From 965a86e404207a3e37e31cad9b82fb1d5e279bfa Mon Sep 17 00:00:00 2001 From: Chris R Date: Thu, 10 Dec 2015 12:00:03 -0800 Subject: [PATCH] #593 Convert samples to use UserSecrets. --- samples/JwtBearerSample/Startup.cs | 15 +++++- samples/JwtBearerSample/project.json | 6 ++- samples/OpenIdConnectSample/Startup.cs | 17 +++++-- samples/OpenIdConnectSample/project.json | 4 +- samples/SocialSample/Startup.cs | 62 ++++++++++++++++-------- samples/SocialSample/config.json | 10 ++++ samples/SocialSample/project.json | 4 +- 7 files changed, 89 insertions(+), 29 deletions(-) create mode 100644 samples/SocialSample/config.json diff --git a/samples/JwtBearerSample/Startup.cs b/samples/JwtBearerSample/Startup.cs index c79cbda951..33e8076955 100644 --- a/samples/JwtBearerSample/Startup.cs +++ b/samples/JwtBearerSample/Startup.cs @@ -4,6 +4,7 @@ using System.IO; using Microsoft.AspNet.Builder; using Microsoft.AspNet.Hosting; using Microsoft.AspNet.Http; +using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Net.Http.Headers; using Newtonsoft.Json.Linq; @@ -12,6 +13,16 @@ namespace JwtBearerSample { public class Startup { + public Startup() + { + Configuration = new ConfigurationBuilder() + .AddEnvironmentVariables() + .AddUserSecrets() + .Build(); + } + + public IConfiguration Configuration { get; set; } + // Shared between users in memory public IList Todos { get; } = new List(); @@ -53,8 +64,8 @@ namespace JwtBearerSample options.AutomaticAuthenticate = true; options.AutomaticChallenge = true; // You also need to update /wwwroot/app/scripts/app.js - options.Authority = "https://login.windows.net/tratcheroutlook.onmicrosoft.com"; - options.Audience = "63a87a83-64b9-4ac1-b2c5-092126f8474f"; + options.Authority = Configuration["jwt:authority"]; + options.Audience = Configuration["jwt:audience"]; }); // [Authorize] would usually handle this diff --git a/samples/JwtBearerSample/project.json b/samples/JwtBearerSample/project.json index 2e9dca157a..cc2350bb97 100644 --- a/samples/JwtBearerSample/project.json +++ b/samples/JwtBearerSample/project.json @@ -7,7 +7,8 @@ "Microsoft.AspNet.Authentication.JwtBearer": "1.0.0-*", "Microsoft.AspNet.IISPlatformHandler": "1.0.0-*", "Microsoft.AspNet.Server.Kestrel": "1.0.0-*", - "Microsoft.AspNet.StaticFiles": "1.0.0-*" + "Microsoft.AspNet.StaticFiles": "1.0.0-*", + "Microsoft.Extensions.Configuration.UserSecrets": "1.0.0-*" }, "commands": { "web": "Microsoft.AspNet.Server.Kestrel" @@ -23,5 +24,6 @@ "publishExclude": [ "**.user", "**.vspscc" - ] + ], + "userSecretsId": "aspnet5-JwtBearerSample-20151210102827" } diff --git a/samples/OpenIdConnectSample/Startup.cs b/samples/OpenIdConnectSample/Startup.cs index 73fe2b8b49..3e39d36541 100644 --- a/samples/OpenIdConnectSample/Startup.cs +++ b/samples/OpenIdConnectSample/Startup.cs @@ -4,6 +4,7 @@ using Microsoft.AspNet.Authentication.OpenIdConnect; using Microsoft.AspNet.Builder; using Microsoft.AspNet.Http; using Microsoft.AspNet.Http.Authentication; +using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Logging; using Microsoft.IdentityModel.Protocols.OpenIdConnect; @@ -12,6 +13,16 @@ namespace OpenIdConnectSample { public class Startup { + public Startup() + { + Configuration = new ConfigurationBuilder() + .AddEnvironmentVariables() + .AddUserSecrets() + .Build(); + } + + public IConfiguration Configuration { get; set; } + public void ConfigureServices(IServiceCollection services) { services.AddAuthentication(sharedOptions => sharedOptions.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme); @@ -30,9 +41,9 @@ namespace OpenIdConnectSample app.UseOpenIdConnectAuthentication(options => { - options.ClientId = "63a87a83-64b9-4ac1-b2c5-092126f8474f"; - options.ClientSecret = "Yse2iP7tO1Azq0iDajNisMaTSnIDv+FXmAsFuXr+Cy8="; // for code flow - options.Authority = "https://login.windows.net/tratcheroutlook.onmicrosoft.com"; + options.ClientId = Configuration["oidc:clientid"]; + options.ClientSecret = Configuration["oidc:clientsecret"]; // for code flow + options.Authority = Configuration["oidc:authority"]; options.ResponseType = OpenIdConnectResponseTypes.Code; options.GetClaimsFromUserInfoEndpoint = true; }); diff --git a/samples/OpenIdConnectSample/project.json b/samples/OpenIdConnectSample/project.json index 918dbcf3f1..21f0633824 100644 --- a/samples/OpenIdConnectSample/project.json +++ b/samples/OpenIdConnectSample/project.json @@ -5,6 +5,7 @@ "Microsoft.AspNet.IISPlatformHandler": "1.0.0-*", "Microsoft.AspNet.Server.Kestrel": "1.0.0-*", "Microsoft.AspNet.Server.WebListener": "1.0.0-*", + "Microsoft.Extensions.Configuration.UserSecrets": "1.0.0-*", "Microsoft.Extensions.Logging.Console": "1.0.0-*" }, "frameworks": { @@ -15,5 +16,6 @@ "web": "Microsoft.AspNet.Server.Kestrel", "kestrel": "Microsoft.AspNet.Server.Kestrel --server.urls http://localhost:42023", "weblistener": "Microsoft.AspNet.Server.WebListener --server.urls http://localhost:42023" - } + }, + "userSecretsId": "aspnet5-OpenIdConnectSample-20151210110318" } diff --git a/samples/SocialSample/Startup.cs b/samples/SocialSample/Startup.cs index 01d26fcdf3..5ca189aa91 100644 --- a/samples/SocialSample/Startup.cs +++ b/samples/SocialSample/Startup.cs @@ -14,6 +14,7 @@ using Microsoft.AspNet.Authentication.Twitter; using Microsoft.AspNet.Builder; using Microsoft.AspNet.Http; using Microsoft.AspNet.Http.Authentication; +using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Logging; using Newtonsoft.Json.Linq; @@ -23,6 +24,17 @@ namespace CookieSample /* Note all servers must use the same address and port because these are pre-registered with the various providers. */ public class Startup { + public Startup() + { + Configuration = new ConfigurationBuilder() + .AddEnvironmentVariables() + .AddJsonFile("config.json") + .AddUserSecrets() + .Build(); + } + + public IConfiguration Configuration { get; set; } + public void ConfigureServices(IServiceCollection services) { services.AddAuthentication(options => options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme); @@ -57,32 +69,36 @@ namespace CookieSample options.LoginPath = new PathString("/login"); }); + // You must first create an app with facebook and add it's ID and Secret to your config.json or user-secrets. // https://developers.facebook.com/apps/ app.UseFacebookAuthentication(new FacebookOptions() { - AppId = "569522623154478", - AppSecret = "a124463c4719c94b4228d9a240e5dc1a", + AppId = Configuration["facebook:appid"], + AppSecret = Configuration["facebook:appsecret"], Scope = { "email" }, Fields = { "name", "email" }, }); + // See config.json app.UseOAuthAuthentication(new OAuthOptions { AuthenticationScheme = "Google-AccessToken", DisplayName = "Google-AccessToken", - ClientId = "560027070069-37ldt4kfuohhu3m495hk2j4pjp92d382.apps.googleusercontent.com", - ClientSecret = "n2Q-GEw9RQjzcRbU3qhfTj8f", + ClientId = Configuration["google:clientid"], + ClientSecret = Configuration["google:clientsecret"], CallbackPath = new PathString("/signin-google-token"), AuthorizationEndpoint = GoogleDefaults.AuthorizationEndpoint, TokenEndpoint = GoogleDefaults.TokenEndpoint, - Scope = { "openid", "profile", "email" } + Scope = { "openid", "profile", "email" }, + SaveTokensAsClaims = true }); + // See config.json // https://console.developers.google.com/project app.UseGoogleAuthentication(options => { - options.ClientId = "560027070069-37ldt4kfuohhu3m495hk2j4pjp92d382.apps.googleusercontent.com"; - options.ClientSecret = "n2Q-GEw9RQjzcRbU3qhfTj8f"; + options.ClientId = Configuration["google:clientid"]; + options.ClientSecret = Configuration["google:clientsecret"]; options.Events = new OAuthEvents() { OnRemoteFailure = ctx => @@ -96,11 +112,12 @@ namespace CookieSample }); + // See config.json // https://apps.twitter.com/ app.UseTwitterAuthentication(options => { - options.ConsumerKey = "6XaCTaLbMqfj6ww3zvZ5g"; - options.ConsumerSecret = "Il2eFzGIrYhz6BWjYhVXBPQSfZuS4xoHpSSyD9PI"; + options.ConsumerKey = Configuration["twitter:consumerkey"]; + options.ConsumerSecret = Configuration["twitter:consumersecret"]; options.Events = new TwitterEvents() { OnRemoteFailure = ctx => @@ -112,6 +129,7 @@ namespace CookieSample }; }); + // You must first create an app with live.com and add it's ID and Secret to your config.json or user-secrets. /* https://account.live.com/developers/applications The MicrosoftAccount service has restrictions that prevent the use of http://localhost:54540/ for test applications. As such, here is how to change this sample to uses http://mssecsample.localhost.this:54540/ instead. @@ -133,46 +151,50 @@ namespace CookieSample { AuthenticationScheme = "Microsoft-AccessToken", DisplayName = "MicrosoftAccount-AccessToken - Requires project changes", - ClientId = "00000000480FF62E", - ClientSecret = "bLw2JIvf8Y1TaToipPEqxTVlOeJwCUsr", + ClientId = Configuration["msa:clientid"], + ClientSecret = Configuration["msa:clientsecret"], CallbackPath = new PathString("/signin-microsoft-token"), AuthorizationEndpoint = MicrosoftAccountDefaults.AuthorizationEndpoint, TokenEndpoint = MicrosoftAccountDefaults.TokenEndpoint, - Scope = { "wl.basic" } + Scope = { "wl.basic" }, + SaveTokensAsClaims = true }); + // You must first create an app with live.com and add it's ID and Secret to your config.json or user-secrets. app.UseMicrosoftAccountAuthentication(options => { options.DisplayName = "MicrosoftAccount - Requires project changes"; - options.ClientId = "00000000480FF62E"; - options.ClientSecret = "bLw2JIvf8Y1TaToipPEqxTVlOeJwCUsr"; + options.ClientId = Configuration["msa:clientid"]; + options.ClientSecret = Configuration["msa:clientsecret"]; options.Scope.Add("wl.emails"); }); + // See config.json // https://github.com/settings/applications/ app.UseOAuthAuthentication(new OAuthOptions { AuthenticationScheme = "GitHub-AccessToken", DisplayName = "Github-AccessToken", - ClientId = "8c0c5a572abe8fe89588", - ClientSecret = "e1d95eaf03461d27acd6f49d4fc7bf19d6ac8cda", + ClientId = Configuration["github-token:clientid"], + ClientSecret = Configuration["github-token:clientsecret"], CallbackPath = new PathString("/signin-github-token"), AuthorizationEndpoint = "https://github.com/login/oauth/authorize", - TokenEndpoint = "https://github.com/login/oauth/access_token" + TokenEndpoint = "https://github.com/login/oauth/access_token", + SaveTokensAsClaims = true }); + // See config.json app.UseOAuthAuthentication(new OAuthOptions { AuthenticationScheme = "GitHub", DisplayName = "Github", - ClientId = "49e302895d8b09ea5656", - ClientSecret = "98f1bf028608901e9df91d64ee61536fe562064b", + ClientId = Configuration["github:clientid"], + ClientSecret = Configuration["github:clientsecret"], CallbackPath = new PathString("/signin-github"), AuthorizationEndpoint = "https://github.com/login/oauth/authorize", TokenEndpoint = "https://github.com/login/oauth/access_token", UserInformationEndpoint = "https://api.github.com/user", ClaimsIssuer = "OAuth2-Github", - SaveTokensAsClaims = false, // Retrieving user information is unique to each provider. Events = new OAuthEvents { diff --git a/samples/SocialSample/config.json b/samples/SocialSample/config.json new file mode 100644 index 0000000000..13d3ff94a0 --- /dev/null +++ b/samples/SocialSample/config.json @@ -0,0 +1,10 @@ +{ + "google:clientid": "560027070069-37ldt4kfuohhu3m495hk2j4pjp92d382.apps.googleusercontent.com", + "google:clientsecret": "n2Q-GEw9RQjzcRbU3qhfTj8f", + "twitter:consumerkey": "6XaCTaLbMqfj6ww3zvZ5g", + "twitter:consumersecret": "Il2eFzGIrYhz6BWjYhVXBPQSfZuS4xoHpSSyD9PI", + "github:clientid": "49e302895d8b09ea5656", + "github:clientsecret": "98f1bf028608901e9df91d64ee61536fe562064b", + "github-token:clientid": "8c0c5a572abe8fe89588", + "github-token:clientsecret": "e1d95eaf03461d27acd6f49d4fc7bf19d6ac8cda" +} diff --git a/samples/SocialSample/project.json b/samples/SocialSample/project.json index 823ac24c01..14c7606f15 100644 --- a/samples/SocialSample/project.json +++ b/samples/SocialSample/project.json @@ -9,6 +9,7 @@ "Microsoft.AspNet.IISPlatformHandler": "1.0.0-*", "Microsoft.AspNet.Server.Kestrel": "1.0.0-*", "Microsoft.AspNet.Server.WebListener": "1.0.0-*", + "Microsoft.Extensions.Configuration.UserSecrets": "1.0.0-*", "Microsoft.Extensions.Logging.Console": "1.0.0-*" }, "commands": { @@ -19,5 +20,6 @@ "frameworks": { "dnx451": { }, "dnxcore50": { } - } + }, + "userSecretsId": "aspnet5-SocialSample-20151210111056" }