more work towards getting identity server and admin area set up

2025-11-04 23:50:49 +08:00 · 2017-02-22 22:13:35 +00:00
parent f8804f5d9d
commit bd07af6926
8 changed files with 132 additions and 58 deletions
--- a/src/Ocelot/DependencyInjection/ServiceCollectionExtensions.cs
+++ b/src/Ocelot/DependencyInjection/ServiceCollectionExtensions.cs
@@ -5,6 +5,7 @@ using System.Net.Http;
 using CacheManager.Core;
 using IdentityServer4.Models;
 using IdentityServer4.Test;
+using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
@@ -61,44 +62,49 @@ namespace Ocelot.DependencyInjection

        public static IServiceCollection AddOcelot(this IServiceCollection services)
        {
-            var authProvider = new HardCodedIdentityServerConfigurationProvider();
-            var identityServerConfig = authProvider.Get();
+            return AddOcelot(services, null);
+        }

-            services.AddIdentityServer()
-                .AddTemporarySigningCredential()
-                .AddInMemoryApiResources(new List<ApiResource>
-                {
-                    new ApiResource
+        public static IServiceCollection AddOcelot(this IServiceCollection services, IdentityServerConfiguration identityServerConfiguration)
+        {
+            if(identityServerConfiguration != null)
+            {
+                services.AddIdentityServer()
+                    .AddTemporarySigningCredential()
+                    .AddInMemoryApiResources(new List<ApiResource>
                    {
-                        Name = identityServerConfig.ApiName,
-                        Description = identityServerConfig.Description,
-                        Enabled = identityServerConfig.Enabled,
-                        DisplayName = identityServerConfig.ApiName,
-                        Scopes = identityServerConfig.AllowedScopes.Select(x => new Scope(x)).ToList(),
-                        ApiSecrets = new List<Secret>
+                        new ApiResource
                        {
-                            new Secret
+                            Name = identityServerConfiguration.ApiName,
+                            Description = identityServerConfiguration.Description,
+                            Enabled = identityServerConfiguration.Enabled,
+                            DisplayName = identityServerConfiguration.ApiName,
+                            Scopes = identityServerConfiguration.AllowedScopes.Select(x => new Scope(x)).ToList(),
+                            ApiSecrets = new List<Secret>
                            {
-                                Value = identityServerConfig.ApiSecret.Sha256()
+                                new Secret
+                                {
+                                    Value = identityServerConfiguration.ApiSecret.Sha256()
+                                }
                            }
                        }
-                    }
-                })
-                .AddInMemoryClients(new List<Client>
-                {
-                    new Client
+                    })
+                    .AddInMemoryClients(new List<Client>
                    {
-                        ClientId = identityServerConfig.ApiName,
-                        AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
-                        ClientSecrets = new List<Secret> {new Secret(identityServerConfig.ApiSecret.Sha256())},
-                        AllowedScopes = identityServerConfig.AllowedScopes,
-                        AccessTokenType = identityServerConfig.AccessTokenType,
-                        Enabled = identityServerConfig.Enabled,
-                        RequireClientSecret = identityServerConfig.RequireClientSecret
-                    }
-                })
-                .AddTestUsers(identityServerConfig.Users);
-                
+                        new Client
+                        {
+                            ClientId = identityServerConfiguration.ApiName,
+                            AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
+                            ClientSecrets = new List<Secret> {new Secret(identityServerConfiguration.ApiSecret.Sha256())},
+                            AllowedScopes = identityServerConfiguration.AllowedScopes,
+                            AccessTokenType = identityServerConfiguration.AccessTokenType,
+                            Enabled = identityServerConfiguration.Enabled,
+                            RequireClientSecret = identityServerConfiguration.RequireClientSecret
+                        }
+                    })
+                    .AddTestUsers(identityServerConfiguration.Users);
+            }
+        
            services.AddMvcCore()
                .AddAuthorization()
                .AddJsonFormatters();
--- a/src/Ocelot/Middleware/OcelotMiddlewareExtensions.cs
+++ b/src/Ocelot/Middleware/OcelotMiddlewareExtensions.cs
@@ -19,6 +19,7 @@ namespace Ocelot.Middleware
    using System;
    using System.Threading.Tasks;
    using Authorisation.Middleware;
+    using Microsoft.AspNetCore.Hosting;
    using Microsoft.AspNetCore.Http;
    using Microsoft.Extensions.Options;
    using Ocelot.Configuration;
@@ -36,7 +37,21 @@ namespace Ocelot.Middleware
        /// <returns></returns>
        public static async Task<IApplicationBuilder> UseOcelot(this IApplicationBuilder builder)
        {
-            await builder.UseOcelot(new OcelotMiddlewareConfiguration());
+            await builder.UseOcelot(new OcelotMiddlewareConfiguration(), null);
+
+            return builder;
+        }
+
+        public static async Task<IApplicationBuilder> UseOcelot(this IApplicationBuilder builder,IdentityServerConfiguration identityServerConfiguration)
+        {
+            await builder.UseOcelot(new OcelotMiddlewareConfiguration(), identityServerConfiguration);
+
+            return builder;
+        }
+
+        public static async Task<IApplicationBuilder> UseOcelot(this IApplicationBuilder builder,OcelotMiddlewareConfiguration middlewareConfiguration)
+        {
+            await builder.UseOcelot(middlewareConfiguration, null);

            return builder;
        }
@@ -47,9 +62,9 @@ namespace Ocelot.Middleware
        /// <param name="builder"></param>
        /// <param name="middlewareConfiguration"></param>
        /// <returns></returns>
-        public static async Task<IApplicationBuilder> UseOcelot(this IApplicationBuilder builder, OcelotMiddlewareConfiguration middlewareConfiguration)
+        public static async Task<IApplicationBuilder> UseOcelot(this IApplicationBuilder builder, OcelotMiddlewareConfiguration middlewareConfiguration, IdentityServerConfiguration identityServerConfiguration)
        {
-            await CreateAdministrationArea(builder);
+            await CreateAdministrationArea(builder, identityServerConfiguration);

            // This is registered to catch any global exceptions that are not handled
            builder.UseExceptionHandlerMiddleware();
@@ -153,27 +168,28 @@ namespace Ocelot.Middleware
            return ocelotConfiguration.Data;
        }

-        private static async Task CreateAdministrationArea(IApplicationBuilder builder)
+        private static async Task CreateAdministrationArea(IApplicationBuilder builder, IdentityServerConfiguration identityServerConfiguration)
        {
            var configuration = await CreateConfiguration(builder);

-            var authProvider = new HardCodedIdentityServerConfigurationProvider();
-            var identityServerConfig = authProvider.Get();
-
-            if(!string.IsNullOrEmpty(configuration.AdministrationPath))
+            if(!string.IsNullOrEmpty(configuration.AdministrationPath) && identityServerConfiguration != null)
            {
+                var webHostBuilder = (IWebHostBuilder)builder.ApplicationServices.GetService(typeof(IWebHostBuilder));
+                
+                var baseSchemeUrlAndPort = webHostBuilder.GetSetting(WebHostDefaults.ServerUrlsKey);
+                
                builder.Map(configuration.AdministrationPath, app =>
                {
-                    var identityServerUrl = $"http://localhost:5000/{configuration.AdministrationPath.Remove(0,1)}";
+                    var identityServerUrl = $"{baseSchemeUrlAndPort}/{configuration.AdministrationPath.Remove(0,1)}";

                    app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
                    {
                        Authority = identityServerUrl,
-                        ApiName = identityServerConfig.ApiName,
-                        RequireHttpsMetadata = identityServerConfig.RequireHttps,
-                        AllowedScopes = identityServerConfig.AllowedScopes,
+                        ApiName = identityServerConfiguration.ApiName,
+                        RequireHttpsMetadata = identityServerConfiguration.RequireHttps,
+                        AllowedScopes = identityServerConfiguration.AllowedScopes,
                        SupportedTokens = SupportedTokens.Both,
-                        ApiSecret = identityServerConfig.ApiSecret
+                        ApiSecret = identityServerConfiguration.ApiSecret
                    });

                    app.UseIdentityServer();
@@ -182,7 +198,6 @@ namespace Ocelot.Middleware
                });
            }
        }
-
        private static void UseIfNotNull(this IApplicationBuilder builder, Func<HttpContext, Func<Task>, Task> middleware)
        {
            if (middleware != null)