tk/Ocelot
1
0
Fork 0
mirror of https://github.com/nsnail/Ocelot.git synced 2025-04-22 06:42:50 +08:00
Code Issues Packages Projects Releases Wiki Activity

joy the admin area works with this commit

Browse Source
This commit is contained in:
Tom Gardham-Pallister 2017-10-25 08:06:41 +01:00
parent 4428982052
commit 09126911bd
4 changed files with 93 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

142
src/Ocelot/DependencyInjection/ServiceCollectionExtensions.cs
View File

@ -147,60 +147,41 @@ namespace Ocelot.DependencyInjection
if (identityServerConfiguration != null) if (identityServerConfiguration != null)
{ {
services.TryAddSingleton<IIdentityServerConfiguration>(identityServerConfiguration); services.AddIdentityServer(identityServerConfiguration);
services.TryAddSingleton<IHashMatcher, HashMatcher>(); }
var identityServerBuilder = services
.AddIdentityServer(options => {
options.IssuerUri = "Ocelot";
})
.AddInMemoryApiResources(new List<ApiResource>
{
new ApiResource
{
Name = identityServerConfiguration.ApiName,
Description = identityServerConfiguration.Description,
Enabled = identityServerConfiguration.Enabled,
DisplayName = identityServerConfiguration.ApiName,
Scopes = identityServerConfiguration.AllowedScopes.Select(x => new Scope(x)).ToList(),
ApiSecrets = new List<Secret>
{
new Secret
{
Value = identityServerConfiguration.ApiSecret.Sha256()
}
}
}
})
.AddInMemoryClients(new List<Client>
{
new Client
{
ClientId = identityServerConfiguration.ApiName,
AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
ClientSecrets = new List<Secret> {new Secret(identityServerConfiguration.ApiSecret.Sha256())},
AllowedScopes = identityServerConfiguration.AllowedScopes,
AccessTokenType = identityServerConfiguration.AccessTokenType,
Enabled = identityServerConfiguration.Enabled,
RequireClientSecret = identityServerConfiguration.RequireClientSecret
}
}).AddResourceOwnerValidator<OcelotResourceOwnerPasswordValidator>();
return services;
}
var whb = services.First(x => x.ServiceType == typeof(IWebHostBuilder)); private static void AddIdentityServer(this IServiceCollection services, IIdentityServerConfiguration identityServerConfiguration)
var urlFinder = new BaseUrlFinder((IWebHostBuilder)whb.ImplementationInstance); {
var baseSchemeUrlAndPort = urlFinder.Find(); services.TryAddSingleton<IIdentityServerConfiguration>(identityServerConfiguration);
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear(); services.TryAddSingleton<IHashMatcher, HashMatcher>();
var identityServerBuilder = services
.AddIdentityServer()
// .AddIdentityServer(options => {
// options.IssuerUri = "Ocelot";
// })
.AddInMemoryApiResources(Resources(identityServerConfiguration))
.AddInMemoryClients(Client(identityServerConfiguration))
.AddResourceOwnerValidator<OcelotResourceOwnerPasswordValidator>();
var whb = services.First(x => x.ServiceType == typeof(IWebHostBuilder));
var urlFinder = new BaseUrlFinder((IWebHostBuilder)whb.ImplementationInstance);
var baseSchemeUrlAndPort = urlFinder.Find();
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
.AddIdentityServerAuthentication(o =>
{
//todo - this needs to come from the config so have to get it in here...
o.Authority = baseSchemeUrlAndPort + "/administration";
o.ApiName = identityServerConfiguration.ApiName;
o.RequireHttpsMetadata = identityServerConfiguration.RequireHttps;
o.SupportedTokens = SupportedTokens.Both;
o.ApiSecret = identityServerConfiguration.ApiSecret;
});
services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
.AddIdentityServerAuthentication(o =>
{
o.Authority = baseSchemeUrlAndPort + "admin";
o.ApiName = identityServerConfiguration.ApiName;
o.RequireHttpsMetadata = identityServerConfiguration.RequireHttps;
//o.AllowedScopes = identityServerConfiguration.AllowedScopes;
o.SupportedTokens = SupportedTokens.Both;
o.ApiSecret = identityServerConfiguration.ApiSecret;
});
if (string.IsNullOrEmpty(identityServerConfiguration.CredentialsSigningCertificateLocation) || string.IsNullOrEmpty(identityServerConfiguration.CredentialsSigningCertificatePassword)) if (string.IsNullOrEmpty(identityServerConfiguration.CredentialsSigningCertificateLocation) || string.IsNullOrEmpty(identityServerConfiguration.CredentialsSigningCertificatePassword))
{ {
identityServerBuilder.AddDeveloperSigningCredential(); identityServerBuilder.AddDeveloperSigningCredential();
@ -210,9 +191,64 @@ namespace Ocelot.DependencyInjection
var cert = new X509Certificate2(identityServerConfiguration.CredentialsSigningCertificateLocation, identityServerConfiguration.CredentialsSigningCertificatePassword); var cert = new X509Certificate2(identityServerConfiguration.CredentialsSigningCertificateLocation, identityServerConfiguration.CredentialsSigningCertificatePassword);
identityServerBuilder.AddSigningCredential(cert); identityServerBuilder.AddSigningCredential(cert);
} }
} }
return services; private static List<ApiResource> Resources(IIdentityServerConfiguration identityServerConfiguration)
{
return new List<ApiResource>
{
new ApiResource("admin", "My API")
};
// return new List<ApiResource>
// {
// new ApiResource
// {
// Name = identityServerConfiguration.ApiName,
// Description = identityServerConfiguration.Description,
// Enabled = identityServerConfiguration.Enabled,
// DisplayName = identityServerConfiguration.ApiName,
// Scopes = identityServerConfiguration.AllowedScopes.Select(x => new Scope(x)).ToList(),
// ApiSecrets = new List<Secret>
// {
// new Secret
// {
// Value = identityServerConfiguration.ApiSecret.Sha256()
// }
// }
// }
// };
}
private static List<Client> Client(IIdentityServerConfiguration identityServerConfiguration)
{
return new List<Client>
{
// resource owner password grant client
new Client
{
ClientId = "admin",
AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
ClientSecrets =
{
new Secret("secret".Sha256())
},
AllowedScopes = { "admin" }
}
};
// return new List<Client>
// {
// new Client
// {
// ClientId = identityServerConfiguration.ApiName,
// AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
// ClientSecrets = new List<Secret> {new Secret(identityServerConfiguration.ApiSecret.Sha256())},
// AllowedScopes = identityServerConfiguration.AllowedScopes,
// AccessTokenType = identityServerConfiguration.AccessTokenType,
// Enabled = identityServerConfiguration.Enabled,
// RequireClientSecret = identityServerConfiguration.RequireClientSecret
// }
// };
} }
} }
} }

4
src/Ocelot/Middleware/OcelotMiddlewareExtensions.cs
View File

@ -181,12 +181,12 @@ namespace Ocelot.Middleware
if(!string.IsNullOrEmpty(configuration.AdministrationPath) && identityServerConfiguration != null) if(!string.IsNullOrEmpty(configuration.AdministrationPath) && identityServerConfiguration != null)
{ {
builder.Map(configuration.AdministrationPath, app => builder.Map(configuration.AdministrationPath, app =>
{ {
app.UseMvc(); Console.WriteLine("SETTING UP ADMIN AREA");
app.UseIdentityServer(); app.UseIdentityServer();
app.UseAuthentication(); app.UseAuthentication();
app.UseMvc();
}); });
} }
} }

2
test/Ocelot.ManualTest/Startup.cs
View File

@ -34,7 +34,7 @@ namespace Ocelot.ManualTest
{ {
x.WithMicrosoftLogging(log => x.WithMicrosoftLogging(log =>
{ {
log.AddConsole(LogLevel.Debug); //log.AddConsole(LogLevel.Debug);
}) })
.WithDictionaryHandle(); .WithDictionaryHandle();
}; };

2
test/Ocelot.ManualTest/configuration.json
View File

@ -312,6 +312,6 @@
"GlobalConfiguration": { "GlobalConfiguration": {
"RequestIdKey": "OcRequestId", "RequestIdKey": "OcRequestId",
"AdministrationPath": "/admin" "AdministrationPath": "/administration"
} }
} }