elias/booking-microservices
1
0
Fork 0
mirror of https://github.com/meysamhadeli/booking-microservices.git synced 2026-05-02 19:02:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #198 from meysamhadeli/develop

Browse Source 
chore: Update identity server
This commit is contained in:
Meysam Hadeli 2023-02-22 01:52:31 +03:30 committed by GitHub
commit 8eacbd0337
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 18 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
deployments/k8s/flight.yml
View File

@ -15,7 +15,7 @@ spec:
app: flight app: flight
spec: spec:
containers: containers:
- image: meysamh66/booking-microservices-flight:v1.6.1 - image: meysamh66/booking-microservices-flight:v1.6.3
name: flight name: flight
ports: ports:
- containerPort: 80 - containerPort: 80
@ -39,7 +39,7 @@ spec:
- name: "MongoOptions__DatabaseName" - name: "MongoOptions__DatabaseName"
value: "flight-db" value: "flight-db"
- name: "Jwt__Authority" - name: "Jwt__Authority"
value: "http://127.0.0.1:10679" value: "http://10.0.75.1:13926/"
- name: "Jwt__Audience" - name: "Jwt__Audience"
value: "flight-api" value: "flight-api"
- name: "Jwt__RequireHttpsMetadata" - name: "Jwt__RequireHttpsMetadata"

2
deployments/k8s/identity.yml
View File

@ -15,7 +15,7 @@ spec:
app: identity app: identity
spec: spec:
containers: containers:
- image: meysamh66/booking-microservices-identity:v1.6.1 - image: meysamh66/booking-microservices-identity:v1.6.3
name: identity name: identity
ports: ports:
- containerPort: 80 - containerPort: 80

30
src/BuildingBlocks/Jwt/JwtExtensions.cs
View File

@ -4,6 +4,7 @@ using Microsoft.Extensions.DependencyInjection;
namespace BuildingBlocks.Jwt; namespace BuildingBlocks.Jwt;
using Duende.IdentityServer.EntityFramework.Entities;
public static class JwtExtensions public static class JwtExtensions
{ {
@ -11,8 +12,6 @@ public static class JwtExtensions
{ {
var jwtOptions = services.GetOptions<JwtBearerOptions>("Jwt"); var jwtOptions = services.GetOptions<JwtBearerOptions>("Jwt");
services.AddAuthorization();
services.AddAuthentication(o => { services.AddAuthentication(o => {
o.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; o.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
o.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; o.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
@ -21,26 +20,21 @@ public static class JwtExtensions
.AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, options => .AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, options =>
{ {
options.Authority = jwtOptions.Authority; options.Authority = jwtOptions.Authority;
options.Audience = jwtOptions.Audience;
options.TokenValidationParameters.ValidateAudience = false; options.TokenValidationParameters.ValidateAudience = false;
options.TokenValidationParameters.ValidTypes = new[] { "at+jwt" };
options.RequireHttpsMetadata = jwtOptions.RequireHttpsMetadata; options.RequireHttpsMetadata = jwtOptions.RequireHttpsMetadata;
options.BackchannelHttpHandler = new HttpClientHandler() options.MetadataAddress= jwtOptions.MetadataAddress;
{
ServerCertificateCustomValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator,
};
}); });
// if (!string.IsNullOrEmpty(jwtOptions.Audience)) if (!string.IsNullOrEmpty(jwtOptions.Audience))
// { {
// services.AddAuthorization(options => services.AddAuthorization(options =>
// options.AddPolicy(nameof(ApiScope), policy => options.AddPolicy(nameof(ApiScope), policy =>
// { {
// policy.RequireAuthenticatedUser(); policy.RequireAuthenticatedUser();
// policy.RequireClaim("scope", jwtOptions.Audience); policy.RequireClaim("scope", jwtOptions.Audience);
// }) })
// ); );
// } }
return services; return services;
} }

3
src/Services/Flight/src/Flight.Api/appsettings.json
View File

@ -31,7 +31,8 @@
"Jwt": { "Jwt": {
"Authority": "https://localhost:5005", "Authority": "https://localhost:5005",
"Audience": "flight-api", "Audience": "flight-api",
"RequireHttpsMetadata": false "RequireHttpsMetadata": true,
"MetadataAddress": "https://localhost:5005/.well-known/openid-configuration"
}, },
"RabbitMqOptions": { "RabbitMqOptions": {
"HostName": "localhost", "HostName": "localhost",

2
src/Services/Identity/src/Identity/Extensions/Infrastructure/IdentityServerExtensions.cs
View File

@ -38,7 +38,7 @@ public static class IdentityServerExtensions
.AddResourceOwnerValidator<UserValidator>(); .AddResourceOwnerValidator<UserValidator>();
//ref: https://documentation.openiddict.com/configuration/encryption-and-signing-credentials.html //ref: https://documentation.openiddict.com/configuration/encryption-and-signing-credentials.html
// identityServerBuilder.AddDeveloperSigningCredential(); identityServerBuilder.AddDeveloperSigningCredential();
return services; return services;
} }