - + + + + + diff --git a/src/Services/Ordering/Ordering.SignalrHub/Ordering.SignalrHub.csproj b/src/Services/Ordering/Ordering.SignalrHub/Ordering.SignalrHub.csproj index b60c81897..e49f19932 100644 --- a/src/Services/Ordering/Ordering.SignalrHub/Ordering.SignalrHub.csproj +++ b/src/Services/Ordering/Ordering.SignalrHub/Ordering.SignalrHub.csproj @@ -8,26 +8,26 @@ - - - - - - - - - + + + + + + + + + - - - - + + + + - - - - + + + + diff --git a/src/Services/Ordering/Ordering.UnitTests/Ordering.UnitTests.csproj b/src/Services/Ordering/Ordering.UnitTests/Ordering.UnitTests.csproj index 4e683a6af..e004f9c8c 100644 --- a/src/Services/Ordering/Ordering.UnitTests/Ordering.UnitTests.csproj +++ b/src/Services/Ordering/Ordering.UnitTests/Ordering.UnitTests.csproj @@ -7,15 +7,15 @@ - - - - - + + + + + all runtime; build; native; contentfiles; analyzers - + diff --git a/src/Services/Payment/Payment.API/Payment.API.csproj b/src/Services/Payment/Payment.API/Payment.API.csproj index 616a8b21d..02c255fa6 100644 --- a/src/Services/Payment/Payment.API/Payment.API.csproj +++ b/src/Services/Payment/Payment.API/Payment.API.csproj @@ -9,23 +9,23 @@ - - - - - - - - - + + + + + + + + + - - - - - - - + + + + + + + diff --git a/src/Services/Webhooks/Webhooks.API/Webhooks.API.csproj b/src/Services/Webhooks/Webhooks.API/Webhooks.API.csproj index 82eec7886..76445d45e 100644 --- a/src/Services/Webhooks/Webhooks.API/Webhooks.API.csproj +++ b/src/Services/Webhooks/Webhooks.API/Webhooks.API.csproj @@ -10,17 +10,17 @@ - - - - - - - + + + + + + + - - - + + + diff --git a/src/Tests/Services/Application.FunctionalTests/Application.FunctionalTests.csproj b/src/Tests/Services/Application.FunctionalTests/Application.FunctionalTests.csproj index aa795760d..bd3ab30a1 100644 --- a/src/Tests/Services/Application.FunctionalTests/Application.FunctionalTests.csproj +++ b/src/Tests/Services/Application.FunctionalTests/Application.FunctionalTests.csproj @@ -42,10 +42,10 @@ - - - - + + + + all runtime; build; native; contentfiles; analyzers diff --git a/src/Web/WebMVC/WebMVC.csproj b/src/Web/WebMVC/WebMVC.csproj index 81b1c3150..a8ce35604 100644 --- a/src/Web/WebMVC/WebMVC.csproj +++ b/src/Web/WebMVC/WebMVC.csproj @@ -1,4 +1,4 @@ - + net7.0 @@ -21,26 +21,26 @@ - - + + - - - - - - + + + + + + - - + + - - - - - - + + + + + + diff --git a/src/Web/WebSPA/WebSPA.csproj b/src/Web/WebSPA/WebSPA.csproj index fb516058a..6f8745016 100644 --- a/src/Web/WebSPA/WebSPA.csproj +++ b/src/Web/WebSPA/WebSPA.csproj @@ -31,20 +31,20 @@ - - - - - - + + + + + + - - - - - - - + + + + + + + diff --git a/src/Web/WebStatus/WebStatus.csproj b/src/Web/WebStatus/WebStatus.csproj index 5dbcf81c5..165d1630d 100644 --- a/src/Web/WebStatus/WebStatus.csproj +++ b/src/Web/WebStatus/WebStatus.csproj @@ -7,24 +7,24 @@ - - - - - - - - - + + + + + + + + + - + - - - - - - + + + + + + diff --git a/src/Web/WebhookClient/WebhookClient.csproj b/src/Web/WebhookClient/WebhookClient.csproj index 90632e4ff..0273dfa31 100644 --- a/src/Web/WebhookClient/WebhookClient.csproj +++ b/src/Web/WebhookClient/WebhookClient.csproj @@ -11,10 +11,10 @@ - - - - + + + + diff --git a/src/eShopOnContainers-ServicesAndWebApps.sln b/src/eShopOnContainers-ServicesAndWebApps.sln index 446614fc0..c45bfe0bf 100644 --- a/src/eShopOnContainers-ServicesAndWebApps.sln +++ b/src/eShopOnContainers-ServicesAndWebApps.sln @@ -1,7 +1,7 @@  Microsoft Visual Studio Solution File, Format Version 12.00 -# Visual Studio Version 16 -VisualStudioVersion = 16.0.29020.237 +# Visual Studio Version 17 +VisualStudioVersion = 17.4.33027.239 MinimumVisualStudioVersion = 10.0.40219.1 Project("{E53339B2-1760-4266-BCC7-CA923CBCF16C}") = "docker-compose", "docker-compose.dcproj", "{FEA0C318-FFED-4D39-8781-265718CA43DD}" EndProject From c10fff488c860e1299e9e0dc70b60e63f38c6558 Mon Sep 17 00:00:00 2001 From: Tarun Jain Date: Tue, 29 Nov 2022 02:56:34 +0530 Subject: [PATCH 08/14] fix serilog error --- src/Services/Identity/Identity.API/Program.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Services/Identity/Identity.API/Program.cs b/src/Services/Identity/Identity.API/Program.cs index 7c021c7a4..0f4d5dfee 100644 --- a/src/Services/Identity/Identity.API/Program.cs +++ b/src/Services/Identity/Identity.API/Program.cs @@ -63,7 +63,7 @@ Serilog.ILogger CreateSerilogLogger(IConfiguration configuration) .Enrich.FromLogContext() .WriteTo.Console() .WriteTo.Seq(string.IsNullOrWhiteSpace(seqServerUrl) ? "http://seq" : seqServerUrl) - .WriteTo.Http(string.IsNullOrWhiteSpace(logstashUrl) ? "http://localhost:8080" : logstashUrl) + .WriteTo.Http(string.IsNullOrWhiteSpace(logstashUrl) ? "http://localhost:8080" : logstashUrl,null) .ReadFrom.Configuration(configuration) .CreateLogger(); } From b90d2d1cd478b701564acababee2e726e45c6107 Mon Sep 17 00:00:00 2001 From: Tarun Jain Date: Wed, 30 Nov 2022 21:55:07 +0530 Subject: [PATCH 09/14] implement Duende.IdentityServer 6.2.0 --- .../Mobile.Bff.Shopping/aggregator/Startup.cs | 2 +- .../Web.Bff.Shopping/aggregator/Startup.cs | 2 +- .../Identity.API/Certificate/Certificate.cs | 31 - .../Identity.API/Certificate/idsrv3test.pfx | Bin 3395 -> 0 bytes .../Identity.API/Configuration/Config.cs | 50 +- .../Controllers/AccountController.cs | 299 ----- .../Controllers/ConsentController.cs | 249 ---- .../Controllers/HomeController.cs | 46 - .../Identity.API/Data/ApplicationDbContext.cs | 25 +- .../Data/ApplicationDbContextSeed.cs | 218 ---- .../Data/ConfigurationDbContextSeed.cs | 83 -- ...210914100206_InitialMigration.Designer.cs} | 20 +- .../20210914100206_InitialMigration.cs} | 2 +- .../ApplicationDbContextModelSnapshot.cs | 18 +- .../Identity.API/Extensions/Extension.cs | 23 - .../Extensions/LinqSelectExtensions.cs | 46 - .../Factories/ApplicationDbContextFactory.cs | 20 - .../ConfigurationDbContextFactory.cs | 21 - .../PersistedGrantDbContextFactory.cs | 21 - .../Identity/Identity.API/GlobalUsings.cs | 20 +- .../Identity/Identity.API/Identity.API.csproj | 38 +- ...nitialConfigurationDbMigration.Designer.cs | 1096 ----------------- ...4152912_InitialConfigurationDbMigration.cs | 712 ----------- .../ConfigurationDbContextModelSnapshot.cs | 1094 ---------------- ...itialPersistedGrantDbMigration.Designer.cs | 240 ---- ...152905_InitialPersistedGrantDbMigration.cs | 177 --- .../PersistedGrantDbContextModelSnapshot.cs | 238 ---- src/Services/Identity/Identity.API/Program.cs | 112 +- .../Identity.API/ProgramExtensions.cs | 117 ++ .../Quickstart/Account/AccountController.cs | 341 +++++ .../Quickstart/Account/AccountOptions.cs | 16 + .../Quickstart/Account/ExternalController.cs | 238 ++++ .../Quickstart/Account/ExternalProvider.cs | 10 + .../Quickstart/Account/LoggedOutViewModel.cs | 18 + .../Quickstart/Account/LoginInputModel.cs | 15 + .../Quickstart/Account/LoginViewModel.cs | 17 + .../Quickstart/Account/LogoutInputModel.cs | 10 + .../Quickstart/Account/LogoutViewModel.cs | 10 + .../Quickstart/Account/RedirectViewModel.cs | 11 + .../Quickstart/Consent/ConsentController.cs | 247 ++++ .../Quickstart/Consent/ConsentInputModel.cs | 14 + .../Quickstart/Consent/ConsentOptions.cs | 15 + .../Quickstart/Consent/ConsentViewModel.cs | 16 + .../Consent/ProcessConsentResult.cs | 17 + .../Quickstart/Consent/ScopeViewModel.cs | 15 + .../Device/DeviceAuthorizationInputModel.cs | 10 + .../Device/DeviceAuthorizationViewModel.cs | 11 + .../Quickstart/Device/DeviceController.cs | 214 ++++ .../Diagnostics/DiagnosticsController.cs | 22 + .../Diagnostics/DiagnosticsViewModel.cs | 28 + .../Identity.API/Quickstart/Extensions.cs | 22 + .../Quickstart/Grants/GrantsController.cs | 85 ++ .../Quickstart/Grants/GrantsViewModel.cs | 23 + .../Quickstart/Home/ErrorViewModel.cs | 18 + .../Quickstart/Home/HomeController.cs | 63 + .../Quickstart/SecurityHeadersAttribute.cs | 52 + .../Identity/Identity.API/SeedData.cs | 124 ++ .../Identity/Identity.API/Setup/Users.csv | 2 - .../Identity/Identity.API/Setup/images.zip | Bin 14192 -> 0 bytes src/Services/Identity/Identity.API/Startup.cs | 167 --- .../Views/Account/AccessDenied.cshtml | 7 + .../Views/Account/LoggedOut.cshtml | 21 +- .../Identity.API/Views/Account/Login.cshtml | 86 +- .../Identity.API/Views/Account/Logout.cshtml | 26 +- .../Views/Account/Redirecting.cshtml | 3 - .../Views/Account/Register.cshtml | 28 - .../Views/Account/_LoginPartial-MVC.cshtml | 54 - .../Views/Account/_LoginPartial-SPA.cshtml | 47 - .../Views/Account/_RegisterPartial-MVC.cshtml | 100 -- .../Views/Account/_RegisterPartial-SPA.cshtml | 100 -- .../Identity.API/Views/Consent/Index.cshtml | 4 +- .../Identity.API/Views/Device/Success.cshtml | 7 + .../Views/Device/UserCodeCapture.cshtml | 23 + .../Views/Device/UserCodeConfirmation.cshtml | 108 ++ .../Views/Diagnostics/Index.cshtml | 64 + .../Identity.API/Views/Grants/Index.cshtml | 87 ++ .../Identity.API/Views/Home/Index.cshtml | 58 +- .../Identity.API/Views/Shared/Error.cshtml | 10 +- .../Identity.API/Views/Shared/Redirect.cshtml | 11 + .../Views/Shared/_Layout-SPA.cshtml | 54 - .../Identity.API/Views/Shared/_Layout.cshtml | 72 +- .../Views/Shared/_LoginPartial.cshtml | 27 - .../{Consent => Shared}/_ScopeListItem.cshtml | 6 +- .../Shared/_ValidationScriptsPartial.cshtml | 14 - .../Views/Shared/_ValidationSummary.cshtml | 2 +- .../Identity.API/Views/_ViewImports.cshtml | 3 +- .../Identity.API/Views/_ViewStart.cshtml | 2 +- ...-key-10C452043E09C5A22FC8D97669868B8F.json | 1 + ...-key-1417AE0BAF26F393609EF30FA355D06C.json | 1 + ...-key-22178AEDB80CD0A41DF6874FE93F794D.json | 1 + ...-key-870FA7120249C21C30ADE458B07918C1.json | 1 + ...-key-B0B34AEB91E2638F61EB9A5543F3940F.json | 1 + ...-key-CFE19FEED1112F0740C7CEAAE490834F.json | 1 + .../Identity/Identity.API/tempkey.jwk | 1 + .../wwwroot/js/signin-redirect.js | 1 + .../wwwroot/js/signout-redirect.js | 6 + src/Services/Ordering/Ordering.API/Program.cs | 2 +- src/Services/Ordering/Ordering.API/Startup.cs | 12 + .../WebMVC/Controllers/AccountController.cs | 2 +- src/Web/WebMVC/Controllers/CartController.cs | 2 +- src/Web/WebMVC/Controllers/OrderController.cs | 2 +- .../Controllers/OrderManagementController.cs | 2 +- src/Web/WebMVC/Program.cs | 2 +- src/Web/WebMVC/Startup.cs | 2 +- 104 files changed, 2451 insertions(+), 5484 deletions(-) delete mode 100644 src/Services/Identity/Identity.API/Certificate/Certificate.cs delete mode 100644 src/Services/Identity/Identity.API/Certificate/idsrv3test.pfx delete mode 100644 src/Services/Identity/Identity.API/Controllers/AccountController.cs delete mode 100644 src/Services/Identity/Identity.API/Controllers/ConsentController.cs delete mode 100644 src/Services/Identity/Identity.API/Controllers/HomeController.cs delete mode 100644 src/Services/Identity/Identity.API/Data/ApplicationDbContextSeed.cs delete mode 100644 src/Services/Identity/Identity.API/Data/ConfigurationDbContextSeed.cs rename src/Services/Identity/Identity.API/{Migrations/20210813072445_InitialMigration.Designer.cs => Data/Migrations/20210914100206_InitialMigration.Designer.cs} (95%) rename src/Services/Identity/Identity.API/{Migrations/20210813072445_InitialMigration.cs => Data/Migrations/20210914100206_InitialMigration.cs} (99%) rename src/Services/Identity/Identity.API/{ => Data}/Migrations/ApplicationDbContextModelSnapshot.cs (95%) delete mode 100644 src/Services/Identity/Identity.API/Extensions/Extension.cs delete mode 100644 src/Services/Identity/Identity.API/Extensions/LinqSelectExtensions.cs delete mode 100644 src/Services/Identity/Identity.API/Factories/ApplicationDbContextFactory.cs delete mode 100644 src/Services/Identity/Identity.API/Factories/ConfigurationDbContextFactory.cs delete mode 100644 src/Services/Identity/Identity.API/Factories/PersistedGrantDbContextFactory.cs delete mode 100644 src/Services/Identity/Identity.API/Migrations/ConfigurationDb/20220324152912_InitialConfigurationDbMigration.Designer.cs delete mode 100644 src/Services/Identity/Identity.API/Migrations/ConfigurationDb/20220324152912_InitialConfigurationDbMigration.cs delete mode 100644 src/Services/Identity/Identity.API/Migrations/ConfigurationDb/ConfigurationDbContextModelSnapshot.cs delete mode 100644 src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20220324152905_InitialPersistedGrantDbMigration.Designer.cs delete mode 100644 src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20220324152905_InitialPersistedGrantDbMigration.cs delete mode 100644 src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/PersistedGrantDbContextModelSnapshot.cs create mode 100644 src/Services/Identity/Identity.API/ProgramExtensions.cs create mode 100644 src/Services/Identity/Identity.API/Quickstart/Account/AccountController.cs create mode 100644 src/Services/Identity/Identity.API/Quickstart/Account/AccountOptions.cs create mode 100644 src/Services/Identity/Identity.API/Quickstart/Account/ExternalController.cs create mode 100644 src/Services/Identity/Identity.API/Quickstart/Account/ExternalProvider.cs create mode 100644 src/Services/Identity/Identity.API/Quickstart/Account/LoggedOutViewModel.cs create mode 100644 src/Services/Identity/Identity.API/Quickstart/Account/LoginInputModel.cs create mode 100644 src/Services/Identity/Identity.API/Quickstart/Account/LoginViewModel.cs create mode 100644 src/Services/Identity/Identity.API/Quickstart/Account/LogoutInputModel.cs create mode 100644 src/Services/Identity/Identity.API/Quickstart/Account/LogoutViewModel.cs create mode 100644 src/Services/Identity/Identity.API/Quickstart/Account/RedirectViewModel.cs create mode 100644 src/Services/Identity/Identity.API/Quickstart/Consent/ConsentController.cs create mode 100644 src/Services/Identity/Identity.API/Quickstart/Consent/ConsentInputModel.cs create mode 100644 src/Services/Identity/Identity.API/Quickstart/Consent/ConsentOptions.cs create mode 100644 src/Services/Identity/Identity.API/Quickstart/Consent/ConsentViewModel.cs create mode 100644 src/Services/Identity/Identity.API/Quickstart/Consent/ProcessConsentResult.cs create mode 100644 src/Services/Identity/Identity.API/Quickstart/Consent/ScopeViewModel.cs create mode 100644 src/Services/Identity/Identity.API/Quickstart/Device/DeviceAuthorizationInputModel.cs create mode 100644 src/Services/Identity/Identity.API/Quickstart/Device/DeviceAuthorizationViewModel.cs create mode 100644 src/Services/Identity/Identity.API/Quickstart/Device/DeviceController.cs create mode 100644 src/Services/Identity/Identity.API/Quickstart/Diagnostics/DiagnosticsController.cs create mode 100644 src/Services/Identity/Identity.API/Quickstart/Diagnostics/DiagnosticsViewModel.cs create mode 100644 src/Services/Identity/Identity.API/Quickstart/Extensions.cs create mode 100644 src/Services/Identity/Identity.API/Quickstart/Grants/GrantsController.cs create mode 100644 src/Services/Identity/Identity.API/Quickstart/Grants/GrantsViewModel.cs create mode 100644 src/Services/Identity/Identity.API/Quickstart/Home/ErrorViewModel.cs create mode 100644 src/Services/Identity/Identity.API/Quickstart/Home/HomeController.cs create mode 100644 src/Services/Identity/Identity.API/Quickstart/SecurityHeadersAttribute.cs create mode 100644 src/Services/Identity/Identity.API/SeedData.cs delete mode 100644 src/Services/Identity/Identity.API/Setup/Users.csv delete mode 100644 src/Services/Identity/Identity.API/Setup/images.zip delete mode 100644 src/Services/Identity/Identity.API/Startup.cs create mode 100644 src/Services/Identity/Identity.API/Views/Account/AccessDenied.cshtml delete mode 100644 src/Services/Identity/Identity.API/Views/Account/Redirecting.cshtml delete mode 100644 src/Services/Identity/Identity.API/Views/Account/Register.cshtml delete mode 100644 src/Services/Identity/Identity.API/Views/Account/_LoginPartial-MVC.cshtml delete mode 100644 src/Services/Identity/Identity.API/Views/Account/_LoginPartial-SPA.cshtml delete mode 100644 src/Services/Identity/Identity.API/Views/Account/_RegisterPartial-MVC.cshtml delete mode 100644 src/Services/Identity/Identity.API/Views/Account/_RegisterPartial-SPA.cshtml create mode 100644 src/Services/Identity/Identity.API/Views/Device/Success.cshtml create mode 100644 src/Services/Identity/Identity.API/Views/Device/UserCodeCapture.cshtml create mode 100644 src/Services/Identity/Identity.API/Views/Device/UserCodeConfirmation.cshtml create mode 100644 src/Services/Identity/Identity.API/Views/Diagnostics/Index.cshtml create mode 100644 src/Services/Identity/Identity.API/Views/Grants/Index.cshtml create mode 100644 src/Services/Identity/Identity.API/Views/Shared/Redirect.cshtml delete mode 100644 src/Services/Identity/Identity.API/Views/Shared/_Layout-SPA.cshtml delete mode 100644 src/Services/Identity/Identity.API/Views/Shared/_LoginPartial.cshtml rename src/Services/Identity/Identity.API/Views/{Consent => Shared}/_ScopeListItem.cshtml (81%) delete mode 100644 src/Services/Identity/Identity.API/Views/Shared/_ValidationScriptsPartial.cshtml create mode 100644 src/Services/Identity/Identity.API/keys/is-signing-key-10C452043E09C5A22FC8D97669868B8F.json create mode 100644 src/Services/Identity/Identity.API/keys/is-signing-key-1417AE0BAF26F393609EF30FA355D06C.json create mode 100644 src/Services/Identity/Identity.API/keys/is-signing-key-22178AEDB80CD0A41DF6874FE93F794D.json create mode 100644 src/Services/Identity/Identity.API/keys/is-signing-key-870FA7120249C21C30ADE458B07918C1.json create mode 100644 src/Services/Identity/Identity.API/keys/is-signing-key-B0B34AEB91E2638F61EB9A5543F3940F.json create mode 100644 src/Services/Identity/Identity.API/keys/is-signing-key-CFE19FEED1112F0740C7CEAAE490834F.json create mode 100644 src/Services/Identity/Identity.API/tempkey.jwk create mode 100644 src/Services/Identity/Identity.API/wwwroot/js/signin-redirect.js create mode 100644 src/Services/Identity/Identity.API/wwwroot/js/signout-redirect.js diff --git a/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Startup.cs b/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Startup.cs index 3046e8f3f..78512c140 100644 --- a/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Startup.cs +++ b/src/ApiGateways/Mobile.Bff.Shopping/aggregator/Startup.cs @@ -86,7 +86,7 @@ public static class ServiceCollectionExtensions services.AddSwaggerGen(options => { - options.DescribeAllEnumsAsStrings(); + //options.DescribeAllEnumsAsStrings(); options.SwaggerDoc("v1", new OpenApiInfo { Title = "Shopping Aggregator for Mobile Clients", diff --git a/src/ApiGateways/Web.Bff.Shopping/aggregator/Startup.cs b/src/ApiGateways/Web.Bff.Shopping/aggregator/Startup.cs index 9d937ffea..2e7c203d0 100644 --- a/src/ApiGateways/Web.Bff.Shopping/aggregator/Startup.cs +++ b/src/ApiGateways/Web.Bff.Shopping/aggregator/Startup.cs @@ -113,7 +113,7 @@ public static class ServiceCollectionExtensions services.AddSwaggerGen(options => { - options.DescribeAllEnumsAsStrings(); + //options.DescribeAllEnumsAsStrings(); options.SwaggerDoc("v1", new OpenApiInfo { diff --git a/src/Services/Identity/Identity.API/Certificate/Certificate.cs b/src/Services/Identity/Identity.API/Certificate/Certificate.cs deleted file mode 100644 index 91aa74a6c..000000000 --- a/src/Services/Identity/Identity.API/Certificate/Certificate.cs +++ /dev/null @@ -1,31 +0,0 @@ -namespace Microsoft.eShopOnContainers.Services.Identity.API.Certificates -{ - static class Certificate - { - public static X509Certificate2 Get() - { - var assembly = typeof(Certificate).GetTypeInfo().Assembly; - var names = assembly.GetManifestResourceNames(); - - /*********************************************************************************************** - * Please note that here we are using a local certificate only for testing purposes. In a - * real environment the certificate should be created and stored in a secure way, which is out - * of the scope of this project. - **********************************************************************************************/ - using var stream = assembly.GetManifestResourceStream("Identity.API.Certificate.idsrv3test.pfx"); - return new X509Certificate2(ReadStream(stream), "idsrv3test"); - } - - private static byte[] ReadStream(Stream input) - { - byte[] buffer = new byte[16 * 1024]; - using MemoryStream ms = new MemoryStream(); - int read; - while ((read = input.Read(buffer, 0, buffer.Length)) > 0) - { - ms.Write(buffer, 0, read); - } - return ms.ToArray(); - } - } -} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Certificate/idsrv3test.pfx b/src/Services/Identity/Identity.API/Certificate/idsrv3test.pfx deleted file mode 100644 index 0247dea03f0cc23694291f21310f3ae88880e2bb..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 3395 zcmY*ac{tQ<7yiu{V_$|rA%;e>y=E+9O_nU#g|hFBC`-tmWsqeoSyGW9LYA!AlQm0d zlqs?cuRUcMvVK$7_r34+{c)aipZh-Nxy~QY_1q{N(`7J-3WZ}lgwlyV(0Q=O1fl`u z;TYE;IL2iPy@0|&nf_0rK7rt<4^TL2G9|X44F8>Cqz8fXaF7!e4sw9vh0_0zrd-Yp zq5aB`c0pwf*#!pE3`1~`u};|qLmAL66%SqGD&c1ok7w*g=3CPGVk4GBqUnz5R$^lb z8Dv(rRpfX7yvJ$AZ8B=IukK|?oWq7THPW9AE8<%>%oONtPAOw&x8_?KHa0J|WVwA0 zIe9iq|#j@0h-r2z9#p>N7n4=mGfXBZdZv zm>}$|9($ZRdyt-g#VGBa?>B!qNzif-i+FE)kucwfM0uQ_?eH5E22H7{O&W(b9&xxe z%p<>vWCX)-exQO)Be=&=gf&-c#+j`(NUetfn}WVXG{= z^!3S{N|*XdJW@10Ikf3}LcuN>qA~Ixlg<}c;VO{NzpbcV)gX{XXMvCF$|Bihu8%Mj`v7 z@JI#bMy0mL?ntjDyu>tItFCrcM?2T4qxi{DAYXF4re+jt!0KM!4AX1-`m6J2B-j7$ ztQmXW9+nsyVA76pGD!SNDBJX7<=P3^TAtMP*S&|$8V_zcInNp6F})=P6L9WM3skx( zrU*k+zF?-S=hmjpL4Q3zv>!AS5ZdH` zP7@1%4o~2pGsTCkqHI#fTE9t6L}0I0RV#X80*5W8dQ!d^3i!EAcx!{g?Ymhx9_uH| z%5-;5L5^5@FPajHS9ShoBMyy!p(c{qxOAL#hI6ENh505_rZ0?SGHg>G?cH-JcX$bP zvvcygKZ|q33xcOvl0F>Lq;-3oT1}&U{+hFQhdrnZ&f3Cd?*G~+e;NZj-CLQ#d7u*d z-zLck*=~$_*oTD=7glD2s_n4ZBbndKCJM<*Y#U_RIHLGB-|y!WU`T^)1|P6xbeP|G zVeM+?bDY~u1~eh71YCS>5m|2W++)$^^VxHSdmxwhWqlh$#}_R*QJIE}!YhyC22(}y z-pGi)Mp$4isupi_SdyK1kwa|ypqYxDZM%%-W8XLUrq=uHuIVLfoLXn0Ft*+*&7DasMmP3gdi3$so3cjv zU3_I_!HIUJ-KLn$?yVs^q%Nt?{K4vH$8|KG-fP7I-JGh){ZkukKp&IeTFS zofK|@;`zesc<{wV&~=^Lpxwgq@1SZU!pFuL4xnXwJhXzpFXWPHqe5C^&F$XOKSyA*?hARwF^42%X)?En0pbR1|X1Ofs80A>9z2}c|9=>s8v zEFceP0#bk)B`W|LfCL~z!7_mQA0!RPQ8WpPf}*g$)hhsoqDlYhLQ^z_KfESzA7%UR z0wA<8pCMoXxBgEJg#e8I z^!ZaN7vLt~Loo#6Kiktl^Kj613iSpI0w}5OUj_7kE&%=Q0@7Z?>>U#@$=@yzfrG{o ztFTv(L~LX}xO!x0^EITtLxl@_o6uy5gghAR{hz9rAUI9X6qKa_Nw%q za~SdO27));Ss1O7WmAmU?z>@+sX7%|EH>F*@OZUVn!`%vFPjg13@;Tl|_JIFJuO?ibe+@(=CitY0KN zmhw8P&DGlJBqvEH_i~51(xCCqvU$O5a^w(gap!{;x$=mI;>(I{4_^3{xSVlt0*&Z-y38aD8;?f`*U1VzA?{YPa$fn^V7$cGLd)&c%khfmt-qvZ_d8X! z7hHsG8{dHEPrBwl**uN9qgJ5pDa-DS;*TkBvMr}WsGRp(tl&q zOLj#>q5fr!g3h>N*4Lo!^2f&yedb9`Kc@UII#(J*#=~mQpg7_^@Qad_`7&Rw^Q13P zmkj26C2^Lfg&(Un^M{l&&Z~Al#>~&po-IRgbH;zV|EZU6sq2W4r<`>`jAnHJX0F#X zoYLuTJJ&S__HOHM}CU)!}{mUnHM4&H-PJ zDgU|rTaFE6VJ^#8$-7}h}^b=$AFm^Ju%|Irt#Xm@y!x8ht)nP}yX zak6LD=XrWjz}YIk=NKi;Oyzuyhr4N#>$;BIHeVmO7CwR&BH~$h($R>lxm#|jH)hMo z7Cl?fME$4w@i!`TUwnfzepq`tb2MXQ>vjOez4DO&G+ zwbxqf;c;Lz7e^2GJN4&pn)*n036&#X{M)L}3jNt9WQoG#Ltw0 zBSd@4uASn_19~vFMd|jhEOlmOnzg#t-W`Y8`{ihls#Ej*@-YyvQR5@XB{Zgn*UU@bPjBb)ma-dM*TyAY#Qr-I?}ssTqWiQUU~9nVL8urj8g zB=?6~(E%Bt>5<*!OPB%-9y0pkl!uu8}JyuP^C{VwK-!6&8CcOsFR z#AD|e+mNE9i#41w#l(h}rbw&h^*Xp8>93ZTvg}r-DJps1W6hRpeV*HGw|(EWnX7>t zi;7~9X)yDN{8DJzLpxCoH*tL3SHK!$Z}tQc<%NTk$t)S*4<=4>wFvMd!y)pV_liw) z7Z+8=AXg^QgwL(&DRsQU5*({(LDt{G-4Rx#dhx6AP+_msH%Jue6QCy=B0w?y#4k$7;> z=5ttmpV&vFVv}ZY>6NE%#+W))M)nU;WMS%-mtLT!)&4oAMhnY2Hb@dJUGXLb^4wIex}=co7n{7tD1N!| zw63xzN%ImPTf3iZ?X@yq6*F$jX5my$Q%SSyOrlD)y}jkyw`e{y&l34ahp)821A!iS z4-;-p@j6Gn!f>FJQ2ZzwD76?f6_^_WN5dA?3G%E0bF79+L#MT|(Yv~t5ct?-mV0Fj V%$88{h~I%@Xjg7x^oQR@_8&Ry9S;Bi diff --git a/src/Services/Identity/Identity.API/Configuration/Config.cs b/src/Services/Identity/Identity.API/Configuration/Config.cs index 046bcd7d4..4ce93966c 100644 --- a/src/Services/Identity/Identity.API/Configuration/Config.cs +++ b/src/Services/Identity/Identity.API/Configuration/Config.cs @@ -45,7 +45,7 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration } // client want to access resources (aka scopes) - public static IEnumerable GetClients(Dictionary clientsUrl) + public static IEnumerable GetClients(IConfiguration configuration) { return new List { @@ -56,10 +56,10 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration ClientName = "eShop SPA OpenId Client", AllowedGrantTypes = GrantTypes.Implicit, AllowAccessTokensViaBrowser = true, - RedirectUris = { $"{clientsUrl["Spa"]}/" }, + RedirectUris = { $"{configuration["SpaClient"]}/" }, RequireConsent = false, - PostLogoutRedirectUris = { $"{clientsUrl["Spa"]}/" }, - AllowedCorsOrigins = { $"{clientsUrl["Spa"]}" }, + PostLogoutRedirectUris = { $"{configuration["SpaClient"]}/" }, + AllowedCorsOrigins = { $"{configuration["SpaClient"]}" }, AllowedScopes = { IdentityServerConstants.StandardScopes.OpenId, @@ -81,10 +81,10 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration { new Secret("secret".Sha256()) }, - RedirectUris = { clientsUrl["Xamarin"] }, + RedirectUris = { configuration["XamarinCallback"] }, RequireConsent = false, RequirePkce = true, - PostLogoutRedirectUris = { $"{clientsUrl["Xamarin"]}/Account/Redirecting" }, + PostLogoutRedirectUris = { $"{configuration["XamarinCallback"]}/Account/Redirecting" }, //AllowedCorsOrigins = { "http://eshopxamarin" }, AllowedScopes = new List { @@ -109,7 +109,7 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration new Secret("secret".Sha256()) }, - ClientUri = $"{clientsUrl["Mvc"]}", // public uri of the client + ClientUri = $"{configuration["MvcClient"]}", // public uri of the client AllowedGrantTypes = GrantTypes.Hybrid, AllowAccessTokensViaBrowser = false, RequireConsent = false, @@ -118,11 +118,11 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration RequirePkce = false, RedirectUris = new List { - $"{clientsUrl["Mvc"]}/signin-oidc" + $"{configuration["MvcClient"]}/signin-oidc" }, PostLogoutRedirectUris = new List { - $"{clientsUrl["Mvc"]}/signout-callback-oidc" + $"{configuration["MvcClient"]}/signout-callback-oidc" }, AllowedScopes = new List { @@ -146,7 +146,7 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration { new Secret("secret".Sha256()) }, - ClientUri = $"{clientsUrl["WebhooksWeb"]}", // public uri of the client + ClientUri = $"{configuration["WebhooksWebClient"]}", // public uri of the client AllowedGrantTypes = GrantTypes.Hybrid, AllowAccessTokensViaBrowser = false, RequireConsent = false, @@ -154,11 +154,11 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration AlwaysIncludeUserClaimsInIdToken = true, RedirectUris = new List { - $"{clientsUrl["WebhooksWeb"]}/signin-oidc" + $"{configuration["WebhooksWebClient"]}/signin-oidc" }, PostLogoutRedirectUris = new List { - $"{clientsUrl["WebhooksWeb"]}/signout-callback-oidc" + $"{configuration["WebhooksWebClient"]}/signout-callback-oidc" }, AllowedScopes = new List { @@ -178,18 +178,18 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration { new Secret("secret".Sha256()) }, - ClientUri = $"{clientsUrl["Mvc"]}", // public uri of the client + ClientUri = $"{configuration["Mvc"]}", // public uri of the client AllowedGrantTypes = GrantTypes.Hybrid, AllowAccessTokensViaBrowser = true, RequireConsent = false, AllowOfflineAccess = true, RedirectUris = new List { - $"{clientsUrl["Mvc"]}/signin-oidc" + $"{configuration["MvcClient"]}/signin-oidc" }, PostLogoutRedirectUris = new List { - $"{clientsUrl["Mvc"]}/signout-callback-oidc" + $"{configuration["MvcClient"]}/signout-callback-oidc" }, AllowedScopes = new List { @@ -209,8 +209,8 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration AllowedGrantTypes = GrantTypes.Implicit, AllowAccessTokensViaBrowser = true, - RedirectUris = { $"{clientsUrl["BasketApi"]}/swagger/oauth2-redirect.html" }, - PostLogoutRedirectUris = { $"{clientsUrl["BasketApi"]}/swagger/" }, + RedirectUris = { $"{configuration["BasketApiClient"]}/swagger/oauth2-redirect.html" }, + PostLogoutRedirectUris = { $"{configuration["BasketApiClient"]}/swagger/" }, AllowedScopes = { @@ -224,8 +224,8 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration AllowedGrantTypes = GrantTypes.Implicit, AllowAccessTokensViaBrowser = true, - RedirectUris = { $"{clientsUrl["OrderingApi"]}/swagger/oauth2-redirect.html" }, - PostLogoutRedirectUris = { $"{clientsUrl["OrderingApi"]}/swagger/" }, + RedirectUris = { $"{configuration["OrderingApiClient"]}/swagger/oauth2-redirect.html" }, + PostLogoutRedirectUris = { $"{configuration["OrderingApiClient"]}/swagger/" }, AllowedScopes = { @@ -239,8 +239,8 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration AllowedGrantTypes = GrantTypes.Implicit, AllowAccessTokensViaBrowser = true, - RedirectUris = { $"{clientsUrl["MobileShoppingAgg"]}/swagger/oauth2-redirect.html" }, - PostLogoutRedirectUris = { $"{clientsUrl["MobileShoppingAgg"]}/swagger/" }, + RedirectUris = { $"{configuration["MobileShoppingAggClient"]}/swagger/oauth2-redirect.html" }, + PostLogoutRedirectUris = { $"{configuration["MobileShoppingAggClient"]}/swagger/" }, AllowedScopes = { @@ -254,8 +254,8 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration AllowedGrantTypes = GrantTypes.Implicit, AllowAccessTokensViaBrowser = true, - RedirectUris = { $"{clientsUrl["WebShoppingAgg"]}/swagger/oauth2-redirect.html" }, - PostLogoutRedirectUris = { $"{clientsUrl["WebShoppingAgg"]}/swagger/" }, + RedirectUris = { $"{configuration["WebShoppingAggClient"]}/swagger/oauth2-redirect.html" }, + PostLogoutRedirectUris = { $"{configuration["WebShoppingAggClient"]}/swagger/" }, AllowedScopes = { @@ -270,8 +270,8 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration AllowedGrantTypes = GrantTypes.Implicit, AllowAccessTokensViaBrowser = true, - RedirectUris = { $"{clientsUrl["WebhooksApi"]}/swagger/oauth2-redirect.html" }, - PostLogoutRedirectUris = { $"{clientsUrl["WebhooksApi"]}/swagger/" }, + RedirectUris = { $"{configuration["WebhooksApiClient"]}/swagger/oauth2-redirect.html" }, + PostLogoutRedirectUris = { $"{configuration["WebhooksApiClient"]}/swagger/" }, AllowedScopes = { diff --git a/src/Services/Identity/Identity.API/Controllers/AccountController.cs b/src/Services/Identity/Identity.API/Controllers/AccountController.cs deleted file mode 100644 index a4943a3ba..000000000 --- a/src/Services/Identity/Identity.API/Controllers/AccountController.cs +++ /dev/null @@ -1,299 +0,0 @@ -namespace Microsoft.eShopOnContainers.Services.Identity.API.Controllers -{ - /// - /// This sample controller implements a typical login/logout/provision workflow for local accounts. - /// The login service encapsulates the interactions with the user data store. This data store is in-memory only and cannot be used for production! - /// The interaction service provides a way for the UI to communicate with identityserver for validation and context retrieval - /// - public class AccountController : Controller - { - //private readonly InMemoryUserLoginService _loginService; - private readonly ILoginService _loginService; - private readonly IIdentityServerInteractionService _interaction; - private readonly IClientStore _clientStore; - private readonly ILogger _logger; - private readonly UserManager _userManager; - private readonly IConfiguration _configuration; - - public AccountController( - - //InMemoryUserLoginService loginService, - ILoginService loginService, - IIdentityServerInteractionService interaction, - IClientStore clientStore, - ILogger logger, - UserManager userManager, - IConfiguration configuration) - { - _loginService = loginService; - _interaction = interaction; - _clientStore = clientStore; - _logger = logger; - _userManager = userManager; - _configuration = configuration; - } - - /// - /// Show login page - /// - [HttpGet] - public async Task Login(string returnUrl) - { - var context = await _interaction.GetAuthorizationContextAsync(returnUrl); - if (context?.IdP != null) - { - throw new NotImplementedException("External login is not implemented!"); - } - - var vm = await BuildLoginViewModelAsync(returnUrl, context); - - ViewData["ReturnUrl"] = returnUrl; - - return View(vm); - } - - /// - /// Handle postback from username/password login - /// - [HttpPost] - [ValidateAntiForgeryToken] - public async Task Login(LoginViewModel model) - { - if (ModelState.IsValid) - { - var user = await _loginService.FindByUsername(model.Email); - - if (await _loginService.ValidateCredentials(user, model.Password)) - { - var tokenLifetime = _configuration.GetValue("TokenLifetimeMinutes", 120); - - var props = new AuthenticationProperties - { - ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(tokenLifetime), - AllowRefresh = true, - RedirectUri = model.ReturnUrl - }; - - if (model.RememberMe) - { - var permanentTokenLifetime = _configuration.GetValue("PermanentTokenLifetimeDays", 365); - - props.ExpiresUtc = DateTimeOffset.UtcNow.AddDays(permanentTokenLifetime); - props.IsPersistent = true; - }; - - await _loginService.SignInAsync(user, props); - - // make sure the returnUrl is still valid, and if yes - redirect back to authorize endpoint - if (_interaction.IsValidReturnUrl(model.ReturnUrl)) - { - return Redirect(model.ReturnUrl); - } - - return Redirect("~/"); - } - - ModelState.AddModelError("", "Invalid username or password."); - } - - // something went wrong, show form with error - var vm = await BuildLoginViewModelAsync(model); - - ViewData["ReturnUrl"] = model.ReturnUrl; - - return View(vm); - } - - private async Task BuildLoginViewModelAsync(string returnUrl, AuthorizationRequest context) - { - var allowLocal = true; - if (context?.Client.ClientId != null) - { - var client = await _clientStore.FindEnabledClientByIdAsync(context.Client.ClientId); - if (client != null) - { - allowLocal = client.EnableLocalLogin; - } - } - - return new LoginViewModel - { - ReturnUrl = returnUrl, - Email = context?.LoginHint, - }; - } - - private async Task BuildLoginViewModelAsync(LoginViewModel model) - { - var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); - var vm = await BuildLoginViewModelAsync(model.ReturnUrl, context); - vm.Email = model.Email; - vm.RememberMe = model.RememberMe; - return vm; - } - - /// - /// Show logout page - /// - [HttpGet] - public async Task Logout(string logoutId) - { - if (User.Identity.IsAuthenticated == false) - { - // if the user is not authenticated, then just show logged out page - return await Logout(new LogoutViewModel { LogoutId = logoutId }); - } - - //Test for Xamarin. - var context = await _interaction.GetLogoutContextAsync(logoutId); - if (context?.ShowSignoutPrompt == false) - { - //it's safe to automatically sign-out - return await Logout(new LogoutViewModel { LogoutId = logoutId }); - } - - // show the logout prompt. this prevents attacks where the user - // is automatically signed out by another malicious web page. - var vm = new LogoutViewModel - { - LogoutId = logoutId - }; - return View(vm); - } - - /// - /// Handle logout page postback - /// - [HttpPost] - [ValidateAntiForgeryToken] - public async Task Logout(LogoutViewModel model) - { - var idp = User?.FindFirst(JwtClaimTypes.IdentityProvider)?.Value; - - if (idp != null && idp != IdentityServerConstants.LocalIdentityProvider) - { - if (model.LogoutId == null) - { - // if there's no current logout context, we need to create one - // this captures necessary info from the current logged in user - // before we signout and redirect away to the external IdP for signout - model.LogoutId = await _interaction.CreateLogoutContextAsync(); - } - - string url = "/Account/Logout?logoutId=" + model.LogoutId; - - try - { - - // hack: try/catch to handle social providers that throw - await HttpContext.SignOutAsync(idp, new AuthenticationProperties - { - RedirectUri = url - }); - } - catch (Exception ex) - { - _logger.LogError(ex, "LOGOUT ERROR: {ExceptionMessage}", ex.Message); - } - } - - // delete authentication cookie - await HttpContext.SignOutAsync(); - - await HttpContext.SignOutAsync(IdentityConstants.ApplicationScheme); - - // set this so UI rendering sees an anonymous user - HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity()); - - // get context information (client name, post logout redirect URI and iframe for federated signout) - var logout = await _interaction.GetLogoutContextAsync(model.LogoutId); - - return Redirect(logout?.PostLogoutRedirectUri); - } - - public async Task DeviceLogOut(string redirectUrl) - { - // delete authentication cookie - await HttpContext.SignOutAsync(); - - // set this so UI rendering sees an anonymous user - HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity()); - - return Redirect(redirectUrl); - } - - // GET: /Account/Register - [HttpGet] - [AllowAnonymous] - public IActionResult Register(string returnUrl = null) - { - ViewData["ReturnUrl"] = returnUrl; - return View(); - } - - // - // POST: /Account/Register - [HttpPost] - [AllowAnonymous] - [ValidateAntiForgeryToken] - public async Task Register(RegisterViewModel model, string returnUrl = null) - { - ViewData["ReturnUrl"] = returnUrl; - if (ModelState.IsValid) - { - var user = new ApplicationUser - { - UserName = model.Email, - Email = model.Email, - CardHolderName = model.User.CardHolderName, - CardNumber = model.User.CardNumber, - CardType = model.User.CardType, - City = model.User.City, - Country = model.User.Country, - Expiration = model.User.Expiration, - LastName = model.User.LastName, - Name = model.User.Name, - Street = model.User.Street, - State = model.User.State, - ZipCode = model.User.ZipCode, - PhoneNumber = model.User.PhoneNumber, - SecurityNumber = model.User.SecurityNumber - }; - var result = await _userManager.CreateAsync(user, model.Password); - if (result.Errors.Count() > 0) - { - AddErrors(result); - // If we got this far, something failed, redisplay form - return View(model); - } - } - - if (returnUrl != null) - { - if (HttpContext.User.Identity.IsAuthenticated) - return Redirect(returnUrl); - else - if (ModelState.IsValid) - return RedirectToAction("login", "account", new { returnUrl = returnUrl }); - else - return View(model); - } - - return RedirectToAction("index", "home"); - } - - [HttpGet] - public IActionResult Redirecting() - { - return View(); - } - - private void AddErrors(IdentityResult result) - { - foreach (var error in result.Errors) - { - ModelState.AddModelError(string.Empty, error.Description); - } - } - } -} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Controllers/ConsentController.cs b/src/Services/Identity/Identity.API/Controllers/ConsentController.cs deleted file mode 100644 index 3bd1cd239..000000000 --- a/src/Services/Identity/Identity.API/Controllers/ConsentController.cs +++ /dev/null @@ -1,249 +0,0 @@ -using Duende.IdentityServer.Events; -using Duende.IdentityServer.Extensions; -using Identity.API.Extensions; -using Microsoft.eShopOnContainers.Services.Identity.API.Models.ConsentViewModels; - -namespace Microsoft.eShopOnContainers.Services.Identity.API.Controllers -{ - /// - /// This controller implements the consent logic - /// - public class ConsentController : Controller - { - private readonly ILogger _logger; - private readonly IIdentityServerInteractionService _interaction; - private readonly IEventService _events; - - public ConsentController( - ILogger logger, - IIdentityServerInteractionService interaction, - IEventService events) - { - _interaction = interaction; - _events = events; - _logger = logger; - } - - /// - /// Shows the consent screen - /// - /// - /// - [HttpGet] - public async Task Index(string returnUrl) - { - var vm = await BuildViewModelAsync(returnUrl); - - if (vm != null) - { - return View("Index", vm); - } - - return View("Error"); - } - - /// - /// Handles the consent screen postback - /// - [HttpPost] - [ValidateAntiForgeryToken] - public async Task Index(ConsentInputModel model) - { - var result = await ProcessConsent(model); - - if (result.IsRedirect) - { - var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); - if (context?.IsNativeClient() == true) - { - // The client is native, so this change in how to - // return the response is for better UX for the end user. - return this.LoadingPage("Redirect", result.RedirectUri); - } - - return Redirect(result.RedirectUri); - } - - if (result.HasValidationError) - { - ModelState.AddModelError(string.Empty, result.ValidationError); - } - - if (result.ShowView) - { - return View("Index", result.ViewModel); - } - - return View("Error"); - } - - /*****************************************/ - /* helper APIs for the ConsentController */ - /*****************************************/ - private async Task ProcessConsent(ConsentInputModel model) - { - var result = new ProcessConsentResult(); - - // validate return url is still valid - var request = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); - if (request == null) return result; - - ConsentResponse grantedConsent = null; - - // user clicked 'no' - send back the standard 'access_denied' response - if (model?.Button == "no") - { - grantedConsent = new ConsentResponse { Error = AuthorizationError.AccessDenied }; - - // emit event - await _events.RaiseAsync(new ConsentDeniedEvent(User.GetSubjectId(), request.Client.ClientId, request.ValidatedResources.RawScopeValues)); - } - // user clicked 'yes' - validate the data - else if (model?.Button == "yes") - { - // if the user consented to some scope, build the response model - if (model.ScopesConsented != null && model.ScopesConsented.Any()) - { - var scopes = model.ScopesConsented; - if (ConsentOptions.EnableOfflineAccess == false) - { - scopes = scopes.Where(x => x != Duende.IdentityServer.IdentityServerConstants.StandardScopes.OfflineAccess); - } - - grantedConsent = new ConsentResponse - { - RememberConsent = model.RememberConsent, - ScopesValuesConsented = scopes.ToArray(), - Description = model.Description - }; - - // emit event - await _events.RaiseAsync(new ConsentGrantedEvent(User.GetSubjectId(), request.Client.ClientId, request.ValidatedResources.RawScopeValues, grantedConsent.ScopesValuesConsented, grantedConsent.RememberConsent)); - } - else - { - result.ValidationError = ConsentOptions.MustChooseOneErrorMessage; - } - } - else - { - result.ValidationError = ConsentOptions.InvalidSelectionErrorMessage; - } - - if (grantedConsent != null) - { - // communicate outcome of consent back to identityserver - await _interaction.GrantConsentAsync(request, grantedConsent); - - // indicate that's it ok to redirect back to authorization endpoint - result.RedirectUri = model.ReturnUrl; - result.Client = request.Client; - } - else - { - // we need to redisplay the consent UI - result.ViewModel = await BuildViewModelAsync(model.ReturnUrl, model); - } - - return result; - } - - private async Task BuildViewModelAsync(string returnUrl, ConsentInputModel model = null) - { - var request = await _interaction.GetAuthorizationContextAsync(returnUrl); - if (request != null) - { - return CreateConsentViewModel(model, returnUrl, request); - } - else - { - _logger.LogError("No consent request matching request: {0}", returnUrl); - } - - return null; - } - - private ConsentViewModel CreateConsentViewModel( - ConsentInputModel model, string returnUrl, - AuthorizationRequest request) - { - var vm = new ConsentViewModel - { - RememberConsent = model?.RememberConsent ?? true, - ScopesConsented = model?.ScopesConsented ?? Enumerable.Empty(), - Description = model?.Description, - - ReturnUrl = returnUrl, - - ClientName = request.Client.ClientName ?? request.Client.ClientId, - ClientUrl = request.Client.ClientUri, - ClientLogoUrl = request.Client.LogoUri, - AllowRememberConsent = request.Client.AllowRememberConsent - }; - - vm.IdentityScopes = request.ValidatedResources.Resources.IdentityResources.Select(x => CreateScopeViewModel(x, vm.ScopesConsented.Contains(x.Name) || model == null)).ToArray(); - - var apiScopes = new List(); - foreach (var parsedScope in request.ValidatedResources.ParsedScopes) - { - var apiScope = request.ValidatedResources.Resources.FindApiScope(parsedScope.ParsedName); - if (apiScope != null) - { - var scopeVm = CreateScopeViewModel(parsedScope, apiScope, vm.ScopesConsented.Contains(parsedScope.RawValue) || model == null); - apiScopes.Add(scopeVm); - } - } - if (ConsentOptions.EnableOfflineAccess && request.ValidatedResources.Resources.OfflineAccess) - { - apiScopes.Add(GetOfflineAccessScope(vm.ScopesConsented.Contains(IdentityServerConstants.StandardScopes.OfflineAccess) || model == null)); - } - vm.ApiScopes = apiScopes; - - return vm; - } - - private ScopeViewModel CreateScopeViewModel(IdentityResource identity, bool check) - { - return new ScopeViewModel - { - Value = identity.Name, - DisplayName = identity.DisplayName ?? identity.Name, - Description = identity.Description, - Emphasize = identity.Emphasize, - Required = identity.Required, - Checked = check || identity.Required - }; - } - - public ScopeViewModel CreateScopeViewModel(ParsedScopeValue parsedScopeValue, ApiScope apiScope, bool check) - { - var displayName = apiScope.DisplayName ?? apiScope.Name; - if (!String.IsNullOrWhiteSpace(parsedScopeValue.ParsedParameter)) - { - displayName += ":" + parsedScopeValue.ParsedParameter; - } - - return new ScopeViewModel - { - Value = parsedScopeValue.RawValue, - DisplayName = displayName, - Description = apiScope.Description, - Emphasize = apiScope.Emphasize, - Required = apiScope.Required, - Checked = check || apiScope.Required - }; - } - - private ScopeViewModel GetOfflineAccessScope(bool check) - { - return new ScopeViewModel - { - Value = Duende.IdentityServer.IdentityServerConstants.StandardScopes.OfflineAccess, - DisplayName = ConsentOptions.OfflineAccessDisplayName, - Description = ConsentOptions.OfflineAccessDescription, - Emphasize = true, - Checked = check - }; - } - } -} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Controllers/HomeController.cs b/src/Services/Identity/Identity.API/Controllers/HomeController.cs deleted file mode 100644 index 3c31c4ab1..000000000 --- a/src/Services/Identity/Identity.API/Controllers/HomeController.cs +++ /dev/null @@ -1,46 +0,0 @@ -namespace Microsoft.eShopOnContainers.Services.Identity.API.Controllers -{ - public class HomeController : Controller - { - private readonly IIdentityServerInteractionService _interaction; - private readonly IOptionsSnapshot _settings; - private readonly IRedirectService _redirectSvc; - - public HomeController(IIdentityServerInteractionService interaction, IOptionsSnapshot settings, IRedirectService redirectSvc) - { - _interaction = interaction; - _settings = settings; - _redirectSvc = redirectSvc; - } - - public IActionResult Index(string returnUrl) - { - return View(); - } - - public IActionResult ReturnToOriginalApplication(string returnUrl) - { - if (returnUrl != null) - return Redirect(_redirectSvc.ExtractRedirectUriFromReturnUrl(returnUrl)); - else - return RedirectToAction("Index", "Home"); - } - - /// - /// Shows the error page - /// - public async Task Error(string errorId) - { - var vm = new ErrorViewModel(); - - // retrieve error details from identityserver - var message = await _interaction.GetErrorContextAsync(errorId); - if (message != null) - { - vm.Error = message; - } - - return View("Error", vm); - } - } -} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Data/ApplicationDbContext.cs b/src/Services/Identity/Identity.API/Data/ApplicationDbContext.cs index 227406008..2d04400d7 100644 --- a/src/Services/Identity/Identity.API/Data/ApplicationDbContext.cs +++ b/src/Services/Identity/Identity.API/Data/ApplicationDbContext.cs @@ -1,18 +1,17 @@ -namespace Microsoft.eShopOnContainers.Services.Identity.API.Data +namespace Microsoft.eShopOnContainers.Services.Identity.API.Data; + +public class ApplicationDbContext : IdentityDbContext { - public class ApplicationDbContext : IdentityDbContext + public ApplicationDbContext(DbContextOptions options) + : base(options) { - public ApplicationDbContext(DbContextOptions options) - : base(options) - { - } + } - protected override void OnModelCreating(ModelBuilder builder) - { - base.OnModelCreating(builder); - // Customize the ASP.NET Identity model and override the defaults if needed. - // For example, you can rename the ASP.NET Identity table names and more. - // Add your customizations after calling base.OnModelCreating(builder); - } + protected override void OnModelCreating(ModelBuilder builder) + { + base.OnModelCreating(builder); + // Customize the ASP.NET Identity model and override the defaults if needed. + // For example, you can rename the ASP.NET Identity table names and more. + // Add your customizations after calling base.OnModelCreating(builder); } } diff --git a/src/Services/Identity/Identity.API/Data/ApplicationDbContextSeed.cs b/src/Services/Identity/Identity.API/Data/ApplicationDbContextSeed.cs deleted file mode 100644 index 6ee9fd499..000000000 --- a/src/Services/Identity/Identity.API/Data/ApplicationDbContextSeed.cs +++ /dev/null @@ -1,218 +0,0 @@ -namespace Microsoft.eShopOnContainers.Services.Identity.API.Data -{ - using Microsoft.Extensions.Logging; - public class ApplicationDbContextSeed - { - private readonly IPasswordHasher _passwordHasher = new PasswordHasher(); - - public async Task SeedAsync(ApplicationDbContext context, IWebHostEnvironment env, - ILogger logger, IOptions settings, int? retry = 0) - { - int retryForAvaiability = retry.Value; - - try - { - var useCustomizationData = settings.Value.UseCustomizationData; - var contentRootPath = env.ContentRootPath; - var webroot = env.WebRootPath; - - if (!context.Users.Any()) - { - context.Users.AddRange(useCustomizationData - ? GetUsersFromFile(contentRootPath, logger) - : GetDefaultUser()); - - await context.SaveChangesAsync(); - } - - if (useCustomizationData) - { - GetPreconfiguredImages(contentRootPath, webroot, logger); - } - } - catch (Exception ex) - { - if (retryForAvaiability < 10) - { - retryForAvaiability++; - - logger.LogError(ex, "EXCEPTION ERROR while migrating {DbContextName}", nameof(ApplicationDbContext)); - - await SeedAsync(context, env, logger, settings, retryForAvaiability); - } - } - } - - private IEnumerable GetUsersFromFile(string contentRootPath, ILogger logger) - { - string csvFileUsers = Path.Combine(contentRootPath, "Setup", "Users.csv"); - - if (!File.Exists(csvFileUsers)) - { - return GetDefaultUser(); - } - - string[] csvheaders; - try - { - string[] requiredHeaders = { - "cardholdername", "cardnumber", "cardtype", "city", "country", - "email", "expiration", "lastname", "name", "phonenumber", - "username", "zipcode", "state", "street", "securitynumber", - "normalizedemail", "normalizedusername", "password" - }; - csvheaders = GetHeaders(requiredHeaders, csvFileUsers); - } - catch (Exception ex) - { - logger.LogError(ex, "EXCEPTION ERROR: {Message}", ex.Message); - - return GetDefaultUser(); - } - - List users = File.ReadAllLines(csvFileUsers) - .Skip(1) // skip header column - .Select(row => Regex.Split(row, ",(?=(?:[^\"]*\"[^\"]*\")*[^\"]*$)")) - .SelectTry(column => CreateApplicationUser(column, csvheaders)) - .OnCaughtException(ex => { logger.LogError(ex, "EXCEPTION ERROR: {Message}", ex.Message); return null; }) - .Where(x => x != null) - .ToList(); - - return users; - } - - private ApplicationUser CreateApplicationUser(string[] column, string[] headers) - { - if (column.Count() != headers.Count()) - { - throw new Exception($"column count '{column.Count()}' not the same as headers count'{headers.Count()}'"); - } - - string cardtypeString = column[Array.IndexOf(headers, "cardtype")].Trim('"').Trim(); - if (!int.TryParse(cardtypeString, out int cardtype)) - { - throw new Exception($"cardtype='{cardtypeString}' is not a number"); - } - - var user = new ApplicationUser - { - CardHolderName = column[Array.IndexOf(headers, "cardholdername")].Trim('"').Trim(), - CardNumber = column[Array.IndexOf(headers, "cardnumber")].Trim('"').Trim(), - CardType = cardtype, - City = column[Array.IndexOf(headers, "city")].Trim('"').Trim(), - Country = column[Array.IndexOf(headers, "country")].Trim('"').Trim(), - Email = column[Array.IndexOf(headers, "email")].Trim('"').Trim(), - Expiration = column[Array.IndexOf(headers, "expiration")].Trim('"').Trim(), - Id = Guid.NewGuid().ToString(), - LastName = column[Array.IndexOf(headers, "lastname")].Trim('"').Trim(), - Name = column[Array.IndexOf(headers, "name")].Trim('"').Trim(), - PhoneNumber = column[Array.IndexOf(headers, "phonenumber")].Trim('"').Trim(), - UserName = column[Array.IndexOf(headers, "username")].Trim('"').Trim(), - ZipCode = column[Array.IndexOf(headers, "zipcode")].Trim('"').Trim(), - State = column[Array.IndexOf(headers, "state")].Trim('"').Trim(), - Street = column[Array.IndexOf(headers, "street")].Trim('"').Trim(), - SecurityNumber = column[Array.IndexOf(headers, "securitynumber")].Trim('"').Trim(), - NormalizedEmail = column[Array.IndexOf(headers, "normalizedemail")].Trim('"').Trim(), - NormalizedUserName = column[Array.IndexOf(headers, "normalizedusername")].Trim('"').Trim(), - SecurityStamp = Guid.NewGuid().ToString("D"), - PasswordHash = column[Array.IndexOf(headers, "password")].Trim('"').Trim(), // Note: This is the password - }; - - user.PasswordHash = _passwordHasher.HashPassword(user, user.PasswordHash); - - return user; - } - - private IEnumerable GetDefaultUser() - { - var user = - new ApplicationUser() - { - CardHolderName = "DemoUser", - CardNumber = "4012888888881881", - CardType = 1, - City = "Redmond", - Country = "U.S.", - Email = "demouser@microsoft.com", - Expiration = "12/25", - Id = Guid.NewGuid().ToString(), - LastName = "DemoLastName", - Name = "DemoUser", - PhoneNumber = "1234567890", - UserName = "demouser@microsoft.com", - ZipCode = "98052", - State = "WA", - Street = "15703 NE 61st Ct", - SecurityNumber = "535", - NormalizedEmail = "DEMOUSER@MICROSOFT.COM", - NormalizedUserName = "DEMOUSER@MICROSOFT.COM", - SecurityStamp = Guid.NewGuid().ToString("D"), - }; - - user.PasswordHash = _passwordHasher.HashPassword(user, "Pass@word1"); - - return new List() - { - user - }; - } - - static string[] GetHeaders(string[] requiredHeaders, string csvfile) - { - string[] csvheaders = File.ReadLines(csvfile).First().ToLowerInvariant().Split(','); - - if (csvheaders.Count() != requiredHeaders.Count()) - { - throw new Exception($"requiredHeader count '{ requiredHeaders.Count()}' is different then read header '{csvheaders.Count()}'"); - } - - foreach (var requiredHeader in requiredHeaders) - { - if (!csvheaders.Contains(requiredHeader)) - { - throw new Exception($"does not contain required header '{requiredHeader}'"); - } - } - - return csvheaders; - } - - static void GetPreconfiguredImages(string contentRootPath, string webroot, ILogger logger) - { - try - { - string imagesZipFile = Path.Combine(contentRootPath, "Setup", "images.zip"); - if (!File.Exists(imagesZipFile)) - { - logger.LogError("Zip file '{ZipFileName}' does not exists.", imagesZipFile); - return; - } - - string imagePath = Path.Combine(webroot, "images"); - string[] imageFiles = Directory.GetFiles(imagePath).Select(file => Path.GetFileName(file)).ToArray(); - - using ZipArchive zip = ZipFile.Open(imagesZipFile, ZipArchiveMode.Read); - foreach (ZipArchiveEntry entry in zip.Entries) - { - if (imageFiles.Contains(entry.Name)) - { - string destinationFilename = Path.Combine(imagePath, entry.Name); - if (File.Exists(destinationFilename)) - { - File.Delete(destinationFilename); - } - entry.ExtractToFile(destinationFilename); - } - else - { - logger.LogWarning("Skipped file '{FileName}' in zipfile '{ZipFileName}'", entry.Name, imagesZipFile); - } - } - } - catch (Exception ex) - { - logger.LogError(ex, "EXCEPTION ERROR: {Message}", ex.Message); ; - } - } - } -} diff --git a/src/Services/Identity/Identity.API/Data/ConfigurationDbContextSeed.cs b/src/Services/Identity/Identity.API/Data/ConfigurationDbContextSeed.cs deleted file mode 100644 index 4f68013e0..000000000 --- a/src/Services/Identity/Identity.API/Data/ConfigurationDbContextSeed.cs +++ /dev/null @@ -1,83 +0,0 @@ -using Duende.IdentityServer.EntityFramework.Entities; - -namespace Microsoft.eShopOnContainers.Services.Identity.API.Data -{ - public class ConfigurationDbContextSeed - { - public async Task SeedAsync(ConfigurationDbContext context, IConfiguration configuration) - { - - //callbacks urls from config: - var clientUrls = new Dictionary(); - - clientUrls.Add("Mvc", configuration.GetValue("MvcClient")); - clientUrls.Add("Spa", configuration.GetValue("SpaClient")); - clientUrls.Add("Xamarin", configuration.GetValue("XamarinCallback")); - clientUrls.Add("BasketApi", configuration.GetValue("BasketApiClient")); - clientUrls.Add("OrderingApi", configuration.GetValue("OrderingApiClient")); - clientUrls.Add("MobileShoppingAgg", configuration.GetValue("MobileShoppingAggClient")); - clientUrls.Add("WebShoppingAgg", configuration.GetValue("WebShoppingAggClient")); - clientUrls.Add("WebhooksApi", configuration.GetValue("WebhooksApiClient")); - clientUrls.Add("WebhooksWeb", configuration.GetValue("WebhooksWebClient")); - - if (!context.Clients.Any()) - { - foreach (var client in Config.GetClients(clientUrls)) - { - context.Clients.Add(client.ToEntity()); - } - await context.SaveChangesAsync(); - } - // Checking always for old redirects to fix existing deployments - // to use new swagger-ui redirect uri as of v3.0.0 - // There should be no problem for new ones - // ref: https://github.com/dotnet-architecture/eShopOnContainers/issues/586 - else - { - List oldRedirects = (await context.Clients.Include(c => c.RedirectUris).ToListAsync()) - .SelectMany(c => c.RedirectUris) - .Where(ru => ru.RedirectUri.EndsWith("/o2c.html")) - .ToList(); - - if (oldRedirects.Any()) - { - foreach (var ru in oldRedirects) - { - ru.RedirectUri = ru.RedirectUri.Replace("/o2c.html", "/oauth2-redirect.html"); - context.Update(ru.Client); - } - await context.SaveChangesAsync(); - } - } - - if (!context.IdentityResources.Any()) - { - foreach (var resource in Config.GetResources()) - { - context.IdentityResources.Add(resource.ToEntity()); - } - await context.SaveChangesAsync(); - } - - if (!context.ApiResources.Any()) - { - foreach (var api in Config.GetApis()) - { - context.ApiResources.Add(api.ToEntity()); - } - - await context.SaveChangesAsync(); - } - - if (!context.ApiScopes.Any()) - { - foreach (var apiScope in Config.GetApiScopes()) - { - context.ApiScopes.Add(apiScope.ToEntity()); - } - - await context.SaveChangesAsync(); - } - } - } -} diff --git a/src/Services/Identity/Identity.API/Migrations/20210813072445_InitialMigration.Designer.cs b/src/Services/Identity/Identity.API/Data/Migrations/20210914100206_InitialMigration.Designer.cs similarity index 95% rename from src/Services/Identity/Identity.API/Migrations/20210813072445_InitialMigration.Designer.cs rename to src/Services/Identity/Identity.API/Data/Migrations/20210914100206_InitialMigration.Designer.cs index b6c43abf5..d8c737ae4 100644 --- a/src/Services/Identity/Identity.API/Migrations/20210813072445_InitialMigration.Designer.cs +++ b/src/Services/Identity/Identity.API/Data/Migrations/20210914100206_InitialMigration.Designer.cs @@ -7,10 +7,10 @@ using Microsoft.EntityFrameworkCore.Migrations; using Microsoft.EntityFrameworkCore.Storage.ValueConversion; using Microsoft.eShopOnContainers.Services.Identity.API.Data; -namespace Identity.API.Migrations +namespace Microsoft.eShopOnContainers.Services.Identity.API.Data.Migrations { [DbContext(typeof(ApplicationDbContext))] - [Migration("20210813072445_InitialMigration")] + [Migration("20210914100206_InitialMigration")] partial class InitialMigration { protected override void BuildTargetModel(ModelBuilder modelBuilder) @@ -18,7 +18,7 @@ namespace Identity.API.Migrations #pragma warning disable 612, 618 modelBuilder .HasAnnotation("Relational:MaxIdentifierLength", 128) - .HasAnnotation("ProductVersion", "6.0.0") + .HasAnnotation("ProductVersion", "5.0.9") .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRole", b => @@ -45,7 +45,7 @@ namespace Identity.API.Migrations .HasDatabaseName("RoleNameIndex") .HasFilter("[NormalizedName] IS NOT NULL"); - b.ToTable("AspNetRoles", (string)null); + b.ToTable("AspNetRoles"); }); modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim", b => @@ -69,7 +69,7 @@ namespace Identity.API.Migrations b.HasIndex("RoleId"); - b.ToTable("AspNetRoleClaims", (string)null); + b.ToTable("AspNetRoleClaims"); }); modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim", b => @@ -93,7 +93,7 @@ namespace Identity.API.Migrations b.HasIndex("UserId"); - b.ToTable("AspNetUserClaims", (string)null); + b.ToTable("AspNetUserClaims"); }); modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin", b => @@ -115,7 +115,7 @@ namespace Identity.API.Migrations b.HasIndex("UserId"); - b.ToTable("AspNetUserLogins", (string)null); + b.ToTable("AspNetUserLogins"); }); modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole", b => @@ -130,7 +130,7 @@ namespace Identity.API.Migrations b.HasIndex("RoleId"); - b.ToTable("AspNetUserRoles", (string)null); + b.ToTable("AspNetUserRoles"); }); modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken", b => @@ -149,7 +149,7 @@ namespace Identity.API.Migrations b.HasKey("UserId", "LoginProvider", "Name"); - b.ToTable("AspNetUserTokens", (string)null); + b.ToTable("AspNetUserTokens"); }); modelBuilder.Entity("Microsoft.eShopOnContainers.Services.Identity.API.Models.ApplicationUser", b => @@ -261,7 +261,7 @@ namespace Identity.API.Migrations .HasDatabaseName("UserNameIndex") .HasFilter("[NormalizedUserName] IS NOT NULL"); - b.ToTable("AspNetUsers", (string)null); + b.ToTable("AspNetUsers"); }); modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim", b => diff --git a/src/Services/Identity/Identity.API/Migrations/20210813072445_InitialMigration.cs b/src/Services/Identity/Identity.API/Data/Migrations/20210914100206_InitialMigration.cs similarity index 99% rename from src/Services/Identity/Identity.API/Migrations/20210813072445_InitialMigration.cs rename to src/Services/Identity/Identity.API/Data/Migrations/20210914100206_InitialMigration.cs index 88587a677..e0933a52e 100644 --- a/src/Services/Identity/Identity.API/Migrations/20210813072445_InitialMigration.cs +++ b/src/Services/Identity/Identity.API/Data/Migrations/20210914100206_InitialMigration.cs @@ -1,7 +1,7 @@ using System; using Microsoft.EntityFrameworkCore.Migrations; -namespace Identity.API.Migrations +namespace Microsoft.eShopOnContainers.Services.Identity.API.Data.Migrations { public partial class InitialMigration : Migration { diff --git a/src/Services/Identity/Identity.API/Migrations/ApplicationDbContextModelSnapshot.cs b/src/Services/Identity/Identity.API/Data/Migrations/ApplicationDbContextModelSnapshot.cs similarity index 95% rename from src/Services/Identity/Identity.API/Migrations/ApplicationDbContextModelSnapshot.cs rename to src/Services/Identity/Identity.API/Data/Migrations/ApplicationDbContextModelSnapshot.cs index 6334d4e55..8216173a7 100644 --- a/src/Services/Identity/Identity.API/Migrations/ApplicationDbContextModelSnapshot.cs +++ b/src/Services/Identity/Identity.API/Data/Migrations/ApplicationDbContextModelSnapshot.cs @@ -6,7 +6,7 @@ using Microsoft.EntityFrameworkCore.Metadata; using Microsoft.EntityFrameworkCore.Storage.ValueConversion; using Microsoft.eShopOnContainers.Services.Identity.API.Data; -namespace Identity.API.Migrations +namespace Microsoft.eShopOnContainers.Services.Identity.API.Data.Migrations { [DbContext(typeof(ApplicationDbContext))] partial class ApplicationDbContextModelSnapshot : ModelSnapshot @@ -16,7 +16,7 @@ namespace Identity.API.Migrations #pragma warning disable 612, 618 modelBuilder .HasAnnotation("Relational:MaxIdentifierLength", 128) - .HasAnnotation("ProductVersion", "6.2.0") + .HasAnnotation("ProductVersion", "5.0.9") .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRole", b => @@ -43,7 +43,7 @@ namespace Identity.API.Migrations .HasDatabaseName("RoleNameIndex") .HasFilter("[NormalizedName] IS NOT NULL"); - b.ToTable("AspNetRoles", (string)null); + b.ToTable("AspNetRoles"); }); modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim", b => @@ -67,7 +67,7 @@ namespace Identity.API.Migrations b.HasIndex("RoleId"); - b.ToTable("AspNetRoleClaims", (string)null); + b.ToTable("AspNetRoleClaims"); }); modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim", b => @@ -91,7 +91,7 @@ namespace Identity.API.Migrations b.HasIndex("UserId"); - b.ToTable("AspNetUserClaims", (string)null); + b.ToTable("AspNetUserClaims"); }); modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin", b => @@ -113,7 +113,7 @@ namespace Identity.API.Migrations b.HasIndex("UserId"); - b.ToTable("AspNetUserLogins", (string)null); + b.ToTable("AspNetUserLogins"); }); modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole", b => @@ -128,7 +128,7 @@ namespace Identity.API.Migrations b.HasIndex("RoleId"); - b.ToTable("AspNetUserRoles", (string)null); + b.ToTable("AspNetUserRoles"); }); modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken", b => @@ -147,7 +147,7 @@ namespace Identity.API.Migrations b.HasKey("UserId", "LoginProvider", "Name"); - b.ToTable("AspNetUserTokens", (string)null); + b.ToTable("AspNetUserTokens"); }); modelBuilder.Entity("Microsoft.eShopOnContainers.Services.Identity.API.Models.ApplicationUser", b => @@ -259,7 +259,7 @@ namespace Identity.API.Migrations .HasDatabaseName("UserNameIndex") .HasFilter("[NormalizedUserName] IS NOT NULL"); - b.ToTable("AspNetUsers", (string)null); + b.ToTable("AspNetUsers"); }); modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim", b => diff --git a/src/Services/Identity/Identity.API/Extensions/Extension.cs b/src/Services/Identity/Identity.API/Extensions/Extension.cs deleted file mode 100644 index 1ed98c98c..000000000 --- a/src/Services/Identity/Identity.API/Extensions/Extension.cs +++ /dev/null @@ -1,23 +0,0 @@ -namespace Identity.API.Extensions -{ - public static class Extensions - { - /// - /// Checks if the redirect URI is for a native client. - /// - /// - public static bool IsNativeClient(this AuthorizationRequest context) - { - return !context.RedirectUri.StartsWith("https", StringComparison.Ordinal) - && !context.RedirectUri.StartsWith("http", StringComparison.Ordinal); - } - - public static IActionResult LoadingPage(this Controller controller, string viewName, string redirectUri) - { - controller.HttpContext.Response.StatusCode = 200; - controller.HttpContext.Response.Headers["Location"] = ""; - - return controller.View(viewName, new RedirectViewModel { RedirectUrl = redirectUri }); - } - } -} diff --git a/src/Services/Identity/Identity.API/Extensions/LinqSelectExtensions.cs b/src/Services/Identity/Identity.API/Extensions/LinqSelectExtensions.cs deleted file mode 100644 index 0e2c4c72b..000000000 --- a/src/Services/Identity/Identity.API/Extensions/LinqSelectExtensions.cs +++ /dev/null @@ -1,46 +0,0 @@ -namespace Microsoft.eShopOnContainers.Services.Identity.API.Extensions -{ - public static class LinqSelectExtensions - { - public static IEnumerable> SelectTry(this IEnumerable enumerable, Func selector) - { - foreach (TSource element in enumerable) - { - SelectTryResult returnedValue; - try - { - returnedValue = new SelectTryResult(element, selector(element), null); - } - catch (Exception ex) - { - returnedValue = new SelectTryResult(element, default(TResult), ex); - } - yield return returnedValue; - } - } - - public static IEnumerable OnCaughtException(this IEnumerable> enumerable, Func exceptionHandler) - { - return enumerable.Select(x => x.CaughtException == null ? x.Result : exceptionHandler(x.CaughtException)); - } - - public static IEnumerable OnCaughtException(this IEnumerable> enumerable, Func exceptionHandler) - { - return enumerable.Select(x => x.CaughtException == null ? x.Result : exceptionHandler(x.Source, x.CaughtException)); - } - - public class SelectTryResult - { - internal SelectTryResult(TSource source, TResult result, Exception exception) - { - Source = source; - Result = result; - CaughtException = exception; - } - - public TSource Source { get; private set; } - public TResult Result { get; private set; } - public Exception CaughtException { get; private set; } - } - } -} diff --git a/src/Services/Identity/Identity.API/Factories/ApplicationDbContextFactory.cs b/src/Services/Identity/Identity.API/Factories/ApplicationDbContextFactory.cs deleted file mode 100644 index c1fb0198c..000000000 --- a/src/Services/Identity/Identity.API/Factories/ApplicationDbContextFactory.cs +++ /dev/null @@ -1,20 +0,0 @@ -namespace Identity.API.Factories -{ - public class ApplicationDbContextFactory : IDesignTimeDbContextFactory - { - public ApplicationDbContext CreateDbContext(string[] args) - { - var config = new ConfigurationBuilder() - .SetBasePath(Path.Combine(Directory.GetCurrentDirectory())) - .AddJsonFile("appsettings.json") - .AddEnvironmentVariables() - .Build(); - - var optionsBuilder = new DbContextOptionsBuilder(); - - optionsBuilder.UseSqlServer(config["ConnectionString"], sqlServerOptionsAction: o => o.MigrationsAssembly("Identity.API")); - - return new ApplicationDbContext(optionsBuilder.Options); - } - } -} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Factories/ConfigurationDbContextFactory.cs b/src/Services/Identity/Identity.API/Factories/ConfigurationDbContextFactory.cs deleted file mode 100644 index cc9e9aed8..000000000 --- a/src/Services/Identity/Identity.API/Factories/ConfigurationDbContextFactory.cs +++ /dev/null @@ -1,21 +0,0 @@ -namespace Identity.API.Factories -{ - public class ConfigurationDbContextFactory : IDesignTimeDbContextFactory - { - public ConfigurationDbContext CreateDbContext(string[] args) - { - var config = new ConfigurationBuilder() - .SetBasePath(Path.Combine(Directory.GetCurrentDirectory())) - .AddJsonFile("appsettings.json") - .AddEnvironmentVariables() - .Build(); - - var optionsBuilder = new DbContextOptionsBuilder(); - var storeOptions = new ConfigurationStoreOptions(); - - optionsBuilder.UseSqlServer(config["ConnectionString"], sqlServerOptionsAction: o => o.MigrationsAssembly("Identity.API")); - - return new ConfigurationDbContext(optionsBuilder.Options); - } - } -} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Factories/PersistedGrantDbContextFactory.cs b/src/Services/Identity/Identity.API/Factories/PersistedGrantDbContextFactory.cs deleted file mode 100644 index daeea610e..000000000 --- a/src/Services/Identity/Identity.API/Factories/PersistedGrantDbContextFactory.cs +++ /dev/null @@ -1,21 +0,0 @@ -namespace Identity.API.Factories -{ - public class PersistedGrantDbContextFactory : IDesignTimeDbContextFactory - { - public PersistedGrantDbContext CreateDbContext(string[] args) - { - var config = new ConfigurationBuilder() - .SetBasePath(Path.Combine(Directory.GetCurrentDirectory())) - .AddJsonFile("appsettings.json") - .AddEnvironmentVariables() - .Build(); - - var optionsBuilder = new DbContextOptionsBuilder(); - var operationOptions = new OperationalStoreOptions(); - - optionsBuilder.UseSqlServer(config["ConnectionString"], sqlServerOptionsAction: o => o.MigrationsAssembly("Identity.API")); - - return new PersistedGrantDbContext(optionsBuilder.Options); - } - } -} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/GlobalUsings.cs b/src/Services/Identity/Identity.API/GlobalUsings.cs index 96fe67a8e..c21ec0a02 100644 --- a/src/Services/Identity/Identity.API/GlobalUsings.cs +++ b/src/Services/Identity/Identity.API/GlobalUsings.cs @@ -1,19 +1,18 @@ -global using Microsoft.eShopOnContainers.Services.Identity.API.Extensions; + global using System.IO.Compression; global using Autofac.Extensions.DependencyInjection; -global using Autofac; global using Azure.Core; global using Azure.Identity; global using HealthChecks.UI.Client; global using IdentityModel; -global using Duende.IdentityServer.EntityFramework.DbContexts; -global using Duende.IdentityServer.EntityFramework.Mappers; -global using Duende.IdentityServer.EntityFramework.Options; +global using Duende.IdentityServer; +global using Duende.IdentityServer.Configuration; +global using Duende.IdentityServer.Events; +global using Duende.IdentityServer.Extensions; global using Duende.IdentityServer.Models; global using Duende.IdentityServer.Services; global using Duende.IdentityServer.Stores; global using Duende.IdentityServer.Validation; -global using Duende.IdentityServer; global using Microsoft.AspNetCore.Authentication; global using Microsoft.AspNetCore.Authorization; global using Microsoft.AspNetCore.Builder; @@ -23,20 +22,21 @@ global using Microsoft.AspNetCore.Identity.EntityFrameworkCore; global using Microsoft.AspNetCore.Identity; global using Microsoft.AspNetCore.Mvc.Rendering; global using Microsoft.AspNetCore.Mvc; +global using Microsoft.AspNetCore.Mvc.Filters; global using Microsoft.AspNetCore; global using Microsoft.EntityFrameworkCore.Design; global using Microsoft.EntityFrameworkCore.Infrastructure; global using Microsoft.EntityFrameworkCore.Metadata; global using Microsoft.EntityFrameworkCore.Migrations; global using Microsoft.EntityFrameworkCore; -global using Microsoft.eShopOnContainers.Services.Identity.API.Certificates; -global using Microsoft.eShopOnContainers.Services.Identity.API.Configuration; + +global using Microsoft.eShopOnContainers.Services.Identity.API; global using Microsoft.eShopOnContainers.Services.Identity.API.Data; +global using Microsoft.eShopOnContainers.Services.Identity.API.Configuration; global using Microsoft.eShopOnContainers.Services.Identity.API.Devspaces; global using Microsoft.eShopOnContainers.Services.Identity.API.Models.AccountViewModels; global using Microsoft.eShopOnContainers.Services.Identity.API.Models; global using Microsoft.eShopOnContainers.Services.Identity.API.Services; -global using Microsoft.eShopOnContainers.Services.Identity.API; global using Microsoft.Extensions.Configuration; global using Microsoft.Extensions.DependencyInjection; global using Microsoft.Extensions.Diagnostics.HealthChecks; @@ -44,7 +44,6 @@ global using Microsoft.Extensions.Hosting; global using Microsoft.Extensions.Logging; global using Microsoft.Extensions.Options; global using Polly; -global using Serilog; global using StackExchange.Redis; global using System.Collections.Generic; global using System.ComponentModel.DataAnnotations; @@ -58,6 +57,7 @@ global using System.Security.Cryptography.X509Certificates; global using System.Text.RegularExpressions; global using System.Threading.Tasks; global using System; +global using Microsoft.AspNetCore.Http; diff --git a/src/Services/Identity/Identity.API/Identity.API.csproj b/src/Services/Identity/Identity.API/Identity.API.csproj index ef956e09a..54c6f2a0e 100644 --- a/src/Services/Identity/Identity.API/Identity.API.csproj +++ b/src/Services/Identity/Identity.API/Identity.API.csproj @@ -8,12 +8,6 @@ true - - - PreserveNewest - - - @@ -31,11 +25,14 @@ + all runtime; build; native; contentfiles; analyzers; buildtransitive + + @@ -55,18 +52,25 @@ - - - - - - - PreserveNewest - - - - + + + + + + + + + + + + + + + + + + diff --git a/src/Services/Identity/Identity.API/Migrations/ConfigurationDb/20220324152912_InitialConfigurationDbMigration.Designer.cs b/src/Services/Identity/Identity.API/Migrations/ConfigurationDb/20220324152912_InitialConfigurationDbMigration.Designer.cs deleted file mode 100644 index eae3e63d3..000000000 --- a/src/Services/Identity/Identity.API/Migrations/ConfigurationDb/20220324152912_InitialConfigurationDbMigration.Designer.cs +++ /dev/null @@ -1,1096 +0,0 @@ -// -using System; -using Duende.IdentityServer.EntityFramework.DbContexts; -using Microsoft.EntityFrameworkCore; -using Microsoft.EntityFrameworkCore.Infrastructure; -using Microsoft.EntityFrameworkCore.Metadata; -using Microsoft.EntityFrameworkCore.Migrations; -using Microsoft.EntityFrameworkCore.Storage.ValueConversion; - -#nullable disable - -namespace Identity.API.Migrations.ConfigurationDb -{ - [DbContext(typeof(ConfigurationDbContext))] - [Migration("20220324152912_Configuration")] - partial class Configuration - { - protected override void BuildTargetModel(ModelBuilder modelBuilder) - { -#pragma warning disable 612, 618 - modelBuilder - .HasAnnotation("ProductVersion", "6.0.0") - .HasAnnotation("Relational:MaxIdentifierLength", 128); - - SqlServerModelBuilderExtensions.UseIdentityColumns(modelBuilder, 1L, 1); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResource", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("AllowedAccessTokenSigningAlgorithms") - .HasMaxLength(100) - .HasColumnType("nvarchar(100)"); - - b.Property("Created") - .HasColumnType("datetime2"); - - b.Property("Description") - .HasMaxLength(1000) - .HasColumnType("nvarchar(1000)"); - - b.Property("DisplayName") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("Enabled") - .HasColumnType("bit"); - - b.Property("LastAccessed") - .HasColumnType("datetime2"); - - b.Property("Name") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("NonEditable") - .HasColumnType("bit"); - - b.Property("RequireResourceIndicator") - .HasColumnType("bit"); - - b.Property("ShowInDiscoveryDocument") - .HasColumnType("bit"); - - b.Property("Updated") - .HasColumnType("datetime2"); - - b.HasKey("Id"); - - b.HasIndex("Name") - .IsUnique(); - - b.ToTable("ApiResources", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceClaim", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ApiResourceId") - .HasColumnType("int"); - - b.Property("Type") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.HasKey("Id"); - - b.HasIndex("ApiResourceId", "Type") - .IsUnique(); - - b.ToTable("ApiResourceClaims", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceProperty", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ApiResourceId") - .HasColumnType("int"); - - b.Property("Key") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); - - b.Property("Value") - .IsRequired() - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.HasKey("Id"); - - b.HasIndex("ApiResourceId", "Key") - .IsUnique(); - - b.ToTable("ApiResourceProperties", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceScope", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ApiResourceId") - .HasColumnType("int"); - - b.Property("Scope") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.HasKey("Id"); - - b.HasIndex("ApiResourceId", "Scope") - .IsUnique(); - - b.ToTable("ApiResourceScopes", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceSecret", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ApiResourceId") - .HasColumnType("int"); - - b.Property("Created") - .HasColumnType("datetime2"); - - b.Property("Description") - .HasMaxLength(1000) - .HasColumnType("nvarchar(1000)"); - - b.Property("Expiration") - .HasColumnType("datetime2"); - - b.Property("Type") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); - - b.Property("Value") - .IsRequired() - .HasMaxLength(4000) - .HasColumnType("nvarchar(4000)"); - - b.HasKey("Id"); - - b.HasIndex("ApiResourceId"); - - b.ToTable("ApiResourceSecrets", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiScope", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("Created") - .HasColumnType("datetime2"); - - b.Property("Description") - .HasMaxLength(1000) - .HasColumnType("nvarchar(1000)"); - - b.Property("DisplayName") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("Emphasize") - .HasColumnType("bit"); - - b.Property("Enabled") - .HasColumnType("bit"); - - b.Property("LastAccessed") - .HasColumnType("datetime2"); - - b.Property("Name") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("NonEditable") - .HasColumnType("bit"); - - b.Property("Required") - .HasColumnType("bit"); - - b.Property("ShowInDiscoveryDocument") - .HasColumnType("bit"); - - b.Property("Updated") - .HasColumnType("datetime2"); - - b.HasKey("Id"); - - b.HasIndex("Name") - .IsUnique(); - - b.ToTable("ApiScopes", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiScopeClaim", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ScopeId") - .HasColumnType("int"); - - b.Property("Type") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.HasKey("Id"); - - b.HasIndex("ScopeId", "Type") - .IsUnique(); - - b.ToTable("ApiScopeClaims", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiScopeProperty", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("Key") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); - - b.Property("ScopeId") - .HasColumnType("int"); - - b.Property("Value") - .IsRequired() - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.HasKey("Id"); - - b.HasIndex("ScopeId", "Key") - .IsUnique(); - - b.ToTable("ApiScopeProperties", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.Client", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("AbsoluteRefreshTokenLifetime") - .HasColumnType("int"); - - b.Property("AccessTokenLifetime") - .HasColumnType("int"); - - b.Property("AccessTokenType") - .HasColumnType("int"); - - b.Property("AllowAccessTokensViaBrowser") - .HasColumnType("bit"); - - b.Property("AllowOfflineAccess") - .HasColumnType("bit"); - - b.Property("AllowPlainTextPkce") - .HasColumnType("bit"); - - b.Property("AllowRememberConsent") - .HasColumnType("bit"); - - b.Property("AllowedIdentityTokenSigningAlgorithms") - .HasMaxLength(100) - .HasColumnType("nvarchar(100)"); - - b.Property("AlwaysIncludeUserClaimsInIdToken") - .HasColumnType("bit"); - - b.Property("AlwaysSendClientClaims") - .HasColumnType("bit"); - - b.Property("AuthorizationCodeLifetime") - .HasColumnType("int"); - - b.Property("BackChannelLogoutSessionRequired") - .HasColumnType("bit"); - - b.Property("BackChannelLogoutUri") - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.Property("CibaLifetime") - .HasColumnType("int"); - - b.Property("ClientClaimsPrefix") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("ClientId") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("ClientName") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("ClientUri") - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.Property("ConsentLifetime") - .HasColumnType("int"); - - b.Property("CoordinateLifetimeWithUserSession") - .HasColumnType("bit"); - - b.Property("Created") - .HasColumnType("datetime2"); - - b.Property("Description") - .HasMaxLength(1000) - .HasColumnType("nvarchar(1000)"); - - b.Property("DeviceCodeLifetime") - .HasColumnType("int"); - - b.Property("EnableLocalLogin") - .HasColumnType("bit"); - - b.Property("Enabled") - .HasColumnType("bit"); - - b.Property("FrontChannelLogoutSessionRequired") - .HasColumnType("bit"); - - b.Property("FrontChannelLogoutUri") - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.Property("IdentityTokenLifetime") - .HasColumnType("int"); - - b.Property("IncludeJwtId") - .HasColumnType("bit"); - - b.Property("LastAccessed") - .HasColumnType("datetime2"); - - b.Property("LogoUri") - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.Property("NonEditable") - .HasColumnType("bit"); - - b.Property("PairWiseSubjectSalt") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("PollingInterval") - .HasColumnType("int"); - - b.Property("ProtocolType") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("RefreshTokenExpiration") - .HasColumnType("int"); - - b.Property("RefreshTokenUsage") - .HasColumnType("int"); - - b.Property("RequireClientSecret") - .HasColumnType("bit"); - - b.Property("RequireConsent") - .HasColumnType("bit"); - - b.Property("RequirePkce") - .HasColumnType("bit"); - - b.Property("RequireRequestObject") - .HasColumnType("bit"); - - b.Property("SlidingRefreshTokenLifetime") - .HasColumnType("int"); - - b.Property("UpdateAccessTokenClaimsOnRefresh") - .HasColumnType("bit"); - - b.Property("Updated") - .HasColumnType("datetime2"); - - b.Property("UserCodeType") - .HasMaxLength(100) - .HasColumnType("nvarchar(100)"); - - b.Property("UserSsoLifetime") - .HasColumnType("int"); - - b.HasKey("Id"); - - b.HasIndex("ClientId") - .IsUnique(); - - b.ToTable("Clients", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientClaim", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ClientId") - .HasColumnType("int"); - - b.Property("Type") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); - - b.Property("Value") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); - - b.HasKey("Id"); - - b.HasIndex("ClientId", "Type", "Value") - .IsUnique(); - - b.ToTable("ClientClaims", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientCorsOrigin", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ClientId") - .HasColumnType("int"); - - b.Property("Origin") - .IsRequired() - .HasMaxLength(150) - .HasColumnType("nvarchar(150)"); - - b.HasKey("Id"); - - b.HasIndex("ClientId", "Origin") - .IsUnique(); - - b.ToTable("ClientCorsOrigins", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientGrantType", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ClientId") - .HasColumnType("int"); - - b.Property("GrantType") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); - - b.HasKey("Id"); - - b.HasIndex("ClientId", "GrantType") - .IsUnique(); - - b.ToTable("ClientGrantTypes", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientIdPRestriction", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ClientId") - .HasColumnType("int"); - - b.Property("Provider") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.HasKey("Id"); - - b.HasIndex("ClientId", "Provider") - .IsUnique(); - - b.ToTable("ClientIdPRestrictions", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientPostLogoutRedirectUri", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ClientId") - .HasColumnType("int"); - - b.Property("PostLogoutRedirectUri") - .IsRequired() - .HasMaxLength(400) - .HasColumnType("nvarchar(400)"); - - b.HasKey("Id"); - - b.HasIndex("ClientId", "PostLogoutRedirectUri") - .IsUnique(); - - b.ToTable("ClientPostLogoutRedirectUris", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientProperty", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ClientId") - .HasColumnType("int"); - - b.Property("Key") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); - - b.Property("Value") - .IsRequired() - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.HasKey("Id"); - - b.HasIndex("ClientId", "Key") - .IsUnique(); - - b.ToTable("ClientProperties", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientRedirectUri", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ClientId") - .HasColumnType("int"); - - b.Property("RedirectUri") - .IsRequired() - .HasMaxLength(400) - .HasColumnType("nvarchar(400)"); - - b.HasKey("Id"); - - b.HasIndex("ClientId", "RedirectUri") - .IsUnique(); - - b.ToTable("ClientRedirectUris", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientScope", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ClientId") - .HasColumnType("int"); - - b.Property("Scope") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.HasKey("Id"); - - b.HasIndex("ClientId", "Scope") - .IsUnique(); - - b.ToTable("ClientScopes", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientSecret", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ClientId") - .HasColumnType("int"); - - b.Property("Created") - .HasColumnType("datetime2"); - - b.Property("Description") - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.Property("Expiration") - .HasColumnType("datetime2"); - - b.Property("Type") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); - - b.Property("Value") - .IsRequired() - .HasMaxLength(4000) - .HasColumnType("nvarchar(4000)"); - - b.HasKey("Id"); - - b.HasIndex("ClientId"); - - b.ToTable("ClientSecrets", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityProvider", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("Created") - .HasColumnType("datetime2"); - - b.Property("DisplayName") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("Enabled") - .HasColumnType("bit"); - - b.Property("LastAccessed") - .HasColumnType("datetime2"); - - b.Property("NonEditable") - .HasColumnType("bit"); - - b.Property("Properties") - .HasColumnType("nvarchar(max)"); - - b.Property("Scheme") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("Type") - .IsRequired() - .HasMaxLength(20) - .HasColumnType("nvarchar(20)"); - - b.Property("Updated") - .HasColumnType("datetime2"); - - b.HasKey("Id"); - - b.HasIndex("Scheme") - .IsUnique(); - - b.ToTable("IdentityProviders", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityResource", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("Created") - .HasColumnType("datetime2"); - - b.Property("Description") - .HasMaxLength(1000) - .HasColumnType("nvarchar(1000)"); - - b.Property("DisplayName") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("Emphasize") - .HasColumnType("bit"); - - b.Property("Enabled") - .HasColumnType("bit"); - - b.Property("Name") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("NonEditable") - .HasColumnType("bit"); - - b.Property("Required") - .HasColumnType("bit"); - - b.Property("ShowInDiscoveryDocument") - .HasColumnType("bit"); - - b.Property("Updated") - .HasColumnType("datetime2"); - - b.HasKey("Id"); - - b.HasIndex("Name") - .IsUnique(); - - b.ToTable("IdentityResources", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityResourceClaim", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("IdentityResourceId") - .HasColumnType("int"); - - b.Property("Type") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.HasKey("Id"); - - b.HasIndex("IdentityResourceId", "Type") - .IsUnique(); - - b.ToTable("IdentityResourceClaims", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityResourceProperty", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("IdentityResourceId") - .HasColumnType("int"); - - b.Property("Key") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); - - b.Property("Value") - .IsRequired() - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.HasKey("Id"); - - b.HasIndex("IdentityResourceId", "Key") - .IsUnique(); - - b.ToTable("IdentityResourceProperties", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceClaim", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.ApiResource", "ApiResource") - .WithMany("UserClaims") - .HasForeignKey("ApiResourceId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("ApiResource"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceProperty", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.ApiResource", "ApiResource") - .WithMany("Properties") - .HasForeignKey("ApiResourceId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("ApiResource"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceScope", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.ApiResource", "ApiResource") - .WithMany("Scopes") - .HasForeignKey("ApiResourceId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("ApiResource"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceSecret", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.ApiResource", "ApiResource") - .WithMany("Secrets") - .HasForeignKey("ApiResourceId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("ApiResource"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiScopeClaim", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.ApiScope", "Scope") - .WithMany("UserClaims") - .HasForeignKey("ScopeId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Scope"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiScopeProperty", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.ApiScope", "Scope") - .WithMany("Properties") - .HasForeignKey("ScopeId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Scope"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientClaim", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") - .WithMany("Claims") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientCorsOrigin", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") - .WithMany("AllowedCorsOrigins") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientGrantType", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") - .WithMany("AllowedGrantTypes") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientIdPRestriction", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") - .WithMany("IdentityProviderRestrictions") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientPostLogoutRedirectUri", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") - .WithMany("PostLogoutRedirectUris") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientProperty", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") - .WithMany("Properties") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientRedirectUri", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") - .WithMany("RedirectUris") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientScope", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") - .WithMany("AllowedScopes") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientSecret", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") - .WithMany("ClientSecrets") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityResourceClaim", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.IdentityResource", "IdentityResource") - .WithMany("UserClaims") - .HasForeignKey("IdentityResourceId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("IdentityResource"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityResourceProperty", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.IdentityResource", "IdentityResource") - .WithMany("Properties") - .HasForeignKey("IdentityResourceId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("IdentityResource"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResource", b => - { - b.Navigation("Properties"); - - b.Navigation("Scopes"); - - b.Navigation("Secrets"); - - b.Navigation("UserClaims"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiScope", b => - { - b.Navigation("Properties"); - - b.Navigation("UserClaims"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.Client", b => - { - b.Navigation("AllowedCorsOrigins"); - - b.Navigation("AllowedGrantTypes"); - - b.Navigation("AllowedScopes"); - - b.Navigation("Claims"); - - b.Navigation("ClientSecrets"); - - b.Navigation("IdentityProviderRestrictions"); - - b.Navigation("PostLogoutRedirectUris"); - - b.Navigation("Properties"); - - b.Navigation("RedirectUris"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityResource", b => - { - b.Navigation("Properties"); - - b.Navigation("UserClaims"); - }); -#pragma warning restore 612, 618 - } - } -} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Migrations/ConfigurationDb/20220324152912_InitialConfigurationDbMigration.cs b/src/Services/Identity/Identity.API/Migrations/ConfigurationDb/20220324152912_InitialConfigurationDbMigration.cs deleted file mode 100644 index 636e0589e..000000000 --- a/src/Services/Identity/Identity.API/Migrations/ConfigurationDb/20220324152912_InitialConfigurationDbMigration.cs +++ /dev/null @@ -1,712 +0,0 @@ -using System; -using Microsoft.EntityFrameworkCore.Migrations; - -#nullable disable - -namespace Identity.API.Migrations.ConfigurationDb -{ - public partial class Configuration : Migration - { - protected override void Up(MigrationBuilder migrationBuilder) - { - migrationBuilder.CreateTable( - name: "ApiResources", - columns: table => new - { - Id = table.Column(type: "int", nullable: false) - .Annotation("SqlServer:Identity", "1, 1"), - Enabled = table.Column(type: "bit", nullable: false), - Name = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false), - DisplayName = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: true), - Description = table.Column(type: "nvarchar(1000)", maxLength: 1000, nullable: true), - AllowedAccessTokenSigningAlgorithms = table.Column(type: "nvarchar(100)", maxLength: 100, nullable: true), - ShowInDiscoveryDocument = table.Column(type: "bit", nullable: false), - RequireResourceIndicator = table.Column(type: "bit", nullable: false), - Created = table.Column(type: "datetime2", nullable: false), - Updated = table.Column(type: "datetime2", nullable: true), - LastAccessed = table.Column(type: "datetime2", nullable: true), - NonEditable = table.Column(type: "bit", nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_ApiResources", x => x.Id); - }); - - migrationBuilder.CreateTable( - name: "ApiScopes", - columns: table => new - { - Id = table.Column(type: "int", nullable: false) - .Annotation("SqlServer:Identity", "1, 1"), - Enabled = table.Column(type: "bit", nullable: false), - Name = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false), - DisplayName = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: true), - Description = table.Column(type: "nvarchar(1000)", maxLength: 1000, nullable: true), - Required = table.Column(type: "bit", nullable: false), - Emphasize = table.Column(type: "bit", nullable: false), - ShowInDiscoveryDocument = table.Column(type: "bit", nullable: false), - Created = table.Column(type: "datetime2", nullable: false), - Updated = table.Column(type: "datetime2", nullable: true), - LastAccessed = table.Column(type: "datetime2", nullable: true), - NonEditable = table.Column(type: "bit", nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_ApiScopes", x => x.Id); - }); - - migrationBuilder.CreateTable( - name: "Clients", - columns: table => new - { - Id = table.Column(type: "int", nullable: false) - .Annotation("SqlServer:Identity", "1, 1"), - Enabled = table.Column(type: "bit", nullable: false), - ClientId = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false), - ProtocolType = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false), - RequireClientSecret = table.Column(type: "bit", nullable: false), - ClientName = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: true), - Description = table.Column(type: "nvarchar(1000)", maxLength: 1000, nullable: true), - ClientUri = table.Column(type: "nvarchar(2000)", maxLength: 2000, nullable: true), - LogoUri = table.Column(type: "nvarchar(2000)", maxLength: 2000, nullable: true), - RequireConsent = table.Column(type: "bit", nullable: false), - AllowRememberConsent = table.Column(type: "bit", nullable: false), - AlwaysIncludeUserClaimsInIdToken = table.Column(type: "bit", nullable: false), - RequirePkce = table.Column(type: "bit", nullable: false), - AllowPlainTextPkce = table.Column(type: "bit", nullable: false), - RequireRequestObject = table.Column(type: "bit", nullable: false), - AllowAccessTokensViaBrowser = table.Column(type: "bit", nullable: false), - FrontChannelLogoutUri = table.Column(type: "nvarchar(2000)", maxLength: 2000, nullable: true), - FrontChannelLogoutSessionRequired = table.Column(type: "bit", nullable: false), - BackChannelLogoutUri = table.Column(type: "nvarchar(2000)", maxLength: 2000, nullable: true), - BackChannelLogoutSessionRequired = table.Column(type: "bit", nullable: false), - AllowOfflineAccess = table.Column(type: "bit", nullable: false), - IdentityTokenLifetime = table.Column(type: "int", nullable: false), - AllowedIdentityTokenSigningAlgorithms = table.Column(type: "nvarchar(100)", maxLength: 100, nullable: true), - AccessTokenLifetime = table.Column(type: "int", nullable: false), - AuthorizationCodeLifetime = table.Column(type: "int", nullable: false), - ConsentLifetime = table.Column(type: "int", nullable: true), - AbsoluteRefreshTokenLifetime = table.Column(type: "int", nullable: false), - SlidingRefreshTokenLifetime = table.Column(type: "int", nullable: false), - RefreshTokenUsage = table.Column(type: "int", nullable: false), - UpdateAccessTokenClaimsOnRefresh = table.Column(type: "bit", nullable: false), - RefreshTokenExpiration = table.Column(type: "int", nullable: false), - AccessTokenType = table.Column(type: "int", nullable: false), - EnableLocalLogin = table.Column(type: "bit", nullable: false), - IncludeJwtId = table.Column(type: "bit", nullable: false), - AlwaysSendClientClaims = table.Column(type: "bit", nullable: false), - ClientClaimsPrefix = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: true), - PairWiseSubjectSalt = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: true), - UserSsoLifetime = table.Column(type: "int", nullable: true), - UserCodeType = table.Column(type: "nvarchar(100)", maxLength: 100, nullable: true), - DeviceCodeLifetime = table.Column(type: "int", nullable: false), - CibaLifetime = table.Column(type: "int", nullable: true), - PollingInterval = table.Column(type: "int", nullable: true), - CoordinateLifetimeWithUserSession = table.Column(type: "bit", nullable: true), - Created = table.Column(type: "datetime2", nullable: false), - Updated = table.Column(type: "datetime2", nullable: true), - LastAccessed = table.Column(type: "datetime2", nullable: true), - NonEditable = table.Column(type: "bit", nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_Clients", x => x.Id); - }); - - migrationBuilder.CreateTable( - name: "IdentityProviders", - columns: table => new - { - Id = table.Column(type: "int", nullable: false) - .Annotation("SqlServer:Identity", "1, 1"), - Scheme = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false), - DisplayName = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: true), - Enabled = table.Column(type: "bit", nullable: false), - Type = table.Column(type: "nvarchar(20)", maxLength: 20, nullable: false), - Properties = table.Column(type: "nvarchar(max)", nullable: true), - Created = table.Column(type: "datetime2", nullable: false), - Updated = table.Column(type: "datetime2", nullable: true), - LastAccessed = table.Column(type: "datetime2", nullable: true), - NonEditable = table.Column(type: "bit", nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_IdentityProviders", x => x.Id); - }); - - migrationBuilder.CreateTable( - name: "IdentityResources", - columns: table => new - { - Id = table.Column(type: "int", nullable: false) - .Annotation("SqlServer:Identity", "1, 1"), - Enabled = table.Column(type: "bit", nullable: false), - Name = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false), - DisplayName = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: true), - Description = table.Column(type: "nvarchar(1000)", maxLength: 1000, nullable: true), - Required = table.Column(type: "bit", nullable: false), - Emphasize = table.Column(type: "bit", nullable: false), - ShowInDiscoveryDocument = table.Column(type: "bit", nullable: false), - Created = table.Column(type: "datetime2", nullable: false), - Updated = table.Column(type: "datetime2", nullable: true), - NonEditable = table.Column(type: "bit", nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_IdentityResources", x => x.Id); - }); - - migrationBuilder.CreateTable( - name: "ApiResourceClaims", - columns: table => new - { - Id = table.Column(type: "int", nullable: false) - .Annotation("SqlServer:Identity", "1, 1"), - ApiResourceId = table.Column(type: "int", nullable: false), - Type = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_ApiResourceClaims", x => x.Id); - table.ForeignKey( - name: "FK_ApiResourceClaims_ApiResources_ApiResourceId", - column: x => x.ApiResourceId, - principalTable: "ApiResources", - principalColumn: "Id", - onDelete: ReferentialAction.Cascade); - }); - - migrationBuilder.CreateTable( - name: "ApiResourceProperties", - columns: table => new - { - Id = table.Column(type: "int", nullable: false) - .Annotation("SqlServer:Identity", "1, 1"), - ApiResourceId = table.Column(type: "int", nullable: false), - Key = table.Column(type: "nvarchar(250)", maxLength: 250, nullable: false), - Value = table.Column(type: "nvarchar(2000)", maxLength: 2000, nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_ApiResourceProperties", x => x.Id); - table.ForeignKey( - name: "FK_ApiResourceProperties_ApiResources_ApiResourceId", - column: x => x.ApiResourceId, - principalTable: "ApiResources", - principalColumn: "Id", - onDelete: ReferentialAction.Cascade); - }); - - migrationBuilder.CreateTable( - name: "ApiResourceScopes", - columns: table => new - { - Id = table.Column(type: "int", nullable: false) - .Annotation("SqlServer:Identity", "1, 1"), - Scope = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false), - ApiResourceId = table.Column(type: "int", nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_ApiResourceScopes", x => x.Id); - table.ForeignKey( - name: "FK_ApiResourceScopes_ApiResources_ApiResourceId", - column: x => x.ApiResourceId, - principalTable: "ApiResources", - principalColumn: "Id", - onDelete: ReferentialAction.Cascade); - }); - - migrationBuilder.CreateTable( - name: "ApiResourceSecrets", - columns: table => new - { - Id = table.Column(type: "int", nullable: false) - .Annotation("SqlServer:Identity", "1, 1"), - ApiResourceId = table.Column(type: "int", nullable: false), - Description = table.Column(type: "nvarchar(1000)", maxLength: 1000, nullable: true), - Value = table.Column(type: "nvarchar(4000)", maxLength: 4000, nullable: false), - Expiration = table.Column(type: "datetime2", nullable: true), - Type = table.Column(type: "nvarchar(250)", maxLength: 250, nullable: false), - Created = table.Column(type: "datetime2", nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_ApiResourceSecrets", x => x.Id); - table.ForeignKey( - name: "FK_ApiResourceSecrets_ApiResources_ApiResourceId", - column: x => x.ApiResourceId, - principalTable: "ApiResources", - principalColumn: "Id", - onDelete: ReferentialAction.Cascade); - }); - - migrationBuilder.CreateTable( - name: "ApiScopeClaims", - columns: table => new - { - Id = table.Column(type: "int", nullable: false) - .Annotation("SqlServer:Identity", "1, 1"), - ScopeId = table.Column(type: "int", nullable: false), - Type = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_ApiScopeClaims", x => x.Id); - table.ForeignKey( - name: "FK_ApiScopeClaims_ApiScopes_ScopeId", - column: x => x.ScopeId, - principalTable: "ApiScopes", - principalColumn: "Id", - onDelete: ReferentialAction.Cascade); - }); - - migrationBuilder.CreateTable( - name: "ApiScopeProperties", - columns: table => new - { - Id = table.Column(type: "int", nullable: false) - .Annotation("SqlServer:Identity", "1, 1"), - ScopeId = table.Column(type: "int", nullable: false), - Key = table.Column(type: "nvarchar(250)", maxLength: 250, nullable: false), - Value = table.Column(type: "nvarchar(2000)", maxLength: 2000, nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_ApiScopeProperties", x => x.Id); - table.ForeignKey( - name: "FK_ApiScopeProperties_ApiScopes_ScopeId", - column: x => x.ScopeId, - principalTable: "ApiScopes", - principalColumn: "Id", - onDelete: ReferentialAction.Cascade); - }); - - migrationBuilder.CreateTable( - name: "ClientClaims", - columns: table => new - { - Id = table.Column(type: "int", nullable: false) - .Annotation("SqlServer:Identity", "1, 1"), - Type = table.Column(type: "nvarchar(250)", maxLength: 250, nullable: false), - Value = table.Column(type: "nvarchar(250)", maxLength: 250, nullable: false), - ClientId = table.Column(type: "int", nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_ClientClaims", x => x.Id); - table.ForeignKey( - name: "FK_ClientClaims_Clients_ClientId", - column: x => x.ClientId, - principalTable: "Clients", - principalColumn: "Id", - onDelete: ReferentialAction.Cascade); - }); - - migrationBuilder.CreateTable( - name: "ClientCorsOrigins", - columns: table => new - { - Id = table.Column(type: "int", nullable: false) - .Annotation("SqlServer:Identity", "1, 1"), - Origin = table.Column(type: "nvarchar(150)", maxLength: 150, nullable: false), - ClientId = table.Column(type: "int", nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_ClientCorsOrigins", x => x.Id); - table.ForeignKey( - name: "FK_ClientCorsOrigins_Clients_ClientId", - column: x => x.ClientId, - principalTable: "Clients", - principalColumn: "Id", - onDelete: ReferentialAction.Cascade); - }); - - migrationBuilder.CreateTable( - name: "ClientGrantTypes", - columns: table => new - { - Id = table.Column(type: "int", nullable: false) - .Annotation("SqlServer:Identity", "1, 1"), - GrantType = table.Column(type: "nvarchar(250)", maxLength: 250, nullable: false), - ClientId = table.Column(type: "int", nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_ClientGrantTypes", x => x.Id); - table.ForeignKey( - name: "FK_ClientGrantTypes_Clients_ClientId", - column: x => x.ClientId, - principalTable: "Clients", - principalColumn: "Id", - onDelete: ReferentialAction.Cascade); - }); - - migrationBuilder.CreateTable( - name: "ClientIdPRestrictions", - columns: table => new - { - Id = table.Column(type: "int", nullable: false) - .Annotation("SqlServer:Identity", "1, 1"), - Provider = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false), - ClientId = table.Column(type: "int", nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_ClientIdPRestrictions", x => x.Id); - table.ForeignKey( - name: "FK_ClientIdPRestrictions_Clients_ClientId", - column: x => x.ClientId, - principalTable: "Clients", - principalColumn: "Id", - onDelete: ReferentialAction.Cascade); - }); - - migrationBuilder.CreateTable( - name: "ClientPostLogoutRedirectUris", - columns: table => new - { - Id = table.Column(type: "int", nullable: false) - .Annotation("SqlServer:Identity", "1, 1"), - PostLogoutRedirectUri = table.Column(type: "nvarchar(400)", maxLength: 400, nullable: false), - ClientId = table.Column(type: "int", nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_ClientPostLogoutRedirectUris", x => x.Id); - table.ForeignKey( - name: "FK_ClientPostLogoutRedirectUris_Clients_ClientId", - column: x => x.ClientId, - principalTable: "Clients", - principalColumn: "Id", - onDelete: ReferentialAction.Cascade); - }); - - migrationBuilder.CreateTable( - name: "ClientProperties", - columns: table => new - { - Id = table.Column(type: "int", nullable: false) - .Annotation("SqlServer:Identity", "1, 1"), - ClientId = table.Column(type: "int", nullable: false), - Key = table.Column(type: "nvarchar(250)", maxLength: 250, nullable: false), - Value = table.Column(type: "nvarchar(2000)", maxLength: 2000, nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_ClientProperties", x => x.Id); - table.ForeignKey( - name: "FK_ClientProperties_Clients_ClientId", - column: x => x.ClientId, - principalTable: "Clients", - principalColumn: "Id", - onDelete: ReferentialAction.Cascade); - }); - - migrationBuilder.CreateTable( - name: "ClientRedirectUris", - columns: table => new - { - Id = table.Column(type: "int", nullable: false) - .Annotation("SqlServer:Identity", "1, 1"), - RedirectUri = table.Column(type: "nvarchar(400)", maxLength: 400, nullable: false), - ClientId = table.Column(type: "int", nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_ClientRedirectUris", x => x.Id); - table.ForeignKey( - name: "FK_ClientRedirectUris_Clients_ClientId", - column: x => x.ClientId, - principalTable: "Clients", - principalColumn: "Id", - onDelete: ReferentialAction.Cascade); - }); - - migrationBuilder.CreateTable( - name: "ClientScopes", - columns: table => new - { - Id = table.Column(type: "int", nullable: false) - .Annotation("SqlServer:Identity", "1, 1"), - Scope = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false), - ClientId = table.Column(type: "int", nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_ClientScopes", x => x.Id); - table.ForeignKey( - name: "FK_ClientScopes_Clients_ClientId", - column: x => x.ClientId, - principalTable: "Clients", - principalColumn: "Id", - onDelete: ReferentialAction.Cascade); - }); - - migrationBuilder.CreateTable( - name: "ClientSecrets", - columns: table => new - { - Id = table.Column(type: "int", nullable: false) - .Annotation("SqlServer:Identity", "1, 1"), - ClientId = table.Column(type: "int", nullable: false), - Description = table.Column(type: "nvarchar(2000)", maxLength: 2000, nullable: true), - Value = table.Column(type: "nvarchar(4000)", maxLength: 4000, nullable: false), - Expiration = table.Column(type: "datetime2", nullable: true), - Type = table.Column(type: "nvarchar(250)", maxLength: 250, nullable: false), - Created = table.Column(type: "datetime2", nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_ClientSecrets", x => x.Id); - table.ForeignKey( - name: "FK_ClientSecrets_Clients_ClientId", - column: x => x.ClientId, - principalTable: "Clients", - principalColumn: "Id", - onDelete: ReferentialAction.Cascade); - }); - - migrationBuilder.CreateTable( - name: "IdentityResourceClaims", - columns: table => new - { - Id = table.Column(type: "int", nullable: false) - .Annotation("SqlServer:Identity", "1, 1"), - IdentityResourceId = table.Column(type: "int", nullable: false), - Type = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_IdentityResourceClaims", x => x.Id); - table.ForeignKey( - name: "FK_IdentityResourceClaims_IdentityResources_IdentityResourceId", - column: x => x.IdentityResourceId, - principalTable: "IdentityResources", - principalColumn: "Id", - onDelete: ReferentialAction.Cascade); - }); - - migrationBuilder.CreateTable( - name: "IdentityResourceProperties", - columns: table => new - { - Id = table.Column(type: "int", nullable: false) - .Annotation("SqlServer:Identity", "1, 1"), - IdentityResourceId = table.Column(type: "int", nullable: false), - Key = table.Column(type: "nvarchar(250)", maxLength: 250, nullable: false), - Value = table.Column(type: "nvarchar(2000)", maxLength: 2000, nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_IdentityResourceProperties", x => x.Id); - table.ForeignKey( - name: "FK_IdentityResourceProperties_IdentityResources_IdentityResourceId", - column: x => x.IdentityResourceId, - principalTable: "IdentityResources", - principalColumn: "Id", - onDelete: ReferentialAction.Cascade); - }); - - migrationBuilder.CreateIndex( - name: "IX_ApiResourceClaims_ApiResourceId_Type", - table: "ApiResourceClaims", - columns: new[] { "ApiResourceId", "Type" }, - unique: true); - - migrationBuilder.CreateIndex( - name: "IX_ApiResourceProperties_ApiResourceId_Key", - table: "ApiResourceProperties", - columns: new[] { "ApiResourceId", "Key" }, - unique: true); - - migrationBuilder.CreateIndex( - name: "IX_ApiResources_Name", - table: "ApiResources", - column: "Name", - unique: true); - - migrationBuilder.CreateIndex( - name: "IX_ApiResourceScopes_ApiResourceId_Scope", - table: "ApiResourceScopes", - columns: new[] { "ApiResourceId", "Scope" }, - unique: true); - - migrationBuilder.CreateIndex( - name: "IX_ApiResourceSecrets_ApiResourceId", - table: "ApiResourceSecrets", - column: "ApiResourceId"); - - migrationBuilder.CreateIndex( - name: "IX_ApiScopeClaims_ScopeId_Type", - table: "ApiScopeClaims", - columns: new[] { "ScopeId", "Type" }, - unique: true); - - migrationBuilder.CreateIndex( - name: "IX_ApiScopeProperties_ScopeId_Key", - table: "ApiScopeProperties", - columns: new[] { "ScopeId", "Key" }, - unique: true); - - migrationBuilder.CreateIndex( - name: "IX_ApiScopes_Name", - table: "ApiScopes", - column: "Name", - unique: true); - - migrationBuilder.CreateIndex( - name: "IX_ClientClaims_ClientId_Type_Value", - table: "ClientClaims", - columns: new[] { "ClientId", "Type", "Value" }, - unique: true); - - migrationBuilder.CreateIndex( - name: "IX_ClientCorsOrigins_ClientId_Origin", - table: "ClientCorsOrigins", - columns: new[] { "ClientId", "Origin" }, - unique: true); - - migrationBuilder.CreateIndex( - name: "IX_ClientGrantTypes_ClientId_GrantType", - table: "ClientGrantTypes", - columns: new[] { "ClientId", "GrantType" }, - unique: true); - - migrationBuilder.CreateIndex( - name: "IX_ClientIdPRestrictions_ClientId_Provider", - table: "ClientIdPRestrictions", - columns: new[] { "ClientId", "Provider" }, - unique: true); - - migrationBuilder.CreateIndex( - name: "IX_ClientPostLogoutRedirectUris_ClientId_PostLogoutRedirectUri", - table: "ClientPostLogoutRedirectUris", - columns: new[] { "ClientId", "PostLogoutRedirectUri" }, - unique: true); - - migrationBuilder.CreateIndex( - name: "IX_ClientProperties_ClientId_Key", - table: "ClientProperties", - columns: new[] { "ClientId", "Key" }, - unique: true); - - migrationBuilder.CreateIndex( - name: "IX_ClientRedirectUris_ClientId_RedirectUri", - table: "ClientRedirectUris", - columns: new[] { "ClientId", "RedirectUri" }, - unique: true); - - migrationBuilder.CreateIndex( - name: "IX_Clients_ClientId", - table: "Clients", - column: "ClientId", - unique: true); - - migrationBuilder.CreateIndex( - name: "IX_ClientScopes_ClientId_Scope", - table: "ClientScopes", - columns: new[] { "ClientId", "Scope" }, - unique: true); - - migrationBuilder.CreateIndex( - name: "IX_ClientSecrets_ClientId", - table: "ClientSecrets", - column: "ClientId"); - - migrationBuilder.CreateIndex( - name: "IX_IdentityProviders_Scheme", - table: "IdentityProviders", - column: "Scheme", - unique: true); - - migrationBuilder.CreateIndex( - name: "IX_IdentityResourceClaims_IdentityResourceId_Type", - table: "IdentityResourceClaims", - columns: new[] { "IdentityResourceId", "Type" }, - unique: true); - - migrationBuilder.CreateIndex( - name: "IX_IdentityResourceProperties_IdentityResourceId_Key", - table: "IdentityResourceProperties", - columns: new[] { "IdentityResourceId", "Key" }, - unique: true); - - migrationBuilder.CreateIndex( - name: "IX_IdentityResources_Name", - table: "IdentityResources", - column: "Name", - unique: true); - } - - protected override void Down(MigrationBuilder migrationBuilder) - { - migrationBuilder.DropTable( - name: "ApiResourceClaims"); - - migrationBuilder.DropTable( - name: "ApiResourceProperties"); - - migrationBuilder.DropTable( - name: "ApiResourceScopes"); - - migrationBuilder.DropTable( - name: "ApiResourceSecrets"); - - migrationBuilder.DropTable( - name: "ApiScopeClaims"); - - migrationBuilder.DropTable( - name: "ApiScopeProperties"); - - migrationBuilder.DropTable( - name: "ClientClaims"); - - migrationBuilder.DropTable( - name: "ClientCorsOrigins"); - - migrationBuilder.DropTable( - name: "ClientGrantTypes"); - - migrationBuilder.DropTable( - name: "ClientIdPRestrictions"); - - migrationBuilder.DropTable( - name: "ClientPostLogoutRedirectUris"); - - migrationBuilder.DropTable( - name: "ClientProperties"); - - migrationBuilder.DropTable( - name: "ClientRedirectUris"); - - migrationBuilder.DropTable( - name: "ClientScopes"); - - migrationBuilder.DropTable( - name: "ClientSecrets"); - - migrationBuilder.DropTable( - name: "IdentityProviders"); - - migrationBuilder.DropTable( - name: "IdentityResourceClaims"); - - migrationBuilder.DropTable( - name: "IdentityResourceProperties"); - - migrationBuilder.DropTable( - name: "ApiResources"); - - migrationBuilder.DropTable( - name: "ApiScopes"); - - migrationBuilder.DropTable( - name: "Clients"); - - migrationBuilder.DropTable( - name: "IdentityResources"); - } - } -} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Migrations/ConfigurationDb/ConfigurationDbContextModelSnapshot.cs b/src/Services/Identity/Identity.API/Migrations/ConfigurationDb/ConfigurationDbContextModelSnapshot.cs deleted file mode 100644 index 55aef548d..000000000 --- a/src/Services/Identity/Identity.API/Migrations/ConfigurationDb/ConfigurationDbContextModelSnapshot.cs +++ /dev/null @@ -1,1094 +0,0 @@ -// -using System; -using Duende.IdentityServer.EntityFramework.DbContexts; -using Microsoft.EntityFrameworkCore; -using Microsoft.EntityFrameworkCore.Infrastructure; -using Microsoft.EntityFrameworkCore.Metadata; -using Microsoft.EntityFrameworkCore.Storage.ValueConversion; - -#nullable disable - -namespace Identity.API.Migrations.ConfigurationDb -{ - [DbContext(typeof(ConfigurationDbContext))] - partial class ConfigurationDbContextModelSnapshot : ModelSnapshot - { - protected override void BuildModel(ModelBuilder modelBuilder) - { -#pragma warning disable 612, 618 - modelBuilder - .HasAnnotation("ProductVersion", "6.2.0") - .HasAnnotation("Relational:MaxIdentifierLength", 128); - - SqlServerModelBuilderExtensions.UseIdentityColumns(modelBuilder, 1L, 1); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResource", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("AllowedAccessTokenSigningAlgorithms") - .HasMaxLength(100) - .HasColumnType("nvarchar(100)"); - - b.Property("Created") - .HasColumnType("datetime2"); - - b.Property("Description") - .HasMaxLength(1000) - .HasColumnType("nvarchar(1000)"); - - b.Property("DisplayName") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("Enabled") - .HasColumnType("bit"); - - b.Property("LastAccessed") - .HasColumnType("datetime2"); - - b.Property("Name") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("NonEditable") - .HasColumnType("bit"); - - b.Property("RequireResourceIndicator") - .HasColumnType("bit"); - - b.Property("ShowInDiscoveryDocument") - .HasColumnType("bit"); - - b.Property("Updated") - .HasColumnType("datetime2"); - - b.HasKey("Id"); - - b.HasIndex("Name") - .IsUnique(); - - b.ToTable("ApiResources", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceClaim", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ApiResourceId") - .HasColumnType("int"); - - b.Property("Type") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.HasKey("Id"); - - b.HasIndex("ApiResourceId", "Type") - .IsUnique(); - - b.ToTable("ApiResourceClaims", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceProperty", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ApiResourceId") - .HasColumnType("int"); - - b.Property("Key") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); - - b.Property("Value") - .IsRequired() - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.HasKey("Id"); - - b.HasIndex("ApiResourceId", "Key") - .IsUnique(); - - b.ToTable("ApiResourceProperties", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceScope", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ApiResourceId") - .HasColumnType("int"); - - b.Property("Scope") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.HasKey("Id"); - - b.HasIndex("ApiResourceId", "Scope") - .IsUnique(); - - b.ToTable("ApiResourceScopes", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceSecret", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ApiResourceId") - .HasColumnType("int"); - - b.Property("Created") - .HasColumnType("datetime2"); - - b.Property("Description") - .HasMaxLength(1000) - .HasColumnType("nvarchar(1000)"); - - b.Property("Expiration") - .HasColumnType("datetime2"); - - b.Property("Type") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); - - b.Property("Value") - .IsRequired() - .HasMaxLength(4000) - .HasColumnType("nvarchar(4000)"); - - b.HasKey("Id"); - - b.HasIndex("ApiResourceId"); - - b.ToTable("ApiResourceSecrets", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiScope", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("Created") - .HasColumnType("datetime2"); - - b.Property("Description") - .HasMaxLength(1000) - .HasColumnType("nvarchar(1000)"); - - b.Property("DisplayName") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("Emphasize") - .HasColumnType("bit"); - - b.Property("Enabled") - .HasColumnType("bit"); - - b.Property("LastAccessed") - .HasColumnType("datetime2"); - - b.Property("Name") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("NonEditable") - .HasColumnType("bit"); - - b.Property("Required") - .HasColumnType("bit"); - - b.Property("ShowInDiscoveryDocument") - .HasColumnType("bit"); - - b.Property("Updated") - .HasColumnType("datetime2"); - - b.HasKey("Id"); - - b.HasIndex("Name") - .IsUnique(); - - b.ToTable("ApiScopes", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiScopeClaim", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ScopeId") - .HasColumnType("int"); - - b.Property("Type") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.HasKey("Id"); - - b.HasIndex("ScopeId", "Type") - .IsUnique(); - - b.ToTable("ApiScopeClaims", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiScopeProperty", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("Key") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); - - b.Property("ScopeId") - .HasColumnType("int"); - - b.Property("Value") - .IsRequired() - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.HasKey("Id"); - - b.HasIndex("ScopeId", "Key") - .IsUnique(); - - b.ToTable("ApiScopeProperties", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.Client", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("AbsoluteRefreshTokenLifetime") - .HasColumnType("int"); - - b.Property("AccessTokenLifetime") - .HasColumnType("int"); - - b.Property("AccessTokenType") - .HasColumnType("int"); - - b.Property("AllowAccessTokensViaBrowser") - .HasColumnType("bit"); - - b.Property("AllowOfflineAccess") - .HasColumnType("bit"); - - b.Property("AllowPlainTextPkce") - .HasColumnType("bit"); - - b.Property("AllowRememberConsent") - .HasColumnType("bit"); - - b.Property("AllowedIdentityTokenSigningAlgorithms") - .HasMaxLength(100) - .HasColumnType("nvarchar(100)"); - - b.Property("AlwaysIncludeUserClaimsInIdToken") - .HasColumnType("bit"); - - b.Property("AlwaysSendClientClaims") - .HasColumnType("bit"); - - b.Property("AuthorizationCodeLifetime") - .HasColumnType("int"); - - b.Property("BackChannelLogoutSessionRequired") - .HasColumnType("bit"); - - b.Property("BackChannelLogoutUri") - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.Property("CibaLifetime") - .HasColumnType("int"); - - b.Property("ClientClaimsPrefix") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("ClientId") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("ClientName") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("ClientUri") - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.Property("ConsentLifetime") - .HasColumnType("int"); - - b.Property("CoordinateLifetimeWithUserSession") - .HasColumnType("bit"); - - b.Property("Created") - .HasColumnType("datetime2"); - - b.Property("Description") - .HasMaxLength(1000) - .HasColumnType("nvarchar(1000)"); - - b.Property("DeviceCodeLifetime") - .HasColumnType("int"); - - b.Property("EnableLocalLogin") - .HasColumnType("bit"); - - b.Property("Enabled") - .HasColumnType("bit"); - - b.Property("FrontChannelLogoutSessionRequired") - .HasColumnType("bit"); - - b.Property("FrontChannelLogoutUri") - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.Property("IdentityTokenLifetime") - .HasColumnType("int"); - - b.Property("IncludeJwtId") - .HasColumnType("bit"); - - b.Property("LastAccessed") - .HasColumnType("datetime2"); - - b.Property("LogoUri") - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.Property("NonEditable") - .HasColumnType("bit"); - - b.Property("PairWiseSubjectSalt") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("PollingInterval") - .HasColumnType("int"); - - b.Property("ProtocolType") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("RefreshTokenExpiration") - .HasColumnType("int"); - - b.Property("RefreshTokenUsage") - .HasColumnType("int"); - - b.Property("RequireClientSecret") - .HasColumnType("bit"); - - b.Property("RequireConsent") - .HasColumnType("bit"); - - b.Property("RequirePkce") - .HasColumnType("bit"); - - b.Property("RequireRequestObject") - .HasColumnType("bit"); - - b.Property("SlidingRefreshTokenLifetime") - .HasColumnType("int"); - - b.Property("UpdateAccessTokenClaimsOnRefresh") - .HasColumnType("bit"); - - b.Property("Updated") - .HasColumnType("datetime2"); - - b.Property("UserCodeType") - .HasMaxLength(100) - .HasColumnType("nvarchar(100)"); - - b.Property("UserSsoLifetime") - .HasColumnType("int"); - - b.HasKey("Id"); - - b.HasIndex("ClientId") - .IsUnique(); - - b.ToTable("Clients", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientClaim", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ClientId") - .HasColumnType("int"); - - b.Property("Type") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); - - b.Property("Value") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); - - b.HasKey("Id"); - - b.HasIndex("ClientId", "Type", "Value") - .IsUnique(); - - b.ToTable("ClientClaims", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientCorsOrigin", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ClientId") - .HasColumnType("int"); - - b.Property("Origin") - .IsRequired() - .HasMaxLength(150) - .HasColumnType("nvarchar(150)"); - - b.HasKey("Id"); - - b.HasIndex("ClientId", "Origin") - .IsUnique(); - - b.ToTable("ClientCorsOrigins", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientGrantType", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ClientId") - .HasColumnType("int"); - - b.Property("GrantType") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); - - b.HasKey("Id"); - - b.HasIndex("ClientId", "GrantType") - .IsUnique(); - - b.ToTable("ClientGrantTypes", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientIdPRestriction", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ClientId") - .HasColumnType("int"); - - b.Property("Provider") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.HasKey("Id"); - - b.HasIndex("ClientId", "Provider") - .IsUnique(); - - b.ToTable("ClientIdPRestrictions", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientPostLogoutRedirectUri", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ClientId") - .HasColumnType("int"); - - b.Property("PostLogoutRedirectUri") - .IsRequired() - .HasMaxLength(400) - .HasColumnType("nvarchar(400)"); - - b.HasKey("Id"); - - b.HasIndex("ClientId", "PostLogoutRedirectUri") - .IsUnique(); - - b.ToTable("ClientPostLogoutRedirectUris", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientProperty", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ClientId") - .HasColumnType("int"); - - b.Property("Key") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); - - b.Property("Value") - .IsRequired() - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.HasKey("Id"); - - b.HasIndex("ClientId", "Key") - .IsUnique(); - - b.ToTable("ClientProperties", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientRedirectUri", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ClientId") - .HasColumnType("int"); - - b.Property("RedirectUri") - .IsRequired() - .HasMaxLength(400) - .HasColumnType("nvarchar(400)"); - - b.HasKey("Id"); - - b.HasIndex("ClientId", "RedirectUri") - .IsUnique(); - - b.ToTable("ClientRedirectUris", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientScope", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ClientId") - .HasColumnType("int"); - - b.Property("Scope") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.HasKey("Id"); - - b.HasIndex("ClientId", "Scope") - .IsUnique(); - - b.ToTable("ClientScopes", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientSecret", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ClientId") - .HasColumnType("int"); - - b.Property("Created") - .HasColumnType("datetime2"); - - b.Property("Description") - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.Property("Expiration") - .HasColumnType("datetime2"); - - b.Property("Type") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); - - b.Property("Value") - .IsRequired() - .HasMaxLength(4000) - .HasColumnType("nvarchar(4000)"); - - b.HasKey("Id"); - - b.HasIndex("ClientId"); - - b.ToTable("ClientSecrets", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityProvider", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("Created") - .HasColumnType("datetime2"); - - b.Property("DisplayName") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("Enabled") - .HasColumnType("bit"); - - b.Property("LastAccessed") - .HasColumnType("datetime2"); - - b.Property("NonEditable") - .HasColumnType("bit"); - - b.Property("Properties") - .HasColumnType("nvarchar(max)"); - - b.Property("Scheme") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("Type") - .IsRequired() - .HasMaxLength(20) - .HasColumnType("nvarchar(20)"); - - b.Property("Updated") - .HasColumnType("datetime2"); - - b.HasKey("Id"); - - b.HasIndex("Scheme") - .IsUnique(); - - b.ToTable("IdentityProviders", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityResource", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("Created") - .HasColumnType("datetime2"); - - b.Property("Description") - .HasMaxLength(1000) - .HasColumnType("nvarchar(1000)"); - - b.Property("DisplayName") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("Emphasize") - .HasColumnType("bit"); - - b.Property("Enabled") - .HasColumnType("bit"); - - b.Property("Name") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("NonEditable") - .HasColumnType("bit"); - - b.Property("Required") - .HasColumnType("bit"); - - b.Property("ShowInDiscoveryDocument") - .HasColumnType("bit"); - - b.Property("Updated") - .HasColumnType("datetime2"); - - b.HasKey("Id"); - - b.HasIndex("Name") - .IsUnique(); - - b.ToTable("IdentityResources", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityResourceClaim", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("IdentityResourceId") - .HasColumnType("int"); - - b.Property("Type") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.HasKey("Id"); - - b.HasIndex("IdentityResourceId", "Type") - .IsUnique(); - - b.ToTable("IdentityResourceClaims", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityResourceProperty", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("IdentityResourceId") - .HasColumnType("int"); - - b.Property("Key") - .IsRequired() - .HasMaxLength(250) - .HasColumnType("nvarchar(250)"); - - b.Property("Value") - .IsRequired() - .HasMaxLength(2000) - .HasColumnType("nvarchar(2000)"); - - b.HasKey("Id"); - - b.HasIndex("IdentityResourceId", "Key") - .IsUnique(); - - b.ToTable("IdentityResourceProperties", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceClaim", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.ApiResource", "ApiResource") - .WithMany("UserClaims") - .HasForeignKey("ApiResourceId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("ApiResource"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceProperty", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.ApiResource", "ApiResource") - .WithMany("Properties") - .HasForeignKey("ApiResourceId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("ApiResource"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceScope", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.ApiResource", "ApiResource") - .WithMany("Scopes") - .HasForeignKey("ApiResourceId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("ApiResource"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResourceSecret", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.ApiResource", "ApiResource") - .WithMany("Secrets") - .HasForeignKey("ApiResourceId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("ApiResource"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiScopeClaim", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.ApiScope", "Scope") - .WithMany("UserClaims") - .HasForeignKey("ScopeId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Scope"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiScopeProperty", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.ApiScope", "Scope") - .WithMany("Properties") - .HasForeignKey("ScopeId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Scope"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientClaim", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") - .WithMany("Claims") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientCorsOrigin", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") - .WithMany("AllowedCorsOrigins") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientGrantType", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") - .WithMany("AllowedGrantTypes") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientIdPRestriction", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") - .WithMany("IdentityProviderRestrictions") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientPostLogoutRedirectUri", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") - .WithMany("PostLogoutRedirectUris") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientProperty", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") - .WithMany("Properties") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientRedirectUri", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") - .WithMany("RedirectUris") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientScope", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") - .WithMany("AllowedScopes") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ClientSecret", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.Client", "Client") - .WithMany("ClientSecrets") - .HasForeignKey("ClientId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("Client"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityResourceClaim", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.IdentityResource", "IdentityResource") - .WithMany("UserClaims") - .HasForeignKey("IdentityResourceId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("IdentityResource"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityResourceProperty", b => - { - b.HasOne("Duende.IdentityServer.EntityFramework.Entities.IdentityResource", "IdentityResource") - .WithMany("Properties") - .HasForeignKey("IdentityResourceId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); - - b.Navigation("IdentityResource"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiResource", b => - { - b.Navigation("Properties"); - - b.Navigation("Scopes"); - - b.Navigation("Secrets"); - - b.Navigation("UserClaims"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ApiScope", b => - { - b.Navigation("Properties"); - - b.Navigation("UserClaims"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.Client", b => - { - b.Navigation("AllowedCorsOrigins"); - - b.Navigation("AllowedGrantTypes"); - - b.Navigation("AllowedScopes"); - - b.Navigation("Claims"); - - b.Navigation("ClientSecrets"); - - b.Navigation("IdentityProviderRestrictions"); - - b.Navigation("PostLogoutRedirectUris"); - - b.Navigation("Properties"); - - b.Navigation("RedirectUris"); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.IdentityResource", b => - { - b.Navigation("Properties"); - - b.Navigation("UserClaims"); - }); -#pragma warning restore 612, 618 - } - } -} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20220324152905_InitialPersistedGrantDbMigration.Designer.cs b/src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20220324152905_InitialPersistedGrantDbMigration.Designer.cs deleted file mode 100644 index c8adfecef..000000000 --- a/src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20220324152905_InitialPersistedGrantDbMigration.Designer.cs +++ /dev/null @@ -1,240 +0,0 @@ -// -using System; -using Duende.IdentityServer.EntityFramework.DbContexts; -using Microsoft.EntityFrameworkCore; -using Microsoft.EntityFrameworkCore.Infrastructure; -using Microsoft.EntityFrameworkCore.Metadata; -using Microsoft.EntityFrameworkCore.Migrations; -using Microsoft.EntityFrameworkCore.Storage.ValueConversion; - -#nullable disable - -namespace Identity.API.Migrations.PersistedGrantDb -{ - [DbContext(typeof(PersistedGrantDbContext))] - [Migration("20220324152905_Grants")] - partial class Grants - { - protected override void BuildTargetModel(ModelBuilder modelBuilder) - { -#pragma warning disable 612, 618 - modelBuilder - .HasAnnotation("ProductVersion", "6.0.0") - .HasAnnotation("Relational:MaxIdentifierLength", 128); - - SqlServerModelBuilderExtensions.UseIdentityColumns(modelBuilder, 1L, 1); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.DeviceFlowCodes", b => - { - b.Property("UserCode") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("ClientId") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("CreationTime") - .HasColumnType("datetime2"); - - b.Property("Data") - .IsRequired() - .HasMaxLength(50000) - .HasColumnType("nvarchar(max)"); - - b.Property("Description") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("DeviceCode") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("Expiration") - .IsRequired() - .HasColumnType("datetime2"); - - b.Property("SessionId") - .HasMaxLength(100) - .HasColumnType("nvarchar(100)"); - - b.Property("SubjectId") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.HasKey("UserCode"); - - b.HasIndex("DeviceCode") - .IsUnique(); - - b.HasIndex("Expiration"); - - b.ToTable("DeviceCodes", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.Key", b => - { - b.Property("Id") - .HasColumnType("nvarchar(450)"); - - b.Property("Algorithm") - .IsRequired() - .HasMaxLength(100) - .HasColumnType("nvarchar(100)"); - - b.Property("Created") - .HasColumnType("datetime2"); - - b.Property("Data") - .IsRequired() - .HasColumnType("nvarchar(max)"); - - b.Property("DataProtected") - .HasColumnType("bit"); - - b.Property("IsX509Certificate") - .HasColumnType("bit"); - - b.Property("Use") - .HasColumnType("nvarchar(450)"); - - b.Property("Version") - .HasColumnType("int"); - - b.HasKey("Id"); - - b.HasIndex("Use"); - - b.ToTable("Keys", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.PersistedGrant", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("bigint"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ClientId") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("ConsumedTime") - .HasColumnType("datetime2"); - - b.Property("CreationTime") - .HasColumnType("datetime2"); - - b.Property("Data") - .IsRequired() - .HasMaxLength(50000) - .HasColumnType("nvarchar(max)"); - - b.Property("Description") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("Expiration") - .HasColumnType("datetime2"); - - b.Property("Key") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("SessionId") - .HasMaxLength(100) - .HasColumnType("nvarchar(100)"); - - b.Property("SubjectId") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("Type") - .IsRequired() - .HasMaxLength(50) - .HasColumnType("nvarchar(50)"); - - b.HasKey("Id"); - - b.HasIndex("ConsumedTime"); - - b.HasIndex("Expiration"); - - b.HasIndex("Key") - .IsUnique() - .HasFilter("[Key] IS NOT NULL"); - - b.HasIndex("SubjectId", "ClientId", "Type"); - - b.HasIndex("SubjectId", "SessionId", "Type"); - - b.ToTable("PersistedGrants", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ServerSideSession", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("Created") - .HasColumnType("datetime2"); - - b.Property("Data") - .IsRequired() - .HasColumnType("nvarchar(max)"); - - b.Property("DisplayName") - .HasMaxLength(100) - .HasColumnType("nvarchar(100)"); - - b.Property("Expires") - .HasColumnType("datetime2"); - - b.Property("Key") - .IsRequired() - .HasMaxLength(100) - .HasColumnType("nvarchar(100)"); - - b.Property("Renewed") - .HasColumnType("datetime2"); - - b.Property("Scheme") - .IsRequired() - .HasMaxLength(100) - .HasColumnType("nvarchar(100)"); - - b.Property("SessionId") - .HasMaxLength(100) - .HasColumnType("nvarchar(100)"); - - b.Property("SubjectId") - .IsRequired() - .HasMaxLength(100) - .HasColumnType("nvarchar(100)"); - - b.HasKey("Id"); - - b.HasIndex("DisplayName"); - - b.HasIndex("Expires"); - - b.HasIndex("Key") - .IsUnique(); - - b.HasIndex("SessionId"); - - b.HasIndex("SubjectId"); - - b.ToTable("ServerSideSessions", (string)null); - }); -#pragma warning restore 612, 618 - } - } -} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20220324152905_InitialPersistedGrantDbMigration.cs b/src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20220324152905_InitialPersistedGrantDbMigration.cs deleted file mode 100644 index 8fd5cf3fb..000000000 --- a/src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20220324152905_InitialPersistedGrantDbMigration.cs +++ /dev/null @@ -1,177 +0,0 @@ -using System; -using Microsoft.EntityFrameworkCore.Migrations; - -#nullable disable - -namespace Identity.API.Migrations.PersistedGrantDb -{ - public partial class Grants : Migration - { - protected override void Up(MigrationBuilder migrationBuilder) - { - migrationBuilder.CreateTable( - name: "DeviceCodes", - columns: table => new - { - UserCode = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false), - DeviceCode = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false), - SubjectId = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: true), - SessionId = table.Column(type: "nvarchar(100)", maxLength: 100, nullable: true), - ClientId = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false), - Description = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: true), - CreationTime = table.Column(type: "datetime2", nullable: false), - Expiration = table.Column(type: "datetime2", nullable: false), - Data = table.Column(type: "nvarchar(max)", maxLength: 50000, nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_DeviceCodes", x => x.UserCode); - }); - - migrationBuilder.CreateTable( - name: "Keys", - columns: table => new - { - Id = table.Column(type: "nvarchar(450)", nullable: false), - Version = table.Column(type: "int", nullable: false), - Created = table.Column(type: "datetime2", nullable: false), - Use = table.Column(type: "nvarchar(450)", nullable: true), - Algorithm = table.Column(type: "nvarchar(100)", maxLength: 100, nullable: false), - IsX509Certificate = table.Column(type: "bit", nullable: false), - DataProtected = table.Column(type: "bit", nullable: false), - Data = table.Column(type: "nvarchar(max)", nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_Keys", x => x.Id); - }); - - migrationBuilder.CreateTable( - name: "PersistedGrants", - columns: table => new - { - Id = table.Column(type: "bigint", nullable: false) - .Annotation("SqlServer:Identity", "1, 1"), - Key = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: true), - Type = table.Column(type: "nvarchar(50)", maxLength: 50, nullable: false), - SubjectId = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: true), - SessionId = table.Column(type: "nvarchar(100)", maxLength: 100, nullable: true), - ClientId = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: false), - Description = table.Column(type: "nvarchar(200)", maxLength: 200, nullable: true), - CreationTime = table.Column(type: "datetime2", nullable: false), - Expiration = table.Column(type: "datetime2", nullable: true), - ConsumedTime = table.Column(type: "datetime2", nullable: true), - Data = table.Column(type: "nvarchar(max)", maxLength: 50000, nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_PersistedGrants", x => x.Id); - }); - - migrationBuilder.CreateTable( - name: "ServerSideSessions", - columns: table => new - { - Id = table.Column(type: "int", nullable: false) - .Annotation("SqlServer:Identity", "1, 1"), - Key = table.Column(type: "nvarchar(100)", maxLength: 100, nullable: false), - Scheme = table.Column(type: "nvarchar(100)", maxLength: 100, nullable: false), - SubjectId = table.Column(type: "nvarchar(100)", maxLength: 100, nullable: false), - SessionId = table.Column(type: "nvarchar(100)", maxLength: 100, nullable: true), - DisplayName = table.Column(type: "nvarchar(100)", maxLength: 100, nullable: true), - Created = table.Column(type: "datetime2", nullable: false), - Renewed = table.Column(type: "datetime2", nullable: false), - Expires = table.Column(type: "datetime2", nullable: true), - Data = table.Column(type: "nvarchar(max)", nullable: false) - }, - constraints: table => - { - table.PrimaryKey("PK_ServerSideSessions", x => x.Id); - }); - - migrationBuilder.CreateIndex( - name: "IX_DeviceCodes_DeviceCode", - table: "DeviceCodes", - column: "DeviceCode", - unique: true); - - migrationBuilder.CreateIndex( - name: "IX_DeviceCodes_Expiration", - table: "DeviceCodes", - column: "Expiration"); - - migrationBuilder.CreateIndex( - name: "IX_Keys_Use", - table: "Keys", - column: "Use"); - - migrationBuilder.CreateIndex( - name: "IX_PersistedGrants_ConsumedTime", - table: "PersistedGrants", - column: "ConsumedTime"); - - migrationBuilder.CreateIndex( - name: "IX_PersistedGrants_Expiration", - table: "PersistedGrants", - column: "Expiration"); - - migrationBuilder.CreateIndex( - name: "IX_PersistedGrants_Key", - table: "PersistedGrants", - column: "Key", - unique: true, - filter: "[Key] IS NOT NULL"); - - migrationBuilder.CreateIndex( - name: "IX_PersistedGrants_SubjectId_ClientId_Type", - table: "PersistedGrants", - columns: new[] { "SubjectId", "ClientId", "Type" }); - - migrationBuilder.CreateIndex( - name: "IX_PersistedGrants_SubjectId_SessionId_Type", - table: "PersistedGrants", - columns: new[] { "SubjectId", "SessionId", "Type" }); - - migrationBuilder.CreateIndex( - name: "IX_ServerSideSessions_DisplayName", - table: "ServerSideSessions", - column: "DisplayName"); - - migrationBuilder.CreateIndex( - name: "IX_ServerSideSessions_Expires", - table: "ServerSideSessions", - column: "Expires"); - - migrationBuilder.CreateIndex( - name: "IX_ServerSideSessions_Key", - table: "ServerSideSessions", - column: "Key", - unique: true); - - migrationBuilder.CreateIndex( - name: "IX_ServerSideSessions_SessionId", - table: "ServerSideSessions", - column: "SessionId"); - - migrationBuilder.CreateIndex( - name: "IX_ServerSideSessions_SubjectId", - table: "ServerSideSessions", - column: "SubjectId"); - } - - protected override void Down(MigrationBuilder migrationBuilder) - { - migrationBuilder.DropTable( - name: "DeviceCodes"); - - migrationBuilder.DropTable( - name: "Keys"); - - migrationBuilder.DropTable( - name: "PersistedGrants"); - - migrationBuilder.DropTable( - name: "ServerSideSessions"); - } - } -} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/PersistedGrantDbContextModelSnapshot.cs b/src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/PersistedGrantDbContextModelSnapshot.cs deleted file mode 100644 index e6351064f..000000000 --- a/src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/PersistedGrantDbContextModelSnapshot.cs +++ /dev/null @@ -1,238 +0,0 @@ -// -using System; -using Duende.IdentityServer.EntityFramework.DbContexts; -using Microsoft.EntityFrameworkCore; -using Microsoft.EntityFrameworkCore.Infrastructure; -using Microsoft.EntityFrameworkCore.Metadata; -using Microsoft.EntityFrameworkCore.Storage.ValueConversion; - -#nullable disable - -namespace Identity.API.Migrations.PersistedGrantDb -{ - [DbContext(typeof(PersistedGrantDbContext))] - partial class PersistedGrantDbContextModelSnapshot : ModelSnapshot - { - protected override void BuildModel(ModelBuilder modelBuilder) - { -#pragma warning disable 612, 618 - modelBuilder - .HasAnnotation("ProductVersion", "6.2.0") - .HasAnnotation("Relational:MaxIdentifierLength", 128); - - SqlServerModelBuilderExtensions.UseIdentityColumns(modelBuilder, 1L, 1); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.DeviceFlowCodes", b => - { - b.Property("UserCode") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("ClientId") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("CreationTime") - .HasColumnType("datetime2"); - - b.Property("Data") - .IsRequired() - .HasMaxLength(50000) - .HasColumnType("nvarchar(max)"); - - b.Property("Description") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("DeviceCode") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("Expiration") - .IsRequired() - .HasColumnType("datetime2"); - - b.Property("SessionId") - .HasMaxLength(100) - .HasColumnType("nvarchar(100)"); - - b.Property("SubjectId") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.HasKey("UserCode"); - - b.HasIndex("DeviceCode") - .IsUnique(); - - b.HasIndex("Expiration"); - - b.ToTable("DeviceCodes", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.Key", b => - { - b.Property("Id") - .HasColumnType("nvarchar(450)"); - - b.Property("Algorithm") - .IsRequired() - .HasMaxLength(100) - .HasColumnType("nvarchar(100)"); - - b.Property("Created") - .HasColumnType("datetime2"); - - b.Property("Data") - .IsRequired() - .HasColumnType("nvarchar(max)"); - - b.Property("DataProtected") - .HasColumnType("bit"); - - b.Property("IsX509Certificate") - .HasColumnType("bit"); - - b.Property("Use") - .HasColumnType("nvarchar(450)"); - - b.Property("Version") - .HasColumnType("int"); - - b.HasKey("Id"); - - b.HasIndex("Use"); - - b.ToTable("Keys", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.PersistedGrant", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("bigint"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("ClientId") - .IsRequired() - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("ConsumedTime") - .HasColumnType("datetime2"); - - b.Property("CreationTime") - .HasColumnType("datetime2"); - - b.Property("Data") - .IsRequired() - .HasMaxLength(50000) - .HasColumnType("nvarchar(max)"); - - b.Property("Description") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("Expiration") - .HasColumnType("datetime2"); - - b.Property("Key") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("SessionId") - .HasMaxLength(100) - .HasColumnType("nvarchar(100)"); - - b.Property("SubjectId") - .HasMaxLength(200) - .HasColumnType("nvarchar(200)"); - - b.Property("Type") - .IsRequired() - .HasMaxLength(50) - .HasColumnType("nvarchar(50)"); - - b.HasKey("Id"); - - b.HasIndex("ConsumedTime"); - - b.HasIndex("Expiration"); - - b.HasIndex("Key") - .IsUnique() - .HasFilter("[Key] IS NOT NULL"); - - b.HasIndex("SubjectId", "ClientId", "Type"); - - b.HasIndex("SubjectId", "SessionId", "Type"); - - b.ToTable("PersistedGrants", (string)null); - }); - - modelBuilder.Entity("Duende.IdentityServer.EntityFramework.Entities.ServerSideSession", b => - { - b.Property("Id") - .ValueGeneratedOnAdd() - .HasColumnType("int"); - - SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id"), 1L, 1); - - b.Property("Created") - .HasColumnType("datetime2"); - - b.Property("Data") - .IsRequired() - .HasColumnType("nvarchar(max)"); - - b.Property("DisplayName") - .HasMaxLength(100) - .HasColumnType("nvarchar(100)"); - - b.Property("Expires") - .HasColumnType("datetime2"); - - b.Property("Key") - .IsRequired() - .HasMaxLength(100) - .HasColumnType("nvarchar(100)"); - - b.Property("Renewed") - .HasColumnType("datetime2"); - - b.Property("Scheme") - .IsRequired() - .HasMaxLength(100) - .HasColumnType("nvarchar(100)"); - - b.Property("SessionId") - .HasMaxLength(100) - .HasColumnType("nvarchar(100)"); - - b.Property("SubjectId") - .IsRequired() - .HasMaxLength(100) - .HasColumnType("nvarchar(100)"); - - b.HasKey("Id"); - - b.HasIndex("DisplayName"); - - b.HasIndex("Expires"); - - b.HasIndex("Key") - .IsUnique(); - - b.HasIndex("SessionId"); - - b.HasIndex("SubjectId"); - - b.ToTable("ServerSideSessions", (string)null); - }); -#pragma warning restore 612, 618 - } - } -} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Program.cs b/src/Services/Identity/Identity.API/Program.cs index 0f4d5dfee..5a2fd3976 100644 --- a/src/Services/Identity/Identity.API/Program.cs +++ b/src/Services/Identity/Identity.API/Program.cs @@ -1,71 +1,75 @@ -string Namespace = typeof(Startup).Namespace; -string AppName = Namespace.Substring(Namespace.LastIndexOf('.', Namespace.LastIndexOf('.') - 1) + 1); +var appName = "Identity.API"; +var builder = WebApplication.CreateBuilder(); -var configuration = GetConfiguration(); +builder.AddCustomConfiguration(); +builder.AddCustomSerilog(); +builder.AddCustomMvc(); +builder.AddCustomDatabase(); +builder.AddCustomIdentity(); +builder.AddCustomIdentityServer(); +builder.AddCustomAuthentication(); +builder.AddCustomHealthChecks(); +builder.AddCustomApplicationServices(); -Log.Logger = CreateSerilogLogger(configuration); +var app = builder.Build(); +if (app.Environment.IsDevelopment()) +{ + app.UseDeveloperExceptionPage(); +} + +var pathBase = builder.Configuration["PATH_BASE"]; +if (!string.IsNullOrEmpty(pathBase)) +{ + app.UsePathBase(pathBase); +} +app.UseStaticFiles(); + +// This cookie policy fixes login issues with Chrome 80+ using HHTP +app.UseCookiePolicy(new CookiePolicyOptions { MinimumSameSitePolicy = SameSiteMode.Lax }); + +app.UseRouting(); + +app.UseIdentityServer(); + + +app.UseAuthorization(); + +app.MapDefaultControllerRoute(); +app.MapHealthChecks("/hc", new HealthCheckOptions() +{ + Predicate = _ => true, + ResponseWriter = UIResponseWriter.WriteHealthCheckUIResponse +}); +app.MapHealthChecks("/liveness", new HealthCheckOptions +{ + Predicate = r => r.Name.Contains("self") +}); try { - Log.Information("Configuring web host ({ApplicationContext})...", AppName); - var host = BuildWebHost(configuration, args); - - Log.Information("Applying migrations ({ApplicationContext})...", AppName); - host.MigrateDbContext((_, __) => { }) - .MigrateDbContext((context, services) => - { - var env = services.GetService(); - var logger = services.GetService>(); - var settings = services.GetService>(); - - new ApplicationDbContextSeed() - .SeedAsync(context, env, logger, settings) - .Wait(); - }) - .MigrateDbContext((context, services) => - { - new ConfigurationDbContextSeed() - .SeedAsync(context, configuration) - .Wait(); - }); - - Log.Information("Starting web host ({ApplicationContext})...", AppName); - host.Run(); + app.Logger.LogInformation("Seeding database ({ApplicationName})...", appName); + + // Apply database migration automatically. Note that this approach is not + // recommended for production scenarios. Consider generating SQL scripts from + // migrations instead. + using (var scope = app.Services.CreateScope()) + { + await SeedData.EnsureSeedData(scope, app.Configuration, app.Logger); + } + + app.Logger.LogInformation("Starting web host ({ApplicationName})...", appName); + app.Run(); return 0; } catch (Exception ex) { - Log.Fatal(ex, "Program terminated unexpectedly ({ApplicationContext})!", AppName); + app.Logger.LogCritical(ex, "Host terminated unexpectedly ({ApplicationName})...", appName); return 1; } finally { - Log.CloseAndFlush(); -} - -IWebHost BuildWebHost(IConfiguration configuration, string[] args) => - WebHost.CreateDefaultBuilder(args) - .CaptureStartupErrors(false) - .ConfigureAppConfiguration(x => x.AddConfiguration(configuration)) - .UseStartup() - .UseContentRoot(Directory.GetCurrentDirectory()) - .UseSerilog() - .Build(); - -Serilog.ILogger CreateSerilogLogger(IConfiguration configuration) -{ - var seqServerUrl = configuration["Serilog:SeqServerUrl"]; - var logstashUrl = configuration["Serilog:LogstashgUrl"]; - return new LoggerConfiguration() - .MinimumLevel.Verbose() - .Enrich.WithProperty("ApplicationContext", AppName) - .Enrich.FromLogContext() - .WriteTo.Console() - .WriteTo.Seq(string.IsNullOrWhiteSpace(seqServerUrl) ? "http://seq" : seqServerUrl) - .WriteTo.Http(string.IsNullOrWhiteSpace(logstashUrl) ? "http://localhost:8080" : logstashUrl,null) - .ReadFrom.Configuration(configuration) - .CreateLogger(); + Serilog.Log.CloseAndFlush(); } IConfiguration GetConfiguration() diff --git a/src/Services/Identity/Identity.API/ProgramExtensions.cs b/src/Services/Identity/Identity.API/ProgramExtensions.cs new file mode 100644 index 000000000..c7b25b66c --- /dev/null +++ b/src/Services/Identity/Identity.API/ProgramExtensions.cs @@ -0,0 +1,117 @@ +using Serilog; + +namespace Microsoft.eShopOnContainers.Services.Identity.API; + +public static class ProgramExtensions +{ + private const string AppName = "Identity API"; + + public static void AddCustomConfiguration(this WebApplicationBuilder builder) + { + builder.Configuration.AddConfiguration(GetConfiguration()).Build(); + + } + + public static void AddCustomSerilog(this WebApplicationBuilder builder) + { + var seqServerUrl = builder.Configuration["SeqServerUrl"]; + var logstashUrl = builder.Configuration["LogstashgUrl"]; + + Log.Logger = new LoggerConfiguration() + .MinimumLevel.Verbose() + .Enrich.WithProperty("ApplicationContext", AppName) + .Enrich.FromLogContext() + .WriteTo.Console() + .WriteTo.Seq(string.IsNullOrWhiteSpace(seqServerUrl) ? "http://seq" : seqServerUrl) + .WriteTo.Http(string.IsNullOrWhiteSpace(logstashUrl) ? "http://localhost:8080" : logstashUrl, null) + .ReadFrom.Configuration(builder.Configuration) + .CreateLogger(); + + builder.Host.UseSerilog(); + } + + public static void AddCustomMvc(this WebApplicationBuilder builder) + { + builder.Services.AddControllersWithViews(); + builder.Services.AddControllers(); + builder.Services.AddRazorPages(); + + } + + + public static void AddCustomDatabase(this WebApplicationBuilder builder) => + builder.Services.AddDbContext( + options => options.UseSqlServer(builder.Configuration["ConnectionString"])); + + public static void AddCustomIdentity(this WebApplicationBuilder builder) + { + builder.Services.AddIdentity() + .AddEntityFrameworkStores() + .AddDefaultTokenProviders(); + } + + + public static void AddCustomIdentityServer(this WebApplicationBuilder builder) + { + var identityServerBuilder = builder.Services.AddIdentityServer(options => + { + options.IssuerUri = builder.Configuration["IssuerUrl"]; + options.Authentication.CookieLifetime = TimeSpan.FromHours(2); + + options.Events.RaiseErrorEvents = true; + options.Events.RaiseInformationEvents = true; + options.Events.RaiseFailureEvents = true; + options.Events.RaiseSuccessEvents = true; + }) + .AddInMemoryIdentityResources(Config.GetResources()) + .AddInMemoryApiScopes(Config.GetApiScopes()) + .AddInMemoryApiResources(Config.GetApis()) + .AddInMemoryClients(Config.GetClients(builder.Configuration)) + .AddAspNetIdentity(); + + // not recommended for production - you need to store your key material somewhere secure + identityServerBuilder.AddDeveloperSigningCredential(); + } + + public static void AddCustomAuthentication(this WebApplicationBuilder builder) + { + builder.Services.AddAuthentication(); + } + + public static void AddCustomHealthChecks(this WebApplicationBuilder builder) + { + builder.Services.AddHealthChecks() + .AddCheck("self", () => HealthCheckResult.Healthy()) + .AddSqlServer(builder.Configuration["ConnectionString"], + name: "IdentityDB-check", + tags: new string[] { "IdentityDB" }); + } + + public static void AddCustomApplicationServices(this WebApplicationBuilder builder) + { + builder.Services.AddTransient(); + builder.Services.AddTransient, EFLoginService>(); + builder.Services.AddTransient(); + } + + static IConfiguration GetConfiguration() + { + var builder = new ConfigurationBuilder() + .SetBasePath(Directory.GetCurrentDirectory()) + .AddJsonFile("appsettings.json", optional: false, reloadOnChange: true) + .AddEnvironmentVariables(); + + var config = builder.Build(); + + if (config.GetValue("UseVault", false)) + { + TokenCredential credential = new ClientSecretCredential( + config["Vault:TenantId"], + config["Vault:ClientId"], + config["Vault:ClientSecret"]); + builder.AddAzureKeyVault(new Uri($"https://{config["Vault:Name"]}.vault.azure.net/"), credential); + } + + return builder.Build(); + } +} diff --git a/src/Services/Identity/Identity.API/Quickstart/Account/AccountController.cs b/src/Services/Identity/Identity.API/Quickstart/Account/AccountController.cs new file mode 100644 index 000000000..f14c99896 --- /dev/null +++ b/src/Services/Identity/Identity.API/Quickstart/Account/AccountController.cs @@ -0,0 +1,341 @@ +// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. +// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. + +using Duende.IdentityServer.Events; +using Duende.IdentityServer.Extensions; +using Duende.IdentityServer.Stores; +using Microsoft.AspNetCore.Authentication; +using Microsoft.AspNetCore.Authorization; +using Microsoft.AspNetCore.Mvc; + +namespace IdentityServerHost.Quickstart.UI +{ + [SecurityHeaders] + [AllowAnonymous] + public class AccountController : Controller + { + private readonly UserManager _userManager; + private readonly SignInManager _signInManager; + private readonly IIdentityServerInteractionService _interaction; + private readonly IClientStore _clientStore; + private readonly IAuthenticationSchemeProvider _schemeProvider; + private readonly IAuthenticationHandlerProvider _handlerProvider; + private readonly IEventService _events; + + public AccountController( + UserManager userManager, + SignInManager signInManager, + IIdentityServerInteractionService interaction, + IClientStore clientStore, + IAuthenticationSchemeProvider schemeProvider, + IAuthenticationHandlerProvider handlerProvider, + IEventService events) + { + _userManager = userManager; + _signInManager = signInManager; + _interaction = interaction; + _clientStore = clientStore; + _schemeProvider = schemeProvider; + _handlerProvider = handlerProvider; + _events = events; + } + + /// + /// Entry point into the login workflow + /// + [HttpGet] + public async Task Login(string returnUrl) + { + // build a model so we know what to show on the login page + var vm = await BuildLoginViewModelAsync(returnUrl); + + ViewData["ReturnUrl"] = returnUrl; + + if (vm.IsExternalLoginOnly) + { + // we only have one option for logging in and it's an external provider + return RedirectToAction("Challenge", "External", new { scheme = vm.ExternalLoginScheme, returnUrl }); + } + + return View(vm); + } + + /// + /// Handle postback from username/password login + /// + [HttpPost] + [ValidateAntiForgeryToken] + public async Task Login(LoginInputModel model, string button) + { + // check if we are in the context of an authorization request + var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); + + // the user clicked the "cancel" button + if (button != "login") + { + if (context != null) + { + // if the user cancels, send a result back into IdentityServer as if they + // denied the consent (even if this client does not require consent). + // this will send back an access denied OIDC error response to the client. + await _interaction.DenyAuthorizationAsync(context, AuthorizationError.AccessDenied); + + // we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null + if (context.IsNativeClient()) + { + // The client is native, so this change in how to + // return the response is for better UX for the end user. + return this.LoadingPage("Redirect", model.ReturnUrl); + } + + return Redirect(model.ReturnUrl); + } + else + { + // since we don't have a valid context, then we just go back to the home page + return Redirect("~/"); + } + } + + if (ModelState.IsValid) + { + var result = await _signInManager.PasswordSignInAsync(model.Username, model.Password, model.RememberLogin, lockoutOnFailure: true); + if (result.Succeeded) + { + var user = await _userManager.FindByNameAsync(model.Username); + await _events.RaiseAsync(new UserLoginSuccessEvent(user.UserName, user.Id, user.UserName, clientId: context?.Client.ClientId)); + + if (context != null) + { + if (context.IsNativeClient()) + { + // The client is native, so this change in how to + // return the response is for better UX for the end user. + return this.LoadingPage("Redirect", model.ReturnUrl); + } + + // we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null + return Redirect(model.ReturnUrl); + } + + // request for a local page + if (Url.IsLocalUrl(model.ReturnUrl)) + { + return Redirect(model.ReturnUrl); + } + else if (string.IsNullOrEmpty(model.ReturnUrl)) + { + return Redirect("~/"); + } + else + { + // user might have clicked on a malicious link - should be logged + throw new Exception("invalid return URL"); + } + } + + await _events.RaiseAsync(new UserLoginFailureEvent(model.Username, "invalid credentials", clientId:context?.Client.ClientId)); + ModelState.AddModelError(string.Empty, AccountOptions.InvalidCredentialsErrorMessage); + } + + // something went wrong, show form with error + var vm = await BuildLoginViewModelAsync(model); + + ViewData["ReturnUrl"] = model.ReturnUrl; + + return View(vm); + } + + + /// + /// Show logout page + /// + [HttpGet] + public async Task Logout(string logoutId) + { + // build a model so the logout page knows what to display + var vm = await BuildLogoutViewModelAsync(logoutId); + + if (vm.ShowLogoutPrompt == false) + { + // if the request for logout was properly authenticated from IdentityServer, then + // we don't need to show the prompt and can just log the user out directly. + return await Logout(vm); + } + + return View(vm); + } + + /// + /// Handle logout page postback + /// + [HttpPost] + [ValidateAntiForgeryToken] + public async Task Logout(LogoutInputModel model) + { + // build a model so the logged out page knows what to display + var vm = await BuildLoggedOutViewModelAsync(model.LogoutId); + + if (User?.Identity.IsAuthenticated == true) + { + // delete local authentication cookie + await _signInManager.SignOutAsync(); + + // raise the logout event + await _events.RaiseAsync(new UserLogoutSuccessEvent(User.GetSubjectId(), User.GetDisplayName())); + } + + // check if we need to trigger sign-out at an upstream identity provider + if (vm.TriggerExternalSignout) + { + // build a return URL so the upstream provider will redirect back + // to us after the user has logged out. this allows us to then + // complete our single sign-out processing. + string url = Url.Action("Logout", new { logoutId = vm.LogoutId }); + + // this triggers a redirect to the external provider for sign-out + return SignOut(new AuthenticationProperties { RedirectUri = url }, vm.ExternalAuthenticationScheme); + } + + return View("LoggedOut", vm); + } + + [HttpGet] + public IActionResult AccessDenied() + { + return View(); + } + + + /*****************************************/ + /* helper APIs for the AccountController */ + /*****************************************/ + private async Task BuildLoginViewModelAsync(string returnUrl) + { + var context = await _interaction.GetAuthorizationContextAsync(returnUrl); + if (context?.IdP != null && await _schemeProvider.GetSchemeAsync(context.IdP) != null) + { + var local = context.IdP == IdentityServerConstants.LocalIdentityProvider; + + // this is meant to short circuit the UI and only trigger the one external IdP + var vm = new LoginViewModel + { + EnableLocalLogin = local, + ReturnUrl = returnUrl, + Username = context?.LoginHint, + }; + + if (!local) + { + vm.ExternalProviders = new[] { new ExternalProvider { AuthenticationScheme = context.IdP } }; + } + + return vm; + } + + var schemes = await _schemeProvider.GetAllSchemesAsync(); + + var providers = schemes + .Where(x => x.DisplayName != null) + .Select(x => new ExternalProvider + { + DisplayName = x.DisplayName ?? x.Name, + AuthenticationScheme = x.Name + }).ToList(); + + var allowLocal = true; + if (context?.Client.ClientId != null) + { + var client = await _clientStore.FindEnabledClientByIdAsync(context.Client.ClientId); + if (client != null) + { + allowLocal = client.EnableLocalLogin; + + if (client.IdentityProviderRestrictions != null && client.IdentityProviderRestrictions.Any()) + { + providers = providers.Where(provider => client.IdentityProviderRestrictions.Contains(provider.AuthenticationScheme)).ToList(); + } + } + } + + return new LoginViewModel + { + AllowRememberLogin = AccountOptions.AllowRememberLogin, + EnableLocalLogin = allowLocal && AccountOptions.AllowLocalLogin, + ReturnUrl = returnUrl, + Username = context?.LoginHint, + ExternalProviders = providers.ToArray() + }; + } + + private async Task BuildLoginViewModelAsync(LoginInputModel model) + { + var vm = await BuildLoginViewModelAsync(model.ReturnUrl); + vm.Username = model.Username; + vm.RememberLogin = model.RememberLogin; + return vm; + } + + private async Task BuildLogoutViewModelAsync(string logoutId) + { + var vm = new LogoutViewModel { LogoutId = logoutId, ShowLogoutPrompt = AccountOptions.ShowLogoutPrompt }; + + if (User?.Identity.IsAuthenticated != true) + { + // if the user is not authenticated, then just show logged out page + vm.ShowLogoutPrompt = false; + return vm; + } + + var context = await _interaction.GetLogoutContextAsync(logoutId); + if (context?.ShowSignoutPrompt == false) + { + // it's safe to automatically sign-out + vm.ShowLogoutPrompt = false; + return vm; + } + + // show the logout prompt. this prevents attacks where the user + // is automatically signed out by another malicious web page. + return vm; + } + + private async Task BuildLoggedOutViewModelAsync(string logoutId) + { + // get context information (client name, post logout redirect URI and iframe for federated signout) + var logout = await _interaction.GetLogoutContextAsync(logoutId); + + var vm = new LoggedOutViewModel + { + AutomaticRedirectAfterSignOut = AccountOptions.AutomaticRedirectAfterSignOut, + PostLogoutRedirectUri = logout?.PostLogoutRedirectUri, + ClientName = string.IsNullOrEmpty(logout?.ClientName) ? logout?.ClientId : logout?.ClientName, + SignOutIframeUrl = logout?.SignOutIFrameUrl, + LogoutId = logoutId + }; + + if (User?.Identity.IsAuthenticated == true) + { + var idp = User.FindFirst(JwtClaimTypes.IdentityProvider)?.Value; + if (idp != null && idp != IdentityServerConstants.LocalIdentityProvider) + { + var handler = await _handlerProvider.GetHandlerAsync(HttpContext, idp); + if (handler is IAuthenticationSignOutHandler) + { + if (vm.LogoutId == null) + { + // if there's no current logout context, we need to create one + // this captures necessary info from the current logged in user + // before we signout and redirect away to the external IdP for signout + vm.LogoutId = await _interaction.CreateLogoutContextAsync(); + } + + vm.ExternalAuthenticationScheme = idp; + } + } + } + + return vm; + } + } +} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Quickstart/Account/AccountOptions.cs b/src/Services/Identity/Identity.API/Quickstart/Account/AccountOptions.cs new file mode 100644 index 000000000..00ef16bc0 --- /dev/null +++ b/src/Services/Identity/Identity.API/Quickstart/Account/AccountOptions.cs @@ -0,0 +1,16 @@ +// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. +// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. + +namespace IdentityServerHost.Quickstart.UI; + +public class AccountOptions +{ + public static bool AllowLocalLogin = true; + public static bool AllowRememberLogin = true; + public static TimeSpan RememberMeLoginDuration = TimeSpan.FromDays(30); + + public static bool ShowLogoutPrompt = false; + public static bool AutomaticRedirectAfterSignOut = true; + + public static string InvalidCredentialsErrorMessage = "Invalid username or password"; +} diff --git a/src/Services/Identity/Identity.API/Quickstart/Account/ExternalController.cs b/src/Services/Identity/Identity.API/Quickstart/Account/ExternalController.cs new file mode 100644 index 000000000..5abc2fa3b --- /dev/null +++ b/src/Services/Identity/Identity.API/Quickstart/Account/ExternalController.cs @@ -0,0 +1,238 @@ +namespace IdentityServerHost.Quickstart.UI; + +[SecurityHeaders] +[AllowAnonymous] +public class ExternalController : Controller +{ + private readonly UserManager _userManager; + private readonly SignInManager _signInManager; + private readonly IIdentityServerInteractionService _interaction; + private readonly IClientStore _clientStore; + private readonly IEventService _events; + private readonly ILogger _logger; + + public ExternalController( + UserManager userManager, + SignInManager signInManager, + IIdentityServerInteractionService interaction, + IClientStore clientStore, + IEventService events, + ILogger logger) + { + _userManager = userManager; + _signInManager = signInManager; + _interaction = interaction; + _clientStore = clientStore; + _events = events; + _logger = logger; + } + + /// + /// initiate roundtrip to external authentication provider + /// + [HttpGet] + public IActionResult Challenge(string scheme, string returnUrl) + { + if (string.IsNullOrEmpty(returnUrl)) returnUrl = "~/"; + + // validate returnUrl - either it is a valid OIDC URL or back to a local page + if (Url.IsLocalUrl(returnUrl) == false && _interaction.IsValidReturnUrl(returnUrl) == false) + { + // user might have clicked on a malicious link - should be logged + throw new Exception("invalid return URL"); + } + + // start challenge and roundtrip the return URL and scheme + var props = new AuthenticationProperties + { + RedirectUri = Url.Action(nameof(Callback)), + Items = + { + { "returnUrl", returnUrl }, + { "scheme", scheme }, + } + }; + + return Challenge(props, scheme); + + } + + /// + /// Post processing of external authentication + /// + [HttpGet] + public async Task Callback() + { + // read external identity from the temporary cookie + var result = await HttpContext.AuthenticateAsync(IdentityServerConstants.ExternalCookieAuthenticationScheme); + if (result?.Succeeded != true) + { + throw new Exception("External authentication error"); + } + + if (_logger.IsEnabled(LogLevel.Debug)) + { + var externalClaims = result.Principal.Claims.Select(c => $"{c.Type}: {c.Value}"); + _logger.LogDebug("External claims: {@claims}", externalClaims); + } + + // lookup our user and external provider info + var (user, provider, providerUserId, claims) = await FindUserFromExternalProviderAsync(result); + if (user == null) + { + // this might be where you might initiate a custom workflow for user registration + // in this sample we don't show how that would be done, as our sample implementation + // simply auto-provisions new external user + user = await AutoProvisionUserAsync(provider, providerUserId, claims); + } + + // this allows us to collect any additional claims or properties + // for the specific protocols used and store them in the local auth cookie. + // this is typically used to store data needed for signout from those protocols. + var additionalLocalClaims = new List(); + var localSignInProps = new AuthenticationProperties(); + ProcessLoginCallback(result, additionalLocalClaims, localSignInProps); + + // issue authentication cookie for user + // we must issue the cookie maually, and can't use the SignInManager because + // it doesn't expose an API to issue additional claims from the login workflow + var principal = await _signInManager.CreateUserPrincipalAsync(user); + additionalLocalClaims.AddRange(principal.Claims); + var name = principal.FindFirst(JwtClaimTypes.Name)?.Value ?? user.Id; + + var isuser = new IdentityServerUser(user.Id) + { + DisplayName = name, + IdentityProvider = provider, + AdditionalClaims = additionalLocalClaims + }; + + await HttpContext.SignInAsync(isuser, localSignInProps); + + // delete temporary cookie used during external authentication + await HttpContext.SignOutAsync(IdentityServerConstants.ExternalCookieAuthenticationScheme); + + // retrieve return URL + var returnUrl = result.Properties.Items["returnUrl"] ?? "~/"; + + // check if external login is in the context of an OIDC request + var context = await _interaction.GetAuthorizationContextAsync(returnUrl); + await _events.RaiseAsync(new UserLoginSuccessEvent(provider, providerUserId, user.Id, name, true, context?.Client.ClientId)); + + if (context != null) + { + if (context.IsNativeClient()) + { + // The client is native, so this change in how to + // return the response is for better UX for the end user. + return this.LoadingPage("Redirect", returnUrl); + } + } + + return Redirect(returnUrl); + } + + private async Task<(ApplicationUser user, string provider, string providerUserId, IEnumerable claims)> + FindUserFromExternalProviderAsync(AuthenticateResult result) + { + var externalUser = result.Principal; + + // try to determine the unique id of the external user (issued by the provider) + // the most common claim type for that are the sub claim and the NameIdentifier + // depending on the external provider, some other claim type might be used + var userIdClaim = externalUser.FindFirst(JwtClaimTypes.Subject) ?? + externalUser.FindFirst(ClaimTypes.NameIdentifier) ?? + throw new Exception("Unknown userid"); + + // remove the user id claim so we don't include it as an extra claim if/when we provision the user + var claims = externalUser.Claims.ToList(); + claims.Remove(userIdClaim); + + var provider = result.Properties.Items["scheme"]; + var providerUserId = userIdClaim.Value; + + // find external user + var user = await _userManager.FindByLoginAsync(provider, providerUserId); + + return (user, provider, providerUserId, claims); + } + + private async Task AutoProvisionUserAsync(string provider, string providerUserId, IEnumerable claims) + { + // create a list of claims that we want to transfer into our store + var filtered = new List(); + + // user's display name + var name = claims.FirstOrDefault(x => x.Type == JwtClaimTypes.Name)?.Value ?? + claims.FirstOrDefault(x => x.Type == ClaimTypes.Name)?.Value; + if (name != null) + { + filtered.Add(new Claim(JwtClaimTypes.Name, name)); + } + else + { + var first = claims.FirstOrDefault(x => x.Type == JwtClaimTypes.GivenName)?.Value ?? + claims.FirstOrDefault(x => x.Type == ClaimTypes.GivenName)?.Value; + var last = claims.FirstOrDefault(x => x.Type == JwtClaimTypes.FamilyName)?.Value ?? + claims.FirstOrDefault(x => x.Type == ClaimTypes.Surname)?.Value; + if (first != null && last != null) + { + filtered.Add(new Claim(JwtClaimTypes.Name, first + " " + last)); + } + else if (first != null) + { + filtered.Add(new Claim(JwtClaimTypes.Name, first)); + } + else if (last != null) + { + filtered.Add(new Claim(JwtClaimTypes.Name, last)); + } + } + + // email + var email = claims.FirstOrDefault(x => x.Type == JwtClaimTypes.Email)?.Value ?? + claims.FirstOrDefault(x => x.Type == ClaimTypes.Email)?.Value; + if (email != null) + { + filtered.Add(new Claim(JwtClaimTypes.Email, email)); + } + + var user = new ApplicationUser + { + UserName = Guid.NewGuid().ToString(), + }; + var identityResult = await _userManager.CreateAsync(user); + if (!identityResult.Succeeded) throw new Exception(identityResult.Errors.First().Description); + + if (filtered.Any()) + { + identityResult = await _userManager.AddClaimsAsync(user, filtered); + if (!identityResult.Succeeded) throw new Exception(identityResult.Errors.First().Description); + } + + identityResult = await _userManager.AddLoginAsync(user, new UserLoginInfo(provider, providerUserId, provider)); + if (!identityResult.Succeeded) throw new Exception(identityResult.Errors.First().Description); + + return user; + } + + // if the external login is OIDC-based, there are certain things we need to preserve to make logout work + // this will be different for WS-Fed, SAML2p or other protocols + private void ProcessLoginCallback(AuthenticateResult externalResult, List localClaims, AuthenticationProperties localSignInProps) + { + // if the external system sent a session id claim, copy it over + // so we can use it for single sign-out + var sid = externalResult.Principal.Claims.FirstOrDefault(x => x.Type == JwtClaimTypes.SessionId); + if (sid != null) + { + localClaims.Add(new Claim(JwtClaimTypes.SessionId, sid.Value)); + } + + // if the external provider issued an id_token, we'll keep it for signout + var idToken = externalResult.Properties.GetTokenValue("id_token"); + if (idToken != null) + { + localSignInProps.StoreTokens(new[] { new AuthenticationToken { Name = "id_token", Value = idToken } }); + } + } +} diff --git a/src/Services/Identity/Identity.API/Quickstart/Account/ExternalProvider.cs b/src/Services/Identity/Identity.API/Quickstart/Account/ExternalProvider.cs new file mode 100644 index 000000000..c92594f4e --- /dev/null +++ b/src/Services/Identity/Identity.API/Quickstart/Account/ExternalProvider.cs @@ -0,0 +1,10 @@ +// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. +// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. + +namespace IdentityServerHost.Quickstart.UI; + +public class ExternalProvider +{ + public string DisplayName { get; set; } + public string AuthenticationScheme { get; set; } +} diff --git a/src/Services/Identity/Identity.API/Quickstart/Account/LoggedOutViewModel.cs b/src/Services/Identity/Identity.API/Quickstart/Account/LoggedOutViewModel.cs new file mode 100644 index 000000000..7e55f2cb6 --- /dev/null +++ b/src/Services/Identity/Identity.API/Quickstart/Account/LoggedOutViewModel.cs @@ -0,0 +1,18 @@ +// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. +// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. + + +namespace IdentityServerHost.Quickstart.UI; + +public class LoggedOutViewModel +{ + public string PostLogoutRedirectUri { get; set; } + public string ClientName { get; set; } + public string SignOutIframeUrl { get; set; } + + public bool AutomaticRedirectAfterSignOut { get; set; } + + public string LogoutId { get; set; } + public bool TriggerExternalSignout => ExternalAuthenticationScheme != null; + public string ExternalAuthenticationScheme { get; set; } +} diff --git a/src/Services/Identity/Identity.API/Quickstart/Account/LoginInputModel.cs b/src/Services/Identity/Identity.API/Quickstart/Account/LoginInputModel.cs new file mode 100644 index 000000000..813ba8fc1 --- /dev/null +++ b/src/Services/Identity/Identity.API/Quickstart/Account/LoginInputModel.cs @@ -0,0 +1,15 @@ +// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. +// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. + + +namespace IdentityServerHost.Quickstart.UI; + +public class LoginInputModel +{ + [Required] + public string Username { get; set; } + [Required] + public string Password { get; set; } + public bool RememberLogin { get; set; } + public string ReturnUrl { get; set; } +} diff --git a/src/Services/Identity/Identity.API/Quickstart/Account/LoginViewModel.cs b/src/Services/Identity/Identity.API/Quickstart/Account/LoginViewModel.cs new file mode 100644 index 000000000..753f4773e --- /dev/null +++ b/src/Services/Identity/Identity.API/Quickstart/Account/LoginViewModel.cs @@ -0,0 +1,17 @@ +// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. +// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. + + +namespace IdentityServerHost.Quickstart.UI; + +public class LoginViewModel : LoginInputModel +{ + public bool AllowRememberLogin { get; set; } = true; + public bool EnableLocalLogin { get; set; } = true; + + public IEnumerable ExternalProviders { get; set; } = Enumerable.Empty(); + public IEnumerable VisibleExternalProviders => ExternalProviders.Where(x => !String.IsNullOrWhiteSpace(x.DisplayName)); + + public bool IsExternalLoginOnly => EnableLocalLogin == false && ExternalProviders?.Count() == 1; + public string ExternalLoginScheme => IsExternalLoginOnly ? ExternalProviders?.SingleOrDefault()?.AuthenticationScheme : null; +} diff --git a/src/Services/Identity/Identity.API/Quickstart/Account/LogoutInputModel.cs b/src/Services/Identity/Identity.API/Quickstart/Account/LogoutInputModel.cs new file mode 100644 index 000000000..2fd5d8c8f --- /dev/null +++ b/src/Services/Identity/Identity.API/Quickstart/Account/LogoutInputModel.cs @@ -0,0 +1,10 @@ +// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. +// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. + + +namespace IdentityServerHost.Quickstart.UI; + +public class LogoutInputModel +{ + public string LogoutId { get; set; } +} diff --git a/src/Services/Identity/Identity.API/Quickstart/Account/LogoutViewModel.cs b/src/Services/Identity/Identity.API/Quickstart/Account/LogoutViewModel.cs new file mode 100644 index 000000000..841289b70 --- /dev/null +++ b/src/Services/Identity/Identity.API/Quickstart/Account/LogoutViewModel.cs @@ -0,0 +1,10 @@ +// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. +// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. + + +namespace IdentityServerHost.Quickstart.UI; + +public class LogoutViewModel : LogoutInputModel +{ + public bool ShowLogoutPrompt { get; set; } = true; +} diff --git a/src/Services/Identity/Identity.API/Quickstart/Account/RedirectViewModel.cs b/src/Services/Identity/Identity.API/Quickstart/Account/RedirectViewModel.cs new file mode 100644 index 000000000..e5005f4c2 --- /dev/null +++ b/src/Services/Identity/Identity.API/Quickstart/Account/RedirectViewModel.cs @@ -0,0 +1,11 @@ +// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. +// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. + + + +namespace IdentityServerHost.Quickstart.UI; + +public class RedirectViewModel +{ + public string RedirectUrl { get; set; } +} diff --git a/src/Services/Identity/Identity.API/Quickstart/Consent/ConsentController.cs b/src/Services/Identity/Identity.API/Quickstart/Consent/ConsentController.cs new file mode 100644 index 000000000..1255df44a --- /dev/null +++ b/src/Services/Identity/Identity.API/Quickstart/Consent/ConsentController.cs @@ -0,0 +1,247 @@ +// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. +// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. + +namespace IdentityServerHost.Quickstart.UI; + +/// +/// This controller processes the consent UI +/// +[SecurityHeaders] +[Authorize] +public class ConsentController : Controller +{ + private readonly IIdentityServerInteractionService _interaction; + private readonly IEventService _events; + private readonly ILogger _logger; + + public ConsentController( + IIdentityServerInteractionService interaction, + IEventService events, + ILogger logger) + { + _interaction = interaction; + _events = events; + _logger = logger; + } + + /// + /// Shows the consent screen + /// + /// + /// + [HttpGet] + public async Task Index(string returnUrl) + { + var vm = await BuildViewModelAsync(returnUrl); + if (vm != null) + { + return View("Index", vm); + } + + return View("Error"); + } + + /// + /// Handles the consent screen postback + /// + [HttpPost] + [ValidateAntiForgeryToken] + public async Task Index(ConsentInputModel model) + { + var result = await ProcessConsent(model); + + if (result.IsRedirect) + { + var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); + if (context?.IsNativeClient() == true) + { + // The client is native, so this change in how to + // return the response is for better UX for the end user. + return this.LoadingPage("Redirect", result.RedirectUri); + } + + return Redirect(result.RedirectUri); + } + + if (result.HasValidationError) + { + ModelState.AddModelError(string.Empty, result.ValidationError); + } + + if (result.ShowView) + { + return View("Index", result.ViewModel); + } + + return View("Error"); + } + + /*****************************************/ + /* helper APIs for the ConsentController */ + /*****************************************/ + private async Task ProcessConsent(ConsentInputModel model) + { + var result = new ProcessConsentResult(); + + // validate return url is still valid + var request = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); + if (request == null) return result; + + ConsentResponse grantedConsent = null; + + // user clicked 'no' - send back the standard 'access_denied' response + if (model?.Button == "no") + { + grantedConsent = new ConsentResponse { Error = AuthorizationError.AccessDenied }; + + // emit event + await _events.RaiseAsync(new ConsentDeniedEvent(User.GetSubjectId(), request.Client.ClientId, request.ValidatedResources.RawScopeValues)); + } + // user clicked 'yes' - validate the data + else if (model?.Button == "yes") + { + // if the user consented to some scope, build the response model + if (model.ScopesConsented != null && model.ScopesConsented.Any()) + { + var scopes = model.ScopesConsented; + if (ConsentOptions.EnableOfflineAccess == false) + { + scopes = scopes.Where(x => x != IdentityServerConstants.StandardScopes.OfflineAccess); + } + + grantedConsent = new ConsentResponse + { + RememberConsent = model.RememberConsent, + ScopesValuesConsented = scopes.ToArray(), + Description = model.Description + }; + + // emit event + await _events.RaiseAsync(new ConsentGrantedEvent(User.GetSubjectId(), request.Client.ClientId, request.ValidatedResources.RawScopeValues, grantedConsent.ScopesValuesConsented, grantedConsent.RememberConsent)); + } + else + { + result.ValidationError = ConsentOptions.MustChooseOneErrorMessage; + } + } + else + { + result.ValidationError = ConsentOptions.InvalidSelectionErrorMessage; + } + + if (grantedConsent != null) + { + // communicate outcome of consent back to identityserver + await _interaction.GrantConsentAsync(request, grantedConsent); + + // indicate that's it ok to redirect back to authorization endpoint + result.RedirectUri = model.ReturnUrl; + result.Client = request.Client; + } + else + { + // we need to redisplay the consent UI + result.ViewModel = await BuildViewModelAsync(model.ReturnUrl, model); + } + + return result; + } + + private async Task BuildViewModelAsync(string returnUrl, ConsentInputModel model = null) + { + var request = await _interaction.GetAuthorizationContextAsync(returnUrl); + if (request != null) + { + return CreateConsentViewModel(model, returnUrl, request); + } + else + { + _logger.LogError("No consent request matching request: {0}", returnUrl); + } + + return null; + } + + private ConsentViewModel CreateConsentViewModel( + ConsentInputModel model, string returnUrl, + AuthorizationRequest request) + { + var vm = new ConsentViewModel + { + RememberConsent = model?.RememberConsent ?? true, + ScopesConsented = model?.ScopesConsented ?? Enumerable.Empty(), + Description = model?.Description, + + ReturnUrl = returnUrl, + + ClientName = request.Client.ClientName ?? request.Client.ClientId, + ClientUrl = request.Client.ClientUri, + ClientLogoUrl = request.Client.LogoUri, + AllowRememberConsent = request.Client.AllowRememberConsent + }; + + vm.IdentityScopes = request.ValidatedResources.Resources.IdentityResources.Select(x => CreateScopeViewModel(x, vm.ScopesConsented.Contains(x.Name) || model == null)).ToArray(); + + var apiScopes = new List(); + foreach (var parsedScope in request.ValidatedResources.ParsedScopes) + { + var apiScope = request.ValidatedResources.Resources.FindApiScope(parsedScope.ParsedName); + if (apiScope != null) + { + var scopeVm = CreateScopeViewModel(parsedScope, apiScope, vm.ScopesConsented.Contains(parsedScope.RawValue) || model == null); + apiScopes.Add(scopeVm); + } + } + if (ConsentOptions.EnableOfflineAccess && request.ValidatedResources.Resources.OfflineAccess) + { + apiScopes.Add(GetOfflineAccessScope(vm.ScopesConsented.Contains(IdentityServerConstants.StandardScopes.OfflineAccess) || model == null)); + } + vm.ApiScopes = apiScopes; + + return vm; + } + + private ScopeViewModel CreateScopeViewModel(IdentityResource identity, bool check) + { + return new ScopeViewModel + { + Value = identity.Name, + DisplayName = identity.DisplayName ?? identity.Name, + Description = identity.Description, + Emphasize = identity.Emphasize, + Required = identity.Required, + Checked = check || identity.Required + }; + } + + public ScopeViewModel CreateScopeViewModel(ParsedScopeValue parsedScopeValue, ApiScope apiScope, bool check) + { + var displayName = apiScope.DisplayName ?? apiScope.Name; + if (!String.IsNullOrWhiteSpace(parsedScopeValue.ParsedParameter)) + { + displayName += ":" + parsedScopeValue.ParsedParameter; + } + + return new ScopeViewModel + { + Value = parsedScopeValue.RawValue, + DisplayName = displayName, + Description = apiScope.Description, + Emphasize = apiScope.Emphasize, + Required = apiScope.Required, + Checked = check || apiScope.Required + }; + } + + private ScopeViewModel GetOfflineAccessScope(bool check) + { + return new ScopeViewModel + { + Value = IdentityServerConstants.StandardScopes.OfflineAccess, + DisplayName = ConsentOptions.OfflineAccessDisplayName, + Description = ConsentOptions.OfflineAccessDescription, + Emphasize = true, + Checked = check + }; + } +} diff --git a/src/Services/Identity/Identity.API/Quickstart/Consent/ConsentInputModel.cs b/src/Services/Identity/Identity.API/Quickstart/Consent/ConsentInputModel.cs new file mode 100644 index 000000000..fc661024e --- /dev/null +++ b/src/Services/Identity/Identity.API/Quickstart/Consent/ConsentInputModel.cs @@ -0,0 +1,14 @@ +// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. +// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. + + +namespace IdentityServerHost.Quickstart.UI; + +public class ConsentInputModel +{ + public string Button { get; set; } + public IEnumerable ScopesConsented { get; set; } + public bool RememberConsent { get; set; } + public string ReturnUrl { get; set; } + public string Description { get; set; } +} diff --git a/src/Services/Identity/Identity.API/Quickstart/Consent/ConsentOptions.cs b/src/Services/Identity/Identity.API/Quickstart/Consent/ConsentOptions.cs new file mode 100644 index 000000000..4a689278c --- /dev/null +++ b/src/Services/Identity/Identity.API/Quickstart/Consent/ConsentOptions.cs @@ -0,0 +1,15 @@ +// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. +// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. + + +namespace IdentityServerHost.Quickstart.UI; + +public class ConsentOptions +{ + public static bool EnableOfflineAccess = true; + public static string OfflineAccessDisplayName = "Offline Access"; + public static string OfflineAccessDescription = "Access to your applications and resources, even when you are offline"; + + public static readonly string MustChooseOneErrorMessage = "You must pick at least one permission"; + public static readonly string InvalidSelectionErrorMessage = "Invalid selection"; +} diff --git a/src/Services/Identity/Identity.API/Quickstart/Consent/ConsentViewModel.cs b/src/Services/Identity/Identity.API/Quickstart/Consent/ConsentViewModel.cs new file mode 100644 index 000000000..0603d7836 --- /dev/null +++ b/src/Services/Identity/Identity.API/Quickstart/Consent/ConsentViewModel.cs @@ -0,0 +1,16 @@ +// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. +// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. + + +namespace IdentityServerHost.Quickstart.UI; + +public class ConsentViewModel : ConsentInputModel +{ + public string ClientName { get; set; } + public string ClientUrl { get; set; } + public string ClientLogoUrl { get; set; } + public bool AllowRememberConsent { get; set; } + + public IEnumerable IdentityScopes { get; set; } + public IEnumerable ApiScopes { get; set; } +} diff --git a/src/Services/Identity/Identity.API/Quickstart/Consent/ProcessConsentResult.cs b/src/Services/Identity/Identity.API/Quickstart/Consent/ProcessConsentResult.cs new file mode 100644 index 000000000..a7dd8bb7e --- /dev/null +++ b/src/Services/Identity/Identity.API/Quickstart/Consent/ProcessConsentResult.cs @@ -0,0 +1,17 @@ +// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. +// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. + +namespace IdentityServerHost.Quickstart.UI; + +public class ProcessConsentResult +{ + public bool IsRedirect => RedirectUri != null; + public string RedirectUri { get; set; } + public Client Client { get; set; } + + public bool ShowView => ViewModel != null; + public ConsentViewModel ViewModel { get; set; } + + public bool HasValidationError => ValidationError != null; + public string ValidationError { get; set; } +} diff --git a/src/Services/Identity/Identity.API/Quickstart/Consent/ScopeViewModel.cs b/src/Services/Identity/Identity.API/Quickstart/Consent/ScopeViewModel.cs new file mode 100644 index 000000000..c052253c2 --- /dev/null +++ b/src/Services/Identity/Identity.API/Quickstart/Consent/ScopeViewModel.cs @@ -0,0 +1,15 @@ +// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. +// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. + + +namespace IdentityServerHost.Quickstart.UI; + +public class ScopeViewModel +{ + public string Value { get; set; } + public string DisplayName { get; set; } + public string Description { get; set; } + public bool Emphasize { get; set; } + public bool Required { get; set; } + public bool Checked { get; set; } +} diff --git a/src/Services/Identity/Identity.API/Quickstart/Device/DeviceAuthorizationInputModel.cs b/src/Services/Identity/Identity.API/Quickstart/Device/DeviceAuthorizationInputModel.cs new file mode 100644 index 000000000..8e6403960 --- /dev/null +++ b/src/Services/Identity/Identity.API/Quickstart/Device/DeviceAuthorizationInputModel.cs @@ -0,0 +1,10 @@ +// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. +// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. + + +namespace IdentityServerHost.Quickstart.UI; + +public class DeviceAuthorizationInputModel : ConsentInputModel +{ + public string UserCode { get; set; } +} diff --git a/src/Services/Identity/Identity.API/Quickstart/Device/DeviceAuthorizationViewModel.cs b/src/Services/Identity/Identity.API/Quickstart/Device/DeviceAuthorizationViewModel.cs new file mode 100644 index 000000000..230413f26 --- /dev/null +++ b/src/Services/Identity/Identity.API/Quickstart/Device/DeviceAuthorizationViewModel.cs @@ -0,0 +1,11 @@ +// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. +// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. + + +namespace IdentityServerHost.Quickstart.UI; + +public class DeviceAuthorizationViewModel : ConsentViewModel +{ + public string UserCode { get; set; } + public bool ConfirmUserCode { get; set; } +} diff --git a/src/Services/Identity/Identity.API/Quickstart/Device/DeviceController.cs b/src/Services/Identity/Identity.API/Quickstart/Device/DeviceController.cs new file mode 100644 index 000000000..5eb55caad --- /dev/null +++ b/src/Services/Identity/Identity.API/Quickstart/Device/DeviceController.cs @@ -0,0 +1,214 @@ +// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. +// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. + +namespace IdentityServerHost.Quickstart.UI; + +[Authorize] +[SecurityHeaders] +public class DeviceController : Controller +{ + private readonly IDeviceFlowInteractionService _interaction; + private readonly IEventService _events; + private readonly IOptions _options; + private readonly ILogger _logger; + + public DeviceController( + IDeviceFlowInteractionService interaction, + IEventService eventService, + IOptions options, + ILogger logger) + { + _interaction = interaction; + _events = eventService; + _options = options; + _logger = logger; + } + + [HttpGet] + public async Task Index() + { + string userCodeParamName = _options.Value.UserInteraction.DeviceVerificationUserCodeParameter; + string userCode = Request.Query[userCodeParamName]; + if (string.IsNullOrWhiteSpace(userCode)) return View("UserCodeCapture"); + + var vm = await BuildViewModelAsync(userCode); + if (vm == null) return View("Error"); + + vm.ConfirmUserCode = true; + return View("UserCodeConfirmation", vm); + } + + [HttpPost] + [ValidateAntiForgeryToken] + public async Task UserCodeCapture(string userCode) + { + var vm = await BuildViewModelAsync(userCode); + if (vm == null) return View("Error"); + + return View("UserCodeConfirmation", vm); + } + + [HttpPost] + [ValidateAntiForgeryToken] + public async Task Callback(DeviceAuthorizationInputModel model) + { + if (model == null) throw new ArgumentNullException(nameof(model)); + + var result = await ProcessConsent(model); + if (result.HasValidationError) return View("Error"); + + return View("Success"); + } + + private async Task ProcessConsent(DeviceAuthorizationInputModel model) + { + var result = new ProcessConsentResult(); + + var request = await _interaction.GetAuthorizationContextAsync(model.UserCode); + if (request == null) return result; + + ConsentResponse grantedConsent = null; + + // user clicked 'no' - send back the standard 'access_denied' response + if (model.Button == "no") + { + grantedConsent = new ConsentResponse { Error = AuthorizationError.AccessDenied }; + + // emit event + await _events.RaiseAsync(new ConsentDeniedEvent(User.GetSubjectId(), request.Client.ClientId, request.ValidatedResources.RawScopeValues)); + } + // user clicked 'yes' - validate the data + else if (model.Button == "yes") + { + // if the user consented to some scope, build the response model + if (model.ScopesConsented != null && model.ScopesConsented.Any()) + { + var scopes = model.ScopesConsented; + if (ConsentOptions.EnableOfflineAccess == false) + { + scopes = scopes.Where(x => x != IdentityServerConstants.StandardScopes.OfflineAccess); + } + + grantedConsent = new ConsentResponse + { + RememberConsent = model.RememberConsent, + ScopesValuesConsented = scopes.ToArray(), + Description = model.Description + }; + + // emit event + await _events.RaiseAsync(new ConsentGrantedEvent(User.GetSubjectId(), request.Client.ClientId, request.ValidatedResources.RawScopeValues, grantedConsent.ScopesValuesConsented, grantedConsent.RememberConsent)); + } + else + { + result.ValidationError = ConsentOptions.MustChooseOneErrorMessage; + } + } + else + { + result.ValidationError = ConsentOptions.InvalidSelectionErrorMessage; + } + + if (grantedConsent != null) + { + // communicate outcome of consent back to identityserver + await _interaction.HandleRequestAsync(model.UserCode, grantedConsent); + + // indicate that's it ok to redirect back to authorization endpoint + result.RedirectUri = model.ReturnUrl; + result.Client = request.Client; + } + else + { + // we need to redisplay the consent UI + result.ViewModel = await BuildViewModelAsync(model.UserCode, model); + } + + return result; + } + + private async Task BuildViewModelAsync(string userCode, DeviceAuthorizationInputModel model = null) + { + var request = await _interaction.GetAuthorizationContextAsync(userCode); + if (request != null) + { + return CreateConsentViewModel(userCode, model, request); + } + + return null; + } + + private DeviceAuthorizationViewModel CreateConsentViewModel(string userCode, DeviceAuthorizationInputModel model, DeviceFlowAuthorizationRequest request) + { + var vm = new DeviceAuthorizationViewModel + { + UserCode = userCode, + Description = model?.Description, + + RememberConsent = model?.RememberConsent ?? true, + ScopesConsented = model?.ScopesConsented ?? Enumerable.Empty(), + + ClientName = request.Client.ClientName ?? request.Client.ClientId, + ClientUrl = request.Client.ClientUri, + ClientLogoUrl = request.Client.LogoUri, + AllowRememberConsent = request.Client.AllowRememberConsent + }; + + vm.IdentityScopes = request.ValidatedResources.Resources.IdentityResources.Select(x => CreateScopeViewModel(x, vm.ScopesConsented.Contains(x.Name) || model == null)).ToArray(); + + var apiScopes = new List(); + foreach (var parsedScope in request.ValidatedResources.ParsedScopes) + { + var apiScope = request.ValidatedResources.Resources.FindApiScope(parsedScope.ParsedName); + if (apiScope != null) + { + var scopeVm = CreateScopeViewModel(parsedScope, apiScope, vm.ScopesConsented.Contains(parsedScope.RawValue) || model == null); + apiScopes.Add(scopeVm); + } + } + if (ConsentOptions.EnableOfflineAccess && request.ValidatedResources.Resources.OfflineAccess) + { + apiScopes.Add(GetOfflineAccessScope(vm.ScopesConsented.Contains(IdentityServerConstants.StandardScopes.OfflineAccess) || model == null)); + } + vm.ApiScopes = apiScopes; + + return vm; + } + + private ScopeViewModel CreateScopeViewModel(IdentityResource identity, bool check) + { + return new ScopeViewModel + { + Value = identity.Name, + DisplayName = identity.DisplayName ?? identity.Name, + Description = identity.Description, + Emphasize = identity.Emphasize, + Required = identity.Required, + Checked = check || identity.Required + }; + } + + public ScopeViewModel CreateScopeViewModel(ParsedScopeValue parsedScopeValue, ApiScope apiScope, bool check) + { + return new ScopeViewModel + { + Value = parsedScopeValue.RawValue, + DisplayName = apiScope.DisplayName ?? apiScope.Name, + Description = apiScope.Description, + Emphasize = apiScope.Emphasize, + Required = apiScope.Required, + Checked = check || apiScope.Required + }; + } + private ScopeViewModel GetOfflineAccessScope(bool check) + { + return new ScopeViewModel + { + Value = IdentityServerConstants.StandardScopes.OfflineAccess, + DisplayName = ConsentOptions.OfflineAccessDisplayName, + Description = ConsentOptions.OfflineAccessDescription, + Emphasize = true, + Checked = check + }; + } +} diff --git a/src/Services/Identity/Identity.API/Quickstart/Diagnostics/DiagnosticsController.cs b/src/Services/Identity/Identity.API/Quickstart/Diagnostics/DiagnosticsController.cs new file mode 100644 index 000000000..9668eec1a --- /dev/null +++ b/src/Services/Identity/Identity.API/Quickstart/Diagnostics/DiagnosticsController.cs @@ -0,0 +1,22 @@ +// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. +// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. + + +namespace IdentityServerHost.Quickstart.UI; + +[SecurityHeaders] +[Authorize] +public class DiagnosticsController : Controller +{ + public async Task Index() + { + var localAddresses = new string[] { "127.0.0.1", "::1", HttpContext.Connection.LocalIpAddress.ToString() }; + if (!localAddresses.Contains(HttpContext.Connection.RemoteIpAddress.ToString())) + { + return NotFound(); + } + + var model = new DiagnosticsViewModel(await HttpContext.AuthenticateAsync()); + return View(model); + } +} diff --git a/src/Services/Identity/Identity.API/Quickstart/Diagnostics/DiagnosticsViewModel.cs b/src/Services/Identity/Identity.API/Quickstart/Diagnostics/DiagnosticsViewModel.cs new file mode 100644 index 000000000..6f87fd1d7 --- /dev/null +++ b/src/Services/Identity/Identity.API/Quickstart/Diagnostics/DiagnosticsViewModel.cs @@ -0,0 +1,28 @@ +// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. +// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. + + +using System.Text; +using System.Text.Json; + +namespace IdentityServerHost.Quickstart.UI; + +public class DiagnosticsViewModel +{ + public DiagnosticsViewModel(AuthenticateResult result) + { + AuthenticateResult = result; + + if (result.Properties.Items.ContainsKey("client_list")) + { + var encoded = result.Properties.Items["client_list"]; + var bytes = Base64Url.Decode(encoded); + var value = Encoding.UTF8.GetString(bytes); + + Clients = JsonSerializer.Deserialize(value); + } + } + + public AuthenticateResult AuthenticateResult { get; } + public IEnumerable Clients { get; } = new List(); +} diff --git a/src/Services/Identity/Identity.API/Quickstart/Extensions.cs b/src/Services/Identity/Identity.API/Quickstart/Extensions.cs new file mode 100644 index 000000000..4dbaf5385 --- /dev/null +++ b/src/Services/Identity/Identity.API/Quickstart/Extensions.cs @@ -0,0 +1,22 @@ +namespace IdentityServerHost.Quickstart.UI; + +public static class Extensions +{ + /// + /// Checks if the redirect URI is for a native client. + /// + /// + public static bool IsNativeClient(this AuthorizationRequest context) + { + return !context.RedirectUri.StartsWith("https", StringComparison.Ordinal) + && !context.RedirectUri.StartsWith("http", StringComparison.Ordinal); + } + + public static IActionResult LoadingPage(this Controller controller, string viewName, string redirectUri) + { + controller.HttpContext.Response.StatusCode = 200; + controller.HttpContext.Response.Headers["Location"] = ""; + + return controller.View(viewName, new RedirectViewModel { RedirectUrl = redirectUri }); + } +} diff --git a/src/Services/Identity/Identity.API/Quickstart/Grants/GrantsController.cs b/src/Services/Identity/Identity.API/Quickstart/Grants/GrantsController.cs new file mode 100644 index 000000000..3045c44d5 --- /dev/null +++ b/src/Services/Identity/Identity.API/Quickstart/Grants/GrantsController.cs @@ -0,0 +1,85 @@ +// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. +// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. + +namespace IdentityServerHost.Quickstart.UI; + +/// +/// This sample controller allows a user to revoke grants given to clients +/// +[SecurityHeaders] +[Authorize] +public class GrantsController : Controller +{ + private readonly IIdentityServerInteractionService _interaction; + private readonly IClientStore _clients; + private readonly IResourceStore _resources; + private readonly IEventService _events; + + public GrantsController(IIdentityServerInteractionService interaction, + IClientStore clients, + IResourceStore resources, + IEventService events) + { + _interaction = interaction; + _clients = clients; + _resources = resources; + _events = events; + } + + /// + /// Show list of grants + /// + [HttpGet] + public async Task Index() + { + return View("Index", await BuildViewModelAsync()); + } + + /// + /// Handle postback to revoke a client + /// + [HttpPost] + [ValidateAntiForgeryToken] + public async Task Revoke(string clientId) + { + await _interaction.RevokeUserConsentAsync(clientId); + await _events.RaiseAsync(new GrantsRevokedEvent(User.GetSubjectId(), clientId)); + + return RedirectToAction("Index"); + } + + private async Task BuildViewModelAsync() + { + var grants = await _interaction.GetAllUserGrantsAsync(); + + var list = new List(); + foreach (var grant in grants) + { + var client = await _clients.FindClientByIdAsync(grant.ClientId); + if (client != null) + { + var resources = await _resources.FindResourcesByScopeAsync(grant.Scopes); + + var item = new GrantViewModel() + { + ClientId = client.ClientId, + ClientName = client.ClientName ?? client.ClientId, + ClientLogoUrl = client.LogoUri, + ClientUrl = client.ClientUri, + Description = grant.Description, + Created = grant.CreationTime, + Expires = grant.Expiration, + IdentityGrantNames = resources.IdentityResources.Select(x => x.DisplayName ?? x.Name).ToArray(), + ApiGrantNames = resources.ApiScopes.Select(x => x.DisplayName ?? x.Name).ToArray() + }; + + list.Add(item); + } + } + + return new GrantsViewModel + { + Grants = list + }; + } +} diff --git a/src/Services/Identity/Identity.API/Quickstart/Grants/GrantsViewModel.cs b/src/Services/Identity/Identity.API/Quickstart/Grants/GrantsViewModel.cs new file mode 100644 index 000000000..991d27967 --- /dev/null +++ b/src/Services/Identity/Identity.API/Quickstart/Grants/GrantsViewModel.cs @@ -0,0 +1,23 @@ +// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. +// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. + + +namespace IdentityServerHost.Quickstart.UI; + +public class GrantsViewModel +{ + public IEnumerable Grants { get; set; } +} + +public class GrantViewModel +{ + public string ClientId { get; set; } + public string ClientName { get; set; } + public string ClientUrl { get; set; } + public string ClientLogoUrl { get; set; } + public string Description { get; set; } + public DateTime Created { get; set; } + public DateTime? Expires { get; set; } + public IEnumerable IdentityGrantNames { get; set; } + public IEnumerable ApiGrantNames { get; set; } +} diff --git a/src/Services/Identity/Identity.API/Quickstart/Home/ErrorViewModel.cs b/src/Services/Identity/Identity.API/Quickstart/Home/ErrorViewModel.cs new file mode 100644 index 000000000..e1cfa86cb --- /dev/null +++ b/src/Services/Identity/Identity.API/Quickstart/Home/ErrorViewModel.cs @@ -0,0 +1,18 @@ +// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. +// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. + +namespace IdentityServerHost.Quickstart.UI; + +public class ErrorViewModel +{ + public ErrorViewModel() + { + } + + public ErrorViewModel(string error) + { + Error = new ErrorMessage { Error = error }; + } + + public ErrorMessage Error { get; set; } +} diff --git a/src/Services/Identity/Identity.API/Quickstart/Home/HomeController.cs b/src/Services/Identity/Identity.API/Quickstart/Home/HomeController.cs new file mode 100644 index 000000000..6110df1f8 --- /dev/null +++ b/src/Services/Identity/Identity.API/Quickstart/Home/HomeController.cs @@ -0,0 +1,63 @@ +// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. +// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. + + +using Microsoft.AspNetCore.Authorization; +using Microsoft.AspNetCore.Mvc; + +namespace IdentityServerHost.Quickstart.UI +{ + [SecurityHeaders] + [AllowAnonymous] + public class HomeController : Controller + { + private readonly IIdentityServerInteractionService _interaction; + private readonly IWebHostEnvironment _environment; + private readonly ILogger _logger; + + public HomeController( + IIdentityServerInteractionService interaction, + IWebHostEnvironment environment, + ILogger logger) + { + _interaction = interaction; + _environment = environment; + _logger = logger; + } + + public IActionResult Index() + { + if (_environment.IsDevelopment()) + { + // only show in development + return View(); + } + + _logger.LogInformation("Homepage is disabled in production. Returning 404."); + return NotFound(); + } + + /// + /// Shows the error page + /// + public async Task Error(string errorId) + { + var vm = new ErrorViewModel(); + + // retrieve error details from identityserver + var message = await _interaction.GetErrorContextAsync(errorId); + if (message != null) + { + vm.Error = message; + + if (!_environment.IsDevelopment()) + { + // only show in development + message.ErrorDescription = null; + } + } + + return View("Error", vm); + } + } +} \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Quickstart/SecurityHeadersAttribute.cs b/src/Services/Identity/Identity.API/Quickstart/SecurityHeadersAttribute.cs new file mode 100644 index 000000000..df926beea --- /dev/null +++ b/src/Services/Identity/Identity.API/Quickstart/SecurityHeadersAttribute.cs @@ -0,0 +1,52 @@ +// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. +// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. + + +namespace IdentityServerHost.Quickstart.UI; + +public class SecurityHeadersAttribute : ActionFilterAttribute +{ + public override void OnResultExecuting(ResultExecutingContext context) + { + var result = context.Result; + if (result is ViewResult) + { + // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options + if (!context.HttpContext.Response.Headers.ContainsKey("X-Content-Type-Options")) + { + context.HttpContext.Response.Headers.Add("X-Content-Type-Options", "nosniff"); + } + + // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options + if (!context.HttpContext.Response.Headers.ContainsKey("X-Frame-Options")) + { + context.HttpContext.Response.Headers.Add("X-Frame-Options", "SAMEORIGIN"); + } + + // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy + var csp = "default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';"; + // also consider adding upgrade-insecure-requests once you have HTTPS in place for production + //csp += "upgrade-insecure-requests;"; + // also an example if you need client images to be displayed from twitter + // csp += "img-src 'self' https://pbs.twimg.com;"; + + // once for standards compliant browsers + if (!context.HttpContext.Response.Headers.ContainsKey("Content-Security-Policy")) + { + context.HttpContext.Response.Headers.Add("Content-Security-Policy", csp); + } + // and once again for IE + if (!context.HttpContext.Response.Headers.ContainsKey("X-Content-Security-Policy")) + { + context.HttpContext.Response.Headers.Add("X-Content-Security-Policy", csp); + } + + // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy + var referrer_policy = "no-referrer"; + if (!context.HttpContext.Response.Headers.ContainsKey("Referrer-Policy")) + { + context.HttpContext.Response.Headers.Add("Referrer-Policy", referrer_policy); + } + } + } +} diff --git a/src/Services/Identity/Identity.API/SeedData.cs b/src/Services/Identity/Identity.API/SeedData.cs new file mode 100644 index 000000000..c71f64f58 --- /dev/null +++ b/src/Services/Identity/Identity.API/SeedData.cs @@ -0,0 +1,124 @@ +using System.Threading.Tasks; +using System; + +namespace Microsoft.eShopOnContainers.Services.Identity.API; + +public class SeedData +{ + public static async Task EnsureSeedData(IServiceScope scope, IConfiguration configuration, Microsoft.Extensions.Logging.ILogger logger) + { + var retryPolicy = CreateRetryPolicy(configuration, logger); + var context = scope.ServiceProvider.GetRequiredService(); + + await retryPolicy.ExecuteAsync(async () => + { + await context.Database.MigrateAsync(); + + var userMgr = scope.ServiceProvider.GetRequiredService>(); + var alice = await userMgr.FindByNameAsync("alice"); + + if (alice == null) + { + alice = new ApplicationUser + { + UserName = "alice", + Email = "AliceSmith@email.com", + EmailConfirmed = true, + CardHolderName = "Alice Smith", + CardNumber = "4012888888881881", + CardType = 1, + City = "Redmond", + Country = "U.S.", + Expiration = "12/20", + Id = Guid.NewGuid().ToString(), + LastName = "Smith", + Name = "Alice", + PhoneNumber = "1234567890", + ZipCode = "98052", + State = "WA", + Street = "15703 NE 61st Ct", + SecurityNumber = "123" + }; + + var result = userMgr.CreateAsync(alice, "Pass123$").Result; + + if (!result.Succeeded) + { + throw new Exception(result.Errors.First().Description); + } + + logger.LogDebug("alice created"); + } + else + { + logger.LogDebug("alice already exists"); + } + + var bob = await userMgr.FindByNameAsync("bob"); + + if (bob == null) + { + bob = new ApplicationUser + { + UserName = "bob", + Email = "BobSmith@email.com", + EmailConfirmed = true, + CardHolderName = "Bob Smith", + CardNumber = "4012888888881881", + CardType = 1, + City = "Redmond", + Country = "U.S.", + Expiration = "12/20", + Id = Guid.NewGuid().ToString(), + LastName = "Smith", + Name = "Bob", + PhoneNumber = "1234567890", + ZipCode = "98052", + State = "WA", + Street = "15703 NE 61st Ct", + SecurityNumber = "456" + }; + + var result = await userMgr.CreateAsync(bob, "Pass123$"); + + if (!result.Succeeded) + { + throw new Exception(result.Errors.First().Description); + } + + logger.LogDebug("bob created"); + } + else + { + logger.LogDebug("bob already exists"); + } + }); + } + + private static AsyncPolicy CreateRetryPolicy(IConfiguration configuration, Microsoft.Extensions.Logging.ILogger logger) + { + var retryMigrations = false; + bool.TryParse(configuration["RetryMigrations"], out retryMigrations); + + // Only use a retry policy if configured to do so. + // When running in an orchestrator/K8s, it will take care of restarting failed services. + if (retryMigrations) + { + return Policy.Handle(). + WaitAndRetryForeverAsync( + sleepDurationProvider: retry => TimeSpan.FromSeconds(5), + onRetry: (exception, retry, timeSpan) => + { + logger.LogWarning( + exception, + "Exception {ExceptionType} with message {Message} detected during database migration (retry attempt {retry})", + exception.GetType().Name, + exception.Message, + retry); + } + ); + } + + return Policy.NoOpAsync(); + } +} diff --git a/src/Services/Identity/Identity.API/Setup/Users.csv b/src/Services/Identity/Identity.API/Setup/Users.csv deleted file mode 100644 index a0955884b..000000000 --- a/src/Services/Identity/Identity.API/Setup/Users.csv +++ /dev/null @@ -1,2 +0,0 @@ -CardHolderName,CardNumber,CardType,City,Country,Email,Expiration,LastName,Name,PhoneNumber,UserName,ZipCode,State,Street,SecurityNumber,NormalizedEmail,NormalizedUserName,Password -DemoUser,4012888888881881,1,Redmond,U.S.,demouser@microsoft.com,12/25,DemoLastName,DemoUser,1234567890,demouser@microsoft.com,98052,WA,15703 NE 61st Ct,535,DEMOUSER@MICROSOFT.COM,DEMOUSER@MICROSOFT.COM,Pass@word1 \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Setup/images.zip b/src/Services/Identity/Identity.API/Setup/images.zip deleted file mode 100644 index 1b901d3afd9ee890607afe87e673bf8aa07557de..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 14192 zcmcJ0byyr-vnK=y5`w$S1a}{t;I6^l27)uVCO~i>7;KP05+D%VHMlb&5IhhD83-=H zWyyPY_q)6M-RHUgY|m5OQ>Uv=pFXF$PS>yN=%}Nilc4D3oQZ-4l^T?os zs6y5dM5@K{LcqiF1-@8RgGfgo1+4s;VGo5Ma5V531QWpo}gj{}Ab;6O_gi!O*Ef_@PXQ&@0up zosYo+6<_7>S1cQ<*BgeiH?eP++!Pc)suAuKo$;vfc4^Nx`xyqEOW!Pm!#DB+w+cdb z)&0yo>P)>$DJUtgib_gKa{B?qEC=7CF9taD6W<}6@Q!mYi(YUp6y%F1m7lOIXjU5Z z^){`}vn6k-a)b-JBuoPGSsqWAz!8vAgj3UBwox47^LwVKmS2@-f(xp}QMb-)OT|fR zZs$rAdS5=!W~*J>eHm}O7$2R!wDU|PnIIpGMTZ`6_F$kTUaJ}0}0-S3w)G*2BR zBcTz5<3hhX;|kG0`lr%uWxN^#3@_tpPLf;XVJzEb8qUGZa}>D>g`sZ8MWOhC?&NtU z9IaUdKhzP91undlVsCoWqQgf()Rl~6(%pVwKX*!nAZ@%lvirVEJXb9dRHbp_ zaL3|sms#fYBhz1)$`w{(nL=7B+`_xiI1aub#E)ABezEgIHt}7F+^U%hY6SvR%{i+G z;byp&Brc2YaSawAB7CLlj$Ys2R*^Y?WHKUi;a)Wvw&qxez2QGp?^MqgSmp~c%J=wg zZc`}{v*+;$@7lO`vCr*^?xYF>77-rtaki$MpI}>b%!$>{ye$b5jQKZL0L)}eA{EA# zFjoi9Hd248h-=Zurt(ht0=;xqixp`=| zLgBmmv*7dA6;dIu-u-;8%;i3AJmmzFFJ%TChf9EK|Dd&rAj@NJ1?a)+B>K7&9|SEnikE#eer_r8E6 zPf5~t6Vo_bti%l8L=yhWmS6qFT;7N0D}X$VS`kgfr^F%mO=J~9akdn9q@3M@z4_5a zju5`?H4b;D?x`X@BoW~1Df(lFHz;0Q3la7Gj30i>5=lw98YhuO zdeOH=iD8{OH2Z&_^cT>~#|Cc^hJ8N>>+w8NvJLjCWeCgIoCK8B+)G$Lg(b@&Js?-G60~i}!lbJ~uk{E7Zev zM~Z#+KWZ|HRHO8UIT&yzey!J8r_BK<1+t9+dNC$$3$hy57@nTii)q`cKgh7CCnjsmd0+ z9({z87qsZG?xV5V88r1m2$%;*{zNu@7ox_+oF1(GdUNYN8L><3X8*Y1cW23sums`# z=Ix{vk({V^@iy=1NOB#7;MwFr^AOdLml=LVoWj7|{?J-vY}S5gpmC+@L#3$AfaRHJ-ZdE49^n>TS?h!r?;O~g zsu2d}^b0?``+_E_t+Dsh&!p)Fu&nKM+3P`#I#rzlYb>J8 z^7C^yoC(7UCi>_4-FoRgXqP}rYwaZFBhZ>lTw7wV@|N}y04G-XFG(Y_+3n30gR3m^ z&sLCcys;&n=od|%BX^NvdiHb9t(&6Ac;^0$h`h1+m=S~A*pWLLsn+!qyCZ4i>+a%A z`^~2^S|s&2$z#FR^tgJ)>FKe8zBG3$CttbM*>lmI@W}Hj10frm99c3-f6y@3x8YE5 zY0*y4>N1h;Jwb{i=BoSU?Dvk+SfPV zfF5);o<<@kg-!e40JpS;ZSv_f)oa-sS%#B1*trqr*mts%jnK?jovH!wQp}|hH%zG? zc~NA~H3ubk^lfsh0p{;R^)Jv9h#q1F-WZ~C%1iSG4Z7M9<&ydO6AOgoHQ6nV3M)?5 z+ikR}jl1WRFXlzvqXOZvS6sh0#7l(Q*}4ZFr`Q@@qElN10JqtgZG+W9m-K==vwx#~ z;SiTzwQG3l1xys1A9_`j)H?l30!)OX9m)=cC!xJo(`8!5hR-xSMMTQ~h~9G2%zvI>mABWfaZw(Ws!= zO~QqUyu{?(BcYRxtnt!G69K=31x`aUZ+LEpm#@e)f7la|uiu1yx1D*r0Ytm@H)eTH zO@N1nytw)@Ec&NK?>l~{%0?mjnV}iPv%FJaz7}VNWFqP(x)p&87er7}Awr8E)YVI1 zhF!YA3Hq@DxF2JudfrOUA*J;?U4o05b8e=1IWLOezi9`nDQ`EfM9PicvxLnzzQl#= zLVAfO7u^d~mIqdHxph0*<9tti}tV1M^o{331 zRgVBxd{zM2D~I8>L>1|WR;?_Fh0oXv-pRM#Lu9(lG)x_cNR->3I%sSs4FU`RRTS(cLD>OT zvuK>hgB=v1hwpFl@fLOIU=F~=+B#+{J1}b1+j@P#G^|d?@IE{z=i=t5giNO5#_O&K zjXA6e{2LLriU9f3YFQoJ5Z^s|Jc(P`fo}B7F5GCZk@wE&c*r&Z!~~06&w}aYtMw9L z)h_LqrK|XN0(#V4R?@ukOUem|VQ3@8wIH@PG2biN1GzQn>p|97w$d-EVlMhU!*=M& zag5M2Fb1{`gPhhY~MnE^q`y55^7*aMz6_4yz$)UyM zmIG4csxKPKXH7#(+7IOC|5cxF?X!!U26Md@jmt7KJ7vJ6#PE62Dp4C$E??I4IIS9t z8XZUq1%D6T{+XrO(W#mmOh*ZES*tzeKmZOvU3UwFP#I1u!V?jB|` zX|+)wooiO%xS;iX>L?KZUcoX3?+~uIc^dYrsj4WhpA<{KhBuN~@>liVclfB&3L4;I zF>CadMxlR{V!bz5R(j~m7cit+y2*j4LjT-%`PC5jqWulY($?rc`1i_bv|K@+%t+Ue z_^k_n+vs`bh@WLu#a9|iplF=uOfuvrb_6GXHwG)!yYhr z&0P{@FqX{pQuN<=GcJf_XM4NMb|dlu?N5Di@O1T3{9{~=qN=E+Q1#L}Lg#-+_fwD2 zJ%eOU;%5RBl)r@cDD_WtZ)I=e?ebrQ_{c{g!GA)0S2KFbN9O-eh)+QEze0SBR6r}C zB7A&&PcT0xC)DxpW+^DR1p50&Oi*w=X94-(i1e^$t5f^@yI`dN`!1HeUEkvKr|Sp< zwN7}IMLXVskNECTG?4W-uWcczr~NTKzanPbo@xGMQ?U?|d;r2JscUZjfqeN%6+;1_ zZjR`xK=vmrpH|LU%l+i6-|cH2`tPm1J*+mMM85FHy!vSq{ia1&48agNl8F50#w}t7 z!N6PN=E}K1Q&$Tz9hH9L5Vg5?^JX>h}g!iZ%VZT*I(9C&vjwzaZeL#|0Od zSqJQb5huN*ln*Btps0Z>Bw?455OOFghBAw2jtHMrhKvl}bFq7pPg)-fOnI@w-J}L5 zjv-wDgT{qfEfh`nK(5~YwS~izccrohN(<|rEQB7v6(<6njy3UIe{b4ugKcOYh-^a5 zE|;CO3QD=2DU+@e7L4CCAXW_2^}T@ z6SZ!%ksTs^BdkZ^Vm0O32~JPjf@bIX|0sMpd8~_f>C&aSieprO68Bl95l(Vr?x|sK zTmA6lPUV~OEy=jcawk$?%OR;YF+R}+Ih=%^RNvc?65pYkRbT+-W5-=QkVtt)LE1C@ zj`aCEpxRV!m@EN-9Y;Sh*J;uyHZSoA!)5_yweon8WVX>=5RIIer{as=T0^imzOg95 z0x+MHZvd7Evi)kK;X$57YzOvT=32hw?g1p4Q$J|%mkzz6CtFyjnCT&mkUg$-NqAon zSt>wN{?2KVy$)zWsYR>)pjBjrbMMZNbnd5*8dzNj{HIEdmbo)uLgb~X^~uddF-zNf zlfdcMS_SZ4m2B2NQbHxJYB?ilElm&kCt5ZBkM>}%FF@}=BftZhU8Y6UsigEh^p~*^ z(g>ZDd0F$DU|?hH^vgq{O_!S#> z(#`1R>Hq8E(r%{|?`fA4=TmjtiHnr~$DeGNQ@XN;?bb_`gPr<-XUN--H?97$F zBUa1m9o$pP57sL`GC8`PBj-kKnIxOGowSSZPGFqMOhV06WO#3*0bsM=e7wTA+`TzN zoA&}x{+l=9Jk{q|rv>h2|Cw6m(OfA8JI|shS=G`A*a>) zq&CFdha)Z1O_(+HXC&6IR6a{-EpaAnY*xIXZM+9VhQSj1jefFdEOsfZ1p9zw-q%_T zSfqc<Pd5o4#3dg4HwkLF0N?v zRSyZ_5Ne&hTC+q&WxzDyV#-qh%diJnCa`~i;EZzj!DJIC2Mnmu!m60OSPw?=WK->waQ~-8rU0= z0KlnB8nZ+XC!#rW@;x+FNS9N|M~fFOcGMDx81w-X!ZF+4ez>%-NF_Y8m22kJa_42* z+8#wl0k`&iW}&%2XU0JV?hs753+Q5=XGm+4=Yp++3K{qQqa$Z~y(JlGtn9#f*AA4B zh|dMaiB%5zy>9t-EEk`C0lpi-1@tsP*D(J1_$0Dj@<+D{x(i6J7&S^ex7ws%Z4 z`@`Ga+)Dj(S@l$%9U6FU6HEj+t)=3Z&62{CKlH~E>1Gy@XGqiF>zbCj5&bcaU2tj! z%}%ikipHfXNFi_RX1Fwvz94Bz04|6}y>OJbJ4GAFR4{~6pd8l2rW>%J7V`EEak6HG z1j3Pnr#X0t`2y;Xx(ohZa)bkuiJQO|{Q?9J*V)}33LBCIg>oF9HtqT~Ob1$dL|M9w z&iib2`v;=N6w0!#IHJ3TE@JP@#z%t2flQl;ov-JOVgR1AF9o9A${Ue22U{QfSY66q zX(aW3C7-7M;$p2zV?)Iy9WF%8w7?{7S@&uyBr^8I_K5%W)&@&=L#%_Ep~Ix!ZAjc0 z>Z-bVi9{J0SlTpkhcyBpMxCO1bBf(&vFY2C>nmES|CD>ne*|HZC8@`d1GQb5u|3FQ zXCECLSlbSL(pTfX(Gsz*qAF@{k~4rLY^LU(h^w1XgycXr-_WFdGc|MdBBC!bBB@rL zYv1G7S(^#c6b3V$#Hw<|Z88aiy$|i87;h=xDE2CcbaQpvnHigQm9^x?+QbgL3>qBO0BrRdR5&$J(tPTatsuZcMLo?Vskmx{a;eTV<;C#ic_(->d@ zhM#}zW%5*v_4kUcQ=#RgL(=vSkq4F>>D*-MA}%{VcF}TD$n%y!wOaYrZ%pR_VIBPH z#i|tk4oHem%Uo@M0rN>T0z2O+~p}lD^uIWX=LCh6%2!C=xLdGV>ttb=)G9n^vecdX=8<2 zMAV-TUa9xAatad;u3Bv;E2wX&E0>?ICG|S6dDLzWXYh+6uff@R*n?tkPeV!;wqH&Q zH(^a?a$nU=s8;u%6zHTZK04+>Jsg)U$-G#pr^WNNl9h`v1&c2Mbj}rI>I^1c8TUe} z6+q_~g9_@?ZGz^{rJbsq8?bnOgc1A11F`9hLu7sQX_HGE6Eg`#YsVH~SS15<{Vfs5 zCdo!Qf$jmCFK~~y2T233^Y>u5ZQD?zQiXa#>R(%Nc`9JyeiyE3Si_2eQ!Fm;VXY6- zTE}bCqxV%|6EI0$si!HRR>x%>>epKzs7I0Mx(5XwNjVUhTf*>{lv4@0%_=5?uO0NC zew^c$n@(UK_YL=Bdh0)Wd{poeV)+ldV!~iF+{7f?b~5EzKhw$kE4jh%WNYEcieSg} zF-)uksx-R>J+hQ6hryQEn)x0+3D(GoA6!p#X*efF_?wK5l@^xg4FFw(0uzB2Hl4El zLx|ZzI#5xZk7deq^LrL`iY#Tk3%s@6Hi?$<&f*-ds<4{qw%NK z<}QR+JY$J+`yNtO_DK7F)4T(TApvkNH?W4CjFmu`3vM+7^Kvd={ucd8g3RvpGTT|0 zl{AEAI!$+Lr|b(KC}9`~4?+j%>Uf<>*JV%2>5pSKn18W-fs>}llCy4I_(1%&Bkfn; zh+p-Xg1wh(Z`%)8ZG|z9O7fASnMm}+NcZLyLHmOU%1;XyC(cPmM40kQcoRk#`}oN& zg#hcfToZsCL8>VfX!jj;gw?#Fe@lMBfBA9xY#|NTNq|SJ3xkP}zr-mWYCbFayo!6- z?7AlJ`j(MM_otNE6HQ@OQ7#vHWUPC2yN_t%pxxb9ACBB=sS{4v9|z%9Tc zZToNeX>NIIG8eXWK=1CkA4jYg?aq{PN>S`JIdDO*5)AnHOk0t zV~4wMGLZ3Ub}R}+j9^T$>?+Ru+P5~iU|@ppd?}|xw27?|G5OYR3*CLPCCzx;HpgX> zYp3WF7rV`8Amc%l%I2_6{|PW5w|?*7q;0)zlk175;&3&Zj&oK@PSSQQdL-}eaeQ+#*vL9n$21Q zof)rQ+KCD&6(MtpRb05jZ=pDEfT~Z(9nO;Jb-kOOSxkE$GMI)A_U^SPGlh;b6{{O* zNi}8@+x9Qy+G*X>L-3*n{Bcp!-+zc|-TFZ2WiLINq6|*g8o3Zhzla?($pO9%@lGi8 zICI<;5^^|-p`Wy!Q|eMbh?J5_Qk=jZA4?q(Y`jU2bK(=t^RLS5B>_KapC9V@rsq>V z?40CqnNIL9xb8R(`x?M>FS(l9;yn8E)VXuW?`1=55NPVe5UdBul3FW{bHy6ADXv5HTl) z4hw(EB`z}=VOhJnl6zq)5|$T*!?deak1ae%vzVBBP~)=r-oa}5wsNV&@1vn_G$A+R zRGaD7Se!TRKnsg>VK()PLh9$lnLh!26m92=xT|PiYT@+H6w>szPZ4cqpM=Dex?Er$ zG?8>qGM{Z?0j|V;`X&dKxKjkJ;6|fLlZU|6nCa-5n_$v|yo{H|BS1witNUmIUFWvL zkdzOp-iNwZ-{RA)I@iV=a;Eu|m_jC{YZO+p^%yVGSU>H4^?5=J=VC4ix44(xH{Z&B z43*8AdSSr{?vsv{KP1eX?Wy3DODQ@pfK;*X#$ zNE_a#(HLVfh1w6R*EPt8!)_VfaTFU^v{B*Ojm*yHs|Vih)#Bmz>&jM>w^m-FYY+SQ z!4D6&rxQ_=EFCM3*z zdA!52>q-X?ZI}xW^x?qghWNb(!Xf*Sl@BSy{4|7IWrWYL$rL?XR+&VMRpP#F`mgt} zZ($x2#=}T-nF*uPAczV4_Bic$p-F|BJ>D1_He86CSkA!i(Zj>X!Q0BmA>h9l zcvS62QL29iUi50^$s_aMfwJ%(+kw}II^!&`{}alB`Da_aY8}k7Y&Sk= zG;%d}Wr%+h8_UK()*`}m9zlxn%zAX(^T`vrc#5SzpUrbIp1f9w0tf~>rl-!obkZYX zj%89*AiSauKWv_Bo?Hw*&jEsa(c<<^{+H)%}6?OZG9~qpSRb9 z+0Le#B{U)UX?|P{GaTWj*+xc$MCtDg9@w5nB=Z*RqCA<;mT*&@S3;x73&;1ICN_`V7_rA zOoU-@s-GGooay{&4er8UOKOM$$u$}-`-gZOt~3zUx*;JQ66FMo>*$C7niI*XlA#&|9oWp`%D{dQADX=Tv7&lvqD_dSEw^qk!+WH z>-Z$H4?5%0!MKv|Q`8+_nR_epl-`7#Zu`PoHoycj;lohPdEA+n++_s`(|-#0YMtxE z^HCPMI(t^I8N+cLf3(EXetk+u^*mTD`C;t1)iTVgh0j&@VktvTCJ0n{y5Hy0_snT5 zzZ|aLk(@u3gNYVG-g-wuk~bt9TAj+8bjK=8^js`s#1A7YU||HZ8fosQ{U+ytx-OdY~vj%a=+>@mjd7@PJ6(b&YI?V8& zxvuvXa=}>}BjY*_i#NJwt@?Js%ZAN`&tqRPYQH@Xm3Qy^ey-?C%?h8OoLRU2@$TGW zrw%8O=h;L4(%josI`;}tpG5P795M!TH|xZ|r!?R>B>s#0X5p9mT~RsPQ@&>Q)%^#!t~@lm!`~Y7t{E+fg}(~R2lw?2JH%$Ye6{*Unjw>OGl_o7 zvBB;$*k{9n7Q?^3ZWLJEvsJmA6>_fJWY}h2utOYZ3s%0BdeLn2Msjdtv+3=Ec%a@; zehu$8?lB{pVZW~jtiL#XvW{;WCv%Tl$|SN*UYzn^Nu(`NY<3^r;9YE9vz>9Ku0~Zi z(n1Qw@QM%ubAGd+S&dZnrP?>y}5(-SXr~9eAS%RqezTg;tc1Iq4*gh5GHh zv!lAn22bm`(Qm)i3{B+Rnq1DU!o`FQzOuBBeWtR~&hW?3&-!@u8VXxH%nwK;|L#}E zk4v-s4V8(dlkWw(MQ7b+x|DDg1Jo@*LB5sg+wCWD2g2y5JzQCOhEW%vHKfjsa)N!V zpgdK+GN^fjL9!8rY9bxmERjNxFs{9Kw@a2R^cPaBDKf;dx{UBXXf$^VJSY8Ff{_w# z3#Yizvh1>0CNHGVb}inc_MI6%HSV6p9d&CN`jaka&Fk9U8g(wJ_h7{lUeBF_rMgwvE!lwJe&7>{Y2X1 zWZoj`=7rSZy+J7X-3Iag=y~>b*RwX!{j1*rU*6iPC0cH*@IGbHCK4bT1sM$|%Boz; zx4O|@U#1$pEE0SLdeen0PugJ`w^3~;-7L(JqBRro+BzEA?&i7@$P1!9Mj#a6*42NiXY(zgq_jSEix3x1;3fUw-7kl#mlId43yhzK#oXxT)22{)^Z8{Os+Fz9KECF7z%rJtrAtq{`Ox4dGTTE$*J+kN2z+Hp+)8EQ>9(QT_bDswngD=!e8GtpfTl1DqFGV=o?P7WYtFyXXn}h9M%gQs*?=JXbd%ap=eu8>(;ie4| znhqOOvG_%J&c6~5OEx2Kv3Zc!n>^&Y>e1azn1FVsD_(rKXZwycg|4WZdWK&mRh}#Q z-uEsikaK_@%VAduLG4J}9}P|_2x!A3EhUCm@#R=$@0r%E7*hk03(6D;rI%aOBalmr6G>6Y z@%?Dl-Y}{!9U9}&FJgXlE?37X6hc^Qr=KNwUd=_=G)fO>JdZjZ6@0uaJBNTH*Ehv~)3+ zvLh!27HGGu*_-!7GCs$&j=k6ARvP#%QxJaL<>eYY%*O42al)$_fvVzg@P+qw^B2xH zmyeg&351v;_M)5oCmq{pQ1WA#7Boe5l!Tzj!{Mm}p#W=Vp<>&n zy|rdopd$eKsto|2IugIw<>CYhuvifmtb0T8mvTJN0$)$B?6<%trzX!e0~oCQC6v21 z7|551_Z15+jfV9B2Y$nNe(mDlu3T?7%qQ=XQ%n>1zSKpekYf&xY_^Q{Rv(oZ~h4b!%)d@*W z?H7^TX`IqzNqTP;PGRr)!AU#-Dqj{j?qcTFM=odV5977nVl;mgsUQ;lLOgfa(u7uIW7N{KhT*k2DWI0eXeNA7+x zkD}Iq-zdwhtW=F%HvJ%RgE>|0`}E$uU@j<})*4$W2`8hYclgaY9X1lZk>X?Kt#%l* z!f#LigTG6X{-||B!ty$O&i95J`+<>iPB5Jnxb&Ia*2s!uBv>+J)xM+IyikQ_^#s4} z&YIzbgd(t;hFHgzl^w`o!waDOaBP?Gb*!|TBQ>SS4#OF}UnW#jQTow>E;DY#B9fU& zZN|rhEX5aJwgR;01}08pL(nWhsJ>?$3tDn}iM_7F(@G&JQz&U5>Gl`V$;Re`cWMZG zXvr;CnEzH_!Vo!|Hly}vW?Kb>a5ojeS@_e-(s0SXi^YWjUh(*q2)IZU_`3CX*RPoE zlwWjK8X>-=wuoFPqCzErrdiDYf+#xYuoe1G9C?eUe{ zup8L^Ph+T^JYiTmvc!L6ov|=SQoZcHD}E}}wNbU;r(KlYrihXZMYd$t*J}eOMr?!R zQJt>G4>MO-eqq&;&E= zSWk(hm5#JqHSDvQr3)UZO4A17%-rbMH@7B>iG!R4ful(q>`r`_A_<1o51~8qD6YLaTOwPn&(IKZlCOO7Y-uEpAQW@*xrkL zr7!(jd8Ma;i6nJGr2v7|{WP3)>#ch!M6|!=M{KN63P0^r7C22VciMPDiX|!C(uYHg z{UoRA52~frUte~6zg1c_%ScT(YG^L90@m5y%U{HesO9a_ z6pPL&OXhU`;Qk%{bn#}U^Y{LjWHq|XO>;b7Z(42V?|+`r-Vsvnxa|83HT?djVIHYp zEz`l!?6X`(F4Q8Pdj<^fas!Sg%v_d2eb3?-s?GP+Xup#w;YmU2RyBWUVg?s9Z12#nlJN7!0h|N3+0iT&jJcZTtvr-0z<5Nr%R zuAStrWL#Y8o7M+F-IFUA23^_!F78X~@%fSl2rV0%34%(O2v%sQS74kms*{?XV^o}# zWm;@q3@QRSx%SdnU>F$e>>wx*Yx%IWwBtUjLJ&26jDk{i`++S_>!5RR_^i}JI5hmC z`{u!~q2kE=`gXsC8xF#Z+br)!X5CLT>pV0*I75<=$uVH}Tbasgs8Hmc&Z$j_h3jY= zJzYpkPR~X_2tR9rOM3ihR3`^M{-pn~6FTKG**;4+GE!1LM{`5`ZA78FtTJCf+jVOt zSk37PijF$!6Ow-q|7iu;e^&c<$!Px}|5t70aq-#znVR;Wb^jgY z`!C&w#|r)h0RLybe}^6ZORt3K-y@0ts^Q<8!@p`E68^u8Lq{Fs@8UQVjK?3_BQ`A{ H@|XJ`t0xV` diff --git a/src/Services/Identity/Identity.API/Startup.cs b/src/Services/Identity/Identity.API/Startup.cs deleted file mode 100644 index 95af7e501..000000000 --- a/src/Services/Identity/Identity.API/Startup.cs +++ /dev/null @@ -1,167 +0,0 @@ -using Microsoft.AspNetCore.DataProtection; - -namespace Microsoft.eShopOnContainers.Services.Identity.API -{ - public class Startup - { - public Startup(IConfiguration configuration) - { - Configuration = configuration; - } - - public IConfiguration Configuration { get; } - - // This method gets called by the runtime. Use this method to add services to the container. - public IServiceProvider ConfigureServices(IServiceCollection services) - { - RegisterAppInsights(services); - - // Add framework services. - services.AddDbContext(options => - options.UseSqlServer(Configuration["ConnectionString"], - sqlServerOptionsAction: sqlOptions => - { - sqlOptions.MigrationsAssembly(typeof(Startup).GetTypeInfo().Assembly.GetName().Name); - //Configuring Connection Resiliency: https://docs.microsoft.com/en-us/ef/core/miscellaneous/connection-resiliency - sqlOptions.EnableRetryOnFailure(maxRetryCount: 15, maxRetryDelay: TimeSpan.FromSeconds(30), errorNumbersToAdd: null); - })); - - services.AddIdentity() - .AddEntityFrameworkStores() - .AddDefaultTokenProviders(); - - services.Configure(Configuration); - - if (Configuration.GetValue("IsClusterEnv") == bool.TrueString) - { - services.AddDataProtection(opts => - { - opts.ApplicationDiscriminator = "eshop.identity"; - }) - .PersistKeysToStackExchangeRedis(ConnectionMultiplexer.Connect(Configuration["DPConnectionString"]), "DataProtection-Keys"); - } - - services.AddHealthChecks() - .AddCheck("self", () => HealthCheckResult.Healthy()) - .AddSqlServer(Configuration["ConnectionString"], - name: "IdentityDB-check", - tags: new string[] { "IdentityDB" }); - - services.AddTransient, EFLoginService>(); - services.AddTransient(); - - var connectionString = Configuration["ConnectionString"]; - var migrationsAssembly = typeof(Startup).GetTypeInfo().Assembly.GetName().Name; - - // Adds IdentityServer - services.AddIdentityServer(x => - { - x.IssuerUri = "null"; - x.Authentication.CookieLifetime = TimeSpan.FromHours(2); - }) - .AddServerSideSessions() - .AddDevspacesIfNeeded(Configuration.GetValue("EnableDevspaces", false)) - .AddSigningCredential(Certificate.Get()) - .AddAspNetIdentity() - .AddConfigurationStore(options => - { - options.ConfigureDbContext = builder => builder.UseSqlServer(connectionString, - sqlServerOptionsAction: sqlOptions => - { - sqlOptions.MigrationsAssembly(migrationsAssembly); - //Configuring Connection Resiliency: https://docs.microsoft.com/en-us/ef/core/miscellaneous/connection-resiliency - sqlOptions.EnableRetryOnFailure(maxRetryCount: 15, maxRetryDelay: TimeSpan.FromSeconds(30), errorNumbersToAdd: null); - }); - }) - .AddOperationalStore(options => - { - options.ConfigureDbContext = builder => builder.UseSqlServer(connectionString, - sqlServerOptionsAction: sqlOptions => - { - sqlOptions.MigrationsAssembly(migrationsAssembly); - //Configuring Connection Resiliency: https://docs.microsoft.com/en-us/ef/core/miscellaneous/connection-resiliency - sqlOptions.EnableRetryOnFailure(maxRetryCount: 15, maxRetryDelay: TimeSpan.FromSeconds(30), errorNumbersToAdd: null); - }); - }) - .Services.AddTransient(); - - //services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_3_0); - services.AddControllers(); - services.AddControllersWithViews(); - services.AddRazorPages(); - - var container = new ContainerBuilder(); - container.Populate(services); - - return new AutofacServiceProvider(container.Build()); - } - - // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. - public void Configure(IApplicationBuilder app, IWebHostEnvironment env, ILoggerFactory loggerFactory) - { - //loggerFactory.AddConsole(Configuration.GetSection("Logging")); - //loggerFactory.AddDebug(); - //loggerFactory.AddAzureWebAppDiagnostics(); - //loggerFactory.AddApplicationInsights(app.ApplicationServices, LogLevel.Trace); - - if (env.IsDevelopment()) - { - app.UseDeveloperExceptionPage(); - } - else - { - app.UseExceptionHandler("/Home/Error"); - } - - var pathBase = Configuration["PATH_BASE"]; - if (!string.IsNullOrEmpty(pathBase)) - { - //loggerFactory.CreateLogger().LogDebug("Using PATH BASE '{pathBase}'", pathBase); - app.UsePathBase(pathBase); - } - - app.UseStaticFiles(); - - // Make work identity server redirections in Edge and lastest versions of browsers. WARN: Not valid in a production environment. - app.Use(async (context, next) => - { - context.Response.Headers.Add("Content-Security-Policy", "script-src 'unsafe-inline'"); - context.Response.Headers.Add("Access-Control-Allow-Origin", "*"); - context.Response.Headers.Add("Access-Control-Allow-Headers", "*"); - context.Response.Headers.Add("Access-Control-Allow-Methods", "GET, POST, PUT, OPTIONS"); - await next(); - }); - - app.UseForwardedHeaders(); - // Adds IdentityServer - app.UseIdentityServer(); - - // Fix a problem with chrome. Chrome enabled a new feature "Cookies without SameSite must be secure", - // the cookies should be expired from https, but in eShop, the internal communication in aks and docker compose is http. - // To avoid this problem, the policy of cookies should be in Lax mode. - app.UseCookiePolicy(new CookiePolicyOptions { MinimumSameSitePolicy = AspNetCore.Http.SameSiteMode.Lax }); - app.UseRouting(); - - app.UseEndpoints(endpoints => - { - endpoints.MapDefaultControllerRoute(); - endpoints.MapControllers(); - endpoints.MapHealthChecks("/hc", new HealthCheckOptions() - { - Predicate = _ => true, - ResponseWriter = UIResponseWriter.WriteHealthCheckUIResponse - }); - endpoints.MapHealthChecks("/liveness", new HealthCheckOptions - { - Predicate = r => r.Name.Contains("self") - }); - }); - } - - private void RegisterAppInsights(IServiceCollection services) - { - services.AddApplicationInsightsTelemetry(Configuration); - services.AddApplicationInsightsKubernetesEnricher(); - } - } -} diff --git a/src/Services/Identity/Identity.API/Views/Account/AccessDenied.cshtml b/src/Services/Identity/Identity.API/Views/Account/AccessDenied.cshtml new file mode 100644 index 000000000..32e6c531b --- /dev/null +++ b/src/Services/Identity/Identity.API/Views/Account/AccessDenied.cshtml @@ -0,0 +1,7 @@ + +
    +
    +

    Access Denied

    +

    You do not have access to that resource.

    +
    +
    \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Views/Account/LoggedOut.cshtml b/src/Services/Identity/Identity.API/Views/Account/LoggedOut.cshtml index f843973f8..3cc190b0b 100644 --- a/src/Services/Identity/Identity.API/Views/Account/LoggedOut.cshtml +++ b/src/Services/Identity/Identity.API/Views/Account/LoggedOut.cshtml @@ -1,6 +1,11 @@ -@model Microsoft.eShopOnContainers.Services.Identity.API.Models.AccountViewModels.LoggedOutViewModel +@model LoggedOutViewModel -
    +@{ + // set this so the layout rendering sees an anonymous user + ViewData["signed-out"] = true; +} + +

    Logout You are now logged out @@ -9,13 +14,21 @@ @if (Model.PostLogoutRedirectUri != null) {
    - Click here to return to the + Click here to return to the @Model.ClientName application.
    } @if (Model.SignOutIframeUrl != null) { - + }

    + +@section scripts +{ + @if (Model.AutomaticRedirectAfterSignOut) + { + + } +} diff --git a/src/Services/Identity/Identity.API/Views/Account/Login.cshtml b/src/Services/Identity/Identity.API/Views/Account/Login.cshtml index 049381b0d..9cb801cc9 100644 --- a/src/Services/Identity/Identity.API/Views/Account/Login.cshtml +++ b/src/Services/Identity/Identity.API/Views/Account/Login.cshtml @@ -1,28 +1,58 @@ -@model Microsoft.eShopOnContainers.Services.Identity.API.Models.AccountViewModels.LoginViewModel - -@{ - ViewData["Title"] = "Log in"; - - var requestQuery = ViewContext.HttpContext.Request.Query; - - requestQuery.TryGetValue("ReturnUrl", out var returnUrl); - - string partialView; - - if (returnUrl[0].Contains("client_id=js")) - { - Layout = "_Layout-SPA"; - partialView = "_LoginPartial-SPA.cshtml"; - } - else - { - partialView = "_LoginPartial-MVC.cshtml"; - } - -} - - - -@section Scripts { - @{ await Html.RenderPartialAsync("_ValidationScriptsPartial"); } -} +@model LoginViewModel + + \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Views/Account/Logout.cshtml b/src/Services/Identity/Identity.API/Views/Account/Logout.cshtml index f248fd6fe..e74bde6c0 100644 --- a/src/Services/Identity/Identity.API/Views/Account/Logout.cshtml +++ b/src/Services/Identity/Identity.API/Views/Account/Logout.cshtml @@ -1,21 +1,15 @@ -@model Microsoft.eShopOnContainers.Services.Identity.API.Models.AccountViewModels.LogoutViewModel +@model LogoutViewModel -
    -
    +
    +

    Logout

    +

    Would you like to logut of IdentityServer?

    -
    -
    -

    Would you like to logout of IdentityServer?

    -
    - -
    -
    - -
    -
    -
    +
    + +
    +
    -
    -
    \ No newline at end of file + +
    diff --git a/src/Services/Identity/Identity.API/Views/Account/Redirecting.cshtml b/src/Services/Identity/Identity.API/Views/Account/Redirecting.cshtml deleted file mode 100644 index 33275ce3c..000000000 --- a/src/Services/Identity/Identity.API/Views/Account/Redirecting.cshtml +++ /dev/null @@ -1,3 +0,0 @@ -
    -
    -

    Redirecting...

    diff --git a/src/Services/Identity/Identity.API/Views/Account/Register.cshtml b/src/Services/Identity/Identity.API/Views/Account/Register.cshtml deleted file mode 100644 index f9bffbca0..000000000 --- a/src/Services/Identity/Identity.API/Views/Account/Register.cshtml +++ /dev/null @@ -1,28 +0,0 @@ -@model Microsoft.eShopOnContainers.Services.Identity.API.Models.AccountViewModels.RegisterViewModel - -@{ - ViewData["Title"] = "Register"; - - var requestQuery = ViewContext.HttpContext.Request.Query; - - requestQuery.TryGetValue("ReturnUrl", out var returnUrl); - - string partialView; - - if (returnUrl[0].Contains("client_id=js")) - { - Layout = "_Layout-SPA"; - partialView = "_RegisterPartial-SPA.cshtml"; - } - else - { - partialView = "_RegisterPartial-MVC.cshtml"; - } - -} - - - -@section Scripts { - @{ await Html.RenderPartialAsync("_ValidationScriptsPartial"); } -} diff --git a/src/Services/Identity/Identity.API/Views/Account/_LoginPartial-MVC.cshtml b/src/Services/Identity/Identity.API/Views/Account/_LoginPartial-MVC.cshtml deleted file mode 100644 index 9094ba6f4..000000000 --- a/src/Services/Identity/Identity.API/Views/Account/_LoginPartial-MVC.cshtml +++ /dev/null @@ -1,54 +0,0 @@ -@model Microsoft.eShopOnContainers.Services.Identity.API.Models.AccountViewModels.LoginViewModel - -
    - -
    - diff --git a/src/Services/Identity/Identity.API/Views/Account/_LoginPartial-SPA.cshtml b/src/Services/Identity/Identity.API/Views/Account/_LoginPartial-SPA.cshtml deleted file mode 100644 index 0609a362d..000000000 --- a/src/Services/Identity/Identity.API/Views/Account/_LoginPartial-SPA.cshtml +++ /dev/null @@ -1,47 +0,0 @@ -@model Microsoft.eShopOnContainers.Services.Identity.API.Models.AccountViewModels.LoginViewModel - -
    -
    -
    -
    - - -
    -
    -
    -
    diff --git a/src/Services/Identity/Identity.API/Views/Account/_RegisterPartial-MVC.cshtml b/src/Services/Identity/Identity.API/Views/Account/_RegisterPartial-MVC.cshtml deleted file mode 100644 index 7fa6b0111..000000000 --- a/src/Services/Identity/Identity.API/Views/Account/_RegisterPartial-MVC.cshtml +++ /dev/null @@ -1,100 +0,0 @@ -@model Microsoft.eShopOnContainers.Services.Identity.API.Models.AccountViewModels.RegisterViewModel - -
    - -
    -
    -
    -

    CREATE NEW ACCOUNT

    -
    -
    -
    - - - -
    -
    - - - -
    -
    - - - -
    -
    - - - -
    -
    - - - -
    -
    - - - -
    -
    - - - -
    -
    - - - -
    -
    - - - -
    -
    - - - -
    -
    - - - -
    -
    - - - -
    -
    -

    -
    -
    - - - -
    -
    -
    - - - -
    -
    - - - -
    -
    -

    -
    - -
    -

    -
    -
    diff --git a/src/Services/Identity/Identity.API/Views/Account/_RegisterPartial-SPA.cshtml b/src/Services/Identity/Identity.API/Views/Account/_RegisterPartial-SPA.cshtml deleted file mode 100644 index 899499c10..000000000 --- a/src/Services/Identity/Identity.API/Views/Account/_RegisterPartial-SPA.cshtml +++ /dev/null @@ -1,100 +0,0 @@ -@model Microsoft.eShopOnContainers.Services.Identity.API.Models.AccountViewModels.RegisterViewModel - -
    -

    [ New Account ]

    -
    -

    Information

    -
    -
    -
    - - - -
    -
    - - - -
    -
    - - - -
    -
    - - - -
    -
    - - - -
    -
    - - - -
    -
    - - - -
    -
    - - - -
    -
    -
    -

    Credit Card

    -
    -
    -
    - - - -
    -
    - - - -
    -
    - - - -
    -
    - - - -
    -
    -

    -
    -
    - - - -
    -
    -
    - - - -
    -
    - - - -
    -
    -

    -
    - -
    -

    -
    -
    diff --git a/src/Services/Identity/Identity.API/Views/Consent/Index.cshtml b/src/Services/Identity/Identity.API/Views/Consent/Index.cshtml index 001cc1bd2..f8aa10d6c 100644 --- a/src/Services/Identity/Identity.API/Views/Consent/Index.cshtml +++ b/src/Services/Identity/Identity.API/Views/Consent/Index.cshtml @@ -1,4 +1,4 @@ -@model Microsoft.eShopOnContainers.Services.Identity.API.Models.ConsentViewModels.ConsentViewModel +@model ConsentViewModel
    @@ -101,4 +101,4 @@
    -
    \ No newline at end of file +
    diff --git a/src/Services/Identity/Identity.API/Views/Device/Success.cshtml b/src/Services/Identity/Identity.API/Views/Device/Success.cshtml new file mode 100644 index 000000000..050dd91c5 --- /dev/null +++ b/src/Services/Identity/Identity.API/Views/Device/Success.cshtml @@ -0,0 +1,7 @@ + +
    +
    +

    Success

    +

    You have successfully authorized the device

    +
    +
    diff --git a/src/Services/Identity/Identity.API/Views/Device/UserCodeCapture.cshtml b/src/Services/Identity/Identity.API/Views/Device/UserCodeCapture.cshtml new file mode 100644 index 000000000..6d412613d --- /dev/null +++ b/src/Services/Identity/Identity.API/Views/Device/UserCodeCapture.cshtml @@ -0,0 +1,23 @@ +@model string + +
    +
    +

    User Code

    +

    Please enter the code displayed on your device.

    +
    + + + +
    +
    +
    +
    + + +
    + + +
    +
    +
    +
    diff --git a/src/Services/Identity/Identity.API/Views/Device/UserCodeConfirmation.cshtml b/src/Services/Identity/Identity.API/Views/Device/UserCodeConfirmation.cshtml new file mode 100644 index 000000000..e1d3b1968 --- /dev/null +++ b/src/Services/Identity/Identity.API/Views/Device/UserCodeConfirmation.cshtml @@ -0,0 +1,108 @@ +@model DeviceAuthorizationViewModel + +
    +
    + @if (Model.ClientLogoUrl != null) + { + + } +

    + @Model.ClientName + is requesting your permission +

    + @if (Model.ConfirmUserCode) + { +

    Please confirm that the authorization request quotes the code: @Model.UserCode.

    + } +

    Uncheck the permissions you do not wish to grant.

    +
    + +
    +
    + +
    +
    + +
    + +
    +
    + @if (Model.IdentityScopes.Any()) + { +
    +
    +
    + + Personal Information +
    +
      + @foreach (var scope in Model.IdentityScopes) + { + + } +
    +
    +
    + } + + @if (Model.ApiScopes.Any()) + { +
    +
    +
    + + Application Access +
    +
      + @foreach (var scope in Model.ApiScopes) + { + + } +
    +
    +
    + } + +
    +
    +
    + + Description +
    +
    + +
    +
    +
    + + @if (Model.AllowRememberConsent) + { +
    +
    + + +
    +
    + } +
    +
    + +
    +
    + + +
    +
    + @if (Model.ClientUrl != null) + { + + + @Model.ClientName + + } +
    +
    +
    +
    diff --git a/src/Services/Identity/Identity.API/Views/Diagnostics/Index.cshtml b/src/Services/Identity/Identity.API/Views/Diagnostics/Index.cshtml new file mode 100644 index 000000000..e939c0d88 --- /dev/null +++ b/src/Services/Identity/Identity.API/Views/Diagnostics/Index.cshtml @@ -0,0 +1,64 @@ +@model DiagnosticsViewModel + +
    +
    +

    Authentication Cookie

    +
    + +
    +
    +
    +
    +

    Claims

    +
    +
    +
    + @foreach (var claim in Model.AuthenticateResult.Principal.Claims) + { +
    @claim.Type
    +
    @claim.Value
    + } +
    +
    +
    +
    + +
    +
    +
    +

    Properties

    +
    +
    +
    + @foreach (var prop in Model.AuthenticateResult.Properties.Items) + { +
    @prop.Key
    +
    @prop.Value
    + } + @if (Model.Clients.Any()) + { +
    Clients
    +
    + @{ + var clients = Model.Clients.ToArray(); + for(var i = 0; i < clients.Length; i++) + { + @clients[i] + if (i < clients.Length - 1) + { + , + } + } + } +
    + } +
    +
    +
    +
    +
    +
    + + + + diff --git a/src/Services/Identity/Identity.API/Views/Grants/Index.cshtml b/src/Services/Identity/Identity.API/Views/Grants/Index.cshtml new file mode 100644 index 000000000..0cfc7ecb8 --- /dev/null +++ b/src/Services/Identity/Identity.API/Views/Grants/Index.cshtml @@ -0,0 +1,87 @@ +@model GrantsViewModel + +
    +
    +

    Client Application Permissions

    +

    Below is the list of applications you have given permission to and the resources they have access to.

    +
    + + @if (Model.Grants.Any() == false) + { +
    +
    +
    + You have not given access to any applications +
    +
    +
    + } + else + { + foreach (var grant in Model.Grants) + { +
    +
    +
    +
    + @if (grant.ClientLogoUrl != null) + { + + } + @grant.ClientName +
    + +
    +
    + + +
    +
    +
    +
    + +
      + @if (grant.Description != null) + { +
    • + @grant.Description +
      • + } +
    • + @grant.Created.ToString("yyyy-MM-dd") +
      • + @if (grant.Expires.HasValue) + { +
    • + @grant.Expires.Value.ToString("yyyy-MM-dd") +
      • + } + @if (grant.IdentityGrantNames.Any()) + { +
    • + +
        + @foreach (var name in grant.IdentityGrantNames) + { +
      • @name
        • + } +
      +
      • + } + @if (grant.ApiGrantNames.Any()) + { +
    • + +
        + @foreach (var name in grant.ApiGrantNames) + { +
      • @name
        • + } +
      +
      • + } +
    +
    + } + } +
    \ No newline at end of file diff --git a/src/Services/Identity/Identity.API/Views/Home/Index.cshtml b/src/Services/Identity/Identity.API/Views/Home/Index.cshtml index 4e3a0712f..9d26e7380 100644 --- a/src/Services/Identity/Identity.API/Views/Home/Index.cshtml +++ b/src/Services/Identity/Identity.API/Views/Home/Index.cshtml @@ -1,30 +1,32 @@ -
    -
    -
    -

    - - Welcome to Duende.IdentityServer - @*(build {version})*@ -

    -
    -
    +@using System.Diagnostics -
    -
    -

    - IdentityServer publishes a - discovery document - where you can find metadata and links to all the endpoints, key material, etc. -

    -
    -
    -
    -
    -

    - Here are links to the - source code repository, - and ready to use samples. -

    -
    -
    +@{ + var version = FileVersionInfo.GetVersionInfo(typeof(Duende.IdentityServer.Hosting.IdentityServerMiddleware).Assembly.Location).ProductVersion.Split('+').First(); +} + +
    +

    + + Welcome to IdentityServer4 + (version @version) +

    + +
    diff --git a/src/Services/Identity/Identity.API/Views/Shared/Error.cshtml b/src/Services/Identity/Identity.API/Views/Shared/Error.cshtml index 0c94eee4d..4c746e771 100644 --- a/src/Services/Identity/Identity.API/Views/Shared/Error.cshtml +++ b/src/Services/Identity/Identity.API/Views/Shared/Error.cshtml @@ -1,12 +1,13 @@ -@model Microsoft.eShopOnContainers.Services.Identity.API.Models.ErrorViewModel +@model ErrorViewModel @{ var error = Model?.Error?.Error; + var errorDescription = Model?.Error?.ErrorDescription; var request_id = Model?.Error?.RequestId; }
    -
    +

    Error

    @@ -22,6 +23,11 @@ : @error + + if (errorDescription != null) + { +
    @errorDescription
    + } }
    diff --git a/src/Services/Identity/Identity.API/Views/Shared/Redirect.cshtml b/src/Services/Identity/Identity.API/Views/Shared/Redirect.cshtml new file mode 100644 index 000000000..ecc31c106 --- /dev/null +++ b/src/Services/Identity/Identity.API/Views/Shared/Redirect.cshtml @@ -0,0 +1,11 @@ +@model RedirectViewModel + +
    +
    +

    You are now being returned to the application

    +

    Once complete, you may close this tab.

    +
    +
    + + + diff --git a/src/Services/Identity/Identity.API/Views/Shared/_Layout-SPA.cshtml b/src/Services/Identity/Identity.API/Views/Shared/_Layout-SPA.cshtml deleted file mode 100644 index fab01ff51..000000000 --- a/src/Services/Identity/Identity.API/Views/Shared/_Layout-SPA.cshtml +++ /dev/null @@ -1,54 +0,0 @@ - - - - - - - eShopOnContainers - Identity - - - - - - - - - - - - -
    -
    - -
    -
    - -
    - @RenderBody() -
    - -
    -
    -
    -
    - -
    -
    © e-Shoponcontainers. All rights reserved
    -
    -
    -
    - - - - - @RenderSection("scripts", required: false) - - diff --git a/src/Services/Identity/Identity.API/Views/Shared/_Layout.cshtml b/src/Services/Identity/Identity.API/Views/Shared/_Layout.cshtml index 1d57c688e..e77e85a90 100644 --- a/src/Services/Identity/Identity.API/Views/Shared/_Layout.cshtml +++ b/src/Services/Identity/Identity.API/Views/Shared/_Layout.cshtml @@ -1,56 +1,48 @@  - + - - - eShopOnContainers Identity - - - - - - - - - - + + + + eShopOnContainers - Identity + + + + + + -
    + +
    -
    -
    - -
    -     -
    -
    +
    +
    + +
    +
    -
    +
    @RenderBody() -

    -
    -
    -
    -
    -
    -
    -
    - -
    -
    -
    -
    +
    +
    +
    +
    + +
    +
    © eShopOnContainers. All rights reserved
    +
    +
    +
    + + + - - @RenderSection("scripts", required: false) diff --git a/src/Services/Identity/Identity.API/Views/Shared/_LoginPartial.cshtml b/src/Services/Identity/Identity.API/Views/Shared/_LoginPartial.cshtml deleted file mode 100644 index e110e459c..000000000 --- a/src/Services/Identity/Identity.API/Views/Shared/_LoginPartial.cshtml +++ /dev/null @@ -1,27 +0,0 @@ -@using Microsoft.AspNetCore.Identity -@using Microsoft.eShopOnContainers.Services.Identity.API.Models - - -@inject SignInManager SignInManager -@inject UserManager UserManager - -@if (SignInManager.IsSignedIn(User)) -{ - -} -else -{ - -} diff --git a/src/Services/Identity/Identity.API/Views/Consent/_ScopeListItem.cshtml b/src/Services/Identity/Identity.API/Views/Shared/_ScopeListItem.cshtml similarity index 81% rename from src/Services/Identity/Identity.API/Views/Consent/_ScopeListItem.cshtml rename to src/Services/Identity/Identity.API/Views/Shared/_ScopeListItem.cshtml index 0dd53a368..162029ebe 100644 --- a/src/Services/Identity/Identity.API/Views/Consent/_ScopeListItem.cshtml +++ b/src/Services/Identity/Identity.API/Views/Shared/_ScopeListItem.cshtml @@ -1,4 +1,4 @@ -@model Microsoft.eShopOnContainers.Services.Identity.API.Models.ConsentViewModels.ScopeViewModel +@model ScopeViewModel