-
-
Notifications
You must be signed in to change notification settings - Fork 199
Expand file tree
/
Copy pathProgram.cs
More file actions
88 lines (73 loc) · 2.8 KB
/
Program.cs
File metadata and controls
88 lines (73 loc) · 2.8 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
using Fido2Demo;
using Fido2NetLib;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Rewrite;
var builder = WebApplication.CreateBuilder(args);
// Configure Services
builder.Services.AddRazorPages(opts =>
{
// we don't care about antiforgery in the demo
opts.Conventions.ConfigureFilter(new IgnoreAntiforgeryTokenAttribute());
});
// Use the in-memory implementation of IDistributedCache.
builder.Services.AddMemoryCache();
builder.Services.AddDistributedMemoryCache();
builder.Services.AddSession(options =>
{
// Set a short timeout for easy testing.
options.IdleTimeout = TimeSpan.FromMinutes(2);
options.Cookie.HttpOnly = true;
// Strict SameSite mode is required because the default mode used
// by ASP.NET Core 3 isn't understood by the Conformance Tool
// and breaks conformance testing
options.Cookie.SameSite = SameSiteMode.Unspecified;
});
builder.Services.AddFido2(options =>
{
options.ServerDomain = builder.Configuration["fido2:serverDomain"];
options.ServerName = "FIDO2 Test";
options.Origins = builder.Configuration.GetSection("fido2:origins").Get<HashSet<string>>();
// Other options available:
options.TimestampDriftTolerance = builder.Configuration.GetValue<int>("fido2:timestampDriftTolerance");
options.MDSCacheDirPath = builder.Configuration["fido2:MDSCacheDirPath"];
options.BackupEligibleCredentialPolicy = builder.Configuration.GetValue<Fido2Configuration.CredentialBackupPolicy>("fido2:backupEligibleCredentialPolicy");
options.BackedUpCredentialPolicy = builder.Configuration.GetValue<Fido2Configuration.CredentialBackupPolicy>("fido2:backedUpCredentialPolicy");
})
.AddCachedMetadataService(config =>
{
config.AddFidoMetadataRepository(httpClientBuilder =>
{
//TODO: any specific config you want for accessing the MDS
});
});
var app = builder.Build();
// Configure Pipeline
if (app.Environment.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Error");
app.UseRewriter(new RewriteOptions().AddRedirectToWWwIfPasswordlessDomain());
}
// Enforce HTTPS redirection for all requests
app.UseHttpsRedirection();
app.UseSession();
// Serve the .well-known/webauthn file for WebAuthn related origins
// Can be overridden via WEBAUTHN_WELL_KNOWN environment variable (JSON string)
app.MapGet("/.well-known/webauthn", (IWebHostEnvironment env, IConfiguration config) =>
{
var envContent = config["WEBAUTHN_WELL_KNOWN"];
if (!string.IsNullOrEmpty(envContent))
{
return Results.Content(envContent, "application/json");
}
return Results.File(Path.Combine(env.WebRootPath, ".well-known", "webauthn"), "application/json");
});
app.UseStaticFiles();
app.UseRouting();
app.MapFallbackToPage("/", "/overview");
app.MapRazorPages();
app.MapControllers();
app.Run();