Ocelot.ConfigEditor
A configuration editor for Ocelot (https://github.com/TomPallister/Ocelot).
How To
- Add the Ocelot.ConfigEditor nuget package to an Ocelot application
- Add the Ocelot.ConfigEditor service with: AddOcelotConfigEditor
Examples:
.ConfigureServices(s =>
{
s.AddOcelot();
s.AddOcelotConfigEditor();
})
public void ConfigureServices(IServiceCollection services)
{
services.AddOcelot();
services.AddOcelotConfigEditor();
}
- Add the Ocelot.ConfigEditor middleware with: UseOcelotConfigEditor
Examples:
.Configure(app =>
{
app.UseOcelotConfigEditor();
app.UseOcelot().Wait();
}
public void Configure(IApplicationBuilder app)
{
app.UseOcelotConfigEditor();
app.UseOcelot().Wait();
}
- Build the project
- The default route is cfgedt. This can be changed by passing in ConfigEditorOptions
Example:
app.UseOcelotConfigEditor(new ConfigEditorOptions { Path = "edit" });
- The default authorization is localhost. See below for different authorization types.
Authorization
There are two ways to authorize access to the config editor. The authorization types are:
- Localhost (default). The configuration page is only accessible from localhost.
- Authenticating against a third party identity service. Currently, AzureAD, Google, and Open Id Connect are configured.
Enable Azure AD Authentication
- Sign into Azure Portal
- Click Azure Active Directory
- Click App registrations (Preview)
- Click New registration
- Add Name and change Supported account types if required. Add Redirect URI
Enable Google Authentication
- Create a new project through Google APIs
- In the Library page page, find Google+ API
- Click create credentials
- Choose, Google+ API, Web server, and User data
- Click "What credentials do I need?"
- Create an OAuth 2.0 client ID
- Enter Authorized redirect URIs which is https://{url}:{port}/signin-google
- Click Create client ID and set up the OAuth 2.0 consent screen
- Click continue
- Click Download on Download credentials to download Client and Secret Id
Enable Open Id Connect Authentication
Configure with Azure Active Directory
- Set up a new Azure Active Directory (AAD) in your Azure Subscription
- Open the newly created AAD in Azure web portal
- Navigate to the Applications tab
- Add a new Application to the AAD. Set the "Sign-on URL" to sample application's URL
- Navigate to the Application, and click the Configure tab
- Find and save the "Client Id"
- Add a new key in the "Keys" section. Save value of the key, which is the "Client Secret"
- Click the "View Endpoints" on the drawer, a dialog will shows six endpoint URLs. Copy the "OAuth 2.0 Authorization Endpoint" to a text editor and remove the "/oauth2/authorize" from the string. The remaining part is the authority URL. It looks like https://login.microsoftonline.com/
Configure with Google Identity Platform
- Create a new project through Google APIs
- In the sidebar choose "Credentials"
- Navigate to "OAuth consent screen" tab, fill in the project name and save
- Navigate to "Credentials" tab. Click "Create credentials". Choose "OAuth client ID"
- Select "Web application" as the application type. Fill in the "Authorized redirect URIs" with https://{url}:{port}/signin-oidc
- Save the "Client ID" and "Client Secret" shown in the dialog
- The "Authority URL" for Google Authentication is https://accounts.google.com/