From 2cfee78597971b2e3e7e612eb9d7e8805e1aef85 Mon Sep 17 00:00:00 2001
From: ivarlovlie <git@ivarlovlie.no>
Date: Mon, 10 Aug 2020 21:35:58 +0200
Subject: add signing credentials

---
 src/server/Startup.cs | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

(limited to 'src/server/Startup.cs')

diff --git a/src/server/Startup.cs b/src/server/Startup.cs
index 891965b..7ebe86b 100644
--- a/src/server/Startup.cs
+++ b/src/server/Startup.cs
@@ -1,4 +1,5 @@
 using System.IO;
+using System.Security.Cryptography.X509Certificates;
 using Dough.IdentityServer;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
@@ -11,8 +12,6 @@ using Dough.Models.Database;
 using Dough.Services;
 using IdentityServer4.Configuration;
 using Microsoft.AspNetCore.DataProtection;
-using Microsoft.AspNetCore.Http;
-using Microsoft.AspNetCore.Mvc;
 
 namespace Dough
 {
@@ -30,13 +29,19 @@ namespace Dough
         private string GetConnectionStringFromEnvironment()
         {
             var host = Configuration.GetValue<string>("DB_HOST");
-            var port = Configuration.GetValue("DB_PORT", "3306");
+            var port = Configuration.GetValue<string>("DB_PORT");
             var user = Configuration.GetValue<string>("DB_USER");
             var password = Configuration.GetValue<string>("DB_PASSWORD");
             var name = Configuration.GetValue<string>("DB_NAME");
             return $"Server={host},{port};Database={name};User={user};Password={password}";
         }
 
+        private X509Certificate2 GetSigningCredentialFromPfx(string fileName)
+        {
+            var path = Path.Combine(Directory.GetCurrentDirectory(), "AppData", fileName);
+            return new X509Certificate2(path, string.Empty);
+        }
+
         public void ConfigureServices(IServiceCollection services)
         {
             services.AddCors(options =>
@@ -46,8 +51,7 @@ namespace Dough
                     builder
                         .WithOrigins(Constants.BrowserAppUrls)
                         .AllowAnyHeader()
-                        .AllowAnyMethod()
-                        .AllowCredentials();
+                        .AllowAnyMethod();
                 });
             });
 
@@ -72,7 +76,9 @@ namespace Dough
                 })
                 .AddInMemoryIdentityResources(Config.IdentityResources)
                 .AddInMemoryApiScopes(Config.ApiScopes)
-                .AddDeveloperSigningCredential()
+                .AddSigningCredential(GetSigningCredentialFromPfx("example.pfx"))
+                .AddValidationKey(GetSigningCredentialFromPfx("example2.pfx"))
+                .AddProfileService<ProfileService>()
                 .AddInMemoryClients(Config.Clients);
 
             services.AddSingleton<EmailService>();
@@ -87,6 +93,7 @@ namespace Dough
                 app.UseDeveloperExceptionPage();
 
             app.UseRouting();
+            app.UseStaticFiles();
             app.UseCors(DefaultCorsPolicy);
             app.UseHealthChecks("/health");
             app.UseStatusCodePages();
-- 
cgit v1.3