WebApplication1/Program.cs at main · TimHess/WebApplication1 · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
using Microsoft.AspNetCore.HttpOverrides;
using Steeltoe.Common;
using Steeltoe.Configuration.CloudFoundry;
using Steeltoe.Configuration.CloudFoundry.ServiceBindings;
using Steeltoe.Security.Authentication.OpenIdConnect;

var builder = WebApplication.CreateBuilder(args);

// Add services to the container.
builder.Services.AddControllersWithViews();

builder.AddCloudFoundryConfiguration();
builder.Configuration.AddCloudFoundryServiceBindings();
builder.Services.AddAuthentication(options =>
    {
        options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
        options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
    })
    .AddCookie(options => options.AccessDeniedPath = new PathString("/Home/AccessDenied"))
    .AddOpenIdConnect().ConfigureOpenIdConnectForCloudFoundry();
builder.Services.AddAuthorizationBuilder()
    .AddPolicy("read", policy => policy.RequireClaim("scope", "sampleapi.read"))
    .AddPolicy("write", policy => policy.RequireClaim("scope", "sampleapi.write"));

builder.Services.AddHttpClient("jwt", SetBaseAddress);

var app = builder.Build();

app.UseForwardedHeaders(new ForwardedHeadersOptions
{
    ForwardedHeaders = ForwardedHeaders.XForwardedProto
});

// Configure the HTTP request pipeline.
if (!app.Environment.IsDevelopment())
{
    app.UseExceptionHandler("/Home/Error");
    // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
    app.UseHsts();
}

app.UseHttpsRedirection();
app.UseStaticFiles();

app.UseRouting();

app.UseAuthorization();

app.MapControllerRoute(
    name: "default",
    pattern: "{controller=Home}/{action=Index}/{id?}");

app.Run();
return;

// this is vastly inferior to using service discovery, NOT RECOMMENDED
static void SetBaseAddress(IServiceProvider serviceProvider, HttpClient client)
{
    client.BaseAddress = new Uri("https://localhost:7013");

    var instanceInfo = serviceProvider.GetRequiredService<IApplicationInstanceInfo>();

    if (instanceInfo is CloudFoundryApplicationOptions { Uris.Count: > 0 } options)
    {
        var address = options.Uris.First();
        var baseAddress = address.Replace("migrateclientapp", "migrateserverapp", StringComparison.OrdinalIgnoreCase);
        client.BaseAddress = new Uri($"https://{baseAddress}");
    }

    Console.WriteLine("Using BaseAddress {0}", client.BaseAddress);
}