paul/yavsc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactoring

Browse Source
This commit is contained in:
Paul Schneider
2016-05-20 12:56:42 +02:00
parent 075095bdbe
commit 69bec955bc
5 changed files with 52 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Yavsc/package.json
View File

@ -1,5 +1,5 @@
{
"name": "YavscWeb",
"name": "Yavsc",
"version": "0.0.0",
"devDependencies": {
"gulp": "^3.9.0",

4
Yavsc/project.json
View File

@ -42,7 +42,7 @@
},
"webroot": "wwwroot",
"tooling": {
"defaultNamespace": "YavscWeb"
"defaultNamespace": "Yavsc"
},
"dependencies": {
"EntityFramework.Core": "7.0.0-rc1-*",
@ -150,4 +150,4 @@
"prepublish": "gulp min",
"postpublish": "./postPublish.sh"
}
}
}

24
Yavsc/project.lock.json
View File

@ -260,12 +260,12 @@
"Zlib.Portable.Signed": "1.11.0"
},
"compile": {
"lib/net45/Google.Apis.dll": {},
"lib/net45/Google.Apis.PlatformServices.dll": {}
"lib/net45/Google.Apis.PlatformServices.dll": {},
"lib/net45/Google.Apis.dll": {}
},
"runtime": {
"lib/net45/Google.Apis.dll": {},
"lib/net45/Google.Apis.PlatformServices.dll": {}
"lib/net45/Google.Apis.PlatformServices.dll": {},
"lib/net45/Google.Apis.dll": {}
}
},
"Google.Apis.Core/1.11.1": {
@ -3235,12 +3235,12 @@
"Zlib.Portable.Signed": "1.11.0"
},
"compile": {
"lib/net45/Google.Apis.dll": {},
"lib/net45/Google.Apis.PlatformServices.dll": {}
"lib/net45/Google.Apis.PlatformServices.dll": {},
"lib/net45/Google.Apis.dll": {}
},
"runtime": {
"lib/net45/Google.Apis.dll": {},
"lib/net45/Google.Apis.PlatformServices.dll": {}
"lib/net45/Google.Apis.PlatformServices.dll": {},
"lib/net45/Google.Apis.dll": {}
}
},
"Google.Apis.Core/1.11.1": {
@ -6210,12 +6210,12 @@
"Zlib.Portable.Signed": "1.11.0"
},
"compile": {
"lib/net45/Google.Apis.dll": {},
"lib/net45/Google.Apis.PlatformServices.dll": {}
"lib/net45/Google.Apis.PlatformServices.dll": {},
"lib/net45/Google.Apis.dll": {}
},
"runtime": {
"lib/net45/Google.Apis.dll": {},
"lib/net45/Google.Apis.PlatformServices.dll": {}
"lib/net45/Google.Apis.PlatformServices.dll": {},
"lib/net45/Google.Apis.dll": {}
}
},
"Google.Apis.Core/1.11.1": {

4
Yavsc/src/Providers/OAuthProvider.cs
View File

@ -8,7 +8,7 @@ using Microsoft.Extensions.DependencyInjection;
using Yavsc.Models;
namespace Yavsc.Providers {
public sealed class AuthorizationProvider : OpenIdConnectServerProvider {
public sealed class OIAuthorizationProvider : OpenIdConnectServerProvider {
public override Task MatchEndpoint(MatchEndpointContext context) {
// Note: by default, OpenIdConnectServerHandler only handles authorization requests made to the authorization endpoint.
// This context handler uses a more relaxed policy that allows extracting authorization requests received at
@ -117,4 +117,4 @@ namespace Yavsc.Providers {
}
}
}

52
Yavsc/src/Startup.cs
View File

@ -5,6 +5,7 @@ using System.IdentityModel.Tokens;
using System.IO;
using System.Reflection;
using System.Security.Claims;
using System.Threading.Tasks;
using System.Web;
using System.Web.Optimization;
using AspNet.Security.OpenIdConnect.Extensions;
@ -20,6 +21,7 @@ using Microsoft.AspNet.Diagnostics;
using Microsoft.AspNet.FileProviders;
using Microsoft.AspNet.Hosting;
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Identity;
using Microsoft.AspNet.Identity.EntityFramework;
using Microsoft.AspNet.Localization;
@ -174,8 +176,6 @@ namespace Yavsc
services.Add(ServiceDescriptor.Singleton(typeof(IOptions<GoogleAuthSettings>), typeof(OptionsManager<GoogleAuthSettings>)));
services.Add(ServiceDescriptor.Singleton(typeof(IOptions<CompanyInfoSettings>), typeof(OptionsManager<CompanyInfoSettings>)));
services.AddTransient<Microsoft.Extensions.WebEncoders.UrlEncoder, UrlEncoder>();
services.AddDataProtection();
services.Add(ServiceDescriptor.Singleton(typeof(IApplicationDiscriminator),
@ -220,7 +220,15 @@ namespace Yavsc
}
*/
);
// Add memory cache services
services.AddCaching();
// Add session related services.
services.AddSession();
// Add the system clock service
services.AddSingleton<ISystemClock, SystemClock>();
services.AddAuthorization(options =>
{
options.AddPolicy("AdministratorOnly", policy => policy.RequireRole(Constants.AdminGroupName));
@ -278,14 +286,7 @@ namespace Yavsc
options.ResourcesPath = "Resources";
});
// Add memory cache services
services.AddCaching();
// Add session related services.
services.AddSession();
// Add the system clock service
services.AddSingleton<ISystemClock, SystemClock>();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
@ -488,8 +489,24 @@ namespace Yavsc
app.UseStaticFiles().UseWebSockets();
app.UseOpenIdConnectServer(options => {
options.Provider = new AuthorizationProvider();
options.Provider = new OIAuthorizationProvider()
/* {
OnValidateAuthorizationRequest = context => {
// Note: you MUST NOT validate the request if client_id is invalid or if redirect_uri
// doesn't correspond to a trusted URL associated with the client application.
// You SHOULD also strongly consider validating the type of the client application
// (public or confidential) to prevent code flow -> implicit flow downgrade attacks.
if (string.Equals(context.ClientId, "client_id", StringComparison.Ordinal)) {
context.Validated();
}
// Note: if Validate() is not explicitly called,
// the request is automatically rejected.
return Task.FromResult(0);
} */;
// Register the certificate used to sign the JWT tokens.
/* options.SigningCredentials.AddCertificate(
assembly: typeof(Startup).GetTypeInfo().Assembly,
@ -501,25 +518,26 @@ namespace Yavsc
// information concerning ApplicationCanDisplayErrors.
options.ApplicationCanDisplayErrors = true;
options.AllowInsecureHttp = true;
/* options.AutomaticChallenge = true;
options.ClaimsIssuer = "http://dev.pschneider.fr";
options.Description.DisplayName = "DEV OIDC server";
options.AuthorizationEndpointPath = new PathString("/connect/authorize");
options.TokenEndpointPath = new PathString("/connect/token");
options.UseSlidingExpiration = true;
options.AuthenticationScheme = "oidc";
options.LogoutEndpointPath = new PathString("/connect/logout");*/
options.LogoutEndpointPath = new PathString("/connect/logout");
/* options.ValidationEndpointPath = new PathString("/connect/introspect"); */
});
app.UseOpenIdConnectAuthentication(options => {
/* app.UseOpenIdConnectAuthentication(options => {
options.AuthenticationScheme = OpenIdConnectDefaults.AuthenticationScheme;
options.RequireHttpsMetadata = false;
// Note: these settings must match the application details
// inserted in the database at the server level.
options.ClientId = "WebApiClient";
options.ClientSecret = "secWebApiClientret_secret";
options.PostLogoutRedirectUri = "http://dev.pschneider.fr/Manage";
options.ClientId = "016c5ae4-f4cd-40e3-b250-13701c871ecd";
options.ClientSecret = "blahblah";
options.PostLogoutRedirectUri = "/MobileLogout";
// Use the authorization code flow.
options.ResponseType = OpenIdConnectResponseTypes.Code;
@ -533,7 +551,7 @@ namespace Yavsc
// access token should be issued for (values must be space-delimited).
options.Resource = "http://dev.pschneider.fr/";
options.Scope.Add("api-resource-controller");
});
});*/
app.UseRequestLocalization(localizationOptions.Value, (RequestCulture)new RequestCulture((string)"fr"));