217 lines
7.5 KiB
C#
217 lines
7.5 KiB
C#
using Microsoft.AspNetCore.Authentication.JwtBearer;
|
|
using Microsoft.AspNetCore.ResponseCompression;
|
|
|
|
using PrivaPub.ClientModels;
|
|
using PrivaPub.Extensions;
|
|
using PrivaPub.Models;
|
|
using PrivaPub.Services;
|
|
using PrivaPub.StaticServices;
|
|
|
|
using System.Text.Json.Serialization;
|
|
using NSign.Providers;
|
|
using NSign;
|
|
using NSign.Signatures;
|
|
using NSign.Client;
|
|
using System.Text;
|
|
using Microsoft.OpenApi.Models;
|
|
using PrivaPub.Services.ClientToServer.Public;
|
|
|
|
namespace PrivaPub.Middleware
|
|
{
|
|
public static class PrivaPubConfigurations
|
|
{
|
|
public static IServiceCollection PrivaPubAppSettingsConfiguration(this IServiceCollection service, IConfiguration configuration)
|
|
{
|
|
return service
|
|
.Configure<MongoSettings>(configuration.GetSection(nameof(MongoSettings)))
|
|
.Configure<AppConfiguration>(configuration.GetSection(nameof(AppConfiguration)));
|
|
}
|
|
public static IServiceCollection PrivaPubWorkersConfiguration(this IServiceCollection service)
|
|
{
|
|
return service;
|
|
//.AddHostedService<DiscussionsWorker>()
|
|
//.AddHostedService<GroupsCleanerWorker>()
|
|
//.AddHostedService<PoliciesCleanerWorker>();
|
|
}
|
|
public static IServiceCollection PrivaPubHTTPSignature(this IServiceCollection service, IConfiguration configuration)
|
|
{
|
|
//HTTP CLIENT
|
|
service.Configure<AddDigestOptions>(options => options.WithHash(AddDigestOptions.Hash.Sha256))
|
|
.ConfigureMessageSigningOptions(options =>
|
|
{
|
|
options.SignatureName = "PrivaPub";
|
|
options
|
|
.WithMandatoryComponent(SignatureComponent.Path)
|
|
.WithMandatoryComponent(SignatureComponent.RequestTarget)
|
|
.SetParameters = signatureParams => signatureParams.WithKeyId("keyId");
|
|
})
|
|
.Services.Configure<SignatureVerificationOptions>(options =>
|
|
{
|
|
|
|
})
|
|
.AddHttpClient<ActivityPubClient>(nameof(ActivityPubClient))
|
|
.ConfigureHttpClient(httpClient =>
|
|
{
|
|
httpClient.DefaultRequestHeaders.Accept.Add(new("application/ld+json"));
|
|
})
|
|
.AddDigestAndSigningHandlers()
|
|
//.AddSignatureVerifiationHandler()
|
|
.Services
|
|
.AddSingleton<ISigner>(new HmacSha256SignatureProvider(Encoding.UTF8.GetBytes(configuration["AppConfiguration:Jwt:Key"])));
|
|
|
|
//MESSAGE RESPONSE
|
|
|
|
|
|
return service;
|
|
//.Configure<RequestSignatureVerificationOptions>(options =>
|
|
//{
|
|
// options.SignaturesToVerify.Add("sample");
|
|
// options.RequiredSignatureComponents.Add(SignatureComponent.Path);
|
|
// options.RequiredSignatureComponents.Add(SignatureComponent.Method);
|
|
// options.RequiredSignatureComponents.Add(SignatureComponent.Digest);
|
|
//})
|
|
//.AddSignatureVerification(serviceProvider =>
|
|
//{
|
|
// var memoryCache = serviceProvider.GetRequiredService<IMemoryCache>();
|
|
// //var httpContextAccessor = serviceProvider.GetRequiredService<IHttpContextAccessor>();
|
|
|
|
// //httpContextAccessor.HttpContext.Request.
|
|
|
|
// var cert = memoryCache.GetOrCreate("PrivaPub", (cacheEntry) => Extensions.Extensions.GetX509Certificate2("PrivaPubCert"));
|
|
// return new RsaPkcs15Sha256SignatureProvider(cert, "anon");
|
|
//})
|
|
//.ConfigureMessageSigningOptions(options =>
|
|
//{
|
|
// options.WithMandatoryComponent(SignatureComponent.Path)
|
|
// .WithMandatoryComponent(SignatureComponent.Method)
|
|
// .WithMandatoryComponent(SignatureComponent.Digest)
|
|
// .WithOptionalComponent(new HttpHeaderDictionaryStructuredComponent(NSign.Constants.Headers.Signature, "sample", bindRequest: true));
|
|
// options.SignatureName = "resp";
|
|
// options.SetParameters = (sigParams) =>
|
|
// {
|
|
// sigParams.WithCreatedNow();
|
|
// };
|
|
//})
|
|
//.ValidateOnStart()
|
|
//.Services
|
|
//.AddHttpClient("ActivityPub", (serviceProvider, client) =>
|
|
//{
|
|
// client.DefaultRequestHeaders.UserAgent.Add(new ProductInfoHeaderValue("NSignSample", "0.1-beta"));
|
|
//}).Services;
|
|
//.AddSingleton<ISigner>(new RsaPssSha512SignatureProvider(
|
|
// new X509Certificate2(@"path\to\certificate.pfx", "PasswordForPfx"),
|
|
// "my-cert"));
|
|
}
|
|
public static IServiceCollection PrivaPubAuthServicesConfiguration(this IServiceCollection service, IConfiguration configuration)
|
|
{
|
|
return service
|
|
.AddAuthorization(options =>
|
|
{
|
|
options.AddPolicy(Policies.IsUser, Extensions.Extensions.IsUserPolicy());
|
|
options.AddPolicy(Policies.IsAdmin, Extensions.Extensions.IsAdminPolicy());
|
|
options.AddPolicy(Policies.IsModerator, Extensions.Extensions.IsModeratorPolicy());
|
|
})
|
|
.AddAuthentication(options =>
|
|
{
|
|
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
|
|
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
|
|
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
|
|
})
|
|
.AddPrivaPubAuth(configuration)
|
|
.Services
|
|
.AddSingleton<AuthTokenManager>()
|
|
.AddSingleton<IPasswordHasher, PasswordHasher>();
|
|
}
|
|
public static IServiceCollection PrivaPubInternalizationConfiguration(this IServiceCollection service, IConfiguration configuration)
|
|
{
|
|
return service
|
|
.AddLocalization()
|
|
.AddSingleton<RequestLocalizationOptionsService>();
|
|
}
|
|
|
|
public static IServiceCollection PrivaPubOptimizationConfiguration(this IServiceCollection service)
|
|
{
|
|
return service.AddResponseCompression(opts =>
|
|
{
|
|
opts.Providers.Add<BrotliCompressionProvider>();
|
|
opts.MimeTypes = ResponseCompressionDefaults.MimeTypes.Concat(new[] { "application/octet-stream" });
|
|
});
|
|
}
|
|
|
|
public static IServiceCollection PrivaPubDataBaseConfiguration(this IServiceCollection service)
|
|
{
|
|
return service.AddSingleton<DbEntities>();
|
|
}
|
|
|
|
public static IServiceCollection PrivaPubServicesConfiguration(this IServiceCollection service)
|
|
{
|
|
return service
|
|
.AddTransient<IDataService, DataService>()
|
|
.AddTransient<IRootUsersService, RootUsersService>()
|
|
.AddTransient<IPublicAvatarUsersService, PublicAvatarUsersService>()
|
|
.AddSingleton<AppConfigurationService>()
|
|
.AddHttpContextAccessor()
|
|
.AddMemoryCache()
|
|
.AddSingleton<IPasswordHasher, PasswordHasher>();
|
|
}
|
|
|
|
public static IServiceCollection PrivaPubMiddlewareConfiguration(this IServiceCollection service)
|
|
{
|
|
return service
|
|
.AddEndpointsApiExplorer()
|
|
.AddSwaggerGen(c =>
|
|
{
|
|
c.AddSecurityDefinition("Bearer", new()
|
|
{
|
|
In = ParameterLocation.Header,
|
|
Description = "Please enter a valid token",
|
|
Name = "Authorization",
|
|
Type = SecuritySchemeType.Http,
|
|
BearerFormat = "JWT",
|
|
Scheme = "Bearer"
|
|
});
|
|
c.AddSecurityRequirement(new()
|
|
{
|
|
{
|
|
new()
|
|
{
|
|
Reference = new()
|
|
{
|
|
Type = ReferenceType.SecurityScheme,
|
|
Id = "Bearer"
|
|
}
|
|
},
|
|
new string[]{}
|
|
}
|
|
});
|
|
})
|
|
.AddControllers(options => { options.Filters.Add<OperationCancelledExceptionFilter>(); })
|
|
.AddJsonOptions(options =>
|
|
{
|
|
options.JsonSerializerOptions.IgnoreReadOnlyFields = false;
|
|
options.JsonSerializerOptions.IgnoreReadOnlyProperties = false;
|
|
options.JsonSerializerOptions.PropertyNameCaseInsensitive = true;
|
|
options.JsonSerializerOptions.DefaultIgnoreCondition = JsonIgnoreCondition.WhenWritingNull;
|
|
options.JsonSerializerOptions.Converters.Add(new JsonStringEnumConverter());
|
|
}).Services;
|
|
}
|
|
|
|
public static IServiceCollection PrivaPubCORSConfiguration(this IServiceCollection service)
|
|
{
|
|
return service.AddCors(options =>
|
|
{
|
|
options.DefaultPolicyName = "DefaultCORS";
|
|
options.AddDefaultPolicy(configure =>
|
|
{
|
|
configure.AllowAnyMethod()
|
|
.AllowAnyHeader()
|
|
.AllowAnyOrigin()
|
|
.AllowAnyMethod()
|
|
.DisallowCredentials();
|
|
});
|
|
});
|
|
}
|
|
|
|
}
|
|
}
|