Skip to content

dbarkwell/Ocelot.ConfigEditor

Repository files navigation

Ocelot.ConfigEditor

A configuration editor for Ocelot (https://github.com/TomPallister/Ocelot).

Build Status

How To

  1. Add the Ocelot.ConfigEditor nuget package to an Ocelot application
  2. Add the Ocelot.ConfigEditor service with: AddOcelotConfigEditor

Examples:

.ConfigureServices(s =>
{
    s.AddOcelot();
    s.AddOcelotConfigEditor();
})
public void ConfigureServices(IServiceCollection services)
{
    services.AddOcelot();
    services.AddOcelotConfigEditor();
}
  1. Add the Ocelot.ConfigEditor middleware with: UseOcelotConfigEditor

Examples:

.Configure(app => 
{
    app.UseOcelotConfigEditor();
    app.UseOcelot().Wait();
}
public void Configure(IApplicationBuilder app)
{
    app.UseOcelotConfigEditor();
    app.UseOcelot().Wait();
}
  1. Build the project
  2. The default route is cfgedt. This can be changed by passing in ConfigEditorOptions

Example:

app.UseOcelotConfigEditor(new ConfigEditorOptions { Path = "edit" }); 
  1. The default authorization is localhost. See below for different authorization types.

Authorization

There are two ways to authorize access to the config editor. The authorization types are:

  1. Localhost (default). The configuration page is only accessible from localhost.
  2. Authenticating against a third party identity service. Currently, AzureAD, Google, and Open Id Connect are configured.

Enable Azure AD Authentication

  1. Sign into Azure Portal
  2. Click Azure Active Directory
  3. Click App registrations (Preview)
  4. Click New registration
  5. Add Name and change Supported account types if required. Add Redirect URI

Enable Google Authentication

  1. Create a new project through Google APIs
  2. In the Library page page, find Google+ API
  3. Click create credentials
  4. Choose, Google+ API, Web server, and User data
  5. Click "What credentials do I need?"
  6. Create an OAuth 2.0 client ID
  7. Enter Authorized redirect URIs which is https://{url}:{port}/signin-google
  8. Click Create client ID and set up the OAuth 2.0 consent screen
  9. Click continue
  10. Click Download on Download credentials to download Client and Secret Id

Enable Open Id Connect Authentication

Configure with Azure Active Directory

  1. Set up a new Azure Active Directory (AAD) in your Azure Subscription
  2. Open the newly created AAD in Azure web portal
  3. Navigate to the Applications tab
  4. Add a new Application to the AAD. Set the "Sign-on URL" to sample application's URL
  5. Navigate to the Application, and click the Configure tab
  6. Find and save the "Client Id"
  7. Add a new key in the "Keys" section. Save value of the key, which is the "Client Secret"
  8. Click the "View Endpoints" on the drawer, a dialog will shows six endpoint URLs. Copy the "OAuth 2.0 Authorization Endpoint" to a text editor and remove the "/oauth2/authorize" from the string. The remaining part is the authority URL. It looks like https://login.microsoftonline.com/

Configure with Google Identity Platform

  1. Create a new project through Google APIs
  2. In the sidebar choose "Credentials"
  3. Navigate to "OAuth consent screen" tab, fill in the project name and save
  4. Navigate to "Credentials" tab. Click "Create credentials". Choose "OAuth client ID"
  5. Select "Web application" as the application type. Fill in the "Authorized redirect URIs" with https://{url}:{port}/signin-oidc
  6. Save the "Client ID" and "Client Secret" shown in the dialog
  7. The "Authority URL" for Google Authentication is https://accounts.google.com/