using MYAPI.API.Core.Interfaces;

using MYAPI.API.Filters;

using MYAPI.Business;

using AutoMapper;

using AutoMapper.Data;

using Microsoft.AspNetCore.Authentication;

using Microsoft.AspNetCore.Authentication.AzureAD.UI;

using Microsoft.AspNetCore.Authentication.JwtBearer;

using Microsoft.AspNetCore.Authorization;

using Microsoft.AspNetCore.Builder;

using Microsoft.AspNetCore.Hosting;

using Microsoft.AspNetCore.Http;

using Microsoft.AspNetCore.Mvc;

using Microsoft.AspNetCore.Mvc.Authorization;

using Microsoft.AspNetCore.Mvc.Infrastructure;

using Microsoft.AspNetCore.Mvc.Routing;

using Microsoft.Azure.KeyVault;

using Microsoft.Extensions.Configuration;

using Microsoft.Extensions.DependencyInjection;

using Microsoft.Extensions.Logging;

using Newtonsoft.Json;

using Newtonsoft.Json.Serialization;

using Swashbuckle.AspNetCore.Swagger;

using System.Collections.Generic;

using System.IO;

​

​

​

namespace myAPI

{

    public class Startup

    {

        ILogger<Startup> Logger { get; }

​

        public Startup(IConfiguration configuration, IHostingEnvironment env, ILogger<Startup> logger)

        {

            Logger = logger;

            Startup.Configuration = configuration;

            var envPath = Path.Combine(env.ContentRootPath, ".env");

            if (File.Exists(envPath))

            {

                DotNetEnv.Env.Load();

            }

​

            JsonConvert.DefaultSettings = () =>

                new JsonSerializerSettings()

                {

                    ContractResolver = new CamelCasePropertyNamesContractResolver(),

                    NullValueHandling = NullValueHandling.Ignore,

                    DefaultValueHandling = DefaultValueHandling.Include,

                    ReferenceLoopHandling = ReferenceLoopHandling.Ignore,

#if DEBUG

                    Formatting = Formatting.Indented

#else

                    Formatting = Formatting.None

#endif

                };

​

        }

​

        public static IConfiguration Configuration { get; private set; }

​

        // This method gets called by the runtime. Use this method to add services to the container.

        public void ConfigureServices(IServiceCollection services)

        {

            services.Configure<CookiePolicyOptions>(options =>

            {

                // This lambda determines whether user consent for non-essential cookies is needed for a given request.

                options.CheckConsentNeeded = context => true;

                options.MinimumSameSitePolicy = SameSiteMode.None;

            });

​

            services.AddAuthentication(AzureADDefaults.AuthenticationScheme)

                .AddAzureADBearer(options => Configuration.Bind("AzureAd", options));     

​

            services.AddMvc(config =>

            {

                var policy = new AuthorizationPolicyBuilder()

                .RequireAuthenticatedUser()

                .Build();

                config.Filters.Add(new AuthorizeFilter(policy));

            }).SetCompatibilityVersion(CompatibilityVersion.Version_2_1);

​

​

            services.AddSwaggerGen(c =>

            {

               // c.SwaggerDoc("v1", new Info { Title = "My API", Version = "v1" });

                c.AddSecurityDefinition("oauth2", new OAuth2Scheme

                {

                    Type = "oauth2",

                    Flow = "implicit",

                    AuthorizationUrl = $"https://login.microsoftonline.com/{Configuration["AzureAD:TenantId"]}/oauth2/authorize",

                    Scopes = new Dictionary<string, string>

                    {

                        { "user_impersonation", "Access API" }

                    }

                });

​

                c.AddSecurityRequirement(new Dictionary<string, IEnumerable<string>>

                {

                    { "oauth2", new[] { "user_impersonation" } }

                });

            });

​

            services.AddTransient<IMyxyzService, StreamService>();          

            services.AddTransient(typeof(IKeyVaultClient), typeof(MyxyxService));

            services.AddCors()

​

                .AddSingleton<IActionContextAccessor, ActionContextAccessor>()               

​

                .AddScoped<IUrlHelper>(x => x

                    .GetRequiredService<IUrlHelperFactory>()

                    .GetUrlHelper(x.GetRequiredService<IActionContextAccessor>().ActionContext))

                .AddMvcCore(options =>

                {

                    options.Filters.Add(new ValidateModelFilter()); 

                    options.Filters.Add(new CacheControlFilter());  

                })

                .AddApiExplorer()

                .AddJsonFormatters()   

                .AddJsonOptions(options =>

                {

                    options.SerializerSettings.NullValueHandling = NullValueHandling.Ignore;

                    options.SerializerSettings.DefaultValueHandling = DefaultValueHandling.Include;

                    options.SerializerSettings.ContractResolver = new CamelCasePropertyNamesContractResolver();

                    options.SerializerSettings.ReferenceLoopHandling = ReferenceLoopHandling.Ignore;

#if DEBUG

                    options.SerializerSettings.Formatting = Formatting.Indented;

#else

                    options.SerializerSettings.Formatting = Formatting.None;

#endif

                });

            Mapper.Initialize(cfg =>

            {

                cfg.AddDataReaderMapping();

​

            });

​

            services

                .AddAutoMapper()    

                .AddSwagger();      

        }

​

        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.

        public void Configure(IApplicationBuilder app, IHostingEnvironment env)

        {

​

​

            if (env.IsDevelopment())

            {

                app.UseDeveloperExceptionPage();

            }

            else

            {

                app.UseHsts();

            }

            // Use an exception handler middleware before any other handlers

            app.UseExceptionHandler();

            app.UseHttpsRedirection();

            app.UseStaticFiles();

            app.UseCookiePolicy();

​

            app.UseAuthentication();        

            app.UseCors(builder => builder

                .AllowAnyOrigin()

                .AllowAnyMethod()

                .AllowAnyHeader()

                .AllowCredentials());

                app

                .UseSwagger()

                        .UseMvc()

                        .UseAuthentication()

                        .UseHttpsRedirection()

                        .UseOptionsVerbHandler()    

                        .UseSwaggerWithOptions()   

                       .UseSwaggerUI(c =>

                       {

                           c.OAuthClientId(Configuration["Swagger:ClientId"]);

                           c.OAuthClientSecret(Configuration["Swagger:ClientSecret"]);

                           c.OAuthRealm(Configuration["AzureAd:ClientId"]);

                           c.OAuthAppName("my API V1");

                           c.OAuthScopeSeparator(" ");                          

                           c.OAuthAdditionalQueryStringParams(new Dictionary<string, string>

                            {

                                { "scope", API_AppID_URI} //App-ID URI copied from Dashboard>>Microsoft - App registrations>>MY_API_APP>>Settings>>Properties 

                                //the orignal OAuth 2.0 specification, there is no resource parameter in the authorization request. It use scope parameter.

                            });

​

                       });

​

​

        }

    }

}

​