using System.Collections.Generic; using System.Text; using AutoMapper; using BlazorShared.Authorization; using MediatR; using Microsoft.AspNetCore.Authentication.JwtBearer; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Hosting; using Microsoft.AspNetCore.Identity; using Microsoft.EntityFrameworkCore; using Microsoft.eShopWeb.ApplicationCore.Constants; using Microsoft.eShopWeb.ApplicationCore.Entities; using Microsoft.eShopWeb.ApplicationCore.Interfaces; using Microsoft.eShopWeb.ApplicationCore.Services; using Microsoft.eShopWeb.Infrastructure.Data; using Microsoft.eShopWeb.Infrastructure.Identity; using Microsoft.eShopWeb.Infrastructure.Logging; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Hosting; using Microsoft.IdentityModel.Tokens; using Microsoft.OpenApi.Models; namespace Microsoft.eShopWeb.PublicApi { public class Startup { private const string CORS_POLICY = "CorsPolicy"; public static bool InDocker => Environment.GetEnvironmentVariable("DOTNET_RUNNING_IN_CONTAINER") == "true"; public Startup(IConfiguration configuration) { Configuration = configuration; } public IConfiguration Configuration { get; } public void ConfigureDevelopmentServices(IServiceCollection services) { // use in-memory database ConfigureInMemoryDatabases(services); // use real database //ConfigureProductionServices(services); } private void ConfigureInMemoryDatabases(IServiceCollection services) { services.AddDbContext(c => c.UseInMemoryDatabase("Catalog")); services.AddDbContext(options => options.UseInMemoryDatabase("Identity")); ConfigureServices(services); } public void ConfigureProductionServices(IServiceCollection services) { // use real database // Requires LocalDB which can be installed with SQL Server Express 2016 // https://www.microsoft.com/en-us/download/details.aspx?id=54284 services.AddDbContext(c => c.UseSqlServer(Configuration.GetConnectionString("CatalogConnection"))); // Add Identity DbContext services.AddDbContext(options => options.UseSqlServer(Configuration.GetConnectionString("IdentityConnection"))); ConfigureServices(services); } public void ConfigureTestingServices(IServiceCollection services) { ConfigureInMemoryDatabases(services); } // This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddIdentity() .AddEntityFrameworkStores() .AddDefaultTokenProviders(); services.AddScoped(typeof(IAsyncRepository<>), typeof(EfRepository<>)); services.Configure(Configuration); services.AddSingleton(new UriComposer(Configuration.Get())); services.AddScoped(typeof(IAppLogger<>), typeof(LoggerAdapter<>)); services.AddScoped(); services.AddMemoryCache(); var key = Encoding.ASCII.GetBytes(AuthorizationConstants.JWT_SECRET_KEY); services.AddAuthentication(config => { config.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(config => { config.RequireHttpsMetadata = false; config.SaveToken = true; config.TokenValidationParameters = new TokenValidationParameters { ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(key), ValidateIssuer = false, ValidateAudience = false }; }); services.AddCors(options => { options.AddPolicy(name: CORS_POLICY, builder => { builder.WithOrigins("http://localhost:44319", "https://localhost:44319", Constants.GetOriginWebUrl(InDocker)); builder.AllowAnyMethod(); builder.AllowAnyHeader(); }); }); services.AddControllers(); services.AddMediatR(typeof(CatalogItem).Assembly); services.AddAutoMapper(typeof(Startup).Assembly); services.AddSwaggerGen(c => { c.SwaggerDoc("v1", new OpenApiInfo { Title = "My API", Version = "v1" }); c.EnableAnnotations(); c.SchemaFilter(); c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme { Description = @"JWT Authorization header using the Bearer scheme. \r\n\r\n Enter 'Bearer' [space] and then your token in the text input below. \r\n\r\nExample: 'Bearer 12345abcdef'", Name = "Authorization", In = ParameterLocation.Header, Type = SecuritySchemeType.ApiKey, Scheme = "Bearer" }); c.AddSecurityRequirement(new OpenApiSecurityRequirement() { { new OpenApiSecurityScheme { Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer" }, Scheme = "oauth2", Name = "Bearer", In = ParameterLocation.Header, }, new List() } }); }); } // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IWebHostEnvironment env) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } app.UseHttpsRedirection(); app.UseRouting(); app.UseCors(CORS_POLICY); app.UseAuthorization(); // Enable middleware to serve generated Swagger as a JSON endpoint. app.UseSwagger(); // Enable middleware to serve swagger-ui (HTML, JS, CSS, etc.), // specifying the Swagger JSON endpoint. app.UseSwaggerUI(c => { c.SwaggerEndpoint("/swagger/v1/swagger.json", "My API V1"); }); app.UseEndpoints(endpoints => { endpoints.MapControllers(); }); } } }