Disabling hardcoded cookie auth (preparation to use more complicated authentication/authorization ways), make PageController route path to be fully configurable in order to serve IdentityManager2 from different configurable routes, library and deps bumps

Author: ChaosEngine

src/IdentityManager2/Api/Controllers/PageController.cs

@@ -8,6 +8,7 @@
 
 namespace IdentityManager2.Api.Controllers
 {
+    [Route("idm")]
     [SecurityHeaders]
     [ResponseCache(NoStore = true, Location = ResponseCacheLocation.None)]
     public class PageController : Controller

src/IdentityManager2/Configuration/DependencyInjection/IdentityManagerServiceCollectionExtensions.cs

@@ -45,20 +45,20 @@ public static IIdentityManagerBuilder AddIdentityManager(this IServiceCollection
                 options.AddPolicy(IdentityManagerConstants.IdMgrAuthPolicy, config =>
                 {
                     config.RequireClaim(identityManagerOptions.SecurityConfiguration.RoleClaimType, identityManagerOptions.SecurityConfiguration.AdminRoleName);
-                    config.AddAuthenticationSchemes(IdentityManagerConstants.LocalApiScheme);
+                    // config.AddAuthenticationSchemes(IdentityManagerConstants.LocalApiScheme);
                 });
             });
 
-            services.AddAuthentication()
-                .AddCookie(IdentityManagerConstants.LocalApiScheme, options =>
-                {
-                    options.Cookie.SameSite = SameSiteMode.Strict;
-                    options.Cookie.HttpOnly = true;
-                    options.Cookie.IsEssential = true;
-                    options.Cookie.SecurePolicy = CookieSecurePolicy.SameAsRequest;
+            // services.AddAuthentication()
+            //     .AddCookie(IdentityManagerConstants.LocalApiScheme, options =>
+            //     {
+            //         options.Cookie.SameSite = SameSiteMode.Strict;
+            //         options.Cookie.HttpOnly = true;
+            //         options.Cookie.IsEssential = true;
+            //         options.Cookie.SecurePolicy = CookieSecurePolicy.SameAsRequest;
 
-                    options.LoginPath = "/api/login";
-                });
+            //         options.LoginPath = "/api/login";
+            //     });
 
             identityManagerOptions.SecurityConfiguration.Configure(services);
 

src/IdentityManager2/IdentityManager2.csproj

@@ -50,14 +50,14 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="AutoMapper" Version="7.0.1" />
-    <PackageReference Include="Newtonsoft.Json" Version="11.0.2" />
+    <PackageReference Include="AutoMapper" Version="8.1.1" />
+    <PackageReference Include="Newtonsoft.Json" Version="12.0.2" />
     <PackageReference Include="System.ComponentModel.Annotations" Version="4.5.0" />
-    <PackageReference Include="Microsoft.AspNetCore.Mvc" Version="2.1.0" />
-    <PackageReference Include="Microsoft.AspNetCore.Authentication" Version="2.1.0" />
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.Cookies" Version="2.1.0" />
-    <PackageReference Include="Microsoft.AspNetCore.StaticFiles" Version="2.1.0" />
-    <PackageReference Include="Microsoft.Extensions.FileProviders.Embedded" Version="2.1.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Mvc" Version="2.2.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication" Version="2.2.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.Cookies" Version="2.2.0" />
+    <PackageReference Include="Microsoft.AspNetCore.StaticFiles" Version="2.2.0" />
+    <PackageReference Include="Microsoft.Extensions.FileProviders.Embedded" Version="2.2.0" />
   </ItemGroup>
 
   <ItemGroup>