Versions Compared

Version Old Version 14 New Version 15
Changes made by

Christina Burkhard

Christina Burkhard

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
maxLevel3

Introduction

The API is configured via .NET dependency injection. Depending on the Openld client configuration and desired authentication method, the configuration can look different.

Basic options

ApiBaseUri

Die URl unter welcher die API erreichbar ist, z.BThe URL under which the API can be reached, Example: https://localhost:8000/apiv2

ExplodeFlatChainProperties

Default: true

Definiert ob Property-Chains als verschachtelte Objekte oder einfache objekte zurückgegeben werden.

BeispielDefines wether property chains are returned as nested objects or simple objects.

Example: /servicedmcore/CoreIdentity/2/?fields=Id,Nachname,CoreIdentityType.Id

ExplodeFlatChainProperties = true

ExplodeFlatChainProperties = false

Code Block
languagejson
{
    "ci_family_name": {
        "was_access_denied": false,
        "value": "Testikus"
    },
    "id": 20,
    "core_identity_type": {
        "id": {
            "was_access_denied": false,
            "value": 1
        }
    }
}
Code Block
languagejson
{
    "ci_family_name": {
        "was_access_denied": false,
        "value": "Testikus"
    },
    "core_identity_type.id": {
        "was_access_denied": false,
        "value": 1
    },
    "id": 20
}

AccessDeniedReplacementString

Definiert ob die AccessDeniedHandler-Objekte ersetzt werden sollen. Wird die Option verwendet wird anstelle der AccessDeniedHandler-Objekte nur der Wert der Value-Property zusück gegeben. Sollte eine Zugriffsverweigerung vorliegen wird anstelle des Wertes der ReplacementString zurückgegeben.

Diese Option ist nicht Typen-sicher, da im Fall einer Zugriffsverweigerung immer ein String zurückgegeben wird, unabhängig vom ursprünglichen Type der Property

BeispielDefines wether the AccessDeniedHandler objects should be replaced. If the option is used, only the value of the value property is returned instead of the AcessDeniedHandler objects. If there is a denial access, the ReplacementString is returned instead of the value.

This option is not type-safe, since a string is always returned in the event of an access denial, regardless of the original type of the property.

Example: /servicedmcore/CoreIdentity/2/?fields=Id,Nachname,Language

AccessDeniedReplacementString=">Denied<"

Code Block
languagejson
{
    "ci_family_name": {
        "was_access_denied": true,
        "value": null
    },
    "id": 20,
    "core_identity_type": {
        "id": {
            "was_access_denied": false,
            "value": 1
        }
    }
}
Code Block
languagejson
{
    "ci_family_name": ">Denied<",
    "id": 20,
    "core_identity_type": {
        "id": 1
    }
}

.NET Core

...

configuration

...

Required assemblies

  • iTsense.Moving.Common.NetStandard

  • iTsense.Moving.Common.ApiV2

  • iTsense.Moving.Common.ApiV2.Client

  • iTsense.Moving.Common.ApiV2.Client.NetCore

...

Optional assemblies

  • iTsense.Moving.Common.ApiV2.Client.DataContracts

    • Standard Datacontracts

...

Example configuration with authentication via HTTP

...

user context

Code Block
languagec#
public void ConfigureServices(IServiceCollection services)
{
	services.AddApiV2ClientWithHttpContextAuthentication(o =>
	{
		o.ApiBaseUri = new Uri("https://localhost:8000/apiv2");
		//o.ExplodeFlatChainProperties = false;
		//o.AccessDeniedReplacementString = ">>AccessDenied<<";
	});
	services.AddOpenIdConnectCookieAuthentication<IApiV2Client>(options =>
	{
		options.Authority = "https://coslogin.local:5000";
		options.RequireHttpsMetadata = false; // dev only
		options.ClientId = "[OpenID Client Id]";
		options.ClientSecret = "[OpenID Client Secret]";
		options.ResponseType = "code";
		options.ResponseMode = "form_post";
		options.Scope.Add("roles");
		options.Scope.Add("profile");
		options.Scope.Add("offline_access");
		options.SaveTokens = true;
		options.GetClaimsFromUserInfoEndpoint = true;
		options.CallbackPath = "/signin-oidc";
		options.UsePkce = true;
	});
}

...

Example configuration with authentication via static API user

Code Block
languagec#
public void ConfigureServices(IServiceCollection services)
{
	services.AddApiV2ClientWithOpenIdPasswordFlow(o =>
	{
		o.Authority = new Uri("https://coslogin.local:5000");
		o.ApiBaseUri = new Uri("https://localhost:8000/apiv2");
		o.ClientId = "[OpenID Client Id]";
		o.ClientSecret = "[OpenID Client Secret]";
		o.Username = "[OpenID User Name]";
		o.Password = "[OpenID User Password]";
		//o.ExplodeFlatChainProperties = false;
		//o.AccessDeniedReplacementString = ">>AccessDenied<<";
	});
}

.NET Full Framework

...

configuration (Castle Windsor)

...

Required Assemblies

  • iTsense.Moving.Common.NetStandard

  • iTsense.Moving.Common.ApiV2

  • iTsense.Moving.Common.ApiV2.Client

  • iTsense.Moving.Common.ApiV2.Client.CastleWindsor

...

Optional assemblies

  • iTsense.Moving.Common.ApiV2.Client.DataContracts

    • Standard Datacontracts

...

Example configuration with authentication via static API user

Code Block
languagec#
public void ConfigureContainer(IWindsorContainer container)
{
	container.AddApiV2ClientWithOpenIdPasswordFlow(o =>
	{
		o.Authority = new Uri("https://coslogin.local:5000");
		o.ApiBaseUri = new Uri("https://localhost:8000/apiv2");
		o.ClientId = "[OpenID Client Id]";
		o.ClientSecret = "[OpenID Client Secret]";
		o.Username = "[OpenID User Name]";
		o.Password = "[OpenID User Password]";
	});
}

Mehrere Clients mit unterschiedlicher Konfiguration

Es können mehrere Clients mit unterschiedlichen Konfigurationen registriert werden. Dazu muss pro Konfiguration ein Interface deklariert. Diese können anschlissend via DependencyInjection konsumiert werden.

Die neuen Interfaces dürfen keine zusätzlichen Member enthalten!

...

Multiple clients with different coigurations

Multiple clients with different configuratins can be registered. To do this, one interface must be declared for each configuration. These can then be consumed via dependency injection.

The new interfaces must not contain any additional members!

Example configuration

Code Block
languagec#
public interface IApiV2ClientUserContext : IApiV2Client
{
}
public interface IApiV2ClientAdminContext : IApiV2Client
{
}

public class Startup
{
	public void ConfigureServices(IServiceCollection services)
	{
		services.AddApiV2ClientWithHttpContextAuthentication<IApiV2ClientUserContext>(o =>
		{
			o.ApiBaseUri = new Uri("https://localhost:8000/apiv2");
			//o.ExplodeFlatChainProperties = false;
			//o.AccessDeniedReplacementString = ">>AccessDenied<<";
		});
		services.AddOpenIdConnectCookieAuthentication<IApiV2ClientUserContext>(options =>
		{
			options.Authority = "https://coslogin.local:5000";
			options.RequireHttpsMetadata = false; // dev only
			options.ClientId = "[OpenID Client Id]";
			options.ClientSecret = "[OpenID Client Secret]";
			options.ResponseType = "code";
			options.ResponseMode = "form_post";
			options.Scope.Add("roles");
			options.Scope.Add("profile");
			options.Scope.Add("offline_access");
			options.SaveTokens = true;
			options.GetClaimsFromUserInfoEndpoint = true;
			options.CallbackPath = "/signin-oidc";
			options.UsePkce = true;
		});
		services.AddApiV2ClientWithOpenIdPasswordFlow<IApiV2ClientAdminContext>(o =>
		{
			o.Authority = new Uri("https://coslogin.local:5000");
			o.ApiBaseUri = new Uri("https://localhost:8000/apiv2");
			o.ClientId = "[OpenID Client Id]";
			o.ClientSecret = "[OpenID Client Secret]";
			o.Username = "[OpenID User Name]";
			o.Password = "[OpenID User Password]";
			//o.ExplodeFlatChainProperties = false;
			//o.AccessDeniedReplacementString = ">>AccessDenied<<";
		});
	}
}