deployment fixes

.vscode/launch.json

@@ -4,12 +4,6 @@
     // For further information visit https://github.com/OmniSharp/omnisharp-vscode/blob/master/debugger-launchjson.md
     "version": "0.2.0",
     "configurations": [
-        {
-            "name": ".NET Core Attach",
-            "type": "coreclr",
-            "request": "attach",
-            "processId": "${command:pickProcess}"
-        },
         {
             "name": "AspNetCoreSpa.Web",
             "type": "coreclr",
@@ -42,6 +36,12 @@
                 "/Views": "${workspaceFolder}/Views"
             }
         },
+        {
+            "name": ".NET Core Attach",
+            "type": "coreclr",
+            "request": "attach",
+            "processId": "${command:pickProcess}"
+        },
         {
             "name": "AspNetCoreSpa.STS",
             "type": "coreclr",

README.md

@@ -7,6 +7,7 @@
 * [ASP.NET Core](http://www.dot.net/)
 * [Entity Framework Core](https://docs.efproject.net/en/latest/)
     * Both Sql Server and Sql lite databases are supported (Check installation instrcutions for more details)
+* [Identity Server](http://identityserver.io/)
 * [Angular](https://angular.io/)
 * [Angular CLI](https://cli.angular.io/)
 * Secure - with CSP and custom security headers
@@ -19,13 +20,11 @@
 * Fast Unit Testing with [Jest](https://facebook.github.io/jest/).
 * E2E testing with [Protractor](http://www.protractortest.org).l
 * [Compodoc](https://compodoc.github.io/compodoc/) for Angular documentation
-* Login and Registration functionality using [Asp.Net Identity & JWT](https://docs.asp.net/en/latest/security/authentication/identity.html)
-* Token based authentication using [Openiddict](https://github.com/openiddict/openiddict-core)
-     * Get public key access using: http://127.0.0.1:5000/.well-known/jwks
+* Login and Registration functionality using [Identity Server implicit flow](http://identityserver.io/)
 * Extensible User/Role identity implementation
-* Social logins support with token based authentication, Follow [this](https://github.com/asadsahi/AspNetCoreSpa/wiki/Social-Login-Setup) wiki page to see how it will work.
-* [Angular dynamic forms](https://angular.io/docs/ts/latest/cookbook/dynamic-form.html) for reusability and to keep html code DRY.
-* [Swagger](http://swagger.io/) as Api explorer (Visit url **http://127.0.0.1:5000/swagger** OR whatever port visual studio has launched the website.). More [details](https://github.com/domaindrivendev/Swashbuckle.AspNetCore)
+* Social logins support with token based authentication, using [Identity Server](http://identityserver.io/)
+* [Angular dynamic forms] for reusable and DRY code.
+* [Swagger](http://swagger.io/) as Api explorer (Visit url **https://127.0.0.1:5050/swagger** OR whatever port visual studio has launched the website.). More [details](https://github.com/domaindrivendev/Swashbuckle.AspNetCore)
 
 ## Pre-requisites
 
@@ -37,14 +36,19 @@
 
 ## Installation
 ```
-1. Clone the repo
+1. Clone the repo:
     git clone https://github.com/asadsahi/AspNetCoreSpa
-2. Change directory
+2. Change directory:
     cd AspNetCoreSpa
-3. Run Server
+3. Restore packages:
+    dotnet restore AspNetCoreSpa.sln
+4. Run client project
+    cd AspNetCoreSpa.Web/ClientApp:
+    npm start
+5. Run .Net project:
     F5 from either [VScode] (https://code.visualstudio.com/) or [Visual Studio IDE](https://www.visualstudio.com/):
 
-4. Point to Sqllite or SqlServer
+6. Point to Sqllite or SqlServer
     
 This project supports both sql server and sql lite databases
 
@@ -60,6 +64,8 @@ This project supports both sql server and sql lite databases
         * Flip the switch in appsettings.json called `useSqLite` to `false`, this should point to use local sql server setup as default instance. (See appsettings.json file for connection string)
         * Run `dotnet ef migrations add "InitialMigrationName"`
 
+7. Point to identity server:
+    For ease project is using hosted idenitty serve at url (https://aspnetcorests.azurewebsites.net/). Alternatively, you can run local version of identity server by running AspNetCoreSpa.STS project and change appsettings.Development.json or appsettings.json file's StsAuthority config to identity server's url for appropriate environment.
 ```
 
 ## Other commands
@@ -80,13 +86,14 @@ Module    | `ng g module my-module`
 
 ### run Angular tests
 ```bash
-cd ClientApp
+cd src/AspNetCoreSpa.Web/ClientApp
 
 npm test
 ```
 ### Compodoc Angular documentation
  * Steps to generate:
     * npm i compodoc -g
+    * cd src/AspNetCoreSpa.Web/ClientApp
     * npm run compodoc
     * cd documentation
     * http-server

src/AspNetCoreSpa.STS/AspNetCoreSpa.STS.csproj

@@ -16,7 +16,7 @@
     <PackageReference Include="Microsoft.AspNetCore.App" Version="2.1.5" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="2.1.2" />
     <PackageReference Include="Microsoft.EntityFrameworkCore.Sqlite" Version="2.1.4" />
-    <PackageReference Include="Microsoft.VisualStudio.Azure.Containers.Tools.Targets" Version="1.0.2073426" />
+    <PackageReference Include="Microsoft.VisualStudio.Azure.Containers.Tools.Targets" Version="1.1.1" />
     <PackageReference Include="Serilog" Version="2.7.2-dev-01024" />
     <PackageReference Include="Serilog.Sinks.Console" Version="3.1.2-dev-00777" />
     <PackageReference Include="Serilog.Extensions.Logging" Version="2.0.2" />

src/AspNetCoreSpa.Web/AspNetCoreSpa.Web.csproj

@@ -22,7 +22,7 @@
     <PackageReference Include="Microsoft.AspNetCore.SignalR.Protocols.MessagePack" Version="1.0.4" />
     <PackageReference Include="Microsoft.AspNetCore.SpaServices.Extensions" Version="2.1.1" />
     <PackageReference Include="Microsoft.EntityFrameworkCore.Sqlite" Version="2.1.4" />
-    <PackageReference Include="Microsoft.VisualStudio.Azure.Containers.Tools.Targets" Version="1.0.2073426" />
+    <PackageReference Include="Microsoft.VisualStudio.Azure.Containers.Tools.Targets" Version="1.1.1" />
     <PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="2.1.5" />
     <PackageReference Include="Swashbuckle.AspNetCore" Version="3.0.0" />
     <PackageReference Include="Swashbuckle.AspNetCore.SwaggerUI" Version="3.0.0" />

src/AspNetCoreSpa.Web/Extensions/ApplicationBuilderExtensions.cs

@@ -38,9 +38,12 @@ public static IApplicationBuilder AddCustomSecurityHeaders(this IApplicationBuil
 
                         // Allow AJAX, WebSocket and EventSource connections to:
                         var socketUrl = Startup.Configuration["HostUrl"].ToString().Replace("http://", "ws://", StringComparison.OrdinalIgnoreCase).Replace("https://", "wss://", StringComparison.OrdinalIgnoreCase);
+                        var stsUrl = Startup.Configuration["StsAuthority"];
+
 
                         builder.AddConnectSrc()
                             .Self()
+                            .From(stsUrl)
                             .From(socketUrl);
 
                         builder.AddFontSrc() // font-src 'self'
@@ -70,11 +73,12 @@ public static IApplicationBuilder AddCustomSecurityHeaders(this IApplicationBuil
                         builder.AddMediaSrc()
                             .Self();
 
-                        builder.AddFrameAncestors() // frame-ancestors 'none'
+                        // frame-ancestors 'none'
+                        builder.AddFrameAncestors()
                             .None();
 
                         builder.AddFrameSource()
-                            .None();
+                            .From(stsUrl);
 
                         // You can also add arbitrary extra directives: plugin-types application/x-shockwave-flash"
                         // builder.AddCustomDirective("plugin-types", "application/x-shockwave-flash");

src/AspNetCoreSpa.Web/Properties/PublishProfiles/aspnetcorespa - Web Deploy.pubxml

@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+This file is used by the publish/package process of your Web project. You can customize the behavior of this process
+by editing this MSBuild file. In order to learn more about this please visit https://go.microsoft.com/fwlink/?LinkID=208121. 
+-->
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <PropertyGroup>
+    <WebPublishMethod>MSDeploy</WebPublishMethod>
+    <ResourceId>/subscriptions/7ae30a32-92e3-47e4-8d66-0902891ce2f4/resourceGroups/free-pro/providers/Microsoft.Web/sites/aspnetcorespa</ResourceId>
+    <ResourceGroup>free-pro</ResourceGroup>
+    <PublishProvider>AzureWebSite</PublishProvider>
+    <LastUsedBuildConfiguration>Release</LastUsedBuildConfiguration>
+    <LastUsedPlatform>Any CPU</LastUsedPlatform>
+    <SiteUrlToLaunchAfterPublish>http://aspnetcorespa.azurewebsites.net</SiteUrlToLaunchAfterPublish>
+    <LaunchSiteAfterPublish>True</LaunchSiteAfterPublish>
+    <ExcludeApp_Data>False</ExcludeApp_Data>
+    <TargetFramework>netcoreapp2.1</TargetFramework>
+    <ProjectGuid>66cd6482-8a49-4d55-97e5-4e97935f8f92</ProjectGuid>
+    <SelfContained>false</SelfContained>
+    <_IsPortable>true</_IsPortable>
+    <MSDeployServiceURL>aspnetcorespa.scm.azurewebsites.net:443</MSDeployServiceURL>
+    <DeployIisAppPath>aspnetcorespa</DeployIisAppPath>
+    <RemoteSitePhysicalPath />
+    <SkipExtraFilesOnServer>False</SkipExtraFilesOnServer>
+    <MSDeployPublishMethod>WMSVC</MSDeployPublishMethod>
+    <EnableMSDeployBackup>True</EnableMSDeployBackup>
+    <UserName>$aspnetcorespa</UserName>
+    <_SavePWD>True</_SavePWD>
+    <_DestinationType>AzureWebSite</_DestinationType>
+    <InstallAspNetCoreSiteExtension>False</InstallAspNetCoreSiteExtension>
+  </PropertyGroup>
+</Project>