Skip to content

Latest commit

 

History

History
111 lines (73 loc) · 5.14 KB

Configure-Administration.md

File metadata and controls

111 lines (73 loc) · 5.14 KB
Raw

How to configure the Administration - Duende.IdentityServer and Asp.Net Core Identity

1) Admin UI:

  • Skoruba.Duende.IdentityServer.Admin - Startup.cs - method ConfigureServices:

Configure DbContexts

  • This AddDbContexts helper method is used for registration of DbContexts for whole administration.

  • The solution uses these DbContexts:

    • AdminIdentityDbContext: for Asp.Net Core Identity
    • AdminLogDbContext: for logging
    • IdentityServerConfigurationDbContext: for IdentityServer configuration store
    • IdentityServerPersistedGrantDbContext: for IdentityServer operational store
services.AddDbContexts<AdminIdentityDbContext, IdentityServerConfigurationDbContext, IdentityServerPersistedGrantDbContext, AdminLogDbContext>(HostingEnvironment, Configuration);

Configure authentication

services.AddAuthenticationServices<AdminIdentityDbContext, UserIdentity, UserIdentityRole>(HostingEnvironment, rootConfiguration.AdminConfiguration);

This AddAuthenticationServices helper method is for registration authentication. For administration is used OpenIdConnect middleware which is connected to Duende.IdentityServer.

For staging environment is used cookie middleware for fake authentication. In integration tests is checked this fake login url. /Account/Login

Configuration of services/repositories for Duende.IdentityServer

services.AddAdminServices<IdentityServerConfigurationDbContext, IdentityServerPersistedGrantDbContext, AdminLogDbContext>();

This extension method AddAdminServices is for registration all dependencies - like repositories, services for managing Duende.IdentityServer configuration and operational store. Here is necessary to inject DbContexts only.

Configuration of Asp.Net Core Identity

services.AddAdminAspNetIdentityServices<AdminIdentityDbContext, IdentityServerPersistedGrantDbContext, UserDto<string>, string, RoleDto<string>, string, string, string,
                                UserIdentity, UserIdentityRole, string, UserIdentityUserClaim, UserIdentityUserRole,
                                UserIdentityUserLogin, UserIdentityRoleClaim, UserIdentityUserToken,
                                UsersDto<UserDto<string>, string>, RolesDto<RoleDto<string>, string>, UserRolesDto<RoleDto<string>, string, string>,
                                UserClaimsDto<string>, UserProviderDto<string>, UserProvidersDto<string>, UserChangePasswordDto<string>,
                                RoleClaimsDto<string>, UserClaimDto<string>, RoleClaimDto<string>>();

This extension method is for registration all dependencies for managing data for Asp.Net Core Identity. This is right place for changing Identity model - like change primary key from string to another type.

Configuration of Localization and MVC

services.AddMvcWithLocalization<UserDto<string>, string, RoleDto<string>, string, string, string,
                UserIdentity, UserIdentityRole, string, UserIdentityUserClaim, UserIdentityUserRole,
                UserIdentityUserLogin, UserIdentityRoleClaim, UserIdentityUserToken,
                UsersDto<UserDto<string>, string>, RolesDto<RoleDto<string>, string>, UserRolesDto<RoleDto<string>, string, string>,
                UserClaimsDto<string>, UserProviderDto<string>, UserProvidersDto<string>, UserChangePasswordDto<string>,
                RoleClaimsDto<string>>();

This extension method AddMvcWithLocalization is for registration of MVC and Localization as well. In this method are used same types like for Asp.Net Core Identity because these types are injected into generic Controllers.

Configuration of Authorization policies

services.AddAuthorizationPolicies();

This extensions method contains only one base policy for administration of whole AdminUI. There is good place to register another policies for extending authorization stuff.

2) Security token service (STS)

  • Skoruba.Duende.IdentityServer.STS.Identity - Startup.cs - method ConfigureServices:

Configure DbContexts

services.AddIdentityDbContext<AdminIdentityDbContext>(Configuration);

In this extension method AddIdentityDbContext is defined DbContext for Asp.Net Core Identity

In StartupHelpers.cs is another extension method for registration of DbContexts for Duende.IdentityServer:

AddIdentityServerStoresWithDbContexts<TConfigurationDbContext, TPersistedGrantDbContext>(configuration);

Configuration of Duende.IdentityServer and Asp.Net Core Identity

  • Skoruba.Duende.IdentityServer.STS.Identity - Startup.cs - method ConfigureServices:
services.AddAuthenticationServices<IdentityServerConfigurationDbContext, IdentityServerPersistedGrantDbContext, AdminIdentityDbContext, UserIdentity, UserIdentityRole>(Environment, Configuration, Logger);
  • This extension method is defined for registration of Asp.Net Core Identity and Duende.IdentityServer - including one external provider (GitHub).

Configuration of Localization and MVC

services.AddMvcWithLocalization<UserIdentity, string>();
  • This is extension method for registraion of MVC and Localization. In this method are used the types for Asp.Net Core Identity for generic controllers.