188 lines
8.4 KiB
C#
188 lines
8.4 KiB
C#
using Microsoft.AspNetCore.DataProtection;
|
|
|
|
namespace Microsoft.eShopOnContainers.Services.Identity.API
|
|
{
|
|
public class Startup
|
|
{
|
|
public Startup(IConfiguration configuration)
|
|
{
|
|
Configuration = configuration;
|
|
}
|
|
|
|
public IConfiguration Configuration { get; }
|
|
|
|
// This method gets called by the runtime. Use this method to add services to the container.
|
|
public IServiceProvider ConfigureServices(IServiceCollection services)
|
|
{
|
|
RegisterAppInsights(services);
|
|
|
|
// Add framework services.
|
|
services.AddDbContext<ApplicationDbContext>(options =>
|
|
options.UseSqlServer(Configuration["ConnectionString"],
|
|
sqlServerOptionsAction: sqlOptions =>
|
|
{
|
|
sqlOptions.MigrationsAssembly(typeof(Startup).GetTypeInfo().Assembly.GetName().Name);
|
|
//Configuring Connection Resiliency: https://docs.microsoft.com/en-us/ef/core/miscellaneous/connection-resiliency
|
|
sqlOptions.EnableRetryOnFailure(maxRetryCount: 15, maxRetryDelay: TimeSpan.FromSeconds(30), errorNumbersToAdd: null);
|
|
}));
|
|
|
|
services.AddIdentity<ApplicationUser, IdentityRole>()
|
|
.AddEntityFrameworkStores<ApplicationDbContext>()
|
|
.AddDefaultTokenProviders();
|
|
|
|
services.Configure<AppSettings>(Configuration);
|
|
|
|
if (Configuration.GetValue<string>("IsClusterEnv") == bool.TrueString)
|
|
{
|
|
services.AddDataProtection(opts =>
|
|
{
|
|
opts.ApplicationDiscriminator = "eshop.identity";
|
|
})
|
|
.PersistKeysToStackExchangeRedis(ConnectionMultiplexer.Connect(Configuration["DPConnectionString"]), "DataProtection-Keys");
|
|
}
|
|
|
|
services.AddHealthChecks()
|
|
.AddCheck("self", () => HealthCheckResult.Healthy())
|
|
.AddSqlServer(Configuration["ConnectionString"],
|
|
name: "IdentityDB-check",
|
|
tags: new string[] { "IdentityDB" });
|
|
|
|
services.AddTransient<ILoginService<ApplicationUser>, EFLoginService>();
|
|
services.AddTransient<IRedirectService, RedirectService>();
|
|
|
|
var connectionString = Configuration["ConnectionString"];
|
|
var migrationsAssembly = typeof(Startup).GetTypeInfo().Assembly.GetName().Name;
|
|
|
|
// Adds IdentityServer
|
|
services.AddIdentityServer(x =>
|
|
{
|
|
x.IssuerUri = "null";
|
|
x.Authentication.CookieLifetime = TimeSpan.FromHours(2);
|
|
})
|
|
.AddDevspacesIfNeeded(Configuration.GetValue("EnableDevspaces", false))
|
|
.AddSigningCredential(Certificate.Get())
|
|
.AddAspNetIdentity<ApplicationUser>()
|
|
.AddConfigurationStore(options =>
|
|
{
|
|
options.ConfigureDbContext = builder => builder.UseSqlServer(connectionString,
|
|
sqlServerOptionsAction: sqlOptions =>
|
|
{
|
|
sqlOptions.MigrationsAssembly(migrationsAssembly);
|
|
//Configuring Connection Resiliency: https://docs.microsoft.com/en-us/ef/core/miscellaneous/connection-resiliency
|
|
sqlOptions.EnableRetryOnFailure(maxRetryCount: 15, maxRetryDelay: TimeSpan.FromSeconds(30), errorNumbersToAdd: null);
|
|
});
|
|
})
|
|
.AddOperationalStore(options =>
|
|
{
|
|
options.ConfigureDbContext = builder => builder.UseSqlServer(connectionString,
|
|
sqlServerOptionsAction: sqlOptions =>
|
|
{
|
|
sqlOptions.MigrationsAssembly(migrationsAssembly);
|
|
//Configuring Connection Resiliency: https://docs.microsoft.com/en-us/ef/core/miscellaneous/connection-resiliency
|
|
sqlOptions.EnableRetryOnFailure(maxRetryCount: 15, maxRetryDelay: TimeSpan.FromSeconds(30), errorNumbersToAdd: null);
|
|
});
|
|
})
|
|
.Services.AddTransient<IProfileService, ProfileService>();
|
|
|
|
//services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_3_0);
|
|
services.AddControllers();
|
|
services.AddControllersWithViews();
|
|
services.AddRazorPages();
|
|
|
|
services.AddSwaggerGen(options =>
|
|
{
|
|
var basePath = AppDomain.CurrentDomain.BaseDirectory;
|
|
var fileName = typeof(Startup).GetTypeInfo().Assembly.GetName().Name + ".xml";
|
|
var xmlComments = Path.Combine(basePath, fileName);
|
|
options.IncludeXmlComments(xmlComments);
|
|
options.SwaggerDoc("v1", new OpenApiInfo
|
|
{
|
|
Title = "Microsoft - Identity HTTP API",
|
|
Version = "v1",
|
|
Description = "The Identity Service HTTP API",
|
|
TermsOfService = new Uri("https://microsoft.com/"),
|
|
Contact = new OpenApiContact
|
|
{
|
|
Name = "Microsoft Contact",
|
|
Url = new Uri("https://microsoft.com/")
|
|
},
|
|
License = new OpenApiLicense
|
|
{
|
|
Name = "Microsoft License",
|
|
Url = new Uri("https://microsoft.com/")
|
|
}
|
|
});
|
|
}
|
|
var container = new ContainerBuilder();
|
|
container.Populate(services);
|
|
|
|
return new AutofacServiceProvider(container.Build());
|
|
}
|
|
|
|
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
|
|
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, ILoggerFactory loggerFactory)
|
|
{
|
|
//loggerFactory.AddConsole(Configuration.GetSection("Logging"));
|
|
//loggerFactory.AddDebug();
|
|
//loggerFactory.AddAzureWebAppDiagnostics();
|
|
//loggerFactory.AddApplicationInsights(app.ApplicationServices, LogLevel.Trace);
|
|
|
|
if (env.IsDevelopment())
|
|
{
|
|
app.UseDeveloperExceptionPage();
|
|
}
|
|
else
|
|
{
|
|
app.UseExceptionHandler("/Home/Error");
|
|
}
|
|
|
|
var pathBase = Configuration["PATH_BASE"];
|
|
if (!string.IsNullOrEmpty(pathBase))
|
|
{
|
|
//loggerFactory.CreateLogger<Startup>().LogDebug("Using PATH BASE '{pathBase}'", pathBase);
|
|
app.UsePathBase(pathBase);
|
|
}
|
|
|
|
app.UseStaticFiles();
|
|
|
|
// Make work identity server redirections in Edge and lastest versions of browsers. WARN: Not valid in a production environment.
|
|
app.Use(async (context, next) =>
|
|
{
|
|
context.Response.Headers.Add("Content-Security-Policy", "script-src 'unsafe-inline'");
|
|
await next();
|
|
});
|
|
|
|
app.UseForwardedHeaders();
|
|
// Adds IdentityServer
|
|
app.UseIdentityServer();
|
|
|
|
// Fix a problem with chrome. Chrome enabled a new feature "Cookies without SameSite must be secure",
|
|
// the cookies should be expired from https, but in eShop, the internal communication in aks and docker compose is http.
|
|
// To avoid this problem, the policy of cookies should be in Lax mode.
|
|
app.UseCookiePolicy(new CookiePolicyOptions { MinimumSameSitePolicy = AspNetCore.Http.SameSiteMode.Lax });
|
|
app.UseRouting();
|
|
|
|
app.UseEndpoints(endpoints =>
|
|
{
|
|
endpoints.MapDefaultControllerRoute();
|
|
endpoints.MapControllers();
|
|
endpoints.MapHealthChecks("/hc", new HealthCheckOptions()
|
|
{
|
|
Predicate = _ => true,
|
|
ResponseWriter = UIResponseWriter.WriteHealthCheckUIResponse
|
|
});
|
|
endpoints.MapHealthChecks("/liveness", new HealthCheckOptions
|
|
{
|
|
Predicate = r => r.Name.Contains("self")
|
|
});
|
|
});
|
|
}
|
|
|
|
private void RegisterAppInsights(IServiceCollection services)
|
|
{
|
|
services.AddApplicationInsightsTelemetry(Configuration);
|
|
services.AddApplicationInsightsKubernetesEnricher();
|
|
}
|
|
}
|
|
}
|