Updated NuGet dependencies, migrated authentication configuration in …

…Startup class to new 2.0 authentication stack (see aspnet/Security#1310)

HiP-DataStore.Model/HiP-DataStore.Model.csproj

@@ -11,8 +11,8 @@
 
   <ItemGroup>
     <PackageReference Include="HiP-EventStoreLib" Version="0.9.0" />
-    <PackageReference Include="Newtonsoft.Json" Version="10.0.2" />
-    <PackageReference Include="System.ComponentModel.Annotations" Version="4.3.0" />
+    <PackageReference Include="Newtonsoft.Json" Version="10.0.3" />
+    <PackageReference Include="System.ComponentModel.Annotations" Version="4.4.0" />
   </ItemGroup>
 
 </Project>

HiP-DataStore.Tests/HiP-DataStore.Tests.csproj

@@ -6,9 +6,9 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.AspNetCore.Identity" Version="1.1.2" />
+    <PackageReference Include="Microsoft.AspNetCore.Identity" Version="2.0.0" />
     <PackageReference Include="Microsoft.DotNet.InternalAbstractions" Version="1.0.0" />
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="15.0.0" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="15.3.0" />
     <PackageReference Include="MyTested.AspNetCore.Mvc.Universe" Version="1.1.0" />
     <PackageReference Include="xunit" Version="2.2.0" />
     <PackageReference Include="xunit.runner.visualstudio" Version="2.2.0" />

HiP-DataStore/HiP-DataStore.csproj

@@ -18,11 +18,11 @@
   <ItemGroup>
     <PackageReference Include="EventStore.ClientAPI.NetCore" Version="4.0.0-alpha-1" />
     <PackageReference Include="HiP-WebserviceLib" Version="2.1.0" />
-    <PackageReference Include="Microsoft.ApplicationInsights.AspNetCore" Version="2.0.0" />
-    <PackageReference Include="Microsoft.AspNetCore" Version="1.1.1" />
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="1.1.2" />
-    <PackageReference Include="Microsoft.AspNetCore.Mvc" Version="1.1.2" />
-    <PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="1.1.1" />
+    <PackageReference Include="Microsoft.ApplicationInsights.AspNetCore" Version="2.1.1" />
+    <PackageReference Include="Microsoft.AspNetCore" Version="2.0.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="2.0.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Mvc" Version="2.0.0" />
+    <PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="2.0.0" />
     <PackageReference Include="MongoDB.Driver" Version="2.4.4" />
     <PackageReference Include="Swashbuckle.AspNetCore" Version="1.0.0" />
   </ItemGroup>

HiP-DataStore/Startup.cs

@@ -1,4 +1,5 @@
-using Microsoft.AspNetCore.Builder;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
@@ -50,7 +51,20 @@ public void ConfigureServices(IServiceCollection services)
                     .Configure<AuthConfig>(Configuration.GetSection("Auth"))
                     .Configure<CorsConfig>(Configuration);
 
-            string domain = Configuration.GetSection("Auth").GetValue<string>("Authority");
+            var serviceProvider = services.BuildServiceProvider(); // allows us to actually get the configured services
+            var authConfig = serviceProvider.GetService<IOptions<AuthConfig>>();
+
+            // Configure authentication
+            services
+                .AddAuthentication(options => options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme)
+                .AddJwtBearer(options =>
+                {
+                    options.Audience = authConfig.Value.Audience;
+                    options.Authority = authConfig.Value.Authority;
+                });
+
+            // Configure authorization
+            var domain = authConfig.Value.Authority;
             services.AddAuthorization(options =>
             {
                 options.AddPolicy("read:datastore",
@@ -63,17 +77,18 @@ public void ConfigureServices(IServiceCollection services)
 
             services.AddCors();
             services.AddMvc();
-            services.AddSingleton<EventStoreClient>()
-                    .AddSingleton<CacheDatabaseManager>()
-                    .AddSingleton<InMemoryCache>()
-                    .AddSingleton<IDomainIndex, MediaIndex>()
-                    .AddSingleton<IDomainIndex, EntityIndex>()
-                    .AddSingleton<IDomainIndex, ReferencesIndex>()
-                    .AddSingleton<IDomainIndex, TagIndex>()
-                    .AddSingleton<IDomainIndex, ExhibitPageIndex>()
-                    .AddSingleton<IDomainIndex, ScoreBoardIndex>()
-                    .AddSingleton<IDomainIndex, RatingIndex>();
 
+            services
+                .AddSingleton<EventStoreClient>()
+                .AddSingleton<CacheDatabaseManager>()
+                .AddSingleton<InMemoryCache>()
+                .AddSingleton<IDomainIndex, MediaIndex>()
+                .AddSingleton<IDomainIndex, EntityIndex>()
+                .AddSingleton<IDomainIndex, ReferencesIndex>()
+                .AddSingleton<IDomainIndex, TagIndex>()
+                .AddSingleton<IDomainIndex, ExhibitPageIndex>()
+                .AddSingleton<IDomainIndex, ScoreBoardIndex>()
+                .AddSingleton<IDomainIndex, RatingIndex>();
         }
 
         // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
@@ -98,13 +113,7 @@ public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerF
                     .WithExposedHeaders(corsEnvConf.ExposedHeaders);
             });
 
-            var options = new JwtBearerOptions
-            {
-                Audience = authConfig.Value.Audience,
-                Authority = authConfig.Value.Authority
-            };
-            app.UseJwtBearerAuthentication(options);
-
+            app.UseAuthentication();
             app.UseMvc();
 
             // Swagger / Swashbuckle configuration: