trying to get identity server authing

src/Ocelot/Controllers/FileConfigurationController.cs

@@ -1,20 +1,24 @@
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Ocelot.Services;
 
 namespace Ocelot.Controllers
 {
-    [RouteAttribute("configuration")]
-    public class FileConfigurationController
+    [Authorize(Roles = "Admin")]
+    [Route("configuration")]
+    public class FileConfigurationController : Controller
     {
-        private IGetFileConfiguration _getFileConfig;
+        private readonly IGetFileConfiguration _getFileConfig;
 
         public FileConfigurationController(IGetFileConfiguration getFileConfig)
         {
             _getFileConfig = getFileConfig;
         }
 
+        [HttpGet]
         public IActionResult Get()
         {
+            var user = this.HttpContext.User;
             return new OkObjectResult(_getFileConfig.Invoke().Data);
         }
     }

src/Ocelot/DependencyInjection/ServiceCollectionExtensions.cs

@@ -1,6 +1,10 @@
 using System;
+using System.Collections.Generic;
 using System.Net.Http;
+using System.Security.Claims;
 using CacheManager.Core;
+using IdentityServer4.Models;
+using IdentityServer4.Test;
 using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
@@ -61,6 +65,53 @@ namespace Ocelot.DependencyInjection
 
         public static IServiceCollection AddOcelot(this IServiceCollection services)
         {
+            services.AddIdentityServer()
+                .AddTemporarySigningCredential()
+                .AddInMemoryApiResources(new List<ApiResource>
+                {
+                    new ApiResource
+                    {
+                        Name = "admin",
+                        Description = "Ocelot Administration",
+                        Enabled = true,
+                        DisplayName = "admin",
+                        Scopes = new List<Scope>()
+                        {
+                            new Scope("admin"),
+                            new Scope("openid"),
+                            new Scope("offline_access")
+                        },
+                        ApiSecrets = new List<Secret>
+                        {
+                            new Secret
+                            {
+                                Value = "secret".Sha256()
+                            }
+                        }
+                    }
+                })
+                .AddInMemoryClients(new List<Client>
+                {
+                    new Client
+                    {
+                        ClientId = "admin",
+                        AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
+                        ClientSecrets = new List<Secret> {new Secret("secret".Sha256())},
+                        AllowedScopes = new List<string> {"admin", "openid", "offline_access"},
+                        AccessTokenType = AccessTokenType.Jwt,
+                        Enabled = true,
+                        RequireClientSecret = false
+                    }
+                })
+                .AddTestUsers(new List<TestUser>
+                {
+                    new TestUser
+                    {
+                        Username = "admin",
+                        Password = "admin",
+                        SubjectId = "admin",
+                    }
+                });
             services.AddMvcCore().AddJsonFormatters();
             services.AddLogging();
             services.AddSingleton<IGetFileConfiguration, GetFileConfiguration>();

src/Ocelot/Middleware/OcelotMiddlewareExtensions.cs

@@ -1,4 +1,6 @@
-using Microsoft.AspNetCore.Builder;
+using System.Collections.Generic;
+using IdentityServer4.AccessTokenValidation;
+using Microsoft.AspNetCore.Builder;
 using Ocelot.Authentication.Middleware;
 using Ocelot.Cache.Middleware;
 using Ocelot.Claims.Middleware;
@@ -144,9 +146,21 @@ namespace Ocelot.Middleware
 
             if(!string.IsNullOrEmpty(configuration.AdministrationPath))
             {
-                builder.Map(configuration.AdministrationPath, x => 
+                builder.Map(configuration.AdministrationPath, app =>
                 {
-                    x.UseMvc();
+                    app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
+                    {
+                        Authority = "http://localhost:5000/admin",
+                        ApiName = "admin",
+                        RequireHttpsMetadata = false,
+                        AllowedScopes = new List<string>(),
+                        SupportedTokens = SupportedTokens.Both,
+                        ApiSecret = "secret"
+                    });
+
+                    app.UseIdentityServer();
+
+                    app.UseMvc();
                 });
             }
         }

src/Ocelot/project.json

@@ -28,7 +28,8 @@
         "CacheManager.Microsoft.Extensions.Configuration": "0.9.2",
         "CacheManager.Microsoft.Extensions.Logging": "0.9.2",
         "Consul": "0.7.2.1",
-    "Polly": "5.0.3"
+        "Polly": "5.0.3",
+        "IdentityServer4": "1.0.1"
     },
   "runtimes": {
     "win10-x64": {},

test/Ocelot.AcceptanceTests/AdministrationTests.cs

@@ -1,10 +1,6 @@
 using System;
 using System.Collections.Generic;
-using System.IO;
 using System.Net;
-using Microsoft.AspNetCore.Builder;
-using Microsoft.AspNetCore.Hosting;
-using Microsoft.AspNetCore.Http;
 using Ocelot.Configuration.File;
 using TestStack.BDDfy;
 using Xunit;
@@ -13,7 +9,6 @@ namespace Ocelot.AcceptanceTests
 {
     public class AdministrationTests : IDisposable
     {
-        private IWebHost _builder;
         private readonly Steps _steps;
 
         public AdministrationTests()
@@ -81,7 +76,6 @@ namespace Ocelot.AcceptanceTests
 
         public void Dispose()
         {
-            _builder?.Dispose();
             _steps.Dispose();
         }
     }