From 24c018721f3911bef4698e3a90d6b4dbaf941fd3 Mon Sep 17 00:00:00 2001 From: Tom Gardham-Pallister Date: Wed, 25 Oct 2017 08:16:21 +0100 Subject: [PATCH] more changes to get admin area working...few todos left in and some properties that we are no longer setting on scopes and resources does this matter? --- .../ServiceCollectionExtensions.cs | 59 +++++-------------- 1 file changed, 16 insertions(+), 43 deletions(-) diff --git a/src/Ocelot/DependencyInjection/ServiceCollectionExtensions.cs b/src/Ocelot/DependencyInjection/ServiceCollectionExtensions.cs index 9cccb83d..13452678 100644 --- a/src/Ocelot/DependencyInjection/ServiceCollectionExtensions.cs +++ b/src/Ocelot/DependencyInjection/ServiceCollectionExtensions.cs @@ -159,13 +159,11 @@ namespace Ocelot.DependencyInjection services.TryAddSingleton(); var identityServerBuilder = services .AddIdentityServer() - // .AddIdentityServer(options => { - // options.IssuerUri = "Ocelot"; - // }) .AddInMemoryApiResources(Resources(identityServerConfiguration)) .AddInMemoryClients(Client(identityServerConfiguration)) .AddResourceOwnerValidator(); + //todo - refactor a method so we know why this is happening var whb = services.First(x => x.ServiceType == typeof(IWebHostBuilder)); var urlFinder = new BaseUrlFinder((IWebHostBuilder)whb.ImplementationInstance); var baseSchemeUrlAndPort = urlFinder.Find(); @@ -182,12 +180,14 @@ namespace Ocelot.DependencyInjection o.ApiSecret = identityServerConfiguration.ApiSecret; }); + //todo - refactor naming.. if (string.IsNullOrEmpty(identityServerConfiguration.CredentialsSigningCertificateLocation) || string.IsNullOrEmpty(identityServerConfiguration.CredentialsSigningCertificatePassword)) { identityServerBuilder.AddDeveloperSigningCredential(); } else { + //todo - refactor so calls method? var cert = new X509Certificate2(identityServerConfiguration.CredentialsSigningCertificateLocation, identityServerConfiguration.CredentialsSigningCertificatePassword); identityServerBuilder.AddSigningCredential(cert); } @@ -197,58 +197,31 @@ namespace Ocelot.DependencyInjection { return new List { - new ApiResource("admin", "My API") + new ApiResource(identityServerConfiguration.ApiName, identityServerConfiguration.ApiName) + { + ApiSecrets = new List + { + new Secret + { + Value = identityServerConfiguration.ApiSecret.Sha256() + } + } + } }; - // return new List - // { - // new ApiResource - // { - // Name = identityServerConfiguration.ApiName, - // Description = identityServerConfiguration.Description, - // Enabled = identityServerConfiguration.Enabled, - // DisplayName = identityServerConfiguration.ApiName, - // Scopes = identityServerConfiguration.AllowedScopes.Select(x => new Scope(x)).ToList(), - // ApiSecrets = new List - // { - // new Secret - // { - // Value = identityServerConfiguration.ApiSecret.Sha256() - // } - // } - // } - // }; } private static List Client(IIdentityServerConfiguration identityServerConfiguration) { return new List { - // resource owner password grant client new Client { - ClientId = "admin", + ClientId = identityServerConfiguration.ApiName, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, - - ClientSecrets = - { - new Secret("secret".Sha256()) - }, - AllowedScopes = { "admin" } + ClientSecrets = new List {new Secret(identityServerConfiguration.ApiSecret.Sha256())}, + AllowedScopes = { identityServerConfiguration.ApiName } } }; - // return new List - // { - // new Client - // { - // ClientId = identityServerConfiguration.ApiName, - // AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, - // ClientSecrets = new List {new Secret(identityServerConfiguration.ApiSecret.Sha256())}, - // AllowedScopes = identityServerConfiguration.AllowedScopes, - // AccessTokenType = identityServerConfiguration.AccessTokenType, - // Enabled = identityServerConfiguration.Enabled, - // RequireClientSecret = identityServerConfiguration.RequireClientSecret - // } - // }; } } }