Merge pull request skoruba#1 from chadbengen/feature/multitenant

Feature/multitenant

Author: shubham-vunet

.gitignore

@@ -277,4 +277,5 @@ __pycache__/
 # Don't ignore these log folders
 !/src/Skoruba.IdentityServer4.Admin/Resources/Views/Log/
 !/src/Skoruba.IdentityServer4.Admin.BusinessLogic/Dtos/Log/
-!/src/Skoruba.IdentityServer4.Admin/Views/Log/
+!/src/Skoruba.IdentityServer4.Admin/Views/Log/
+*.development.json

README.md

@@ -125,6 +125,12 @@ The following Gulp commands are available:
 Add-Migration AspNetIdentityDbInit -context AdminIdentityDbContext -output Data/Migrations/Identity
 Update-Database -context AdminIdentityDbContext
 ```
+#### Migrations for Asp.Net Core MultiTenant Identity DbContext:
+
+```powershell
+Add-Migration AspNetMultiTenantIdentityDbInit -context MultiTenantUserIdentityDbContext -output Data/Migrations/Identity
+Update-Database -context MultiTenantUserIdentityDbContext
+```
 
 #### Migrations for Logging DbContext:
 

Skoruba.IdentityServer4.Admin.sln

@@ -33,7 +33,7 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Skoruba.IdentityServer4.Adm
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Skoruba.IdentityServer4.Admin.EntityFramework.Shared", "src\Skoruba.IdentityServer4.Admin.EntityFramework.Shared\Skoruba.IdentityServer4.Admin.EntityFramework.Shared.csproj", "{E18F8C70-7448-4039-9D78-1369D7F498EF}"
 EndProject
-Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Skoruba.IdentityServer4.Admin.EntityFramework.Extensions", "src\Skoruba.IdentityServer4.Admin.EntityFramework.Extensions\Skoruba.IdentityServer4.Admin.EntityFramework.Extensions.csproj", "{2DD3CB7D-462E-4039-B684-81B1E88C7C6A}"
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Skoruba.IdentityServer4.Admin.EntityFramework.Extensions", "src\Skoruba.IdentityServer4.Admin.EntityFramework.Extensions\Skoruba.IdentityServer4.Admin.EntityFramework.Extensions.csproj", "{2DD3CB7D-462E-4039-B684-81B1E88C7C6A}"
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution

Skoruba.IdentityServer4.Admin.sln.startup.json

@@ -0,0 +1,63 @@
+/*
+    This is a configuration file for the SwitchStartupProject Visual Studio Extension
+    See https://bitbucket.org/thirteen/switchstartupproject/src/tip/Configuration.md
+*/
+{
+    /*  Configuration File Version  */
+    "Version": 3,
+    
+    /*  Create an item in the dropdown list for each project in the solution?  */
+    "ListAllProjects": true,
+
+    /*
+        Dictionary of named configurations with one or multiple startup projects
+        and optional parameters like command line arguments and working directory.
+        Example:
+
+        "MultiProjectConfigurations": {
+          "A + B (Ext)": {
+            "Projects": {
+              "MyProjectA": {},
+              "MyProjectB": {
+                "CommandLineArguments": "1234",
+                "WorkingDirectory": "%USERPROFILE%\\test",
+                "StartExternalProgram": "c:\\myprogram.exe"
+              }
+            }
+          },
+          "A + B": {
+            "Projects": {
+              "MyProjectA": {},
+              "MyProjectB": {
+                "CommandLineArguments": "",
+                "WorkingDirectory": "",
+                "StartProject": true
+              }
+            }
+          },
+          "D (Debug x86)": {
+            "Projects": {
+              "MyProjectD": {}
+            },
+            "SolutionConfiguration": "Debug",
+            "SolutionPlatform": "x86",
+          },
+          "D (Release x64)": {
+            "Projects": {
+              "MyProjectD": {}
+            },
+            "SolutionConfiguration": "Release",
+            "SolutionPlatform": "x64",
+          }
+        }
+    */
+  "MultiProjectConfigurations": {
+    "Auth": {
+      "Projects": {
+        "Skoruba.IdentityServer4.STS.Identity": {},
+        "Skoruba.IdentityServer4.Admin.Api": {},
+        "Skoruba.IdentityServer4.Admin": {}
+      }
+    }
+  }
+}

src/Skoruba.IdentityServer4.Admin.Api/Configuration/Constants/AuthorizationConsts.cs

@@ -8,5 +8,11 @@ public class AuthorizationConsts
 
         public const string AdministrationPolicy = "RequireAdministratorRole";
         public const string AdministrationRole = "SkorubaIdentityAdminAdministrator";
+        public const string TenantManagerPolicy = "RequireTenantManagerRole";
+        public const string TenantManagerRole = "SkorubaIdentityTenantManager";
+        public const string TenantAdministratorPolicy = "RequireTenantAdministratorRole";
+        public const string TenantAdministratorRole = "TenantAdministrator";
+        public const string TenantAdvancedUserPolicy = "RequireTenantAdvancedUserRole";
+        public const string TenantAdvancedUserRole = "TenantAdvancedUser";
     }
 }

src/Skoruba.IdentityServer4.Admin.Api/DependencyInjection/Builder.cs

@@ -0,0 +1,14 @@
+using Microsoft.Extensions.DependencyInjection;
+
+namespace Skoruba.IdentityServer4.Admin.Api.DependencyInjection
+{
+    public class Builder : IBuilder
+    {
+        public Builder(IServiceCollection services)
+        {
+            Services = services;
+        }
+
+        public IServiceCollection Services { get; }
+    }
+}

src/Skoruba.IdentityServer4.Admin.Api/DependencyInjection/BuilderExtensions.MultiTenant.cs

@@ -0,0 +1,66 @@
+using Microsoft.AspNetCore.Identity;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.Extensions.DependencyInjection;
+using System;
+using Microsoft.AspNetCore.Hosting;
+using Skoruba.IdentityServer4.Admin.EntityFramework.Shared.DbContexts;
+using Skoruba.IdentityServer4.Admin.EntityFramework.Shared.Entities.Identity;
+using IdentityServer4.EntityFramework.Options;
+using Skoruba.IdentityServer4.Admin.BusinessLogic.Identity.Dtos.Identity;
+using System.Linq;
+using Skoruba.IdentityServer4.Admin.EntityFramework.Shared.Validators;
+using Skoruba.IdentityServer4.Admin.BusinessLogic.Identity.Mappers;
+using System.Collections.Generic;
+
+namespace Skoruba.IdentityServer4.Admin.Api.DependencyInjection
+{
+    public static partial class BuilderExtensions
+    {
+        public static IBuilder AddMultiTenantConfiguration
+            (this IServiceCollection services,
+            IHostingEnvironment hostingEnvironment,
+            Action<DbContextOptionsBuilder> identityDbContextOptions,
+            Action<ConfigurationStoreOptions> configurationStoreOptions,
+            Action<OperationalStoreOptions> operationalStoreOptions,
+            Action<DbContextOptionsBuilder> logDbContextOptions,
+            Action<IdentityOptions> identityOptions)
+        {
+            var builder = services
+                 .AddCustomConfiguration
+                     <MultiTenantUserIdentityDbContext, IdentityServerConfigurationDbContext, IdentityServerPersistedGrantDbContext, AdminLogDbContext>
+                     (identityDbContextOptions, configurationStoreOptions, operationalStoreOptions, logDbContextOptions)
+                 .AddCustomIdentity
+                     <MultiTenantUserIdentityDbContext, MultiTenantUserIdentity, UserIdentityRole>
+                     (identityOptions);
+
+            HashSet<Type> profileTypes = ProfileTypes;
+            profileTypes.Add(typeof(TenantMapperProfile));
+
+            builder.Services.AddAdminAspNetIdentityServices<MultiTenantUserIdentityDbContext, IdentityServerPersistedGrantDbContext,
+                   MultiTenantUserDto<string>, string, RoleDto<string>, string, string, string,
+                   MultiTenantUserIdentity, UserIdentityRole, string, UserIdentityUserClaim, UserIdentityUserRole,
+                   UserIdentityUserLogin, UserIdentityRoleClaim, UserIdentityUserToken,
+                   UsersDto<MultiTenantUserDto<string>, string>, RolesDto<RoleDto<string>, string>, UserRolesDto<RoleDto<string>, string, string>,
+                   UserClaimsDto<string>, UserProviderDto<string>, UserProvidersDto<string>, UserChangePasswordDto<string>,
+                   RoleClaimsDto<string>, UserClaimDto<string>, RoleClaimDto<string>>(profileTypes);
+
+            builder.Services.AddMultiTenantServiceDepencies();
+
+            builder.Services.Remove(builder.Services.FirstOrDefault(d => d.ServiceType == typeof(IUserValidator<MultiTenantUserIdentity>)));
+            builder.AddUserValidator<MultiTenantUserIdentity, MultiTenantUserValidator>();
+            builder.AddUserValidator<MultiTenantUserIdentity, RequireTenant>();
+            builder.AddUserValidator<MultiTenantUserIdentity, MightRequireTwoFactorAuthentication<MultiTenantUserIdentity>>();
+
+            builder.Services.AddAdminServices<IdentityServerConfigurationDbContext, IdentityServerPersistedGrantDbContext, AdminLogDbContext>();
+
+            builder.AddMvcServices<MultiTenantUserDto<string>, string, RoleDto<string>, string, string, string,
+                UserIdentity, UserIdentityRole, string, UserIdentityUserClaim, UserIdentityUserRole,
+                UserIdentityUserLogin, UserIdentityRoleClaim, UserIdentityUserToken,
+                UsersDto<MultiTenantUserDto<string>, string>, RolesDto<RoleDto<string>, string>, UserRolesDto<RoleDto<string>, string, string>,
+                UserClaimsDto<string>, UserProviderDto<string>, UserProvidersDto<string>, UserChangePasswordDto<string>,
+                RoleClaimsDto<string>>();
+
+            return builder;
+        }
+    }
+}

src/Skoruba.IdentityServer4.Admin.Api/DependencyInjection/BuilderExtensions.SingleTenant.cs

@@ -0,0 +1,53 @@
+using Microsoft.AspNetCore.Identity;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.Extensions.DependencyInjection;
+using System;
+using Microsoft.AspNetCore.Hosting;
+using Skoruba.IdentityServer4.Admin.EntityFramework.Shared.DbContexts;
+using Skoruba.IdentityServer4.Admin.EntityFramework.Shared.Entities.Identity;
+using IdentityServer4.EntityFramework.Options;
+using Skoruba.IdentityServer4.Admin.BusinessLogic.Identity.Dtos.Identity;
+
+namespace Skoruba.IdentityServer4.Admin.Api.DependencyInjection
+{
+    public static partial class BuilderExtensions
+    {
+        public static Builder AddSingleTenantConfiguration
+            (this IServiceCollection services,
+            IHostingEnvironment hostingEnvironment,
+            Action<DbContextOptionsBuilder> identityDbContextOptions,
+            Action<ConfigurationStoreOptions> configurationStoreOptions,
+            Action<OperationalStoreOptions> operationalStoreOptions,
+            Action<DbContextOptionsBuilder> logDbContextOptions,
+            Action<IdentityOptions> identityOptions)
+        {
+            var builder = new Builder(services);
+
+            builder.Services.AddCustomConfiguration
+                <AdminIdentityDbContext, IdentityServerConfigurationDbContext, IdentityServerPersistedGrantDbContext, AdminLogDbContext>
+                (identityDbContextOptions, configurationStoreOptions, operationalStoreOptions, logDbContextOptions)
+            .AddCustomIdentity<AdminIdentityDbContext, UserIdentity, UserIdentityRole>(identityOptions);
+
+            builder.Services.AddAdminAspNetIdentityServices<AdminIdentityDbContext, IdentityServerPersistedGrantDbContext, UserDto<string>, string, RoleDto<string>, string, string, string,
+                   UserIdentity, UserIdentityRole, string, UserIdentityUserClaim, UserIdentityUserRole,
+                   UserIdentityUserLogin, UserIdentityRoleClaim, UserIdentityUserToken,
+                   UsersDto<UserDto<string>, string>, RolesDto<RoleDto<string>, string>, UserRolesDto<RoleDto<string>, string, string>,
+                   UserClaimsDto<string>, UserProviderDto<string>, UserProvidersDto<string>, UserChangePasswordDto<string>,
+                   RoleClaimsDto<string>, UserClaimDto<string>, RoleClaimDto<string>>(ProfileTypes);
+
+            builder.Services.AddAdminServices<IdentityServerConfigurationDbContext, IdentityServerPersistedGrantDbContext, AdminLogDbContext>();
+
+            builder.AddMvcServices<UserDto<string>, string, RoleDto<string>, string, string, string,
+                UserIdentity, UserIdentityRole, string, UserIdentityUserClaim, UserIdentityUserRole,
+                UserIdentityUserLogin, UserIdentityRoleClaim, UserIdentityUserToken,
+                UsersDto<UserDto<string>, string>, RolesDto<RoleDto<string>, string>, UserRolesDto<RoleDto<string>, string, string>,
+                UserClaimsDto<string>, UserProviderDto<string>, UserProvidersDto<string>, UserChangePasswordDto<string>,
+                RoleClaimsDto<string>>();
+
+            //Uncomment below to require 2fa
+            //builder.AddUserValidator<UserIdentity, MightRequireTwoFactorAuthentication<UserIdentity>>();
+
+            return builder;
+        }
+    }
+}

src/Skoruba.IdentityServer4.Admin.Api/DependencyInjection/BuilderExtensions.cs

@@ -0,0 +1,119 @@
+using Microsoft.AspNetCore.Identity;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.Extensions.DependencyInjection;
+using System;
+using IdentityServer4.EntityFramework.Options;
+using Skoruba.IdentityServer4.Admin.EntityFramework.Interfaces;
+using IdentityServer4.EntityFramework.Storage;
+using Skoruba.IdentityServer4.Admin.BusinessLogic.Identity.Dtos.Identity;
+using System.Collections.Generic;
+using Skoruba.IdentityServer4.Admin.Api.Mappers;
+using Microsoft.AspNetCore.Identity.EntityFrameworkCore;
+using Microsoft.Extensions.DependencyInjection.Extensions;
+using Skoruba.IdentityServer4.Admin.Api.Helpers.Localization;
+using Skoruba.IdentityServer4.Admin.Api.Configuration.ApplicationParts;
+using Microsoft.AspNetCore.Mvc;
+
+namespace Skoruba.IdentityServer4.Admin.Api.DependencyInjection
+{
+    public static partial class BuilderExtensions
+    {
+        public static IBuilder AddCustomConfiguration
+            <TAdminIdentityDbContext, TIdentityServerConfigurationDbContext, TIdentityServerPersistedGrantDbContext, TAdminLogDbContext>
+            (this IServiceCollection services,
+            Action<DbContextOptionsBuilder> identityDbContextOptions,
+            Action<ConfigurationStoreOptions> configurationStoreOptions,
+            Action<OperationalStoreOptions> operationalStoreOptions,
+            Action<DbContextOptionsBuilder> logDbContextOptions)
+            where TAdminIdentityDbContext : DbContext
+            where TIdentityServerConfigurationDbContext : DbContext, IAdminConfigurationDbContext
+            where TIdentityServerPersistedGrantDbContext : DbContext, IAdminPersistedGrantDbContext
+            where TAdminLogDbContext : DbContext, IAdminLogDbContext
+        {
+            var builder = new Builder(services);
+
+            services.AddDbContext<TAdminIdentityDbContext>(identityDbContextOptions);
+            services.AddConfigurationDbContext<TIdentityServerConfigurationDbContext>(configurationStoreOptions);
+            services.AddOperationalDbContext<TIdentityServerPersistedGrantDbContext>(operationalStoreOptions);
+            services.AddDbContext<TAdminLogDbContext>(logDbContextOptions);
+
+            return builder;
+        }
+
+        public static IBuilder AddCustomIdentity
+            <TIdentityDbContext, TUserIdentity, TUserIdentityRole>
+            (this IBuilder builder, Action<IdentityOptions> identityOptions)
+            where TIdentityDbContext : DbContext
+            where TUserIdentity : class
+            where TUserIdentityRole : class
+        {
+            builder.Services
+                .AddIdentity<TUserIdentity, TUserIdentityRole>(identityOptions)
+                .AddEntityFrameworkStores<TIdentityDbContext>()
+                .AddDefaultTokenProviders();
+
+            return builder;
+        }
+
+        private static HashSet<Type> ProfileTypes => new HashSet<Type>
+            {
+                typeof(IdentityMapperProfile<RoleDto<string>, string, UserRolesDto<RoleDto<string>, string, string>, string, UserClaimsDto<string>, UserClaimDto<string>, UserProviderDto<string>, UserProvidersDto<string>, UserChangePasswordDto<string>,RoleClaimDto<string>, RoleClaimsDto<string>>)
+            };
+
+        /// <summary>
+        /// Register services for MVC
+        /// </summary>
+        /// <param name="services"></param>
+        public static IBuilder AddMvcServices<TUserDto, TUserDtoKey, TRoleDto, TRoleDtoKey, TUserKey, TRoleKey,
+            TUser, TRole, TKey, TUserClaim, TUserRole, TUserLogin, TRoleClaim, TUserToken,
+            TUsersDto, TRolesDto, TUserRolesDto, TUserClaimsDto,
+            TUserProviderDto, TUserProvidersDto, TUserChangePasswordDto, TRoleClaimsDto>
+            (this IBuilder builder)
+            where TUserDto : UserDto<TUserDtoKey>, new()
+            where TRoleDto : RoleDto<TRoleDtoKey>, new()
+            where TUser : IdentityUser<TKey>
+            where TRole : IdentityRole<TKey>
+            where TKey : IEquatable<TKey>
+            where TUserClaim : IdentityUserClaim<TKey>
+            where TUserRole : IdentityUserRole<TKey>
+            where TUserLogin : IdentityUserLogin<TKey>
+            where TRoleClaim : IdentityRoleClaim<TKey>
+            where TUserToken : IdentityUserToken<TKey>
+            where TRoleDtoKey : IEquatable<TRoleDtoKey>
+            where TUserDtoKey : IEquatable<TUserDtoKey>
+            where TUsersDto : UsersDto<TUserDto, TUserDtoKey>
+            where TRolesDto : RolesDto<TRoleDto, TRoleDtoKey>
+            where TUserRolesDto : UserRolesDto<TRoleDto, TUserDtoKey, TRoleDtoKey>
+            where TUserClaimsDto : UserClaimsDto<TUserDtoKey>
+            where TUserProviderDto : UserProviderDto<TUserDtoKey>
+            where TUserProvidersDto : UserProvidersDto<TUserDtoKey>
+            where TUserChangePasswordDto : UserChangePasswordDto<TUserDtoKey>
+            where TRoleClaimsDto : RoleClaimsDto<TRoleDtoKey>
+        {
+            builder.Services.TryAddTransient(typeof(IGenericControllerLocalizer<>), typeof(GenericControllerLocalizer<>));
+
+            builder.Services.AddMvc(o =>
+            {
+                o.Conventions.Add(new GenericControllerRouteConvention());
+            })
+                .SetCompatibilityVersion(CompatibilityVersion.Version_2_1)
+                .AddDataAnnotationsLocalization()
+                .ConfigureApplicationPartManager(m =>
+                {
+                    m.FeatureProviders.Add(new GenericTypeControllerFeatureProvider<TUserDto, TUserDtoKey, TRoleDto, TRoleDtoKey, TUserKey, TRoleKey, TUser, TRole, TKey, TUserClaim, TUserRole, TUserLogin, TRoleClaim, TUserToken,
+                        TUsersDto, TRolesDto, TUserRolesDto, TUserClaimsDto,
+                        TUserProviderDto, TUserProvidersDto, TUserChangePasswordDto, TRoleClaimsDto>());
+                });
+
+            return builder;
+        }
+
+        public static IBuilder AddUserValidator<TUser, TValidator>(this IBuilder builder)
+            where TUser : class
+            where TValidator : class
+        {
+            builder.Services.AddScoped(typeof(IUserValidator<TUser>), typeof(TValidator));
+            return builder;
+        }
+    }
+}

src/Skoruba.IdentityServer4.Admin.Api/DependencyInjection/IBuilder.cs

@@ -0,0 +1,18 @@
+using Microsoft.Extensions.DependencyInjection;
+
+namespace Skoruba.IdentityServer4.Admin.Api.DependencyInjection
+{
+    /// <summary>
+    /// Skoruba IdentityServer builder Interface
+    /// </summary>
+    public interface IBuilder
+    {
+        /// <summary>
+        /// Gets the services.
+        /// </summary>
+        /// <value>
+        /// The services.
+        /// </value>
+        IServiceCollection Services { get; }
+    }
+}