Upstream/bitwarden-server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-01-22 21:51:22 +01:00
Code Issues Projects Releases Wiki Activity

centralize AddIdentityAuthenticationServices

Browse Source
This commit is contained in:
Kyle Spearrin 2018-08-15 09:26:19 -04:00
parent 0f1efdd18b
commit 6b4605e228
8 changed files with 44 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/Api/Api.csproj
View File

@ -16,7 +16,6 @@
<PackageReference Include="jsreport.Binary" Version="1.10.0" />
<PackageReference Include="jsreport.Local" Version="1.1.2" />
<PackageReference Include="Microsoft.AspNetCore.App" Version="2.1.2" />
<PackageReference Include="IdentityServer4.AccessTokenValidation" Version="2.6.0" />
<PackageReference Include="Microsoft.AspNetCore.Server.Kestrel.Transport.Libuv" Version="2.1.2" />
</ItemGroup>

23
src/Api/Startup.cs
View File

@ -1,6 +1,4 @@
using System;
using System.Security.Claims;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
@ -15,9 +13,7 @@ using Serilog.Events;
using Stripe;
using Bit.Core.Utilities;
using IdentityModel;
using IdentityServer4.AccessTokenValidation;
using jsreport.AspNetCore;
using Bit.Core.IdentityServer;
using Microsoft.AspNetCore.HttpOverrides;
namespace Bit.Api
@ -73,20 +69,7 @@ namespace Bit.Api
// Identity
services.AddCustomIdentityServices(globalSettings);
services
.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
.AddIdentityServerAuthentication(options =>
{
options.Authority = globalSettings.BaseServiceUri.InternalIdentity;
options.RequireHttpsMetadata = !Environment.IsDevelopment() &&
globalSettings.BaseServiceUri.InternalIdentity.StartsWith("https");
options.TokenRetriever = TokenRetrieval.FromAuthorizationHeaderOrQueryString();
options.NameClaimType = ClaimTypes.Email;
options.SupportedTokens = SupportedTokens.Jwt;
});
services.AddAuthorization(config =>
services.AddIdentityAuthenticationServices(globalSettings, Environment, config =>
{
config.AddPolicy("Application", policy =>
{
@ -159,7 +142,7 @@ namespace Bit.Api
}
if(e.Level == LogEventLevel.Information &&
(context.Contains(typeof(IpRateLimitMiddleware).FullName) ||
(context.Contains(typeof(IpRateLimitMiddleware).FullName) ||
context.StartsWith("\"Bit.Api.Jobs") || context.StartsWith("\"Bit.Core.Jobs")))
{
return true;

1
src/Core/Core.csproj
View File

@ -13,6 +13,7 @@
<ItemGroup>
<PackageReference Include="Handlebars.Net" Version="1.9.5" />
<PackageReference Include="IdentityServer4.AccessTokenValidation" Version="2.6.0" />
<PackageReference Include="Microsoft.AspNetCore.DataProtection.AzureStorage" Version="2.1.1" />
<PackageReference Include="Microsoft.AspNetCore.HttpOverrides" Version="2.1.1" />
<PackageReference Include="Microsoft.AspNetCore.Identity" Version="2.1.2" />

36
src/Core/Utilities/ServiceCollectionExtensions.cs
View File

@ -22,6 +22,9 @@ using SqlServerRepos = Bit.Core.Repositories.SqlServer;
using System.Threading.Tasks;
using TableStorageRepos = Bit.Core.Repositories.TableStorage;
using Microsoft.Extensions.DependencyInjection.Extensions;
using IdentityServer4.AccessTokenValidation;
using System.Security.Claims;
using Microsoft.AspNetCore.Authorization;
namespace Bit.Core.Utilities
{
@ -229,6 +232,39 @@ namespace Bit.Core.Utilities
return identityBuilder;
}
public static void AddIdentityAuthenticationServices(
this IServiceCollection services, GlobalSettings globalSettings, IHostingEnvironment environment,
Action<AuthorizationOptions> addAuthorization = null)
{
services
.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
.AddIdentityServerAuthentication(options =>
{
options.Authority = globalSettings.BaseServiceUri.InternalIdentity;
options.RequireHttpsMetadata = !environment.IsDevelopment() &&
globalSettings.BaseServiceUri.InternalIdentity.StartsWith("https");
options.TokenRetriever = TokenRetrieval.FromAuthorizationHeaderOrQueryString();
options.NameClaimType = ClaimTypes.Email;
options.SupportedTokens = SupportedTokens.Jwt;
});
services.AddAuthorization(config =>
{
if(addAuthorization != null)
{
addAuthorization?.Invoke(config);
}
else
{
config.AddPolicy("Application", policy =>
{
policy.RequireAuthenticatedUser();
policy.RequireClaim(JwtClaimTypes.AuthenticationMethod, "Application");
});
}
});
}
public static IIdentityServerBuilder AddCustomIdentityServerServices(
this IServiceCollection services, IHostingEnvironment env, GlobalSettings globalSettings)
{

1
src/Events/Events.csproj
View File

@ -9,7 +9,6 @@
</PropertyGroup>
<ItemGroup>
<PackageReference Include="IdentityServer4.AccessTokenValidation" Version="2.6.0" />
<PackageReference Include="Microsoft.AspNetCore.App" Version="2.1.2" />
<PackageReference Include="Microsoft.AspNetCore.Server.Kestrel.Transport.Libuv" Version="2.1.2" />
</ItemGroup>

25
src/Events/Startup.cs
View File

@ -1,9 +1,6 @@
using System.Security.Claims;
using Bit.Core;
using Bit.Core;
using Bit.Core.Services;
using Bit.Core.Utilities;
using IdentityModel;
using IdentityServer4.AccessTokenValidation;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Configuration;
@ -39,25 +36,7 @@ namespace Bit.Events
services.AddScoped<CurrentContext>();
// Identity
services
.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
.AddIdentityServerAuthentication(options =>
{
options.Authority = globalSettings.BaseServiceUri.InternalIdentity;
options.RequireHttpsMetadata = !Environment.IsDevelopment() &&
globalSettings.BaseServiceUri.InternalIdentity.StartsWith("https");
options.NameClaimType = ClaimTypes.Email;
options.SupportedTokens = SupportedTokens.Jwt;
});
services.AddAuthorization(config =>
{
config.AddPolicy("Application", policy =>
{
policy.RequireAuthenticatedUser();
policy.RequireClaim(JwtClaimTypes.AuthenticationMethod, "Application");
});
});
services.AddIdentityAuthenticationServices(globalSettings, Environment);
// Services
services.AddScoped<IEventService, EventService>();

1
src/Hub/Hub.csproj
View File

@ -8,7 +8,6 @@
</PropertyGroup>
<ItemGroup>
<PackageReference Include="IdentityServer4.AccessTokenValidation" Version="2.6.0" />
<PackageReference Include="Microsoft.AspNetCore.App" Version="2.1.2" />
<PackageReference Include="Microsoft.AspNetCore.Server.Kestrel.Transport.Libuv" Version="2.1.2" />
</ItemGroup>

27
src/Hub/Startup.cs
View File

@ -1,9 +1,5 @@
using System.Security.Claims;
using Bit.Core;
using Bit.Core.IdentityServer;
using Bit.Core;
using Bit.Core.Utilities;
using IdentityModel;
using IdentityServer4.AccessTokenValidation;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.SignalR;
@ -41,26 +37,7 @@ namespace Bit.Hub
services.AddScoped<CurrentContext>();
// Identity
services
.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
.AddIdentityServerAuthentication(options =>
{
options.Authority = globalSettings.BaseServiceUri.InternalIdentity;
options.RequireHttpsMetadata = !Environment.IsDevelopment() &&
globalSettings.BaseServiceUri.InternalIdentity.StartsWith("https");
options.TokenRetriever = TokenRetrieval.FromAuthorizationHeaderOrQueryString();
options.NameClaimType = ClaimTypes.Email;
options.SupportedTokens = SupportedTokens.Jwt;
});
services.AddAuthorization(config =>
{
config.AddPolicy("Application", policy =>
{
policy.RequireAuthenticatedUser();
policy.RequireClaim(JwtClaimTypes.AuthenticationMethod, "Application");
});
});
services.AddIdentityAuthenticationServices(globalSettings, Environment);
// SignalR
services.AddSignalR();