-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathStartup.cs
207 lines (183 loc) · 8.17 KB
/
Startup.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
using System;
using System.Collections.Generic;
using System.IdentityModel.Tokens.Jwt;
using System.IO;
using System.Linq;
using System.Reflection;
using System.Security.Claims;
using System.Threading.Tasks;
using AuthRequiredDemoGraphQL.Extensions;
using GraphQLPlay.IdentityModelExtras;
using GraphQLPlay.IdentityModelExtras.Extensions;
using GraphQLPlay.Rollup.Extensions;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.HttpsPolicy;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Infrastructure;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.DependencyInjection.Extensions;
using Microsoft.Extensions.Logging;
using Microsoft.IdentityModel.Tokens;
using MultiAuthority.AccessTokenValidation;
using Orders.Extensions;
using P7Core.Extensions;
using P7Core.GraphQLCore.Extensions;
using P7Core.GraphQLCore.Stores;
using P7Core.ObjectContainers.Extensions;
using Swashbuckle.AspNetCore.Swagger;
using static GraphQLPlay.Rollup.Extensions.AspNetCoreExtensions;
namespace GraphQLPlayApiOnlyApp
{
public class Startup : IGraphQLRollupRegistrations
{
private readonly IHostingEnvironment _hostingEnvironment;
public IConfiguration Configuration { get; }
private ILogger<Startup> _logger;
public Startup(IHostingEnvironment env, IConfiguration configuration, ILogger<Startup> logger)
{
_hostingEnvironment = env;
Configuration = configuration;
_logger = logger;
}
// This method gets called by the runtime. Use this method to add services to the container.
public IServiceProvider ConfigureServices(IServiceCollection services)
{
services.AddLogging();
services.AddObjectContainer(); // use this vs a static to cache class data.
services.AddOptions();
services.AddDistributedMemoryCache();
services.AddGraphQLPlayRollup(this);
services.AddGraphQLOrders();
services.AddCors(options =>
{
options.AddPolicy("CorsPolicy",
corsBuilder => corsBuilder
.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials());
});
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
services.AddAuthorization(options =>
{
options.AddPolicy("Daffy Duck",
policy => { policy.RequireClaim("client_namespace", "Daffy Duck"); });
});
var scheme = Configuration["authValidation:scheme"];
var section = Configuration.GetSection("InMemoryOAuth2ConfigurationStore:oauth2");
var oauth2Section = new Oauth2Section();
section.Bind(oauth2Section);
var query = from item in oauth2Section.Authorities
where item.Scheme == scheme
select item;
var wellknownAuthority = query.FirstOrDefault();
var authority = wellknownAuthority.Authority;
List<SchemeRecord> schemeRecords = new List<SchemeRecord>()
{ new SchemeRecord()
{
Name = scheme,
JwtBearerOptions = options =>
{
options.Authority = authority;
options.RequireHttpsMetadata = false;
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = false,
ValidateLifetime = true,
ValidateIssuerSigningKey = true
};
options.Events = new JwtBearerEvents
{
OnMessageReceived = context =>
{
return Task.CompletedTask;
},
OnTokenValidated = context =>
{
ClaimsIdentity identity = context.Principal.Identity as ClaimsIdentity;
if (identity != null)
{
// Add the access_token as a claim, as we may actually need it
var accessToken = context.SecurityToken as JwtSecurityToken;
if (accessToken != null)
{
if (identity != null)
{
identity.AddClaim(new Claim("access_token", accessToken.RawData));
}
}
}
return Task.CompletedTask;
}
};
}
},
};
services.AddAuthentication("Bearer")
.AddMultiAuthorityAuthentication(schemeRecords);
services.AddHttpContextAccessor();
services.TryAddSingleton<IActionContextAccessor, ActionContextAccessor>();
services.TryAddTransient<IDefaultHttpClientFactory, DefaultHttpClientFactory>();
// Build the intermediate service provider then return it
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new Info { Title = "GraphQLPlayApiOnly", Version = "v1" });
// Set the comments path for the Swagger JSON and UI.
var xmlFile = $"{Assembly.GetExecutingAssembly().GetName().Name}.xml";
var xmlPath = Path.Combine(AppContext.BaseDirectory, xmlFile);
c.IncludeXmlComments(xmlPath);
});
return services.BuildServiceProvider();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseCors("CorsPolicy");
app.UseAuthentication();
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseCookiePolicy();
app.UseMvc();
// Enable middleware to serve generated Swagger as a JSON endpoint.
app.UseSwagger();
// Enable middleware to serve swagger-ui (HTML, JS, CSS, etc.),
// specifying the Swagger JSON endpoint.
app.UseSwaggerUI(c =>
{
c.SwaggerEndpoint("/swagger/v1/swagger.json", "GraphQLPlayApiOnly V1");
});
}
public void AddGraphQLFieldAuthority(IServiceCollection services)
{
services.TryAddSingleton<IGraphQLFieldAuthority, InMemoryGraphQLFieldAuthority>();
services.RegisterGraphQLCoreConfigurationServices(Configuration);
}
public void AddGraphQLApis(IServiceCollection services)
{
// services.AddBurnerGraphQL();
// services.AddBurnerGraphQL2();
services.AddGraphQLAuthRequiredQuery();
}
}
}