src/Umbraco.Web.BackOffice/Extensions/UmbracoBackOfficeServiceCollectionExtensions.cs

using System;
using System.Security.Claims;
using Microsoft.AspNetCore.Identity;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.DependencyInjection.Extensions;
using Microsoft.Extensions.Options;
using Umbraco.Core;
using Umbraco.Core.BackOffice;
using Umbraco.Core.Configuration;
using Umbraco.Net;
using Umbraco.Web.Common.AspNetCore;

namespace Umbraco.Extensions
{
    public static class UmbracoBackOfficeServiceCollectionExtensions
    {
        public static void AddUmbracoBackOfficeIdentity(this IServiceCollection services)
        {
            services.AddDataProtection();

            services.TryAddScoped<IIpResolver, AspNetCoreIpResolver>();

            services
                .AddIdentityCore<BackOfficeIdentityUser>()
                .AddDefaultTokenProviders()
                .AddUserStore<BackOfficeUserStore>()
                .AddUserManager<BackOfficeUserManager>()
                .AddClaimsPrincipalFactory<BackOfficeClaimsPrincipalFactory<BackOfficeIdentityUser>>();

            services.ConfigureOptions<UmbracoBackOfficeIdentityOptions>();
            services.AddScoped<ILookupNormalizer, NopLookupNormalizer>();
            services.TryAddScoped<ISecurityStampValidator, SecurityStampValidator<BackOfficeIdentityUser>>();

        }

        /// <summary>
        /// Used to configure <see cref="IdentityOptions"/> for the Umbraco Back office
        /// </summary>
        private class UmbracoBackOfficeIdentityOptions : IConfigureOptions<IdentityOptions>
        {
            private readonly IUserPasswordConfiguration _userPasswordConfiguration;

            public UmbracoBackOfficeIdentityOptions(IUserPasswordConfiguration userPasswordConfiguration)
            {
                _userPasswordConfiguration = userPasswordConfiguration;
            }

            public void Configure(IdentityOptions options)
            {
                options.User.RequireUniqueEmail = true;
                options.ClaimsIdentity.UserIdClaimType = ClaimTypes.NameIdentifier;
                options.ClaimsIdentity.UserNameClaimType = ClaimTypes.Name;
                options.ClaimsIdentity.RoleClaimType = ClaimTypes.Role;
                options.ClaimsIdentity.SecurityStampClaimType = Constants.Web.SecurityStampClaimType;
                options.Lockout.AllowedForNewUsers = true;
                options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromDays(30);

                options.Password.RequiredLength = _userPasswordConfiguration.RequiredLength;
                options.Password.RequireNonAlphanumeric = _userPasswordConfiguration.RequireNonLetterOrDigit;
                options.Password.RequireDigit = _userPasswordConfiguration.RequireDigit;
                options.Password.RequireLowercase = _userPasswordConfiguration.RequireLowercase;
                options.Password.RequireUppercase = _userPasswordConfiguration.RequireUppercase;
                options.Lockout.MaxFailedAccessAttempts = _userPasswordConfiguration.MaxFailedAccessAttemptsBeforeLockout;
            }
        }


    }
}
-												Resolvable user manager. Removed password configuration and generation for now


											
										
										
											2020-05-17 07:56:59 +01:00
+								using System;
 								using System.Security.Claims;
-												Resolvable user store


											
										
										
											2020-05-15 16:52:51 +01:00
+								using Microsoft.AspNetCore.Identity;
-												Initial DI attempt


											
										
										
											2020-05-15 15:21:15 +01:00
+								using Microsoft.Extensions.DependencyInjection;
-												Reduced duplicated code


											
										
										
											2020-05-18 08:21:34 +01:00
+								using Microsoft.Extensions.DependencyInjection.Extensions;
-												Moves what is possible for identity back office to Core, configures backoffice identity with IOptions and our password settings

											
										
										
											2020-05-20 15:25:42 +10:00
+								using Microsoft.Extensions.Options;
-												Resolvable user manager. Removed password configuration and generation for now


											
										
										
											2020-05-17 07:56:59 +01:00
+								using Umbraco.Core;
-												Moved .NET standard back office identity code into infrastructure (lowest common dependency)


											
										
										
											2020-05-17 08:48:36 +01:00
+								using Umbraco.Core.BackOffice;
-												Moves what is possible for identity back office to Core, configures backoffice identity with IOptions and our password settings

											
										
										
											2020-05-20 15:25:42 +10:00
+								using Umbraco.Core.Configuration;
-												Resolvable user manager. Removed password configuration and generation for now


											
										
										
											2020-05-17 07:56:59 +01:00
+								using Umbraco.Net;
 								using Umbraco.Web.Common.AspNetCore;
-												Initial DI attempt


											
										
										
											2020-05-15 15:21:15 +01:00
 								namespace Umbraco.Extensions
 								{
 								    public static class UmbracoBackOfficeServiceCollectionExtensions
 								    {
-												Working installation. Use of Thread.CurrentPrincipal removed for now


											
										
										
											2020-05-17 10:39:30 +01:00
+								        public static void AddUmbracoBackOfficeIdentity(this IServiceCollection services)
-												Initial DI attempt


											
										
										
											2020-05-15 15:21:15 +01:00
+								        {
-												Reduced duplicated code


											
										
										
											2020-05-18 08:21:34 +01:00
+								            services.AddDataProtection();
-												Added IdentityExtensions


											
										
										
											2020-05-18 13:00:32 +01:00
+								            services.TryAddScoped<IIpResolver, AspNetCoreIpResolver>();
-												Resolvable user manager. Removed password configuration and generation for now


											
										
										
											2020-05-17 07:56:59 +01:00
-												Moves what is possible for identity back office to Core, configures backoffice identity with IOptions and our password settings

											
										
										
											2020-05-20 15:25:42 +10:00
+								            services
 								                .AddIdentityCore<BackOfficeIdentityUser>()
-												Initial DI attempt


											
										
										
											2020-05-15 15:21:15 +01:00
+								                .AddDefaultTokenProviders()
-												Resolvable user manager. Removed password configuration and generation for now


											
										
										
											2020-05-17 07:56:59 +01:00
+								                .AddUserStore<BackOfficeUserStore>()
-												Reduced duplicated code


											
										
										
											2020-05-18 08:21:34 +01:00
+								                .AddUserManager<BackOfficeUserManager>()
 								                .AddClaimsPrincipalFactory<BackOfficeClaimsPrincipalFactory<BackOfficeIdentityUser>>();
-												Moves what is possible for identity back office to Core, configures backoffice identity with IOptions and our password settings

											
										
										
											2020-05-20 15:25:42 +10:00
+								            services.ConfigureOptions<UmbracoBackOfficeIdentityOptions>();
-												Reduced duplicated code


											
										
										
											2020-05-18 08:21:34 +01:00
+								            services.AddScoped<ILookupNormalizer, NopLookupNormalizer>();
 								            services.TryAddScoped<ISecurityStampValidator, SecurityStampValidator<BackOfficeIdentityUser>>();
-												Initial DI attempt


											
										
										
											2020-05-15 15:21:15 +01:00
 								        }
-												Moves what is possible for identity back office to Core, configures backoffice identity with IOptions and our password settings

											
										
										
											2020-05-20 15:25:42 +10:00
 								        /// <summary>
 								        /// Used to configure <see cref="IdentityOptions"/> for the Umbraco Back office
 								        /// </summary>
 								        private class UmbracoBackOfficeIdentityOptions : IConfigureOptions<IdentityOptions>
 								        {
 								            private readonly IUserPasswordConfiguration _userPasswordConfiguration;
 								            public UmbracoBackOfficeIdentityOptions(IUserPasswordConfiguration userPasswordConfiguration)
 								            {
 								                _userPasswordConfiguration = userPasswordConfiguration;
 								            }
 								            public void Configure(IdentityOptions options)
 								            {
 								                options.User.RequireUniqueEmail = true;
 								                options.ClaimsIdentity.UserIdClaimType = ClaimTypes.NameIdentifier;
 								                options.ClaimsIdentity.UserNameClaimType = ClaimTypes.Name;
 								                options.ClaimsIdentity.RoleClaimType = ClaimTypes.Role;
 								                options.ClaimsIdentity.SecurityStampClaimType = Constants.Web.SecurityStampClaimType;
 								                options.Lockout.AllowedForNewUsers = true;
 								                options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromDays(30);
 								                options.Password.RequiredLength = _userPasswordConfiguration.RequiredLength;
 								                options.Password.RequireNonAlphanumeric = _userPasswordConfiguration.RequireNonLetterOrDigit;
 								                options.Password.RequireDigit = _userPasswordConfiguration.RequireDigit;
 								                options.Password.RequireLowercase = _userPasswordConfiguration.RequireLowercase;
 								                options.Password.RequireUppercase = _userPasswordConfiguration.RequireUppercase;
 								                options.Lockout.MaxFailedAccessAttempts = _userPasswordConfiguration.MaxFailedAccessAttemptsBeforeLockout;
 								            }
 								        }
-												Initial DI attempt


											
										
										
											2020-05-15 15:21:15 +01:00
+								    }
 								}