merge hotfix

Etherna · May 25, 2022 · c57fe63 · c57fe63
2 parents d140921 + 2c02516
commit c57fe63
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 2 deletions.
diff --git a/src/EthernaCredit.Services/EthernaCredit.Services.csproj b/src/EthernaCredit.Services/EthernaCredit.Services.csproj
@@ -20,7 +20,7 @@
   <ItemGroup>
     <PackageReference Include="Etherna.DomainEvents.AspNetCore" Version="1.3.1" />
     <PackageReference Include="EthernaACR" Version="0.3.0" />
-    <PackageReference Include="EthernaServicesClient.AspNetCore" Version="0.3.0-alpha.38" />
+    <PackageReference Include="EthernaServicesClient.AspNetCore" Version="0.3.0-alpha.41" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication.Etherna" Version="0.3.0-alpha.7" />
   </ItemGroup>
 

diff --git a/src/EthernaCredit/Startup.cs b/src/EthernaCredit/Startup.cs
@@ -137,6 +137,10 @@ public void ConfigureServices(IServiceCollection services)
             });
 
             // Configure authentication.
+            var allowUnsafeAuthorityConnection = false;
+            if (Configuration["SsoServer:AllowUnsafeConnection"] is not null)
+                allowUnsafeAuthorityConnection = bool.Parse(Configuration["SsoServer:AllowUnsafeConnection"]);
+
             services.AddAuthentication(options =>
                 {
                     options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
@@ -175,6 +179,8 @@ public void ConfigureServices(IServiceCollection services)
                     options.Scope.Add("ether_accounts");
                     options.Scope.Add("role");
 
+                    options.RequireHttpsMetadata = !allowUnsafeAuthorityConnection;
+
                     // Handle unauthorized call on api with 401 response. For users not logged in.
                     options.Events.OnRedirectToIdentityProvider = context =>
                     {
@@ -190,6 +196,8 @@ public void ConfigureServices(IServiceCollection services)
                 {
                     options.Audience = "ethernaCreditServiceInteract";
                     options.Authority = Configuration["SsoServer:BaseUrl"] ?? throw new ServiceConfigurationException();
+
+                    options.RequireHttpsMetadata = !allowUnsafeAuthorityConnection;
                 });
 
             // Configure authorization.
@@ -260,7 +268,7 @@ public void ConfigureServices(IServiceCollection services)
                 Configuration["SsoServer:Clients:SsoServer:ClientId"] ?? throw new ServiceConfigurationException(),
                 Configuration["SsoServer:Clients:SsoServer:Secret"] ?? throw new ServiceConfigurationException());
 
-            var clientCredentialTask = ethernaServiceClientBuilder.GetClientCredentialsTokenRequestAsync();
+            var clientCredentialTask = ethernaServiceClientBuilder.GetClientCredentialsTokenRequestAsync(!allowUnsafeAuthorityConnection);
             clientCredentialTask.Wait();
             var clientCredential = clientCredentialTask.Result;
 

diff --git a/src/EthernaCredit/appsettings.Development.json b/src/EthernaCredit/appsettings.Development.json
@@ -25,6 +25,7 @@
   },
 
   "SsoServer": {
+    //"AllowUnsafeConnection": false,
     "BaseUrl": "https://localhost:44379",
     "Clients": {
       "SsoServer": {