using Microsoft.EntityFrameworkCore; using DigitalData.UserManager.Infrastructure.Repositories; using DigitalData.UserManager.Application; using DigitalData.Core.Application; using Microsoft.AspNetCore.Authentication.Cookies; using NLog.Web; using NLog; using DigitalData.Core.API; using DigitalData.UserManager.API; using DigitalData.UserManager.API.Controllers; using DigitalData.UserManager.Application.Services; var logger = LogManager.Setup().LoadConfigurationFromAppSettings().GetCurrentClassLogger(); logger.Debug("init main"); try { var builder = WebApplication.CreateBuilder(args); var config = builder.Configuration; builder.Services.AddEncryptor(builder.Configuration.GetSection("EncryptionParameters")); if (builder.Configuration.GetValue("RunAsWindowsService")) builder.Host.UseWindowsService(); builder.Logging.ClearProviders(); builder.Host.UseNLog(); builder.Services.AddControllers(); if (builder.Configuration.GetValue("UseSwagger")) { builder.Services.AddEndpointsApiExplorer(); builder.Services.AddSwaggerGen(); } builder.Services.AddControllers(opt => { opt.Conventions.Add(new RemoveIfControllerConvention() .AndIf(c => c.ControllerName == nameof(EncryptionController).Replace("Controller", "")) .AndIf(c => !config.GetValue("UseEncryptor"))); }); builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme) .AddCookie(options => { options.Cookie.HttpOnly = true; // Makes the cookie inaccessible to client-side scripts for security options.Cookie.SecurePolicy = CookieSecurePolicy.SameAsRequest; // Ensures cookies are sent over HTTPS only options.Cookie.SameSite = SameSiteMode.Strict; // Protects against CSRF attacks by restricting how cookies are sent with requests from external sites options.LoginPath = "/api/auth/login"; options.LogoutPath = "/api/auth/logout"; }); // Once the app is built, the password will be decrypted with Encryptor. lazy loading also acts as a call back method. Lazy? cnn_str = null; builder.Services.AddDbContext(options => options.UseSqlServer(cnn_str!.Value).EnableDetailedErrors()); var allowedOrigins = builder.Configuration.GetSection("AllowedOrigins").Get() ?? throw new InvalidOperationException("In appsettings there is no allowed origin."); builder.Services.AddCors(options => { options.AddPolicy(name: "DefaultCorsPolicy", builder => { builder.WithOrigins(allowedOrigins) .AllowAnyMethod() .AllowAnyHeader() .AllowCredentials(); }); }); //builder.Services.AddAutoMapper(typeof(DirectoryMappingProfile).Assembly); builder.Services.AddUserManager(); builder.ConfigureBySection(); builder.Services.AddDirectorySearchService(); builder.Services.AddCookieBasedLocalizer(); var app = builder.Build(); cnn_str = new(() => { var encryptor = app.Services.GetRequiredService(); var eCnnStr = config.GetConnectionString("DD_ECM_Connection") ?? throw new InvalidOperationException("Connection string 'DD_ECM_Connection' is missing from the configuration."); var cnnStr = encryptor.Decrypt(eCnnStr); return cnnStr; }); app.UseCors("DefaultCorsPolicy"); if (builder.Configuration.GetValue("UseSwagger")) { app.UseSwagger(); app.UseSwaggerUI(); } app.UseCookieBasedLocalizer("de-DE", "en-US"); app.UseDefaultFiles(); app.UseStaticFiles(); app.UseRouting(); app.UseHttpsRedirection(); app.UseAuthentication(); app.UseAuthorization(); app.MapControllers(); app.MapDefaultControllerRoute(); app.Run(); } catch (Exception exception) { logger.Error(exception, "Stopped program because of exception"); throw; }