-
Notifications
You must be signed in to change notification settings - Fork 0
2. Identity Provider
The Identity Provider (IDP) is one of the key components of the solution. Has been built using .Net Core.
It is important to clarify that are many different ways to configure the ipmdecisions/identityproviderservice image when building it. Depending on the needs during the deployment, you might choose one.
When .Net Core applications are loaded, they use default configuration files: appsettings.json
or/and appsettings.{Environment}.json
. See in the repository the file that is included inside the docker image. As expected, the default configuration is very generic.
Finally, when deploying using docker-compose, you can also add environmental variables
. These variables will override the appsettings.json ones.
This microservice needs a MySQL database to run. The database will run in its own container. To create the database structure and add default data, an SQL script has been created. It is located on the repository.
This script can be run the first time the database container is created adding in it on the volumes
section of the docker-compose.
Also, you can do a backup of an existing database and applied to MySQL instance.
Name | Possible Values | Description | Notes |
---|---|---|---|
ASPNETCORE_ENVIRONMENT | Development/Staging/Production | Set the application environment | Production enforces HTTPS, so only use when certificates installed |
ASPNETCORE_URLS | http://+:80 | Sets entry port of the solution. Must match docker ports | Use https://+:443;http://+:80 when valid HTTPS certificates installed |
ASPNETCORE_HTTPS_PORT | 443 | Enforces HHTPS entry port | Use when valid HTTPS certificates installed |
ASPNETCORE_Kestrel__Certificates__Default__Path | /https/YourCertificate.pfx | Internal path to your HTTPS certificate | Use when valid HTTPS certificates installed |
ASPNETCORE_Kestrel__Certificates__Default__Password | abc1234 | Password of your internal HTTPS certificate | Use when valid HTTPS certificates installed |
ConnectionStrings:MySqlDbConnection | Server=yourServer;Database=yourDatabase;Uid=your_mysql_user;Pwd=your_mysql_password | Location of the database | Server, if using docker, should be the hostname. If using the SQL script to create DB, the database, username and password should match the values of the script. |
JwtSettings:TokenLifetimeMinutes | 100 | Sets the expiration time of the JWT before the user needs to get a new one | Needs to be a number. The default value is 80 |
JwtSettings:SecretKey | 12345abcd | This API and others are protected by JWT, this secret key signs the token | This secret key MUST match theother microservices |
JwtSettings:IssuerServerUrl | IDPServerURL | Identifies the principal that issued the JWT, in this case, this server | This issuer MUST match the other microservices |
JwtSettings:ValidAudiences | Audience1;Audience2 | Identifies the recipients that the JWT is intended for | Values must be separated by ;
|
AllowedHosts | test.com;http://localhost.com;* | Cross-Origin Requests | Allowlist origins that can make request into the application. Values must be separated by ;
|
IPMEmailMicroservice:ApiGatewayAddress | |||
IPMEmailMicroservice:EmailMicroservice | |||
IPMEmailMicroservice:ContentTypeHeader | |||
IPMEmailMicroservice:SecurityTokenCustomHeader | |||
IPMEmailMicroservice:SecurityToken | |||
NLog:targets:logfile:fileName | |||
NLog:rules:logfile:minLevel | |||
NLog:rules:logconsole:minLevel | |||
UIPageAddresses:ResetPasswordFormPageAddress | |||
UIPageAddresses:ConfirmUserFormPageAddress |
If you prefer to change load your own appsettings.json
, you can achieve this by mounting them using docker-compose volumes. Bellow is the location inside the container where you should copy the files:
volumes:
- ./your/localPath/appsettings.json:/app/appsettings.json
- ./your/localPath/appsettings.Development.json:/app/appsettings.Development.json
Below is an example of the Identity Provider and its database section in the docker-compose file:
For general API Documentation, check https://h2020ipmdecisionsapigateway.docs.apiary.io/