-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathStartup.cs
101 lines (89 loc) · 4.13 KB
/
Startup.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
using System;
using System.Linq;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using Microsoft.Extensions.Logging;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using aspnet_webapp.Services;
using Microsoft.Extensions.Azure;
using Azure.Identity;
using Azure.Core;
using Microsoft.Identity.Web;
using System.Net;
using Microsoft.AspNetCore.Authorization;
using System.Collections.Generic;
namespace aspnet_webapp
{
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(o=>{
o.Audience="5e48ca1f-a2bf-4dec-b96d-bbf8ce69f9f6";
o.ClaimsIssuer="https://login.microsoftonline.com/3aa4a235-b6e2-48d5-9195-7fcf05b459b0/v2.0";
o.MetadataAddress="https://login.microsoftonline.com/3aa4a235-b6e2-48d5-9195-7fcf05b459b0/v2.0/.well-known/openid-configuration";
o.TokenValidationParameters=new Microsoft.IdentityModel.Tokens.TokenValidationParameters{
NameClaimType="name"
};
});
services.AddRazorPages(c=>{
c.Conventions.AllowAnonymousToPage("/Index");
c.Conventions.AllowAnonymousToPage("/Video");
c.Conventions.AllowAnonymousToPage("/Error");
});
services.AddControllersWithViews();
services.AddAzureClients(builder=> {
builder.AddSecretClient(new Uri(Configuration["KEY_VAULT_URL"]));
builder.UseCredential(new DefaultAzureCredential());
});
services.AddScoped<IVideoService, VideoService>();
services.AddScoped<IUserInfoService, UserInfoService>();
services.AddAuthorization(c=> {
c.AddPolicy("Restricted", p=>p.RequireRole("ProtectedContent1", "ProtectedContent2"));
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
}
app.UseStaticFiles();
app.UseAuthentication();
app.Use(async (ctx, next) => {
var logfactory = app.ApplicationServices.GetService<ILoggerFactory>();
var logger=logfactory.CreateLogger("middleware");
// foreach (var h in ctx.Request.Headers.Where(h=>h.Key.StartsWith("X-")).AsEnumerable()) //.Where(h=>h.Key.StartsWith("X-Custom") || h.Key.ToLower().StartsWith("auth"))
// {
// var value = h.Value.FirstOrDefault() ?? "";
// // logger.LogInformation("{0}:{1}", h.Key, value.Substring(0,value.Length>20 ? 20 : value.Length));
// logger.LogInformation("{0}:{1}", h.Key, value);
// }
await next();
});
app.UseRouting();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(name:"default", pattern: "{controller}/{action=Index}/{id?}");
endpoints.MapRazorPages().RequireAuthorization();
});
}
}
}