mirror of
https://github.com/nsnail/Ocelot.git
synced 2025-09-18 10:42:42 +08:00
all packages upgraded and tests passing
This commit is contained in:
TomPallister
@@ -31,7 +31,7 @@
|
||||
<PrivateAssets>all</PrivateAssets>
|
||||
</PackageReference>
|
||||
<PackageReference Include="IdentityServer4.AccessTokenValidation" Version="3.0.1" />
|
||||
<PackageReference Include="IdentityServer4" Version="3.1.1" />
|
||||
<PackageReference Include="IdentityServer4" Version="4.1.1" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<PackageReference Update="Microsoft.SourceLink.GitHub" Version="1.0.0" />
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
using Ocelot.DependencyInjection;
|
||||
using IdentityServer4.AccessTokenValidation;
|
||||
using IdentityServer4.Models;
|
||||
using Microsoft.AspNetCore.Builder;
|
||||
using Microsoft.Extensions.Configuration;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using Microsoft.Extensions.DependencyInjection.Extensions;
|
||||
@@ -10,6 +9,9 @@ using System;
|
||||
using System.Collections.Generic;
|
||||
using System.IdentityModel.Tokens.Jwt;
|
||||
using System.Security.Cryptography.X509Certificates;
|
||||
using System.Linq;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
using Microsoft.AspNetCore.Authentication.JwtBearer;
|
||||
|
||||
namespace Ocelot.Administration
|
||||
{
|
||||
@@ -18,6 +20,7 @@ namespace Ocelot.Administration
|
||||
public static IOcelotAdministrationBuilder AddAdministration(this IOcelotBuilder builder, string path, string secret)
|
||||
{
|
||||
var administrationPath = new AdministrationPath(path);
|
||||
|
||||
builder.Services.AddSingleton<OcelotMiddlewareConfigurationDelegate>(IdentityServerMiddlewareConfigurationProvider.Get);
|
||||
|
||||
//add identity server for admin area
|
||||
@@ -32,7 +35,7 @@ namespace Ocelot.Administration
|
||||
return new OcelotAdministrationBuilder(builder.Services, builder.Configuration);
|
||||
}
|
||||
|
||||
public static IOcelotAdministrationBuilder AddAdministration(this IOcelotBuilder builder, string path, Action<IdentityServerAuthenticationOptions> configureOptions)
|
||||
public static IOcelotAdministrationBuilder AddAdministration(this IOcelotBuilder builder, string path, Action<JwtBearerOptions> configureOptions)
|
||||
{
|
||||
var administrationPath = new AdministrationPath(path);
|
||||
builder.Services.AddSingleton<OcelotMiddlewareConfigurationDelegate>(IdentityServerMiddlewareConfigurationProvider.Get);
|
||||
@@ -46,11 +49,11 @@ namespace Ocelot.Administration
|
||||
return new OcelotAdministrationBuilder(builder.Services, builder.Configuration);
|
||||
}
|
||||
|
||||
private static void AddIdentityServer(Action<IdentityServerAuthenticationOptions> configOptions, IOcelotBuilder builder)
|
||||
private static void AddIdentityServer(Action<JwtBearerOptions> configOptions, IOcelotBuilder builder)
|
||||
{
|
||||
builder.Services
|
||||
.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
|
||||
.AddIdentityServerAuthentication(configOptions);
|
||||
.AddJwtBearer("Bearer", configOptions);
|
||||
}
|
||||
|
||||
private static void AddIdentityServer(IIdentityServerConfiguration identityServerConfiguration, IAdministrationPath adminPath, IOcelotBuilder builder, IConfiguration configuration)
|
||||
@@ -60,7 +63,9 @@ namespace Ocelot.Administration
|
||||
.AddIdentityServer(o =>
|
||||
{
|
||||
o.IssuerUri = "Ocelot";
|
||||
o.EmitStaticAudienceClaim = true;
|
||||
})
|
||||
.AddInMemoryApiScopes(ApiScopes(identityServerConfiguration))
|
||||
.AddInMemoryApiResources(Resources(identityServerConfiguration))
|
||||
.AddInMemoryClients(Client(identityServerConfiguration));
|
||||
|
||||
@@ -68,14 +73,17 @@ namespace Ocelot.Administration
|
||||
var baseSchemeUrlAndPort = urlFinder.Find();
|
||||
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
|
||||
|
||||
builder.Services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
|
||||
.AddIdentityServerAuthentication(o =>
|
||||
builder.Services
|
||||
.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
|
||||
.AddJwtBearer("Bearer", options =>
|
||||
{
|
||||
o.Authority = baseSchemeUrlAndPort + adminPath.Path;
|
||||
o.ApiName = identityServerConfiguration.ApiName;
|
||||
o.RequireHttpsMetadata = identityServerConfiguration.RequireHttps;
|
||||
o.SupportedTokens = SupportedTokens.Both;
|
||||
o.ApiSecret = identityServerConfiguration.ApiSecret;
|
||||
options.Authority = baseSchemeUrlAndPort + adminPath.Path;
|
||||
options.RequireHttpsMetadata = identityServerConfiguration.RequireHttps;
|
||||
|
||||
options.TokenValidationParameters = new TokenValidationParameters
|
||||
{
|
||||
ValidateAudience = false,
|
||||
};
|
||||
});
|
||||
|
||||
//todo - refactor naming..
|
||||
@@ -91,6 +99,11 @@ namespace Ocelot.Administration
|
||||
}
|
||||
}
|
||||
|
||||
private static IEnumerable<ApiScope> ApiScopes(IIdentityServerConfiguration identityServerConfiguration)
|
||||
{
|
||||
return identityServerConfiguration.AllowedScopes.Select(s => new ApiScope(s));
|
||||
}
|
||||
|
||||
private static List<ApiResource> Resources(IIdentityServerConfiguration identityServerConfiguration)
|
||||
{
|
||||
return new List<ApiResource>
|
||||
@@ -101,9 +114,9 @@ namespace Ocelot.Administration
|
||||
{
|
||||
new Secret
|
||||
{
|
||||
Value = identityServerConfiguration.ApiSecret.Sha256()
|
||||
}
|
||||
}
|
||||
Value = identityServerConfiguration.ApiSecret.Sha256(),
|
||||
},
|
||||
},
|
||||
},
|
||||
};
|
||||
}
|
||||
@@ -117,8 +130,8 @@ namespace Ocelot.Administration
|
||||
ClientId = identityServerConfiguration.ApiName,
|
||||
AllowedGrantTypes = GrantTypes.ClientCredentials,
|
||||
ClientSecrets = new List<Secret> {new Secret(identityServerConfiguration.ApiSecret.Sha256())},
|
||||
AllowedScopes = { identityServerConfiguration.ApiName }
|
||||
}
|
||||
AllowedScopes = identityServerConfiguration.AllowedScopes,
|
||||
},
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user