Skip to content

GitLab

Switch branch/tag
Find file Normal viewHistoryPermalink
Configure-Administration.md 5.08 KB
Newer Older
janskoruba's avatar
Add comments for Startup clasess. Update README and related files.  
janskoruba committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111 
# How to configure the Administration - IdentityServer4 and Asp.Net Core Identity

## 1) Admin UI:

- `Skoruba.IdentityServer4.Admin` - `Startup.cs` - method `ConfigureServices`:

### Configure DbContexts

- This `AddDbContexts` helper method is used for registration of DbContexts for whole administration.

- The solution uses these `DbContexts`:

  - `AdminIdentityDbContext`: for Asp.Net Core Identity
  - `AdminLogDbContext`: for logging
  - `IdentityServerConfigurationDbContext`: for IdentityServer configuration store
  - `IdentityServerPersistedGrantDbContext`: for IdentityServer operational store

```
services.AddDbContexts<AdminIdentityDbContext, IdentityServerConfigurationDbContext, IdentityServerPersistedGrantDbContext, AdminLogDbContext>(HostingEnvironment, Configuration);

```

### Configure authentication

```
services.AddAuthenticationServices<AdminIdentityDbContext, UserIdentity, UserIdentityRole>(HostingEnvironment, rootConfiguration.AdminConfiguration);
```

This `AddAuthenticationServices` helper method is for registration authentication. For administration is used OpenIdConnect middleware which is connected to IdentityServer4.

> For staging environment is used cookie middleware for fake authentication. In integration tests is checked this fake login url. /Account/Login

### Configuration of services/repositories for IdentityServer4

```
services.AddAdminServices<IdentityServerConfigurationDbContext, IdentityServerPersistedGrantDbContext, AdminLogDbContext>();
```

This extension method `AddAdminServices` is for registration all dependencies - like repositories, services for managing IdentityServer4 configuration and operational store. Here is necessary to inject DbContexts only.

### Configuration of Asp.Net Core Identity

```
services.AddAdminAspNetIdentityServices<AdminIdentityDbContext, IdentityServerPersistedGrantDbContext, UserDto<string>, string, RoleDto<string>, string, string, string,
                                UserIdentity, UserIdentityRole, string, UserIdentityUserClaim, UserIdentityUserRole,
                                UserIdentityUserLogin, UserIdentityRoleClaim, UserIdentityUserToken,
                                UsersDto<UserDto<string>, string>, RolesDto<RoleDto<string>, string>, UserRolesDto<RoleDto<string>, string, string>,
                                UserClaimsDto<string>, UserProviderDto<string>, UserProvidersDto<string>, UserChangePasswordDto<string>,
                                RoleClaimsDto<string>, UserClaimDto<string>, RoleClaimDto<string>>();
```

This extension method is for registration all dependencies for managing data for Asp.Net Core Identity.
This is right place for changing Identity model - like change primary key from `string` to another type.

### Configuration of Localization and MVC

```
services.AddMvcWithLocalization<UserDto<string>, string, RoleDto<string>, string, string, string,
                UserIdentity, UserIdentityRole, string, UserIdentityUserClaim, UserIdentityUserRole,
                UserIdentityUserLogin, UserIdentityRoleClaim, UserIdentityUserToken,
                UsersDto<UserDto<string>, string>, RolesDto<RoleDto<string>, string>, UserRolesDto<RoleDto<string>, string, string>,
                UserClaimsDto<string>, UserProviderDto<string>, UserProvidersDto<string>, UserChangePasswordDto<string>,
                RoleClaimsDto<string>>();
```

This extension method `AddMvcWithLocalization` is for registration of MVC and Localization as well.
In this method are used same types like for Asp.Net Core Identity because these types are injected into generic Controllers.

### Configuration of Authorization policies

```
services.AddAuthorizationPolicies();
```

This extensions method contains only one base policy for administration of whole AdminUI. There is good place to register another policies for extending authorization stuff.

## 2) Security token service (STS)

- `Skoruba.IdentityServer4.STS.Identity` - `Startup.cs` - method `ConfigureServices`:

### Configure DbContexts

```
services.AddIdentityDbContext<AdminIdentityDbContext>(Configuration);
```

In this extension method `AddIdentityDbContext` is defined DbContext for Asp.Net Core Identity

In `StartupHelpers.cs` is another extension method for registration of DbContexts for IdentityServer4:

```
AddIdentityServerStoresWithDbContexts<TConfigurationDbContext, TPersistedGrantDbContext>(configuration);
```

### Configuration of IdentityServer4 and Asp.Net Core Identity

- `Skoruba.IdentityServer4.STS.Identity` - `Startup.cs` - method `ConfigureServices`:

```
services.AddAuthenticationServices<IdentityServerConfigurationDbContext, IdentityServerPersistedGrantDbContext, AdminIdentityDbContext, UserIdentity, UserIdentityRole>(Environment, Configuration, Logger);
```

- This extension method is defined for registration of Asp.Net Core Identity and IdentityServer4 - including one external provider (GitHub).

### Configuration of Localization and MVC

```
services.AddMvcWithLocalization<UserIdentity, string>();
```

- This is extension method for registraion of MVC and Localization. In this method are used the types for Asp.Net Core Identity for generic controllers.