elias/booking-microservices
1
0
Fork 0
mirror of https://github.com/meysamhadeli/booking-microservices.git synced 2026-04-10 17:59:38 +08:00
Code Issues Packages Projects Releases Wiki Activity

chore: Update identity server

Browse Source
This commit is contained in:
Pc 2023-02-22 01:50:52 +03:30
parent e4ddcc1a4b
commit 020273343e
5 changed files with 18 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
deployments/k8s/flight.yml
View File

@ -15,7 +15,7 @@ spec:
app: flight
spec:
containers:
- image: meysamh66/booking-microservices-flight:v1.6.1
- image: meysamh66/booking-microservices-flight:v1.6.3
name: flight
ports:
- containerPort: 80
@ -39,7 +39,7 @@ spec:
- name: "MongoOptions__DatabaseName"
value: "flight-db"
- name: "Jwt__Authority"
value: "http://127.0.0.1:10679"
value: "http://10.0.75.1:13926/"
- name: "Jwt__Audience"
value: "flight-api"
- name: "Jwt__RequireHttpsMetadata"

2
deployments/k8s/identity.yml
View File

@ -15,7 +15,7 @@ spec:
app: identity
spec:
containers:
- image: meysamh66/booking-microservices-identity:v1.6.1
- image: meysamh66/booking-microservices-identity:v1.6.3
name: identity
ports:
- containerPort: 80

30
src/BuildingBlocks/Jwt/JwtExtensions.cs
View File

@ -4,6 +4,7 @@ using Microsoft.Extensions.DependencyInjection;
namespace BuildingBlocks.Jwt;
using Duende.IdentityServer.EntityFramework.Entities;
public static class JwtExtensions
{
@ -11,8 +12,6 @@ public static class JwtExtensions
{
var jwtOptions = services.GetOptions<JwtBearerOptions>("Jwt");
services.AddAuthorization();
services.AddAuthentication(o => {
o.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
o.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
@ -21,26 +20,21 @@ public static class JwtExtensions
.AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, options =>
{
options.Authority = jwtOptions.Authority;
options.Audience = jwtOptions.Audience;
options.TokenValidationParameters.ValidateAudience = false;
options.TokenValidationParameters.ValidTypes = new[] { "at+jwt" };
options.RequireHttpsMetadata = jwtOptions.RequireHttpsMetadata;
options.BackchannelHttpHandler = new HttpClientHandler()
{
ServerCertificateCustomValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator,
};
options.MetadataAddress= jwtOptions.MetadataAddress;
});
// if (!string.IsNullOrEmpty(jwtOptions.Audience))
// {
// services.AddAuthorization(options =>
// options.AddPolicy(nameof(ApiScope), policy =>
// {
// policy.RequireAuthenticatedUser();
// policy.RequireClaim("scope", jwtOptions.Audience);
// })
// );
// }
if (!string.IsNullOrEmpty(jwtOptions.Audience))
{
services.AddAuthorization(options =>
options.AddPolicy(nameof(ApiScope), policy =>
{
policy.RequireAuthenticatedUser();
policy.RequireClaim("scope", jwtOptions.Audience);
})
);
}
return services;
}

3
src/Services/Flight/src/Flight.Api/appsettings.json
View File

@ -31,7 +31,8 @@
"Jwt": {
"Authority": "https://localhost:5005",
"Audience": "flight-api",
"RequireHttpsMetadata": false
"RequireHttpsMetadata": true,
"MetadataAddress": "https://localhost:5005/.well-known/openid-configuration"
},
"RabbitMqOptions": {
"HostName": "localhost",

2
src/Services/Identity/src/Identity/Extensions/Infrastructure/IdentityServerExtensions.cs
View File

@ -38,7 +38,7 @@ public static class IdentityServerExtensions
.AddResourceOwnerValidator<UserValidator>();
//ref: https://documentation.openiddict.com/configuration/encryption-and-signing-credentials.html
// identityServerBuilder.AddDeveloperSigningCredential();
identityServerBuilder.AddDeveloperSigningCredential();
return services;
}