From 046211e017700cc836ceadb7f03c1763cc8a7cca Mon Sep 17 00:00:00 2001 From: "Jamie.Rees" Date: Mon, 7 Aug 2017 11:57:15 +0100 Subject: [PATCH] Removed IdentityServer, it was overkill #865 --- src/Ombi.Core/Engine/MovieRequestEngine.cs | 2 - .../IdentityResolver/OmbiProfileService.cs | 53 ------ .../ResourceOwnerPasswordValidator.cs | 156 ------------------ src/Ombi.Core/Ombi.Core.csproj | 1 - src/Ombi.DependencyInjection/IocExtensions.cs | 1 - src/Ombi/ClientApp/app/auth/auth.service.ts | 17 +- .../createadmin/createadmin.component.html | 7 + .../app/wizard/emby/emby.component.html | 7 + .../mediaserver/mediaserver.component.html | 44 +++-- .../mediaserver/mediaserver.component.ts | 4 +- .../app/wizard/plex/plex.component.html | 10 +- src/Ombi/Controllers/TokenController.cs | 106 ++++++++++++ src/Ombi/IdentityConfig.cs | 59 ------- .../Models/Identity/TokenAuthentication.cs | 7 + src/Ombi/Ombi.csproj | 3 - src/Ombi/Startup.cs | 87 ++++++---- src/Ombi/appsettings.json | 6 +- 17 files changed, 225 insertions(+), 345 deletions(-) delete mode 100644 src/Ombi.Core/IdentityResolver/OmbiProfileService.cs delete mode 100644 src/Ombi.Core/IdentityResolver/ResourceOwnerPasswordValidator.cs create mode 100644 src/Ombi/Controllers/TokenController.cs delete mode 100644 src/Ombi/IdentityConfig.cs create mode 100644 src/Ombi/Models/Identity/TokenAuthentication.cs diff --git a/src/Ombi.Core/Engine/MovieRequestEngine.cs b/src/Ombi.Core/Engine/MovieRequestEngine.cs index 69e04fea8..ddb417ac8 100644 --- a/src/Ombi.Core/Engine/MovieRequestEngine.cs +++ b/src/Ombi.Core/Engine/MovieRequestEngine.cs @@ -7,14 +7,12 @@ using System; using System.Collections.Generic; using System.Globalization; using System.Linq; -using System.Security.Claims; using System.Security.Principal; using System.Threading.Tasks; using Microsoft.AspNetCore.Identity; using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Logging; using Ombi.Core.Engine.Interfaces; -using Ombi.Core.IdentityResolver; using Ombi.Core.Rule.Interfaces; using Ombi.Store.Entities.Requests; diff --git a/src/Ombi.Core/IdentityResolver/OmbiProfileService.cs b/src/Ombi.Core/IdentityResolver/OmbiProfileService.cs deleted file mode 100644 index 0170a24c6..000000000 --- a/src/Ombi.Core/IdentityResolver/OmbiProfileService.cs +++ /dev/null @@ -1,53 +0,0 @@ -using System.Collections.Generic; -using System.Linq; -using System.Security.Claims; -using System.Threading.Tasks; -using IdentityModel; -using IdentityServer4.Extensions; -using IdentityServer4.Models; -using IdentityServer4.Services; -using Microsoft.AspNetCore.Identity; -using Microsoft.EntityFrameworkCore; -using Ombi.Store.Entities; - -namespace Ombi.Core.IdentityResolver -{ - public class OmbiProfileService : IProfileService - { - public OmbiProfileService(UserManager um) - { - UserManager = um; - } - - private UserManager UserManager { get; } - - public async Task GetProfileDataAsync(ProfileDataRequestContext context) - { - - if (context.RequestedClaimTypes.Any()) - { - var user = await UserManager.Users.FirstOrDefaultAsync(x => x.UserName == context.Subject.GetSubjectId()); - if (user != null) - { - var roles = await UserManager.GetRolesAsync(user); - var claims = new List - { - new Claim(JwtClaimTypes.Name, user.UserName) - }; - - foreach (var role in roles) - { - claims.Add(new Claim(JwtClaimTypes.Role, role)); - } - context.AddFilteredClaims(claims); - context.IssuedClaims.AddRange(claims); - } - } - } - - public Task IsActiveAsync(IsActiveContext context) - { - return Task.FromResult(0); - } - } -} \ No newline at end of file diff --git a/src/Ombi.Core/IdentityResolver/ResourceOwnerPasswordValidator.cs b/src/Ombi.Core/IdentityResolver/ResourceOwnerPasswordValidator.cs deleted file mode 100644 index 6c2903491..000000000 --- a/src/Ombi.Core/IdentityResolver/ResourceOwnerPasswordValidator.cs +++ /dev/null @@ -1,156 +0,0 @@ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Security.Claims; -using System.Threading.Tasks; -using IdentityServer4.Models; -using IdentityServer4.Validation; -using Microsoft.AspNetCore.Identity; -using Microsoft.EntityFrameworkCore; -using Microsoft.Extensions.Logging; -using Ombi.Api.Emby; -using Ombi.Api.Emby.Models; -using Ombi.Api.Plex; -using Ombi.Api.Plex.Models; -using Ombi.Core.Settings; -using Ombi.Core.Settings.Models.External; -using Ombi.Helpers; -using Ombi.Settings.Settings.Models; -using Ombi.Store.Entities; -using Ombi.Store.Repository; - -namespace Ombi.Core.IdentityResolver -{ - public class OmbiOwnerPasswordValidator : IResourceOwnerPasswordValidator - { - public OmbiOwnerPasswordValidator(UserManager um, IPlexApi plexApi, IEmbyApi embyApi, - ISettingsService settings, ISettingsService ombiSettings, - ISettingsService embySettings, IAuditRepository log) - { - UserManager = um; - PlexApi = plexApi; - PlexSettings = settings; - OmbiSettings = ombiSettings; - EmbyApi = embyApi; - EmbySettings = embySettings; - Audit = log; - } - - private UserManager UserManager { get; } - private IPlexApi PlexApi { get; } - private IEmbyApi EmbyApi{ get; } - private ISettingsService PlexSettings { get; } - private ISettingsService EmbySettings { get; } - private ISettingsService OmbiSettings { get; } - private IAuditRepository Audit { get; } - - public async Task ValidateAsync(ResourceOwnerPasswordValidationContext context) - { - await Audit.Record(AuditType.None, AuditArea.Authentication, $"User {context.UserName} attempted to login", context.UserName); - var users = UserManager.Users; - if (await LocalUser(context, users)) - { - return; - } - var ombi = await OmbiSettings.GetSettingsAsync(); - if (ombi.AllowExternalUsersToAuthenticate) - { - if (await PlexUser(context, users)) - { - return; - } - if (await EmbyUser(context, users)) - { - return; - } - } - - await Audit.Record(AuditType.Fail, AuditArea.Authentication, $"User {context.UserName} failed to login", context.UserName); - context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "Username or password is incorrect"); - } - - private async Task PlexUser(ResourceOwnerPasswordValidationContext context, IQueryable users) - { - var signInResult = await PlexApi.SignIn(new UserRequest {login = context.UserName, password = context.Password}); - if (signInResult?.user == null) - { - return false; - } - - // Do we have a local user? - return await GetUserDetails(context, users, UserType.PlexUser); - } - - private async Task EmbyUser(ResourceOwnerPasswordValidationContext context, IQueryable users) - { - var embySettings = await EmbySettings.GetSettingsAsync(); - var signInResult = await EmbyApi.LogIn(context.UserName, context.Password, embySettings.ApiKey, - embySettings.FullUri); - - if (string.IsNullOrEmpty(signInResult?.Name)) - { - return false; - } - - return await GetUserDetails(context, users, UserType.EmbyUser); - } - - private async Task GetUserDetails(ResourceOwnerPasswordValidationContext context, IQueryable users, UserType userType) - { - var user = await users.FirstOrDefaultAsync(x => x.UserName == context.UserName && x.UserType == userType); - if (user != null) - { - var roles = await UserManager.GetRolesAsync(user); - var claims = new List - { - new Claim(ClaimTypes.Name, user.UserName) - }; - - foreach (var role in roles) - { - claims.Add(new Claim(ClaimTypes.Role, role)); - } - context.Result = new GrantValidationResult(user.UserName, "password", claims); - - return true; - } - - // Create the user? - return true; - } - - public async Task LocalUser(ResourceOwnerPasswordValidationContext context, IQueryable users) - { - var user = await users.FirstOrDefaultAsync(x => x.UserName == context.UserName && x.UserType == UserType.LocalUser); - - if (user == null) - { - return false; - } - - var passwordValid = await UserManager.CheckPasswordAsync(user, context.Password); - if (!passwordValid) - { - await Audit.Record(AuditType.Fail, AuditArea.Authentication, $"User {context.UserName} failed to login", context.UserName); - context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "Username or password is incorrect"); - return true; - - } - - var roles = await UserManager.GetRolesAsync(user); - var claims = new List - { - new Claim(ClaimTypes.Name, user.UserName) - }; - - foreach (var role in roles) - { - claims.Add(new Claim(ClaimTypes.Role, role)); - } - context.Result = new GrantValidationResult(user.UserName, "password", claims); - - await Audit.Record(AuditType.Success, AuditArea.Authentication, $"User {context.UserName} has logged in", context.UserName); - return true; - } - } -} \ No newline at end of file diff --git a/src/Ombi.Core/Ombi.Core.csproj b/src/Ombi.Core/Ombi.Core.csproj index 7fb5cc941..38caf6f3d 100644 --- a/src/Ombi.Core/Ombi.Core.csproj +++ b/src/Ombi.Core/Ombi.Core.csproj @@ -9,7 +9,6 @@ - diff --git a/src/Ombi.DependencyInjection/IocExtensions.cs b/src/Ombi.DependencyInjection/IocExtensions.cs index ba7a80e67..317535040 100644 --- a/src/Ombi.DependencyInjection/IocExtensions.cs +++ b/src/Ombi.DependencyInjection/IocExtensions.cs @@ -14,7 +14,6 @@ using Ombi.Api.TvMaze; using Ombi.Core; using Ombi.Core.Engine; using Ombi.Core.Engine.Interfaces; -using Ombi.Core.IdentityResolver; using Ombi.Core.Models.Requests; using Ombi.Core.Notifications; using Ombi.Core.Rule; diff --git a/src/Ombi/ClientApp/app/auth/auth.service.ts b/src/Ombi/ClientApp/app/auth/auth.service.ts index dd7bb66b4..1b6defc19 100644 --- a/src/Ombi/ClientApp/app/auth/auth.service.ts +++ b/src/Ombi/ClientApp/app/auth/auth.service.ts @@ -7,28 +7,21 @@ import { IUserLogin, ILocalUser } from './IUserLogin'; import { tokenNotExpired, JwtHelper } from 'angular2-jwt'; -import { Http, Headers, URLSearchParams } from '@angular/http'; +import { Http, Headers } from '@angular/http'; @Injectable() export class AuthService extends ServiceHelpers { constructor(http: Http) { - super(http, '/connect/token'); + super(http, '/api/v1/token'); } jwtHelper: JwtHelper = new JwtHelper(); login(login: IUserLogin): Observable { this.headers = new Headers(); - this.headers.append('Content-Type', 'application/x-www-form-urlencoded'); - let data = new URLSearchParams(); - data.append('client_id', 'frontend'); - data.append('scope', 'api'); - data.append('client_secret', 'secret'); - data.append('grant_type', 'password'); - data.append('username', login.username); - data.append('password', login.password); - - return this.http.post(`${this.url}/`, data.toString(), { headers: this.headers }) + this.headers.append('Content-Type', 'application/json'); + + return this.http.post(`${this.url}/`, JSON.stringify(login), { headers: this.headers }) .map(this.extractData); } diff --git a/src/Ombi/ClientApp/app/wizard/createadmin/createadmin.component.html b/src/Ombi/ClientApp/app/wizard/createadmin/createadmin.component.html index 270d1d62a..678ca32d5 100644 --- a/src/Ombi/ClientApp/app/wizard/createadmin/createadmin.component.html +++ b/src/Ombi/ClientApp/app/wizard/createadmin/createadmin.component.html @@ -1,4 +1,8 @@  + +
+
+

Create the Admin account

This account will be used to configure your settings and also manage all of the requests. Note: this should not be the same as your Plex/Emby account (you can change this later in the User Management Settings)
@@ -17,4 +21,7 @@
+
+
+
\ No newline at end of file diff --git a/src/Ombi/ClientApp/app/wizard/emby/emby.component.html b/src/Ombi/ClientApp/app/wizard/emby/emby.component.html index 47d58d7e7..4d09751dc 100644 --- a/src/Ombi/ClientApp/app/wizard/emby/emby.component.html +++ b/src/Ombi/ClientApp/app/wizard/emby/emby.component.html @@ -1,4 +1,8 @@  + +
+
+

Emby Authentication

@@ -29,4 +33,7 @@ +
+
+
\ No newline at end of file diff --git a/src/Ombi/ClientApp/app/wizard/mediaserver/mediaserver.component.html b/src/Ombi/ClientApp/app/wizard/mediaserver/mediaserver.component.html index 49ea91102..de9989ac7 100644 --- a/src/Ombi/ClientApp/app/wizard/mediaserver/mediaserver.component.html +++ b/src/Ombi/ClientApp/app/wizard/mediaserver/mediaserver.component.html @@ -1,21 +1,29 @@ -
-

Please choose your media server

-
-
- - - -
-
- - - + + +
+
+
+

Please choose your media server

+
+
+ + + +
+
+ + + +
+
+ +
+ +
-
-
+
+ -
-
\ No newline at end of file diff --git a/src/Ombi/ClientApp/app/wizard/mediaserver/mediaserver.component.ts b/src/Ombi/ClientApp/app/wizard/mediaserver/mediaserver.component.ts index 42a4700b3..e6842c457 100644 --- a/src/Ombi/ClientApp/app/wizard/mediaserver/mediaserver.component.ts +++ b/src/Ombi/ClientApp/app/wizard/mediaserver/mediaserver.component.ts @@ -3,7 +3,6 @@ import { Router } from '@angular/router'; @Component({ - templateUrl: './mediaserver.component.html', }) export class MediaServerComponent { @@ -19,8 +18,7 @@ export class MediaServerComponent { this.router.navigate(['Wizard/Emby']); } - skip() - { + skip() { this.router.navigate(['Wizard/CreateAdmin']); } } \ No newline at end of file diff --git a/src/Ombi/ClientApp/app/wizard/plex/plex.component.html b/src/Ombi/ClientApp/app/wizard/plex/plex.component.html index 9c82c03fe..a9a92d892 100644 --- a/src/Ombi/ClientApp/app/wizard/plex/plex.component.html +++ b/src/Ombi/ClientApp/app/wizard/plex/plex.component.html @@ -1,4 +1,9 @@ -

Plex Authentication

+ + +
+
+
+

Plex Authentication

@@ -14,4 +19,7 @@
+
+
+
\ No newline at end of file diff --git a/src/Ombi/Controllers/TokenController.cs b/src/Ombi/Controllers/TokenController.cs new file mode 100644 index 000000000..09a6b7ff7 --- /dev/null +++ b/src/Ombi/Controllers/TokenController.cs @@ -0,0 +1,106 @@ +using System; +using System.Collections.Generic; +using System.IdentityModel.Tokens.Jwt; +using System.Linq; +using System.Security.Claims; +using System.Text; +using System.Threading.Tasks; +using Microsoft.AspNetCore.Identity; +using Microsoft.AspNetCore.Mvc; +using Microsoft.Extensions.Options; +using Microsoft.IdentityModel.Tokens; +using Ombi.Models; +using Ombi.Models.Identity; +using Ombi.Store.Entities; +using Ombi.Store.Repository; + +namespace Ombi.Controllers +{ + [ApiV1] + public class TokenController + { + public TokenController(UserManager um, IOptions ta, + IApplicationConfigRepository config) + { + UserManager = um; + TokenAuthenticationOptions = ta.Value; + Config = config; + } + + private TokenAuthentication TokenAuthenticationOptions { get; } + private IApplicationConfigRepository Config { get; } + private UserManager UserManager { get; } + + /// + /// Gets the token. + /// + /// The model. + /// + [HttpPost] + public async Task GetToken([FromBody] UserAuthModel model) + { + + var user = await UserManager.FindByNameAsync(model.Username); + + if (user == null) + { + return null; + } + + // Verify Password + if ((await UserManager.CheckPasswordAsync(user, model.Password))) + { + // Get the url + var url = Config.Get(ConfigurationTypes.Url); + var port = Config.Get(ConfigurationTypes.Port); + +#if !DEBUG + var audience = $"{url}:{port}"; +#else + + var audience = $"http://localhost:52038/"; +#endif + var roles = await UserManager.GetRolesAsync(user); + + var claims = new List + { + new Claim(JwtRegisteredClaimNames.Sub, user.UserName), + new Claim("name", user.UserName), + new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()) + }; + claims.AddRange(roles.Select(role => new Claim("role", role))); + + var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(TokenAuthenticationOptions.SecretKey)); + var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); + + var token = new JwtSecurityToken( + claims: claims, + expires: DateTime.UtcNow.AddHours(5), + signingCredentials: creds, + audience: "Ombi", issuer:"Ombi" + ); + + return new JsonResult(new + { + access_token = new JwtSecurityTokenHandler().WriteToken(token), + expiration = token.ValidTo + }); + } + + return null; + } + + /// + /// Refreshes the token. + /// + /// The model. + /// + /// + [HttpPost("refresh")] + public async Task RefreshToken([FromBody] UserAuthModel model) + { + throw new NotImplementedException(); + } + + } +} \ No newline at end of file diff --git a/src/Ombi/IdentityConfig.cs b/src/Ombi/IdentityConfig.cs deleted file mode 100644 index 59b8b5605..000000000 --- a/src/Ombi/IdentityConfig.cs +++ /dev/null @@ -1,59 +0,0 @@ -using System.Collections.Generic; -using IdentityModel; -using IdentityServer4.Models; - -namespace Ombi -{ - public class IdentityConfig - { - // scopes define the resources in your system - public static IEnumerable GetIdentityResources() - { - return new List - { - new IdentityResources.OpenId(), - new IdentityResources.Profile(), - new IdentityResource { - Name = "role", - UserClaims = new List {"role"} - } - }; - } - - public static IEnumerable GetApiResources() - { - return new List - { - new ApiResource("api", "API") - { - UserClaims = {JwtClaimTypes.Name, JwtClaimTypes.Role, JwtClaimTypes.Email, JwtClaimTypes.Id}, - - } - }; - } - - // clients want to access resources (aka scopes) - public static IEnumerable GetClients() - { - // client credentials client - return new List - { - new Client - { - ClientId = "frontend", - AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, - - ClientSecrets = - { - new Secret("secret".Sha256()) // TODO read up on what this actually is - }, - AllowedScopes = - { - "api", - }, - AccessTokenType = AccessTokenType.Jwt - } - }; - } - } -} \ No newline at end of file diff --git a/src/Ombi/Models/Identity/TokenAuthentication.cs b/src/Ombi/Models/Identity/TokenAuthentication.cs new file mode 100644 index 000000000..66e133879 --- /dev/null +++ b/src/Ombi/Models/Identity/TokenAuthentication.cs @@ -0,0 +1,7 @@ +namespace Ombi.Models.Identity +{ + public class TokenAuthentication + { + public string SecretKey { get; set; } + } +} \ No newline at end of file diff --git a/src/Ombi/Ombi.csproj b/src/Ombi/Ombi.csproj index 4d49a53ab..12edbab93 100644 --- a/src/Ombi/Ombi.csproj +++ b/src/Ombi/Ombi.csproj @@ -43,9 +43,6 @@ - - - diff --git a/src/Ombi/Startup.cs b/src/Ombi/Startup.cs index 2690a4b0d..3ab39cdec 100644 --- a/src/Ombi/Startup.cs +++ b/src/Ombi/Startup.cs @@ -2,16 +2,13 @@ using System.IO; using System.Linq; using System.Security.Principal; +using System.Text; using AutoMapper; using AutoMapper.EquivalencyExpression; using Hangfire; using Hangfire.MemoryStorage; -using Hangfire.SQLite; -using IdentityServer4.Services; -using IdentityServer4.Validation; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Hosting; -using Microsoft.AspNetCore.Hosting.Server.Features; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Identity.EntityFrameworkCore; using Microsoft.AspNetCore.SpaServices.Webpack; @@ -25,10 +22,10 @@ using Microsoft.Extensions.Options; using Microsoft.Extensions.PlatformAbstractions; using Microsoft.IdentityModel.Tokens; using Ombi.Config; -using Ombi.Core.IdentityResolver; using Ombi.DependencyInjection; using Ombi.Helpers; using Ombi.Mapping; +using Ombi.Models.Identity; using Ombi.Schedule; using Ombi.Store.Context; using Ombi.Store.Entities; @@ -83,15 +80,16 @@ namespace Ombi .AddEntityFrameworkStores() .AddDefaultTokenProviders(); - services.AddIdentityServer() - .AddTemporarySigningCredential() - .AddInMemoryPersistedGrants() - .AddInMemoryIdentityResources(IdentityConfig.GetIdentityResources()) - .AddInMemoryApiResources(IdentityConfig.GetApiResources()) - .AddInMemoryClients(IdentityConfig.GetClients()) - .AddAspNetIdentity() - .Services.AddTransient() - .AddTransient(); + + //services.AddIdentityServer() + // .AddTemporarySigningCredential() + // .AddInMemoryPersistedGrants() + // .AddInMemoryIdentityResources(IdentityConfig.GetIdentityResources()) + // .AddInMemoryApiResources(IdentityConfig.GetApiResources()) + // .AddInMemoryClients(IdentityConfig.GetClients()) + // .AddAspNetIdentity() + // .Services.AddTransient() + // .AddTransient(); services.Configure(options => { @@ -151,10 +149,9 @@ namespace Ombi services.AddSingleton(); services.AddScoped(sp => sp.GetService().HttpContext.User); - - //services.Configure(Configuration.GetSection("TokenAuthentication")); services.Configure(Configuration.GetSection("ApplicationSettings")); services.Configure(Configuration.GetSection("UserSettings")); + services.Configure(Configuration.GetSection("TokenAuthentication")); services.Configure(Configuration.GetSection("LandingPageBackground")); services.AddHangfire(x => @@ -179,8 +176,8 @@ namespace Ombi // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory, IMemoryCache cache) { - var options = (IOptions) app.ApplicationServices.GetService( - typeof(IOptions)); + var tokenOptions = (IOptions)app.ApplicationServices.GetService( + typeof(IOptions)); var ctx = (IOmbiContext)app.ApplicationServices.GetService(typeof(IOmbiContext)); @@ -190,26 +187,54 @@ namespace Ombi Console.WriteLine($"Using Url {url.Value}:{port.Value} for Identity Server"); app.UseIdentity(); - app.UseIdentityServer(); - app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions - { + #if !DEBUG - Authority = $"{url.Value}:{port.Value}", + var audience = $"{url.Value}:{port.Value}"; #else - Authority = $"http://localhost:52038/", + + var audience = $"http://localhost:52038/"; #endif - ApiName = "api", - ApiSecret = "secret", - EnableCaching = true, - CacheDuration = TimeSpan.FromMinutes(10), // that's the default - RequireHttpsMetadata = options.Value.UseHttps, // FOR DEV set to false - AutomaticAuthenticate = true, - AutomaticChallenge = true, - + var tokenValidationParameters = new TokenValidationParameters + { + + ValidateIssuerSigningKey = true, + IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(tokenOptions.Value.SecretKey)), + + RequireExpirationTime = true, + ValidateLifetime = true, + ValidAudience = "Ombi", + ValidIssuer = "Ombi", + ClockSkew = TimeSpan.Zero + }; + app.UseJwtBearerAuthentication(new JwtBearerOptions() + { + Audience = "Ombi", + AutomaticAuthenticate = true, + TokenValidationParameters = tokenValidationParameters }); + // app.UseIdentityServer(); + // app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions + // { + //#if !DEBUG + // Authority = $"{url.Value}:{port.Value}", + //#else + // Authority = $"http://localhost:52038/", + //#endif + // ApiName = "api", + // ApiSecret = "secret", + + // EnableCaching = true, + // CacheDuration = TimeSpan.FromMinutes(10), // that's the default + // RequireHttpsMetadata = options.Value.UseHttps, // FOR DEV set to false + // AutomaticAuthenticate = true, + // AutomaticChallenge = true, + + + // }); + loggerFactory.AddSerilog(); if (env.IsDevelopment()) diff --git a/src/Ombi/appsettings.json b/src/Ombi/appsettings.json index c0aa63206..9b4d941c4 100644 --- a/src/Ombi/appsettings.json +++ b/src/Ombi/appsettings.json @@ -16,11 +16,7 @@ "UseHttps": false }, "TokenAuthentication": { - "SecretKey": "secretkey_secretkey123!", - "Issuer": "OmbiIssuer", - "Audience": "OmbiAudience", - "TokenPath": "/api/v1/token/", - "CookieName": "access_token" + "SecretKey": "secretkey_secretkey123!" }, "LandingPageBackground": { "Movies": [