Merge pull request #185 from meysamhadeli/develop

chore: Update identity server

.github/actions/docker-build-publish/action.yml

@@ -43,11 +43,11 @@ runs:
       if: ${{ github.ref == 'refs/heads/main' && success() }}
       shell: bash
       run: |
-        docker build -t ${{ inputs.registry-username }}/${{ inputs.image-name }}:v1.5.4 -f "${{ github.workspace }}/${{ inputs.dockerfile-path }}" .
+        docker build -t ${{ inputs.registry-username }}/${{ inputs.image-name }}:v1.5.5 -f "${{ github.workspace }}/${{ inputs.dockerfile-path }}" .
 
     - name: Publish Docker Image
       if: ${{ github.ref == 'refs/heads/main' && success() }}
       shell: bash
       run: |
-        docker push ${{ inputs.registry-username }}/${{ inputs.image-name }}:v1.5.4
+        docker push ${{ inputs.registry-username }}/${{ inputs.image-name }}:v1.5.5
 

src/Services/Booking/src/Booking.Api/appsettings.docker.json

@@ -26,7 +26,7 @@
     "Port": 5672
   },
   "Jwt": {
-    "Authority": "https://myidentityserver.com",
+    "Authority": "http://myidentityserver.com",
     "Audience": "booking-api",
     "RequireHttpsMetadata": false
   },

src/Services/Flight/src/Flight.Api/appsettings.docker.json

@@ -23,7 +23,7 @@
     "ConnectionString": "Server=postgres;Port=5432;Database=flight;User Id=postgres;Password=postgres;Include Error Detail=true"
   },
   "Jwt": {
-    "Authority": "https://myidentityserver.com",
+    "Authority": "http://myidentityserver.com",
     "Audience": "flight-api",
     "RequireHttpsMetadata": false
   },

src/Services/Identity/Dockerfile

@@ -35,9 +35,7 @@ WORKDIR /app
 COPY --from=builder /app/Services/Identity/src/Identity.Api/out  .
 
 ENV ASPNETCORE_URLS https://*:5005, http://*:6005
-ENV ASPNETCORE_ENVIRONMENT docker  
-
-COPY ./src/Services/Identity/certs/  ./Services/Identity/certs/
+ENV ASPNETCORE_ENVIRONMENT docker
 
 ENTRYPOINT ["dotnet", "Identity.Api.dll"]
 

src/Services/Identity/certs/is4-container-cert.conf

@@ -1,27 +0,0 @@
-[req]
- distinguished_name = req_distinguished_name
- req_extensions     = req_ext
- x509_extensions    = v3_ca
- [req_distinguished_name]
- commonName                  = jaylin
- commonName_default          = localhost
- commonName_max              = 64
- [req_ext]
- subjectAltName = @alt_names
- 1.3.6.1.4.1.311.84.1.1=ASN1:UTF8String:Something
- [v3_ca]
- subjectAltName = @alt_names
- basicConstraints = critical, CA:false
- keyUsage = keyCertSign, cRLSign, digitalSignature,keyEncipherment
- [alt_names]
- # Local domains
- DNS.1 = api.local
- DNS.2 = client.local
- DNS.3 = is4.local
- # Kubernetes
- DNS.4 = *.default.svc.cluster.local
- # docker-compose
- DNS.5 = localhost
- DNS.6 = 127.0.0.1
- DNS.7 = is4
- DNS.8 = api

src/Services/Identity/certs/is4-container-cert.crt

@@ -1,20 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDQTCCAimgAwIBAgIUMEKPAXBRuZew70w24QrJ35Q4RCIwDQYJKoZIhvcNAQEL
-BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTIzMDIxMzIwMzQ1OFoXDTI0MDIx
-MzIwMzQ1OFowFDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEF
-AAOCAQ8AMIIBCgKCAQEArjsJ2s3BCqzp5d2ewSoURgkgvitT3/Jcl+wXdfADxzjV
-wTpmdCsRMToiShzHfRpYp4WagTTwp3xD57QyDTMIQdm8hKug5hnsE/B1Tke31YHp
-QkEgDmApj8AgV98PTGS75ytm2VL5G+GF402/R8Szldr4LPu1iKL3oblnRrc8GZwQ
-ENX72kQxtsEJ09A/ZL0W3zGJIY/o81vb8krUttu/mAC1RZtqUfMlFVl13yAANEex
-e7zyJhs4WiSWTjsk/GRJ6EYzLQDY3agORiBbBeNdisja3YsDn3nIwTgd1UNTy49S
-oRpbN2Ap8+6oA8vyjdoDuBNQWEMGgMQ23FjAR/mBawIDAQABo4GKMIGHMGoGA1Ud
-EQRjMGGCCWFwaS5sb2NhbIIMY2xpZW50LmxvY2FsgglpczQubG9jYWyCGyouZGVm
-YXVsdC5zdmMuY2x1c3Rlci5sb2NhbIIJbG9jYWxob3N0ggkxMjcuMC4wLjGCA2lz
-NIIDYXBpMAwGA1UdEwEB/wQCMAAwCwYDVR0PBAQDAgGmMA0GCSqGSIb3DQEBCwUA
-A4IBAQA7Zg3erNJ9H4/1xlX3GAhL7q0LW7Zb33SwFWi0s34lxzM8esaXFQsYrba7
-4bUyps5pVF3tQQYJLnIG1tiypsj/F9xkFSoeaTtrtjsCTOCVXliZ+TrUM/ol30Wc
-vdJIhoJWy9tmt9/lXrQcEZCRq+qL/iHNzikQamQn/FwdThDqnu7lwHvJKrKRFjwP
-KU9yEFekpJQhP1gB5cGJHVqCmHsiCvv32a1tgJ3RjUAGTbXx8r7KVws6R4VBKi2e
-PMdoRCzKayY4NxXHWL7+DPJcFItFiv1l8f7Is4qkft587rtaivPZ26BrF1rka/9F
-s4C2hzYoAOIFFPGQe41Cl3b+UUM5
------END CERTIFICATE-----

src/Services/Identity/certs/is4-container-cert.key

@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCuOwnazcEKrOnl
-3Z7BKhRGCSC+K1Pf8lyX7Bd18APHONXBOmZ0KxExOiJKHMd9GlinhZqBNPCnfEPn
-tDINMwhB2byEq6DmGewT8HVOR7fVgelCQSAOYCmPwCBX3w9MZLvnK2bZUvkb4YXj
-Tb9HxLOV2vgs+7WIovehuWdGtzwZnBAQ1fvaRDG2wQnT0D9kvRbfMYkhj+jzW9vy
-StS227+YALVFm2pR8yUVWXXfIAA0R7F7vPImGzhaJJZOOyT8ZEnoRjMtANjdqA5G
-IFsF412KyNrdiwOfecjBOB3VQ1PLj1KhGls3YCnz7qgDy/KN2gO4E1BYQwaAxDbc
-WMBH+YFrAgMBAAECggEBAKnqdd/njX4FyE4e5nZnvUHYIRCVXMUordiTrQWdv3GJ
-Ih3CAK0GW0vw8APrMTn2ecNWbqnXoWMVs3vCppVs0X63BD02zEHbwfpoJV7kXopg
-mcW9ka+zZJUGwAQyS88q5n26PCFx4/Om61YUOpmZYbKhzCrCh/XrSSl1kRzMEla9
-2ht1S/HHfZrJqHlk7Gqdw3OiJlcxGnsClvnVj2tmZ9EgXEnAUqX69Skb9Tarbpjx
-fN63M+7Mjd/kwrnjr8dhE8hih1FT0jv+8Ddi70QF4MB+TAlSqcXJ75L7m5kZ0HOn
-0nJrHjua8X9E5D84libzXomCgQdoPbwoLoXUW60pbPECgYEA3Z770OhWzreZKcZI
-owmHRUfSC6kb5KqrvvNhemJqA2nhLB71yk3+zepv+kLHiCra54dfUbKM0aEs7/Zy
-Lq3vzMdziskG8y+k0wQRUndLjP9IJ+Ak1Zm3+Cy4p36X6YLAJF1ZIwb+oTNvLjY7
-lAse9+7q3gn4a1tD1FCf9AJ/O3UCgYEAyUIWH2nJX25Ittt3AVV1MQzL4DjLOzKA
-eSp40Ac2lCb6FGrrlufvM3agFDSMKlCbt3kQUf5z9Hy7XcVSkoczKhMjpdXux64e
-vVXlkzo+PDM6WLXFp9s8s9NkyLn3Inxt+D02MrTsIcv3wmVlicM8OL8l/CvjW9X4
-kVYspMGXjV8CgYBrPp4ZD/XB/vKtVnib/OZqzkCEyAbpdvW5Z8lKEgm/MSN32FuU
-1H1zY/lgH6Sy7hoUZFvqCv8+CkLWtGm40Q70B6iQBovIbsvSGWvQfk4fIwHl2f+5
-JbPy8qFA3G/i3hThBBM4chASLfOlZzUZhPAthn49iJGgUf/W5FUjHXo4aQKBgGLD
-dJnLzw9uzm41uuvDpTQB5JbPKCSPvu43AnyL3aPMkNKuOZifjwoBP8NKmjI1xoS9
-+11RclPbVhNJPyE7CcevBsJd/sSs1NbzLSsX3Oyr8wkPgsTB2MMijQXYBMg+qbS1
-TUCK+ooHTzltiuuVDJuIajqaywMJOOcRk+zyN84fAoGBAL7rHb5u9IaUx2gW9075
-FyritOPskkhCrn3LNUE669z8afyD+BCd7hPWglFrZw0uwq/MWcjYQn/PWfCvOs7Z
-I9DssK96rvfAGDQGniGB1n51Id85JgzcA/zUYA0Wm6MYPFAnaUi+dyOsMn4bFIJz
-vf9wxIGM3TWRkibxvUowbgxY
------END PRIVATE KEY-----

src/Services/Identity/src/Identity/Extensions/Infrastructure/IdentityServerExtensions.cs

@@ -13,9 +13,6 @@ public static class IdentityServerExtensions
 {
     public static IServiceCollection AddCustomIdentityServer(this IServiceCollection services, IWebHostEnvironment env)
     {
-        IdentityModelEventSource.ShowPII = true;
-        ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
-
         services.AddIdentity<User, Role>(config =>
             {
                 config.Password.RequiredLength = 6;
@@ -28,6 +25,7 @@ public static class IdentityServerExtensions
 
         var identityServerBuilder = services.AddIdentityServer(options =>
             {
+                options.IssuerUri = "http://myidentityserver.com";
                 options.Events.RaiseErrorEvents = true;
                 options.Events.RaiseInformationEvents = true;
                 options.Events.RaiseFailureEvents = true;
@@ -43,8 +41,6 @@ public static class IdentityServerExtensions
         //ref: https://documentation.openiddict.com/configuration/encryption-and-signing-credentials.html
         identityServerBuilder.AddDeveloperSigningCredential();
 
-        services.AddAuthentication();
-
         return services;
     }
 }

src/Services/Passenger/src/Passenger.Api/appsettings.docker.json

@@ -9,7 +9,7 @@
     "ConnectionString": "Server=postgres;Port=5432;Database=persist_message;User Id=postgres;Password=postgres;Include Error Detail=true"
   },
   "Jwt": {
-    "Authority": "https://myidentityserver.com",
+    "Authority": "http://myidentityserver.com",
     "Audience": "passenger-api",
     "RequireHttpsMetadata": false
   },