TEAMMODEL
/
TEAMModelOS


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133
							using Hangfire;
using Hangfire.Redis.StackExchange;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.Extensions.DependencyInjection.Extensions;
using Microsoft.IdentityModel.Tokens;
using System.IdentityModel.Tokens.Jwt;
using TEAMModelOS.SDK.DI;
using TEAMModelOS.SDK;
namespace HTEX.Complex
{
    public class Program
    {
        public static void Main(string[] args)
        {
            var builder = WebApplication.CreateBuilder(args);


            // Add services to the container.

            JwtSecurityTokenHandler.DefaultMapInboundClaims = false;
            builder.Services.AddAuthentication(options => options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme)
                .AddJwtBearer(options => //AzureADJwtBearer
                {
                    //options.SaveToken = true; //驗證令牌由服務器生成才有效，不適用於服務重啟或分布式架構
                    options.Authority ="https://login.chinacloudapi.cn/4807e9cf-87b8-4174-aa5b-e76497d7392b/v2.0";// builder.Configuration["Option:Authority"];
                    options.Audience = "72643704-b2e7-4b26-b881-bd5865e7a7a5";//builder.Configuration["Option:Audience"];
                    options.RequireHttpsMetadata = true;
                    options.TokenValidationParameters = new TokenValidationParameters
                    {
                        RoleClaimType = "roles",
                        //ValidAudiences = new string[] { builder.Configuration["Option:Audience"], $"api://{builder.Configuration["Option:Audience"]}" }
                        ValidAudiences = new string[] { "72643704-b2e7-4b26-b881-bd5865e7a7a5", $"api://72643704-b2e7-4b26-b881-bd5865e7a7a5" }
                    };
                    options.Events = new JwtBearerEvents();
                    //下列事件有需要紀錄則打開
                    //options.Events.OnMessageReceived = async context => { await Task.FromResult(0); };
                    //options.Events.OnForbidden = async context => { await Task.FromResult(0); };
                    //options.Events.OnChallenge = async context => { await Task.FromResult(0); };
                    //options.Events.OnAuthenticationFailed = async context => { await Task.FromResult(0); };
                    options.Events.OnTokenValidated = async context =>
                    {
                        if (!context.Principal.Claims.Any(x => x.Type.Equals("http://schemas.microsoft.com/identity/claims/scope")) //ClaimConstants.Scope
                        && !context.Principal.Claims.Any(y => y.Type.Equals("roles"))) //ClaimConstants.Roles //http://schemas.microsoft.com/ws/2008/06/identity/claims/role
                        {
                            //TODO 需處理額外授權非角色及範圍的訪問異常紀錄
                            throw new UnauthorizedAccessException("Neither scope or roles claim was found in the bearer token.");
                        }
                        await Task.FromResult(0);
                    };
                });
            builder.Services.AddControllers();
#if DEBUG
            builder.WebHost.UseUrls(new[] { "https://*:7298" });
#endif
            // Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
            builder.Services.AddEndpointsApiExplorer();
            //builder.Services.AddSwaggerGen();
            builder.Services.AddHttpClient();
            string StorageConnectionString = builder.Configuration.GetValue<string>("Azure:Storage:ConnectionString");
            string StorageConnectionStringTest = builder.Configuration.GetValue<string>("Azure:Storage:ConnectionString-Test");

            //string ServiceBusConnectionString = builder.Configuration.GetValue<string>("Azure:ServiceBus:ConnectionString");
            //string ServiceBusConnectionStringTest = builder.Configuration.GetValue<string>("Azure:ServiceBus:ConnectionString-Test");

            string RedisConnectionString = builder.Configuration.GetValue<string>("Azure:Redis:ConnectionString");
            string RedisConnectionStringTest = builder.Configuration.GetValue<string>("Azure:Redis:ConnectionString-Test");

            string CosmosConnectionString = builder.Configuration.GetValue<string>("Azure:Cosmos:ConnectionString");
            string CosmosConnectionStringTest = builder.Configuration.GetValue<string>("Azure:Cosmos:ConnectionString-Test");

            //Storage
            builder.Services.AddAzureStorage(StorageConnectionString, "Default");
            builder.Services.AddAzureStorage(StorageConnectionStringTest, "Test");
            //ServiceBus
            //builder.Services.AddAzureServiceBus(ServiceBusConnectionString, "Default");
            //builder.Services.AddAzureServiceBus(ServiceBusConnectionStringTest, "Test");
            //Redis
            builder.Services.AddAzureRedis(RedisConnectionString, "Default");
            builder.Services.AddAzureRedis(RedisConnectionStringTest, "Test");
            //Cosmos
            builder.Services.AddAzureCosmos(CosmosConnectionString, "Default");
            builder.Services.AddAzureCosmos(CosmosConnectionStringTest, "Test");

            builder.Services.AddHttpContextAccessor();
            builder.Services.AddHttpClient<DingDing>();
            string path = $"{builder.Environment.ContentRootPath}/JsonFiles";
            builder.Services.TryAddSingleton(new Region2LongitudeLatitudeTranslator(path));
            builder.Services.AddIPSearcher(path);
            builder.Services.AddCors(options =>
            {
                options.AddDefaultPolicy(
                builder =>
                {

                    builder.AllowAnyOrigin()
                            .AllowAnyHeader()
                            .AllowAnyMethod();
                });
            });
#if !DEBUG
            builder.Services.AddHangfire(config => {
                config.UseRedisStorage(builder.Configuration.GetValue<string>("Azure:Redis:ConnectionString"));
            });
            builder.Services.AddHangfireServer();
#endif

            builder.Services.AddControllersWithViews();

            var app = builder.Build();

            // Configure the HTTP request pipeline.
            if (!app.Environment.IsDevelopment())
            {
                app.UseExceptionHandler("/Home/Error");
                // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
                app.UseHsts();
            }

            app.UseHttpsRedirection();
            app.UseStaticFiles();

            app.UseRouting();
            app.UseCors(); //使用跨域設定
            app.UseHttpsRedirection(); //開發中暫時關掉
            app.UseAuthentication();
            app.UseAuthorization();
            app.MapControllerRoute(
                name: "default",
                pattern: "{controller=Home}/{action=Index}/{id?}");
            app.Run();
        }
    }
}