| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126 |
- using Hangfire;
- using Hangfire.Redis.StackExchange;
- using Microsoft.AspNetCore.Authentication.JwtBearer;
- using Microsoft.Extensions.DependencyInjection.Extensions;
- using Microsoft.IdentityModel.Tokens;
- using System.IdentityModel.Tokens.Jwt;
- using TEAMModelOS.SDK.DI;
- using TEAMModelOS.SDK;
- using HTEX.Complex.Services;
- namespace HTEX.Complex
- {
- public class Program
- {
- public static void Main(string[] args)
- {
- var builder = WebApplication.CreateBuilder(args);
- // Add services to the container.
- JwtSecurityTokenHandler.DefaultMapInboundClaims = false;
- builder.Services.AddAuthentication(options => options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme)
- .AddJwtBearer(options => //AzureADJwtBearer
- {
- //options.SaveToken = true; //驗證令牌由服務器生成才有效,不適用於服務重啟或分布式架構
- options.Authority ="https://login.chinacloudapi.cn/4807e9cf-87b8-4174-aa5b-e76497d7392b/v2.0";// builder.Configuration["Option:Authority"];
- options.Audience = "72643704-b2e7-4b26-b881-bd5865e7a7a5";//builder.Configuration["Option:Audience"];
- options.RequireHttpsMetadata = true;
- options.TokenValidationParameters = new TokenValidationParameters
- {
- RoleClaimType = "roles",
- //ValidAudiences = new string[] { builder.Configuration["Option:Audience"], $"api://{builder.Configuration["Option:Audience"]}" }
- ValidAudiences = new string[] { "72643704-b2e7-4b26-b881-bd5865e7a7a5", $"api://72643704-b2e7-4b26-b881-bd5865e7a7a5" }
- };
- options.Events = new JwtBearerEvents();
- //下列事件有需要紀錄則打開
- //options.Events.OnMessageReceived = async context => { await Task.FromResult(0); };
- //options.Events.OnForbidden = async context => { await Task.FromResult(0); };
- //options.Events.OnChallenge = async context => { await Task.FromResult(0); };
- //options.Events.OnAuthenticationFailed = async context => { await Task.FromResult(0); };
- options.Events.OnTokenValidated = async context =>
- {
- if (!context.Principal.Claims.Any(x => x.Type.Equals("http://schemas.microsoft.com/identity/claims/scope")) //ClaimConstants.Scope
- && !context.Principal.Claims.Any(y => y.Type.Equals("roles"))) //ClaimConstants.Roles //http://schemas.microsoft.com/ws/2008/06/identity/claims/role
- {
- //TODO 需處理額外授權非角色及範圍的訪問異常紀錄
- throw new UnauthorizedAccessException("Neither scope or roles claim was found in the bearer token.");
- }
- await Task.FromResult(0);
- };
- });
- builder.Services.AddControllers();
- #if DEBUG
- builder.WebHost.UseUrls(new[] { "https://*:7298" });
- #endif
- // Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
- builder.Services.AddEndpointsApiExplorer();
- //builder.Services.AddSwaggerGen();
- builder.Services.AddHttpClient();
- string? StorageConnectionString = builder.Configuration.GetValue<string>("Azure:Storage:ConnectionString");
- string? RedisConnectionString = builder.Configuration.GetValue<string>("Azure:Redis:ConnectionString");
- string? CosmosConnectionString = builder.Configuration.GetValue<string>("Azure:Cosmos:ConnectionString");
- //Storage
- builder.Services.AddAzureStorage(StorageConnectionString, "Default");
- //Redis
- builder.Services.AddAzureRedis(RedisConnectionString, "Default");
- //Cosmos
- builder.Services.AddAzureCosmos(CosmosConnectionString, "Default");
- //MQTT 服务端API 发送消息到MQTT客户端 https://www.cnblogs.com/weskynet/p/16441219.html
- builder.Services.AddSignalR();
- builder.Services.AddHttpContextAccessor();
- builder.Services.AddHttpClient<DingDing>();
- string path = $"{builder.Environment.ContentRootPath}/JsonFiles";
- builder.Services.TryAddSingleton(new Region2LongitudeLatitudeTranslator(path));
- builder.Services.AddIPSearcher(path);
- builder.Services.AddCors(options =>
- {
- options.AddDefaultPolicy(
- builder =>
- {
- builder.AllowAnyOrigin()
- .AllowAnyHeader()
- .AllowAnyMethod();
- });
- });
- #if !DEBUG
- builder.Services.AddHangfire(config => {
- config.UseRedisStorage(builder.Configuration.GetValue<string>("Azure:Redis:ConnectionString"));
- });
- builder.Services.AddHangfireServer();
- #endif
- builder.Services.AddControllersWithViews();
- var app = builder.Build();
- // Configure the HTTP request pipeline.
- if (!app.Environment.IsDevelopment())
- {
- app.UseExceptionHandler("/Home/Error");
- // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
- app.UseHsts();
- }
- app.UseHttpsRedirection();
- app.UseStaticFiles();
- app.UseRouting();
- app.UseCors(); //使用跨域設定
- app.UseHttpsRedirection(); //開發中暫時關掉
- app.UseAuthentication();
- app.UseAuthorization();
- //app.MapControllerRoute(
- // name: "default",
- // pattern: "{controller=Home}/{action=Index}/{id?}");
- app.UseEndpoints(endpoints => {
- endpoints.MapControllers();
- endpoints.MapFallbackToFile("index.html");
- endpoints.MapHub<SignalRScreenServerHub>("/signalr/screen").RequireCors("any");
- });
- app.Run();
- }
- }
- }
|
