using System;
using System.Text;
using System.Threading.Tasks;
using BlueWest.Cryptography;
using BlueWest.WebApi.Context;
using BlueWest.WebApi.Context.Users;
using BlueWest.WebApi.EF;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Identity;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.DependencyInjection.Extensions;
using Microsoft.Extensions.Hosting;
using Microsoft.Extensions.Logging;
using Microsoft.IdentityModel.Tokens;
using Microsoft.OpenApi.Models;
namespace BlueWest.WebApi
{
///
/// Startup Extensions
///
public static class StartupExtensions
{
private static MySqlServerVersion GetMySqlServerVersion(int major, int minor, int build) => new (new Version(major, minor, build));
///
/// Get MYSQL Connection String
///
///
///
///
private static DbContextOptionsBuilder GetMySqlSettings(
this DbContextOptionsBuilder optionsBuilder,
IConfiguration configuration,
IWebHostEnvironment environment)
{
var sqlVersion = GetMySqlServerVersion(8, 0, 11);
optionsBuilder
.UseMySql(
configuration.GetConnectionString("DockerMySQL"),
sqlVersion)
.UseMySql(sqlVersion,
builder =>
{
builder.EnableRetryOnFailure(6, TimeSpan.FromSeconds(3), null);
});
// The following three options help with debugging, but should
// be changed or removed for production.
if (environment.IsDevelopment())
{
optionsBuilder
.LogTo(Console.WriteLine, LogLevel.Information)
.EnableSensitiveDataLogging()
.EnableDetailedErrors();
}
return optionsBuilder;
}
///
/// Setup database Contexts
///
///
///
///
///
public static IServiceCollection PrepareMySqlDatabasePool(this IServiceCollection serviceCollection,
IConfiguration configuration, IWebHostEnvironment environment)
{
return serviceCollection
.AddDbContextPool(options => options.GetMySqlSettings(configuration, environment))
.AddDbContextPool(options => options.GetMySqlSettings(configuration, environment))
.AddDbContextPool(options => options.GetMySqlSettings(configuration, environment))
.AddDbContextPool(options => options.GetMySqlSettings(configuration, environment))
.AddDbContextPool(options =>
options.GetMySqlSettings(configuration, environment))
.AddDbContextPool(options => options.UseInMemoryDatabase("_s"));
}
///
/// Setup database Contexts
///
///
///
///
///
public static IServiceCollection PrepareSqlLiteDatabasePool(this IServiceCollection serviceCollection,
IConfiguration configuration, IWebHostEnvironment environment)
{
var sqliteConString = "Data Source=BlueWest.Api.db";
return serviceCollection
.AddDbContextPool(options => options.UseSqlite(sqliteConString))
.AddDbContextPool(options => options.UseSqlite(sqliteConString))
.AddDbContextPool(options => options.UseSqlite(sqliteConString))
.AddDbContextPool(options => options.UseSqlite(sqliteConString))
.AddDbContextPool(options => options.UseSqlite(sqliteConString))
.AddDbContextPool(options => options.UseInMemoryDatabase("_s"));
}
internal static IServiceCollection AddAuthServerServices(this IServiceCollection services, IConfiguration configuration , IWebHostEnvironment environment)
{
services.AddScoped()
.AddScoped()
.AddSingleton()
.AddScoped()
.AddScoped()
.AddScoped()
.AddScoped()
.AddScoped();
// Database Context and Swagger
// Register the ConfigurationBuilder instance of AuthSettings
var authSettings = configuration.GetSection(nameof(AuthSettings));
services.Configure(authSettings);
var signingKey = new SymmetricSecurityKey
(Encoding.ASCII.GetBytes(authSettings[nameof(AuthSettings.SecretKey)]));
// jwt wire up
// Get options from app settings
var jwtAppSettingOptions = configuration
.GetSection(nameof(JwtIssuerOptions));
// Configure JwtIssuerOptions
services.Configure(options =>
{
options.Issuer = jwtAppSettingOptions[nameof(JwtIssuerOptions.Issuer)];
options.Audience = jwtAppSettingOptions[nameof(JwtIssuerOptions.Audience)];
options.SigningCredentials = new SigningCredentials
(signingKey, SecurityAlgorithms.HmacSha256);
});
var tokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidIssuer = jwtAppSettingOptions[nameof(JwtIssuerOptions.Issuer)],
ValidateAudience = true,
ValidAudience = jwtAppSettingOptions[nameof(JwtIssuerOptions.Audience)],
ValidateIssuerSigningKey = true,
IssuerSigningKey = signingKey,
RequireExpirationTime = false,
ValidateLifetime = true,
ClockSkew = TimeSpan.Zero
};
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddCookie(options =>
{
options.Cookie.SameSite = SameSiteMode.Lax;
options.Cookie.SecurePolicy = CookieSecurePolicy.SameAsRequest;
options.Cookie.MaxAge = TimeSpan.FromDays(1);
options.LoginPath = "/api/auth/logincookie";
options.LogoutPath = "/api/auth/logout";
})
.AddJwtBearer(configureOptions =>
{
configureOptions.ClaimsIssuer = jwtAppSettingOptions[nameof(JwtIssuerOptions.Issuer)];
configureOptions.TokenValidationParameters = tokenValidationParameters;
configureOptions.SaveToken = true;
configureOptions.Events = new JwtBearerEvents
{
OnAuthenticationFailed = context =>
{
if (context.Exception.GetType() == typeof(SecurityTokenExpiredException))
{
context.Response.Headers.Add("Token-Expired", "true");
}
return Task.CompletedTask;
}
};
});
// api user claim policy
services.AddAuthorization(options =>
{
options.AddPolicy("ApiUser",
policy => policy.RequireClaim(Context.Users.Constants.JwtClaimIdentifiers.Rol,
Context.Users.Constants.JwtClaims.ApiAccess));
});
// add identity
var identityBuilder = services.AddIdentityCore(o =>
{
o.User.RequireUniqueEmail = true;
// configure identity options
o.Password.RequireDigit = false;
o.Password.RequireLowercase = false;
o.Password.RequireUppercase = false;
o.Password.RequireNonAlphanumeric = false;
o.Password.RequiredLength = 6;
})
.AddUserManager()
.AddUserStore();
identityBuilder = new IdentityBuilder(identityBuilder.UserType, typeof(ApplicationRole), identityBuilder.Services);
identityBuilder
.AddEntityFrameworkStores()
.AddDefaultTokenProviders();
return services;
}
}
}