using Hangfire; using Hangfire.Redis.StackExchange; using Microsoft.AspNetCore.Authentication.JwtBearer; using Microsoft.Extensions.DependencyInjection.Extensions; using Microsoft.IdentityModel.Tokens; using System.IdentityModel.Tokens.Jwt; using TEAMModelOS.SDK.DI; using TEAMModelOS.SDK; namespace HTEX.Complex { public class Program { public static void Main(string[] args) { var builder = WebApplication.CreateBuilder(args); // Add services to the container. JwtSecurityTokenHandler.DefaultMapInboundClaims = false; builder.Services.AddAuthentication(options => options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => //AzureADJwtBearer { //options.SaveToken = true; //驗證令牌由服務器生成才有效,不適用於服務重啟或分布式架構 options.Authority ="https://login.chinacloudapi.cn/4807e9cf-87b8-4174-aa5b-e76497d7392b/v2.0";// builder.Configuration["Option:Authority"]; options.Audience = "72643704-b2e7-4b26-b881-bd5865e7a7a5";//builder.Configuration["Option:Audience"]; options.RequireHttpsMetadata = true; options.TokenValidationParameters = new TokenValidationParameters { RoleClaimType = "roles", //ValidAudiences = new string[] { builder.Configuration["Option:Audience"], $"api://{builder.Configuration["Option:Audience"]}" } ValidAudiences = new string[] { "72643704-b2e7-4b26-b881-bd5865e7a7a5", $"api://72643704-b2e7-4b26-b881-bd5865e7a7a5" } }; options.Events = new JwtBearerEvents(); //下列事件有需要紀錄則打開 //options.Events.OnMessageReceived = async context => { await Task.FromResult(0); }; //options.Events.OnForbidden = async context => { await Task.FromResult(0); }; //options.Events.OnChallenge = async context => { await Task.FromResult(0); }; //options.Events.OnAuthenticationFailed = async context => { await Task.FromResult(0); }; options.Events.OnTokenValidated = async context => { if (!context.Principal.Claims.Any(x => x.Type.Equals("http://schemas.microsoft.com/identity/claims/scope")) //ClaimConstants.Scope && !context.Principal.Claims.Any(y => y.Type.Equals("roles"))) //ClaimConstants.Roles //http://schemas.microsoft.com/ws/2008/06/identity/claims/role { //TODO 需處理額外授權非角色及範圍的訪問異常紀錄 throw new UnauthorizedAccessException("Neither scope or roles claim was found in the bearer token."); } await Task.FromResult(0); }; }); builder.Services.AddControllers(); #if DEBUG builder.WebHost.UseUrls(new[] { "https://*:7298" }); #endif // Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle builder.Services.AddEndpointsApiExplorer(); //builder.Services.AddSwaggerGen(); builder.Services.AddHttpClient(); string StorageConnectionString = builder.Configuration.GetValue("Azure:Storage:ConnectionString"); string StorageConnectionStringTest = builder.Configuration.GetValue("Azure:Storage:ConnectionString-Test"); //string ServiceBusConnectionString = builder.Configuration.GetValue("Azure:ServiceBus:ConnectionString"); //string ServiceBusConnectionStringTest = builder.Configuration.GetValue("Azure:ServiceBus:ConnectionString-Test"); string RedisConnectionString = builder.Configuration.GetValue("Azure:Redis:ConnectionString"); string RedisConnectionStringTest = builder.Configuration.GetValue("Azure:Redis:ConnectionString-Test"); string CosmosConnectionString = builder.Configuration.GetValue("Azure:Cosmos:ConnectionString"); string CosmosConnectionStringTest = builder.Configuration.GetValue("Azure:Cosmos:ConnectionString-Test"); //Storage builder.Services.AddAzureStorage(StorageConnectionString, "Default"); builder.Services.AddAzureStorage(StorageConnectionStringTest, "Test"); //ServiceBus //builder.Services.AddAzureServiceBus(ServiceBusConnectionString, "Default"); //builder.Services.AddAzureServiceBus(ServiceBusConnectionStringTest, "Test"); //Redis builder.Services.AddAzureRedis(RedisConnectionString, "Default"); builder.Services.AddAzureRedis(RedisConnectionStringTest, "Test"); //Cosmos builder.Services.AddAzureCosmos(CosmosConnectionString, "Default"); builder.Services.AddAzureCosmos(CosmosConnectionStringTest, "Test"); //MQTT 服务端API 发送消息到MQTT客户端 https://www.cnblogs.com/weskynet/p/16441219.html builder.Services.AddSignalR(); builder.Services.AddHttpContextAccessor(); builder.Services.AddHttpClient(); string path = $"{builder.Environment.ContentRootPath}/JsonFiles"; builder.Services.TryAddSingleton(new Region2LongitudeLatitudeTranslator(path)); builder.Services.AddIPSearcher(path); builder.Services.AddCors(options => { options.AddDefaultPolicy( builder => { builder.AllowAnyOrigin() .AllowAnyHeader() .AllowAnyMethod(); }); }); #if !DEBUG builder.Services.AddHangfire(config => { config.UseRedisStorage(builder.Configuration.GetValue("Azure:Redis:ConnectionString")); }); builder.Services.AddHangfireServer(); #endif builder.Services.AddControllersWithViews(); var app = builder.Build(); // Configure the HTTP request pipeline. if (!app.Environment.IsDevelopment()) { app.UseExceptionHandler("/Home/Error"); // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts. app.UseHsts(); } app.UseHttpsRedirection(); app.UseStaticFiles(); app.UseRouting(); app.UseCors(); //使用跨域設定 app.UseHttpsRedirection(); //開發中暫時關掉 app.UseAuthentication(); app.UseAuthorization(); app.MapControllerRoute( name: "default", pattern: "{controller=Home}/{action=Index}/{id?}"); app.Run(); } } }