CDHABOOK
/
TEAMModelHTEX


			
							1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192
							using HTEXScreen.Service;
using HTEXScreen.Service.AzureRedis;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.Extensions.Configuration;
using Microsoft.IdentityModel.Tokens;
using System.IdentityModel.Tokens.Jwt;
using System.Text.Json.Nodes;
using TEAMModelOS.SDK.DI;

var builder = WebApplication.CreateBuilder(args);

// Add services to the container.
JwtSecurityTokenHandler.DefaultMapInboundClaims = false;
builder.Services.AddAuthentication(options => options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme)
    .AddJwtBearer(options => //AzureADJwtBearer
    {
        //options.SaveToken = true; //驗證令牌由服務器生成才有效，不適用於服務重啟或分布式架構
        options.Authority ="https://login.chinacloudapi.cn/4807e9cf-87b8-4174-aa5b-e76497d7392b/v2.0";// builder.Configuration["Option:Authority"];
        options.Audience = "72643704-b2e7-4b26-b881-bd5865e7a7a5";//builder.Configuration["Option:Audience"];
        options.RequireHttpsMetadata = true;
        options.TokenValidationParameters = new TokenValidationParameters
        {
            RoleClaimType = "roles",
            //ValidAudiences = new string[] { builder.Configuration["Option:Audience"], $"api://{builder.Configuration["Option:Audience"]}" }
            ValidAudiences = new string[] { "72643704-b2e7-4b26-b881-bd5865e7a7a5", $"api://72643704-b2e7-4b26-b881-bd5865e7a7a5" }
        };
        options.Events = new JwtBearerEvents();
        //下列事件有需要紀錄則打開
        //options.Events.OnMessageReceived = async context => { await Task.FromResult(0); };
        //options.Events.OnForbidden = async context => { await Task.FromResult(0); };
        //options.Events.OnChallenge = async context => { await Task.FromResult(0); };
        //options.Events.OnAuthenticationFailed = async context => { await Task.FromResult(0); };
        options.Events.OnTokenValidated = async context =>
        {
            if (!context.Principal.Claims.Any(x => x.Type.Equals("http://schemas.microsoft.com/identity/claims/scope")) //ClaimConstants.Scope
            && !context.Principal.Claims.Any(y => y.Type.Equals("roles"))) //ClaimConstants.Roles //http://schemas.microsoft.com/ws/2008/06/identity/claims/role
            {
                //TODO 需處理額外授權非角色及範圍的訪問異常紀錄
                throw new UnauthorizedAccessException("Neither scope or roles claim was found in the bearer token.");
            }
            await Task.FromResult(0);
        };
    });
builder.Services.AddControllers();
#if DEBUG
builder.WebHost.UseUrls(new[] { "https://*:7298" });
#endif
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
builder.Services.AddEndpointsApiExplorer();
//builder.Services.AddSwaggerGen();
builder.Services.AddHttpClient();
string StorageConnectionString = builder.Configuration.GetValue<string>("Azure:Storage:ConnectionString");
string StorageConnectionStringTest = builder.Configuration.GetValue<string>("Azure:Storage:ConnectionString-Test");

string ServiceBusConnectionString = builder.Configuration.GetValue<string>("Azure:ServiceBus:ConnectionString");
string ServiceBusConnectionStringTest = builder.Configuration.GetValue<string>("Azure:ServiceBus:ConnectionString-Test");

string RedisConnectionString = builder.Configuration.GetValue<string>("Azure:Redis:ConnectionString");
string RedisConnectionStringTest = builder.Configuration.GetValue<string>("Azure:Redis:ConnectionString-Test");

string CosmosConnectionString = builder.Configuration.GetValue<string>("Azure:Cosmos:ConnectionString");
string CosmosConnectionStringTest = builder.Configuration.GetValue<string>("Azure:Cosmos:ConnectionString-Test");


//Storage
builder.Services.AddAzureStorage(StorageConnectionString, "Default");
builder.Services.AddAzureStorage(StorageConnectionStringTest, "Test");
//ServiceBus
builder.Services.AddAzureServiceBus(ServiceBusConnectionString, "Default");
builder.Services.AddAzureServiceBus(ServiceBusConnectionStringTest, "Test");
//Redis
builder.Services.AddAzureRedis(RedisConnectionString, "Default");
builder.Services.AddAzureRedis(RedisConnectionStringTest, "Test");
//Cosmos
builder.Services.AddAzureCosmos(CosmosConnectionString, "Default");
builder.Services.AddAzureCosmos(CosmosConnectionStringTest, "Test");

builder.Services.AddHostedService<ScreenPDFSub>();
builder.Services.AddHostedService<ScreenPDFSubTest>();
builder.Services.AddHttpContextAccessor();

var app = builder.Build();
if (app.Environment.IsDevelopment())
{
    //app.UseSwagger();
    //app.UseSwaggerUI();
}
app.UseHttpsRedirection();
app.UseAuthentication();
app.UseAuthorization();
app.MapControllers();
app.Run();