DEPRECATED: This repository is no longer maintained. It has been moved to a new location. Please visit our new repository here. This microservice is present under services sub-module.
This service allows to manage the users authorized to access Azure IoT Solutions. Users management can be done using any identity service provider supporting OpenId Connect.
The service depends on:
- Azure Active Directory used to store users and providing the certificates to validate JWT tokens signature. Any identity provider supporting OpenId Connect should work though.
- Configuration settings to define the trusted Issuer and expected Audience.
- Create an instance of Azure Active Directory or simply reuse the instance coming with your Azure subscription
- Register an application in AAD
- Get the Application ID and Issuer URL and store them in the service configuration.
- Install Docker
- Start the Auth service using docker compose:
cd scripts cd docker run
- Use an HTTP client such as Postman, to exercise the RESTful API.
- Install .NET Core 2.x
- Install any recent edition of Visual Studio (Windows/MacOS) or Visual
Studio Code (Windows/MacOS/Linux).
- If you already have Visual Studio installed, then ensure you have .NET Core Tools for Visual Studio 2017 installed (Windows only).
- If you already have VS Code installed, then ensure you have the C# for Visual Studio Code (powered by OmniSharp) extension installed.
- Create an instance of Azure Active Directory or simply reuse the instance coming with your Azure subscription
- Open the solution in Visual Studio or VS Code.
- Define environment variables, as needed. See Configuration and Environment variables for detailed information for setting these for your enviroment.
PCS_AUTH_AUDIENCE
= {your AAD application ID}PCS_AUTH_ISSUER
= {your AAD issuer URL}
- Start the WebService project (e.g. press F5).
- Use an HTTP client such as Postman, to exercise the RESTful API.
The solution contains the following projects and folders:
- WebService: ASP.NET Web API exposing a RESTful API for Authentication functionality, e.g. show the current user profile.
- Services: Library containing common business logic for interacting with Azure Active Directory.
- WebService.Test: Unit tests for the ASP.NET Web API project.
- Services.Test: Unit tests for the Services library.
- scripts: a folder containing scripts from the command line console, to build and run the solution, and other frequent tasks.
The scripts folder contains scripts for many frequent tasks:
build
: compile all the projects and run the tests.compile
: compile all the projects.run
: compile the projects and run the service. This will prompt for elevated privileges in Windows to run the web service.
The scripts
folder includes a docker subfolder with the
scripts required to package the service into a Docker image:
Dockerfile
: Docker image specificationsbuild
: build a Docker image and store the image in the local registryrun
: run the Docker container from the image stored in the local registrycontent
: a folder with files copied into the image, including the entry point script
The service configuration is accessed via ASP.NET Core configuration adapters, and stored in appsettings.ini. The INI format allows to store values in a readable format, with comments.
The configuration also supports references to environment variables, e.g. to import credentials and network details. Environment variables are not mandatory though, you can for example edit appsettings.ini and write credentials directly in the file. Just be careful not sharing the changes, e.g. sending a Pull Request or checking in the changes in git.
The configuration file in the repository references some environment variables that need to be defined. Depending on the OS and the IDE used, there are several ways to manage environment variables.
- If you're using Visual Studio or Visual Studio for Mac, the environment variables are loaded from the project settings. Right click on WebService, and select Options/Properties, and find the section with the list of env vars. See WebService/Properties/launchSettings.json.
- Visual Studio Code loads the environment variables from .vscode/launch.json
- When running the service with Docker or from the command line, the
application will inherit environment variables values from the system.
- This page describes how to setup env vars in Windows. We suggest to edit and execute once the env-vars-setup.cmd script included in the repository. The settings will persist across terminal sessions and reboots.
- For Linux and MacOS, we suggest to edit and execute env-vars-setup each time, before starting the service. Depending on OS and terminal, there are ways to persist values globally, for more information these pages should help:
Please follow our contribution guidelines. We love PRs too.
{TODO}
Please enter issues, bugs, or suggestions as GitHub Issues here: https://github.com/Azure/pcs-auth-dotnet/issues.