remove cookie auth from useidentity

2025-05-28 14:54:50 -05:00 · 2017-10-06 14:02:28 -04:00 · 2017-10-06 14:02:28 -04:00 · 857ad5b194
commit 857ad5b194
parent a78cdf2903
7 changed files with 59 additions and 12 deletions
--- a/src/Api/Startup.cs
+++ b/src/Api/Startup.cs
@ -85,6 +85,7 @@ namespace Bit.Api
                        globalSettings.BaseServiceUri.InternalIdentity.StartsWith("https");
                    options.NameClaimType = ClaimTypes.Email;
                    options.TokenRetriever = TokenRetrieval.FromAuthorizationHeaderOrQueryString("Bearer", "access_token");
+                    options.SupportedTokens = SupportedTokens.Jwt;
                });

            services.AddAuthorization(config =>
@ -170,8 +171,7 @@ namespace Bit.Api
                    }

                    return e.Level >= LogEventLevel.Error;
-                })
-                .AddDebug();
+                });

            // Default Middleware
            app.UseDefaultMiddleware(env);
@ -191,6 +191,9 @@ namespace Bit.Api
            // Add current context
            app.UseMiddleware<CurrentContextMiddleware>();

+            // Add authentication to the request pipeline.
+            app.UseAuthentication();
+
            // Add MVC to the request pipeline.
            app.UseMvc();
        }
--- a/src/Billing/Startup.cs
+++ b/src/Billing/Startup.cs
@ -67,9 +67,7 @@ namespace Bit.Billing
            ILoggerFactory loggerFactory)
        {
            loggerFactory
-                .AddSerilog(env, appLifetime, globalSettings, (e) => e.Level >= LogEventLevel.Error)
-                .AddConsole()
-                .AddDebug();
+                .AddSerilog(env, appLifetime, globalSettings, (e) => e.Level >= LogEventLevel.Error);

            if(env.IsDevelopment())
            {
--- a/src/Core/Identity/CustomIdentityServiceCollectionExtensions.cs
+++ b/src/Core/Identity/CustomIdentityServiceCollectionExtensions.cs
@ -0,0 +1,49 @@
+using System;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.Extensions.DependencyInjection.Extensions;
+
+namespace Microsoft.Extensions.DependencyInjection
+{
+    // ref: https://github.com/aspnet/Identity/blob/dev/src/Microsoft.AspNetCore.Identity/IdentityServiceCollectionExtensions.cs
+    public static class CustomIdentityServiceCollectionExtensions
+    {
+        public static IdentityBuilder AddIdentityWithoutCookieAuth<TUser, TRole>(
+            this IServiceCollection services)
+            where TUser : class
+            where TRole : class
+        {
+            return services.AddIdentityWithoutCookieAuth<TUser, TRole>(setupAction: null);
+        }
+
+        public static IdentityBuilder AddIdentityWithoutCookieAuth<TUser, TRole>(
+            this IServiceCollection services,
+            Action<IdentityOptions> setupAction)
+            where TUser : class
+            where TRole : class
+        {
+            // Hosting doesn't add IHttpContextAccessor by default
+            services.TryAddSingleton<IHttpContextAccessor, HttpContextAccessor>();
+            // Identity services
+            services.TryAddScoped<IUserValidator<TUser>, UserValidator<TUser>>();
+            services.TryAddScoped<IPasswordValidator<TUser>, PasswordValidator<TUser>>();
+            services.TryAddScoped<IPasswordHasher<TUser>, PasswordHasher<TUser>>();
+            services.TryAddScoped<ILookupNormalizer, UpperInvariantLookupNormalizer>();
+            services.TryAddScoped<IRoleValidator<TRole>, RoleValidator<TRole>>();
+            // No interface for the error describer so we can add errors without rev'ing the interface
+            services.TryAddScoped<IdentityErrorDescriber>();
+            services.TryAddScoped<ISecurityStampValidator, SecurityStampValidator<TUser>>();
+            services.TryAddScoped<IUserClaimsPrincipalFactory<TUser>, UserClaimsPrincipalFactory<TUser, TRole>>();
+            services.TryAddScoped<UserManager<TUser>, AspNetUserManager<TUser>>();
+            services.TryAddScoped<SignInManager<TUser>, SignInManager<TUser>>();
+            services.TryAddScoped<RoleManager<TRole>, AspNetRoleManager<TRole>>();
+
+            if(setupAction != null)
+            {
+                services.Configure(setupAction);
+            }
+
+            return new IdentityBuilder(typeof(TUser), typeof(TRole), services);
+        }
+    }
+}
--- a/src/Core/Utilities/ConfigurationBuilderExtensions.cs
+++ b/src/Core/Utilities/ConfigurationBuilderExtensions.cs
@ -19,8 +19,6 @@ namespace Bit.Core.Utilities
                builder.AddUserSecrets(userSecretsId);
            }

-            builder.AddEnvironmentVariables();
-
            return builder;
        }
    }
--- a/src/Core/Utilities/ServiceCollectionExtensions.cs
+++ b/src/Core/Utilities/ServiceCollectionExtensions.cs
@ -145,7 +145,7 @@ namespace Bit.Core.Utilities
                options.TokenLifespan = TimeSpan.FromDays(30);
            });

-            var identityBuilder = services.AddIdentity<User, Role>(options =>
+            var identityBuilder = services.AddIdentityWithoutCookieAuth<User, Role>(options =>
            {
                options.User = new UserOptions
                {
--- a/src/Identity/Startup.cs
+++ b/src/Identity/Startup.cs
@ -89,9 +89,7 @@ namespace Bit.Identity
                    }

                    return e.Level >= LogEventLevel.Error;
-                })
-                .AddConsole()
-                .AddDebug();
+                });

            // Default Middleware
            app.UseDefaultMiddleware(env);
--- a/src/Jobs/Startup.cs
+++ b/src/Jobs/Startup.cs
@ -15,7 +15,8 @@ namespace Bit.Jobs
        public Startup(IHostingEnvironment env)
        {
            var builder = new ConfigurationBuilder()
-                .AddSettingsConfiguration(env, "bitwarden-Jobs");
+                .AddSettingsConfiguration(env, "bitwarden-Jobs")
+                .AddEnvironmentVariables();
            Configuration = builder.Build();
            Environment = env;
        }