Created
May 28, 2017 22:20
-
-
Save MrPrashantT/b2983aea2e5f46b9200392efa7ea7582 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using Microsoft.AspNetCore.Authentication.Cookies; | |
using Microsoft.AspNetCore.Authentication.OpenIdConnect; | |
using Microsoft.AspNetCore.Builder; | |
using Microsoft.AspNetCore.Hosting; | |
using Microsoft.AspNetCore.Http; | |
using Microsoft.Extensions.Configuration; | |
using Microsoft.Extensions.DependencyInjection; | |
using Microsoft.Extensions.Logging; | |
using Microsoft.Extensions.Options; | |
using System; | |
using System.Threading.Tasks; | |
namespace InspectionsTestClient | |
{ | |
public class Startup | |
{ | |
public IConfigurationRoot Configuration { get; } | |
public IHostingEnvironment HostingEnvironment { get; } | |
public Startup(IHostingEnvironment env) | |
{ | |
var builder = new ConfigurationBuilder() | |
.SetBasePath(env.ContentRootPath) | |
.AddJsonFile("appsettings.json", optional: false, reloadOnChange: true) | |
.AddJsonFile($"appsettings.{env.EnvironmentName}.json", optional: true); | |
if (env.IsDevelopment()) | |
{ | |
builder.AddUserSecrets<Startup>(); | |
} | |
builder.AddEnvironmentVariables(); | |
Configuration = builder.Build(); | |
HostingEnvironment = env; | |
} | |
// This method gets called by the runtime. Use this method to add services to the container. | |
public void ConfigureServices(IServiceCollection services) | |
{ | |
// Add authentication services | |
services.AddAuthentication( | |
options => options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme); | |
// Add framework services. | |
services.AddMvc(); | |
// Add functionality to inject IOptions<T> | |
services.AddOptions(); | |
// Add the Auth0 Settings object so it can be injected | |
services.Configure<Auth0Settings>(Configuration.GetSection("Auth0")); | |
} | |
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline. | |
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory, IOptions<Auth0Settings> auth0Settings) | |
{ | |
loggerFactory.AddConsole(Configuration.GetSection("Logging")); | |
loggerFactory.AddDebug(); | |
if (env.IsDevelopment()) | |
{ | |
app.UseDeveloperExceptionPage(); | |
app.UseBrowserLink(); | |
} | |
else | |
{ | |
app.UseExceptionHandler("/Home/Error"); | |
} | |
app.UseStaticFiles(); | |
// Set up JWT Bearer authentication first | |
app.UseJwtBearerAuthentication(new JwtBearerOptions | |
{ | |
Audience = auth0Settings.Value.ApiIdentifier, | |
Authority = auth0Settings.Value.Domain | |
}); | |
// Add the cookie middleware | |
app.UseCookieAuthentication(new CookieAuthenticationOptions | |
{ | |
AutomaticAuthenticate = true, | |
AutomaticChallenge = true, | |
Events = new CookieAuthenticationEvents() | |
{ | |
OnRedirectToLogin = ctx => | |
{ | |
// if it is an ajax/api request, don't redirect to login page. | |
if (!(IsAjaxRequest(ctx.Request) || IsApiRequest(ctx.Request))) | |
{ | |
ctx.Response.Redirect(ctx.RedirectUri); | |
return Task.CompletedTask; | |
} | |
ctx.Response.StatusCode = StatusCodes.Status401Unauthorized; | |
return ctx.Response.WriteAsync("Unauthorized"); | |
} | |
} | |
}); | |
// Add external authentication middleware below. | |
var options = new OpenIdConnectOptions("Auth0") | |
{ | |
// Set the authority to your Auth0 domain | |
Authority = auth0Settings.Value.Domain, | |
// Configure the Auth0 Client ID and Client Secret | |
ClientId = auth0Settings.Value.ClientId, | |
ClientSecret = auth0Settings.Value.ClientSecret, | |
// Do not automatically authenticate and challenge | |
AutomaticAuthenticate = false, | |
AutomaticChallenge = false, | |
// Set response type to code | |
ResponseType = "code", | |
// Set the callback path, so Auth0 will call back to http://localhost:5000/signin-auth0 | |
// Also ensure that you have added the URL as an Allowed Callback URL in your Auth0 dashboard | |
CallbackPath = new PathString("/signin-auth0"), | |
// Configure the Claims Issuer to be Auth0 | |
ClaimsIssuer = "Auth0", | |
Events = new OpenIdConnectEvents | |
{ | |
// handle the logout redirection | |
OnRedirectToIdentityProviderForSignOut = (context) => | |
{ | |
var logoutUri = $"https://{auth0Settings.Value.Domain}/v2/logout?client_id={auth0Settings.Value.ClientId}"; | |
var postLogoutUri = context.Properties.RedirectUri; | |
if (!string.IsNullOrEmpty(postLogoutUri)) | |
{ | |
if (postLogoutUri.StartsWith("/")) | |
{ | |
// transform to absolute | |
var request = context.Request; | |
postLogoutUri = request.Scheme + "://" + request.Host + request.PathBase + postLogoutUri; | |
} | |
logoutUri += $"&returnTo={ Uri.EscapeDataString(postLogoutUri)}"; | |
} | |
context.Response.Redirect(logoutUri); | |
context.HandleResponse(); | |
return Task.CompletedTask; | |
} | |
} | |
}; | |
options.Scope.Clear(); | |
options.Scope.Add("openid"); | |
app.UseOpenIdConnectAuthentication(options); | |
app.UseMvc(routes => | |
{ | |
routes.MapRoute( | |
name: "default", | |
template: "{controller=Home}/{action=Index}/{id?}"); | |
}); | |
} | |
private static bool IsAjaxRequest(HttpRequest request) | |
{ | |
var query = request.Query; | |
if ((query != null) && (query["X-Requested-With"] == "XMLHttpRequest")) | |
{ | |
return true; | |
} | |
IHeaderDictionary headers = request.Headers; | |
return ((headers != null) && (headers["X-Requested-With"] == "XMLHttpRequest")); | |
} | |
private static bool IsApiRequest(HttpRequest request) | |
{ | |
return request.Path.StartsWithSegments(new PathString("/api")); | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment