brunobritodev
diff --git a/‎docker-compose.yml‎
Lines changed: 41 additions & 9 deletions b/‎docker-compose.yml‎
Lines changed: 41 additions & 9 deletions
diff --git a/‎keys/JPProjectOAuth.cer‎
-791 Bytes b/‎keys/JPProjectOAuth.cer‎
-791 Bytes
diff --git a/‎keys/JpProjectOAuth.pvk‎
-1.18 KB b/‎keys/JpProjectOAuth.pvk‎
-1.18 KB
diff --git a/‎keys/cert.ps1‎
Lines changed: 38 additions & 0 deletions b/‎keys/cert.ps1‎
Lines changed: 38 additions & 0 deletions
diff --git a/‎src/Backend/Jp.UserManagement/Configuration/SwaggerConfig.cs‎
Lines changed: 1 addition & 1 deletion b/‎src/Backend/Jp.UserManagement/Configuration/SwaggerConfig.cs‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Backend/Jp.UserManagement/Properties/launchSettings.json‎
Lines changed: 1 addition & 1 deletion b/‎src/Backend/Jp.UserManagement/Properties/launchSettings.json‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Backend/Jp.UserManagement/Startup.cs‎
Lines changed: 2 additions & 4 deletions b/‎src/Backend/Jp.UserManagement/Startup.cs‎
Lines changed: 2 additions & 4 deletions
@@ -1,4 +1,12 @@
     version: "3"
+    
+    networks:
+        jpproject_network:
+          driver: bridge
+          ipam:
+            driver: default
+            config:
+              - subnet: 172.20.0.0/16
     services:
 
         # #############################
@@ -8,7 +16,7 @@
         #   image: redis:alpine
         #   ports:
         #       - "16379:6379"
-
+    
 
         #############################
         # Database
@@ -27,7 +35,10 @@
                 test: [ "CMD", "sqlcmd", "-U", "sa", "-P", "Password1", "-Q", "select 1" ]
                 interval: 1s
                 retries: 30
-              
+
+            networks:
+                jpproject_network:
+                    ipv4_address: 172.20.0.5
         #############################
         # Server SSO
         #############################
@@ -39,16 +50,23 @@
               dockerfile: sso.dockerfile
 
             ports:
-                - "5000:5000"
+                - "5001:80"
+                - "5000:443"
 
             depends_on:
                 - database
 
             environment: 
                 SQLSERVER_CONNECTION: "Server=database,1433;Initial Catalog=JpProject;Persist Security Info=False;User ID=sa;Password=@Password1;MultipleActiveResultSets=False;Connection Timeout=30;"
                 ASPNETCORE_ENVIRONMENT: "Development"
-                ISSUER_URI: "http://localhost:5000"
-                AMBIENT: "linux"
+                ISSUER_URI: "https://localhost:5000"
+                ASPNETCORE_Kestrel__Certificates__Default__Password: ".pxCpE]yttwC&b&hriw#,7K^_}A7xezRH3=EisJKn3]8.H}^Unzd+ebw]zzv_=d3"
+                ASPNETCORE_Kestrel__Certificates__Default__Path: "/root/.dotnet/https/jpproject.pfx"
+                ASPNETCORE_URLS: https://+:443;http://+:80
+
+            networks:
+                jpproject_network:
+                    ipv4_address: 172.20.0.6
 
         #############################
         # Management API
@@ -60,7 +78,8 @@
               dockerfile: user-management.dockerfile
 
             ports:
-                - "5003:5003"
+                - "5003:443"
+                - "5002:80"
 
             depends_on:
                 - database
@@ -69,9 +88,18 @@
             environment: 
                 SQLSERVER_CONNECTION: "Server=database,1433;Initial Catalog=JpProject;Persist Security Info=False;User ID=sa;Password=@Password1;MultipleActiveResultSets=False;Connection Timeout=30;"
                 ASPNETCORE_ENVIRONMENT: "Development"
-                AUTHORITY: "http://sso:5000"
+                AUTHORITY: "http://localhost"
+                ASPNETCORE_Kestrel__Certificates__Default__Password: ".pxCpE]yttwC&b&hriw#,7K^_}A7xezRH3=EisJKn3]8.H}^Unzd+ebw]zzv_=d3"
+                ASPNETCORE_Kestrel__Certificates__Default__Path: "/root/.dotnet/https/jpproject.pfx"
+                ASPNETCORE_URLS: https://+:443;http://+:80
                 VALIDATE_ISSUER: "false"
-                AMBIENT: "linux"
+
+            extra_hosts:
+                - "localhost:172.20.0.6"
+
+            networks:
+                jpproject_network:
+                    ipv4_address: 172.20.0.7
 
         #############################
         # User management UI
@@ -84,4 +112,8 @@
               dockerfile: ui-user-management.dockerfile
 
             ports:
-                - 4200:80
+                - 4200:80
+
+            networks:
+                jpproject_network:
+                    ipv4_address: 172.20.0.8
@@ -0,0 +1,38 @@
+param (
+    [Parameter(Mandatory=$true)][string]$certificatename,
+    [Parameter(Mandatory=$true)][SecureString]$certificatepassword
+ )
+# setup certificate properties including the commonName (DNSName) property for Chrome 58+
+$certificate = New-SelfSignedCertificate `
+    -Subject localhost `
+    -DnsName localhost `
+    -KeyAlgorithm RSA `
+    -KeyLength 2048 `
+    -NotBefore (Get-Date) `
+    -NotAfter (Get-Date).AddYears(2) `
+    -CertStoreLocation "cert:CurrentUser\My" `
+    -FriendlyName "Localhost Certificate for .NET Core" `
+    -HashAlgorithm SHA256 `
+    -KeyUsage DigitalSignature, KeyEncipherment, DataEncipherment `
+    -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.1") 
+$certificatePath = 'Cert:\CurrentUser\My\' + ($certificate.ThumbPrint)
+# create temporary certificate path
+$tmpPath = "C:\tmp"
+If(!(test-path $tmpPath))
+{
+New-Item -ItemType Directory -Force -Path $tmpPath
+}
+# set certificate password here
+$pfxPassword = $certificatepassword
+$pfxFilePath = $tmpPath + "\" + $certificatename + ".pfx"
+$cerFilePath = $tmpPath + "\" + $certificatename + ".cer"
+# create pfx certificate
+Export-PfxCertificate -Cert $certificatePath -FilePath $pfxFilePath -Password $pfxPassword
+Export-Certificate -Cert $certificatePath -FilePath $cerFilePath
+# import the pfx certificate
+Import-PfxCertificate -FilePath $pfxFilePath Cert:\LocalMachine\My -Password $pfxPassword -Exportable
+# trust the certificate by importing the pfx certificate into your trusted root
+Import-Certificate -FilePath $cerFilePath -CertStoreLocation Cert:\CurrentUser\Root
+# optionally delete the physical certificates (don’t delete the pfx file as you need to copy this to your app directory)
+# Remove-Item $pfxFilePath
+Remove-Item $cerFilePath
@@ -23,7 +23,7 @@ public static IServiceCollection AddSwagger(this IServiceCollection services)
                 options.AddSecurityDefinition("oauth2", new OAuth2Scheme
                 {
                     Flow = "implicit",
-                    AuthorizationUrl = "http://localhost:5000/connect/authorize",
+                    AuthorizationUrl = "https://localhost:5000/connect/authorize",
                     Scopes = new Dictionary<string, string> {
                         { "UserManagementApi.owner-content", "User Management API - full access" },
                     }
 
@@ -25,7 +25,7 @@
       "environmentVariables": {
         "ASPNETCORE_ENVIRONMENT": "Development"
       },
-      "applicationUrl": "http://localhost:5003;https://localhost:5002"
+      "applicationUrl": "https://localhost:5003;http://localhost:5002"
     },
     "Docker": {
       "commandName": "Docker",
 
@@ -45,27 +45,25 @@ public void ConfigureServices(IServiceCollection services)
             services.AddIdentity(Configuration);
             services.ConfigureCors();
 
-            var authorityUri = Environment.GetEnvironmentVariable("AUTHORITY") ?? "http://localhost:5000";
+            var authorityUri = Environment.GetEnvironmentVariable("AUTHORITY") ?? "https://localhost:5000";
             _logger.LogInformation($"Authority URI: {authorityUri}");
             services.AddAuthentication(options =>
                 {
                     options.DefaultAuthenticateScheme = IdentityServerAuthenticationDefaults.AuthenticationScheme;
                     options.DefaultChallengeScheme = IdentityServerAuthenticationDefaults.AuthenticationScheme;
-
                 })
                     .AddIdentityServerAuthentication(options =>
                                                     {
                                                         options.Authority = authorityUri;
                                                         options.RequireHttpsMetadata = false;
                                                         options.ApiSecret = "Q&tGrEQMypEk.XxPU:%bWDZMdpZeJiyMwpLv4F7d**w9x:7KuJ#fy,E8KPHpKz++";
                                                         options.ApiName = "UserManagementApi";
-
-
                                                         options.JwtBearerEvents.OnMessageReceived = (messae) =>
                                                         {
                                                             messae.Options.TokenValidationParameters.ValidateIssuer = bool.Parse(Environment.GetEnvironmentVariable("VALIDATE_ISSUER") ?? "true");
                                                             return Task.CompletedTask;
                                                         };
+                                                        
                                                     });
 
             services.AddSwagger();
Original file line number	Diff line number	Diff line change
`@@ -23,7 +23,7 @@ public static IServiceCollection AddSwagger(this IServiceCollection services)`
`23`	`23`	`options.AddSecurityDefinition("oauth2", new OAuth2Scheme`
`24`	`24`	`{`
`25`	`25`	`Flow = "implicit",`
`26`		`- AuthorizationUrl = "http://localhost:5000/connect/authorize",`
	`26`	`+ AuthorizationUrl = "https://localhost:5000/connect/authorize",`
`27`	`27`	`Scopes = new Dictionary<string, string> {`
`28`	`28`	`{ "UserManagementApi.owner-content", "User Management API - full access" },`
`29`	`29`	`}`