Merge branch 'fix/webclient' into release/1.0.0

10 months ago · e94a82e3d9
parent 5b5016fedf 45cc299866
commit e94a82e3d9
45 changed files with 270 additions and 534 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -1,67 +0,0 @@
 # Please find the full example project here:
 # https://gitlab.com/tobiaskoch/gitlab-ci-example-mono
 # see https://hub.docker.com/_/mono/
 image: mono:4.6.2.7
 stages:
  - build
  - test
  - deploy
 before_script:
    - . /opt/mono-4.6/mono-env
    - export GIT_SSL_NO_VERIFY=true 
    - curl --insecure -sSL https://lua.pschneider.fr/files/Paul/pub/dnx-install.sh  | bash
    - DNX_USER_HOME=`pwd -P`/dnx . ./dnx/dnvm/dnvm.sh
    - cd src/OAuth.AspNet.Token && dnu restore --ignore-failed-sources
    - cd ../OAuth.AspNet.AuthServer && dnu restore --ignore-failed-sources
    - cd ../Yavsc.Abstract && dnu restore --ignore-failed-sources
    - cd ../Yavsc.Server && dnu restore --ignore-failed-sources
    - cd ../Yavsc && dnu restore --ignore-failed-sources
    - cd ../cli && dnu restore --ignore-failed-sources
    - cd ../../test/yavscTests && dnu restore --ignore-failed-sources
    - cd ../..
 after_script:
 debug:
  stage: build
  artifacts:
    paths:
      - test/yavscTests/bin
  script:
    - cd test/yavscTests
    - dnu build
 non_reg:
  stage: test
  artifacts:
    paths:
      - test/yavscTests/test-results.xml
    when: always
  script:
    - cd test/yavscTests
    - cp $yavsc_client_secret_json yavsc-client-secret.json
    - ASPNET_ENV=Development dnx test -trait ategory=non_reg -maxthreads 1 -xml test-results.xml 
 release:
  stage: deploy
  only:
    - vnext
  artifacts:
    paths:
      - binaries/Debug
  script:
    - make packages
 deploy_staging:
  stage: deploy
  script:
    - echo "Deploy to staging server"
    - make strip_yavscd
    - make packages
    - isn push -s $ISNSOURCE -k $NUGETSOURCEAPIKEY src/Yavsc.Abstract/bin/*/*.nupkg
  environment:
    name: staging
    url: https://yavscpre.pschneider.fr
--- a/.nuget/NuGet.Config
+++ b/.nuget/NuGet.Config
@ -1,11 +0,0 @@
 <?xml version="1.0" encoding="utf-8"?>
 <configuration>
  <apikeys>
  </apikeys>
  <packageSources>
    <add key="opt" value="/opt/nuget/pkgs/" /> 
    <add key="Official NuGet Gallery" value="https://www.nuget.org/api/v2/" /> 
    <add key="nuget.org" value="https://api.nuget.org/v3/index.json" protocolVersion="3" /> 
    <add key="xamarin-forms-ci" value="https://www.myget.org/F/xamarinforms-ci/api/v2" /> 
  </packageSources>  <activePackageSource>    <add key="myLocal" value="/home/paul/Nupkgs" />  </activePackageSource>
 </configuration>
--- a/.nuget/packages.config
+++ b/.nuget/packages.config
@ -1,4 +0,0 @@
 <?xml version="1.0" encoding="utf-8"?>
 <packages>
  <package id="Machine.Specifications.Runner.Console" version="0.9.0" />
 </packages>
--- a/.travis.yml
+++ b/.travis.yml
@ -1,22 +0,0 @@
 language: csharp
 os: linux
 mono:
 - beta
 sudo: false
 install:
 - curl --insecure -sSL https://lua.pschneider.fr/files/Paul/pub/dnx-install.sh  | bash
 - DNX_USER_HOME=`pwd -P`/dnx . ./dnx/dnvm/dnvm.sh
 - cd src/OAuth.AspNet.Token && dnu restore --ignore-failed-sources
 - cd ../OAuth.AspNet.AuthServer && dnu restore --ignore-failed-sources
 - cd ../Yavsc.Abstract && dnu restore --ignore-failed-sources
 - cd ../Yavsc.Server && dnu restore --ignore-failed-sources
 - cd ../Yavsc && dnu restore --ignore-failed-sources
 - cd ../test
 - make restore
 - make
 - cd ../..
 - make
 script:
 - "dnu build"
--- a/global.json
+++ b/global.json
@ -1,11 +1,6 @@
 {
    "projects": [
        "src",
        "test"
    ],
    "sdk": {
      "runtime": "dotnet",
      "version": "8.0.405"
-    },
+    }
    "packages": "packages"
 }
--- a/src/Api/Api.csproj
+++ b/src/Api/Api.csproj
@ -1,8 +1,9 @@
-<Project Sdk="Microsoft.NET.Sdk.Web">
+<Project Sdk="Microsoft.NET.Sdk.Web">
  <PropertyGroup>
    <TargetFramework>net8.0</TargetFramework>
    <Nullable>enable</Nullable>
    <ImplicitUsings>enable</ImplicitUsings>
    <UserSecretsId>1c73094f-959f-4211-b1a1-6a69b236c283</UserSecretsId>
  </PropertyGroup>
   <ItemGroup>
    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.13" />
--- a/src/Api/Controllers/Blogspot/FileSystemApiController.cs
+++ b/src/Api/Controllers/Blogspot/FileSystemApiController.cs
@ -14,6 +14,8 @@ namespace Yavsc.ApiControllers
    using Yavsc.Attributes.Validation;
    using System.IO;
    using Yavsc.Exceptions;
    using Yavsc.Server.Helpers;
    using Yavsc.Abstract.Helpers;
    [Authorize,Route("api/fs")]
    public partial class FileSystemApiController : Controller
--- a/src/Api/Controllers/Blogspot/FileSystemStream.cs
+++ b/src/Api/Controllers/Blogspot/FileSystemStream.cs
@ -8,6 +8,7 @@ using Yavsc.Models;
 using Yavsc.Models.Messaging;
 using Yavsc.Services;
 using Microsoft.AspNetCore.SignalR;
 using Yavsc.Server.Helpers;
 namespace Yavsc.ApiControllers
 {
--- a/src/Api/Controllers/Business/ActivityApiController.cs
+++ b/src/Api/Controllers/Business/ActivityApiController.cs
@ -6,7 +6,7 @@ using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.EntityFrameworkCore;
-using Yavsc.Helpers;
+using Yavsc.Api.Helpers;
 using Yavsc.Models;
 using Yavsc.Models.Workflow;
--- a/src/Api/Controllers/Business/BillingController.cs
+++ b/src/Api/Controllers/Business/BillingController.cs
@ -15,6 +15,7 @@ namespace Yavsc.ApiControllers
    using Microsoft.Extensions.Options;
    using Microsoft.EntityFrameworkCore;
    using Yavsc.ViewModels.Auth;
    using Yavsc.Server.Helpers;
    [Route("api/bill"), Authorize]
    public class BillingController : Controller
--- a/src/Api/Controllers/accounting/AccountController.cs
+++ b/src/Api/Controllers/accounting/AccountController.cs
@ -1,15 +1,11 @@
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using System.Security.Claims;
 using Microsoft.EntityFrameworkCore;
 using Yavsc.Models;
-using Yavsc.Models.Account;
+using Yavsc.Api.Helpers;
-using Yavsc.ViewModels.Account;
+using Yavsc.Server.Helpers;
 using Yavsc.Helpers;
 using Yavsc.Abstract.Identity;
 using System.Diagnostics;
 namespace Yavsc.WebApi.Controllers
 {
@ -17,117 +13,16 @@ namespace Yavsc.WebApi.Controllers
    [Authorize("ApiScope")]
    public class ApiAccountController : Controller
    {
        private UserManager<ApplicationUser> _userManager;
        private readonly SignInManager<ApplicationUser> _signInManager;
        readonly ApplicationDbContext _dbContext;
        private readonly ILogger _logger;
-        public ApiAccountController(UserManager<ApplicationUser> userManager,
+        public ApiAccountController(
        SignInManager<ApplicationUser> signInManager, 
        RoleManager<IdentityRole> roleManager,
        ILoggerFactory loggerFactory, ApplicationDbContext dbContext)
        {
            UserManager = userManager;
            this.roleManager = roleManager;
            _signInManager = signInManager;
            _logger = loggerFactory.CreateLogger(nameof(ApiAccountController));
            _dbContext = dbContext;
        }
        public UserManager<ApplicationUser> UserManager
        {
            get
            {
                return _userManager;
            }
            private set
            {
                _userManager = value;
            }
        }
        private readonly RoleManager<IdentityRole> roleManager;
        // POST api/Account/ChangePassword
        public async Task<IActionResult> ChangePassword(ChangePasswordBindingModel model)
        {
            if (!ModelState.IsValid)
            {
                return new BadRequestObjectResult(ModelState);
            }
            var user = await _userManager.FindByIdAsync(User.GetUserId());
            if (user == null || !(await _userManager.IsEmailConfirmedAsync(user))) {
                IdentityResult result = await UserManager.ChangePasswordAsync(user, model.OldPassword,
                    model.NewPassword);
                if (!result.Succeeded)
                {
                    AddErrors("NewPassword",result);
                    return new BadRequestObjectResult(ModelState);
                }
            }
            return Ok();
        }
        // POST api/Account/SetPassword
 		public async Task<IActionResult> SetPassword(SetPasswordBindingModel model)
        {
            if (!ModelState.IsValid)
            {
                return new BadRequestObjectResult(ModelState);
            }
            var user = await _userManager.FindByIdAsync(User.GetUserId());
            if (user == null || !(await _userManager.IsEmailConfirmedAsync(user))) {
                IdentityResult result = await UserManager.AddPasswordAsync(user, model.NewPassword);
                if (!result.Succeeded)
                {
                    AddErrors ("NewPassword",result);
                    return new BadRequestObjectResult(ModelState);
                }
            }
            return Ok();
        }
        // POST api/Account/Register
        [AllowAnonymous]
 		public async Task<IActionResult> Register(RegisterModel model)
        {
            if (!ModelState.IsValid)
            {
                return new BadRequestObjectResult(ModelState);
            }
            var user = new ApplicationUser { UserName = model.Email, Email = model.Email };
            IdentityResult result = await UserManager.CreateAsync(user, model.Password);
            if (!result.Succeeded)
            {
                AddErrors ("Register",result);
                return new BadRequestObjectResult(ModelState);
            }
            await _signInManager.SignInAsync(user, isPersistent: false);
            return Ok();
        }
        private void AddErrors(string key, IdentityResult result)
        {
            foreach (var error in result.Errors)
            {
                ModelState.AddModelError(key, error.Description);
            }
        }
        protected override void Dispose(bool disposing)
        {
            if (disposing)
            {
                UserManager.Dispose();
            }
            base.Dispose(disposing);
        }
        [HttpGet("me")]
        public async Task<IActionResult> Me()
        {
@ -136,10 +31,7 @@ namespace Yavsc.WebApi.Controllers
                        new { error = "user not found" });
            var uid = User.GetUserId();
-            var userData = await _dbContext.Users
+            var userData = await GetUserData(uid);
                .Include(u=>u.PostalAddress)
                .Include(u=>u.AccountBalance)
                .FirstAsync(u=>u.Id == uid);
            var user = new Yavsc.Models.Auth.Me(userData.Id, userData.UserName, userData.Email,
            userData.Avatar,
@ -154,28 +46,21 @@ namespace Yavsc.WebApi.Controllers
            return Ok(user);
        }
        private async Task<ApplicationUser> GetUserData(string uid)
        {
            return await _dbContext.Users
                            .Include(u => u.PostalAddress)
                            .Include(u => u.AccountBalance)
                            .FirstAsync(u => u.Id == uid);
        }
        [HttpGet("myhost")]
        public IActionResult MyHost ()
        {
            return Ok(new { host = Request.ForHost() });
        }
-        /// <summary>
+      
        /// Actually only updates the user's name.
        /// </summary>
        /// <param name="me">MyUpdate containing the new user name </param>
        /// <returns>Ok when all is ok.</returns>
        [HttpPut("me")]
        public async Task<IActionResult> UpdateMe(UserInfo me)
        {
            if (!ModelState.IsValid) return new BadRequestObjectResult(
                    new { error = "Specify some valid user update request." });
            var user = await _userManager.FindByIdAsync(User.GetUserId());
            var result = await _userManager.SetUserNameAsync(user, me.UserName);
            if (result.Succeeded)
                return Ok();
            else return new BadRequestObjectResult(result);
        }
        /// <summary>
        /// Updates the avatar
        /// </summary>
@ -184,11 +69,11 @@ namespace Yavsc.WebApi.Controllers
        public async Task<IActionResult> SetAvatar()
        {
            var root = User.InitPostToFileSystem(null);
-            var user = await _userManager.FindByIdAsync(User.GetUserId());
+            var user =  await GetUserData(User.GetUserId());
            if (Request.Form.Files.Count!=1)
                return new BadRequestResult();
            var info = user.ReceiveAvatar(Request.Form.Files[0]);
-            await _userManager.UpdateAsync(user);
+            await _dbContext.SaveChangesAsync();
            return Ok(info);
        }
--- a/src/Yavsc.Server/Helpers/RequestHelpers.cs
+++ b/src/Yavsc.Server/Helpers/RequestHelpers.cs
@ -8,7 +8,7 @@ using Yavsc.ViewModels;
 using Yavsc.Models;
 using System.Linq;
-namespace Yavsc.Helpers
+namespace Yavsc.Api.Helpers
 {
    public static class RequestHelpers
    {
--- a/src/Api/Helpers/UserHelpers.cs
+++ b/src/Api/Helpers/UserHelpers.cs
@ -0,0 +1,17 @@
 using System.Security.Claims;
 using System.Collections.Generic;
 using System.Linq;
 using Microsoft.EntityFrameworkCore;
 using Yavsc.Models;
 using Yavsc.Models.Blog;
 namespace Yavsc.Api.Helpers
 {
    public static class UserHelpers
    {
        public static string GetUserId(this ClaimsPrincipal user)
        {
            return user.FindFirstValue("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier");
        }
    }
 }
--- a/src/Api/Program.cs
+++ b/src/Api/Program.cs
@ -10,6 +10,7 @@
 copies or substantial portions of the Software.
 */
 using IdentityModel;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Identity.EntityFrameworkCore;
 using Microsoft.AspNetCore.Mvc;
@ -27,9 +28,11 @@ internal class Program
        var builder = WebApplication.CreateBuilder(args);
        var services = builder.Services;
        // builder.Services.AddDistributedMemoryCache();
        // accepts any access token issued by identity server
-        // adds an authorization policy for scope 'api1'
+        // adds an authorization policy for scope 'scope1'
        services
            .AddAuthorization(options =>
            {
@ -37,7 +40,7 @@ internal class Program
                {
                    policy
                        .RequireAuthenticatedUser()
-                        .RequireClaim("scope", "scope2");
+                        .RequireClaim(JwtClaimTypes.Scope, new string[] { "scope2" });
                });
            })
            .AddCors(options =>
@ -45,13 +48,12 @@ internal class Program
                // this defines a CORS policy called "default"
                options.AddPolicy("default", policy =>
                {
-                    policy.WithOrigins("https://localhost:5003"
+                    policy.WithOrigins("https://localhost:5003")
                    ,"http://localhost:5002")
                        .AllowAnyHeader()
                        .AllowAnyMethod();
                });
            })
-            .AddControllersWithViews();
+            .AddControllers();
        // accepts any access token issued by identity server
        var authenticationBuilder = services.AddAuthentication("Bearer")
@ -62,21 +64,20 @@ internal class Program
                     options.TokenValidationParameters =
                         new() { ValidateAudience = false };
                 });
        services.AddDbContext<ApplicationDbContext>(options =>
-            options.UseNpgsql(builder.Configuration.GetConnectionString("Default")));
+           options.UseNpgsql(builder.Configuration.GetConnectionString("DefaultConnection")));
-        services.AddScoped<UserManager<ApplicationUser>>();
+
        services.AddTransient<ITrueEmailSender, MailSender>()
           .AddTransient<IBillingService, BillingService>()
           .AddTransient<ICalendarManager, CalendarManager>();
        /*
          services.AddSingleton<IConnexionManager, HubConnectionManager>();
          services.AddSingleton<ILiveProcessor, LiveProcessor>();
          services.AddTransient<IFileSystemAuthManager, FileSystemAuthManager>();
          services.AddIdentityApiEndpoints<ApplicationUser>();
-        builder.Services.AddSession();
+          services.AddSession();
-        
+  */
        services.AddTransient<ITrueEmailSender, MailSender>()
        .AddTransient<IBillingService, BillingService>()
        .AddTransient<ICalendarManager, CalendarManager>()
        .AddTransient<IUserStore<ApplicationUser>, UserStore<ApplicationUser>>()
        .AddTransient<DbContext>();
        using (var app = builder.Build())
        {
            if (app.Environment.IsDevelopment())
@ -85,18 +86,28 @@ internal class Program
            app
                .UseRouting()
                .UseAuthentication()
-               .UseAuthorization().UseCors("default")
+                .UseAuthorization()
-                .UseEndpoints(endpoints =>
+                .UseCors("default")
                /*         .UseEndpoints(endpoints =>
                         {
-                    endpoints.MapDefaultControllerRoute().RequireAuthorization("ApiScope");
+                             endpoints.MapDefaultControllerRoute()
-                });
+                                 .RequireAuthorization();
                         })*/
                ;
            //   app.MapIdentityApi<ApplicationUser>().RequireAuthorization("ApiScope"); 
            app.MapDefaultControllerRoute();
            app.MapGet("/identity", (HttpContext context) =>
                new JsonResult(context?.User?.Claims.Select(c => new { c.Type, c.Value }))
-        ).RequireAuthorization("ApiScope");
+        );
            //     app.UseSession(); 
            await app.RunAsync();
-        };
+        }
        ;
    }
 }
--- a/src/Api/Properties/launchSettings.json
+++ b/src/Api/Properties/launchSettings.json
@ -0,0 +1,30 @@
 {
  "$schema": "http://json.schemastore.org/launchsettings.json",
  "iisSettings": {
    "windowsAuthentication": false,
    "anonymousAuthentication": true,
    "iisExpress": {
      "applicationUrl": "https://localhost:5001",
      "sslPort": 6001
    }
  },
  "profiles": {
    "https": {
      "commandName": "Project",
      "dotnetRunMessages": true,
      "launchBrowser": false,
      "applicationUrl": "https://localhost:6001;",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
    },
    "IIS Express": {
      "commandName": "IISExpress",
      "launchBrowser": true,
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
    }
  }
 }
--- a/src/Yavsc.Abstract/Attributes/Validation/ValidRemoteUserDirAttribute.cs
+++ b/src/Yavsc.Abstract/Attributes/Validation/ValidRemoteUserDirAttribute.cs
@ -1,7 +1,7 @@
 using System;
 using System.ComponentModel.DataAnnotations;
-using Yavsc.Helpers;
+using Yavsc.Server.Helpers;
 namespace Yavsc.Attributes.Validation
 { 
--- a/src/Yavsc.Abstract/Constants.cs
+++ b/src/Yavsc.Abstract/Constants.cs
@ -54,5 +54,7 @@ namespace Yavsc
        public const string LivePath = "/live/cast";
        public const string StreamingPath = "/api/stream/put";
        public const string RoleClaimName = "http://schemas.microsoft.com/ws/2008/06/identity/claims/role";
    }
 }
--- a/src/Yavsc.Abstract/FileSystem/AbstractFileSystemHelpers.cs
+++ b/src/Yavsc.Abstract/FileSystem/AbstractFileSystemHelpers.cs
@ -4,7 +4,7 @@ using System.Linq;
 using System.Text;
 using Yavsc.ViewModels.UserFiles;
-namespace Yavsc.Helpers
+namespace Yavsc.Server.Helpers
 {
    public static class AbstractFileSystemHelpers
    {
--- a/src/Yavsc.Abstract/FileSystem/FsOperationInfo.cs
+++ b/src/Yavsc.Abstract/FileSystem/FsOperationInfo.cs
@ -1,4 +1,4 @@
-namespace Yavsc.Helpers
+namespace Yavsc.Abstract.Helpers
 {
    public enum ErrorCode {
        NotFound,
--- a/src/Yavsc.Abstract/FileSystem/UserDirectoryInfo.cs
+++ b/src/Yavsc.Abstract/FileSystem/UserDirectoryInfo.cs
@ -2,7 +2,7 @@ using System;
 using System.IO;
 using System.Linq;
 using Yavsc.Abstract.FileSystem;
-using Yavsc.Helpers;
+using Yavsc.Server.Helpers;
 namespace Yavsc.ViewModels.UserFiles
 {
--- a/src/Yavsc.Abstract/Yavsc.Abstract.csproj
+++ b/src/Yavsc.Abstract/Yavsc.Abstract.csproj
@ -9,8 +9,5 @@
  <ItemGroup>
    <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
  </ItemGroup>
  <ItemGroup>
    <Reference Include="System.ComponentModel.DataAnnotations" />
  </ItemGroup>
 </Project>
--- a/src/Yavsc.Server/Config.cs
+++ b/src/Yavsc.Server/Config.cs
@ -47,8 +47,8 @@ public static class Config
    public static IEnumerable<ApiScope> ApiScopes =>
        new ApiScope[]
        {
-            new ApiScope("scope1"),
+            new ApiScope("scope1",new string[] {"scope1"}),
-            new ApiScope("scope2"),
+            new ApiScope("scope2",new string[] {"scope2"}),
        };
    public static IEnumerable<Client> Clients =>
@ -73,6 +73,7 @@ public static class Config
                ClientSecrets = { new Secret("49C1A7E1-0C79-4A89-A3D6-A37998FB86B0".Sha256()) },
                AllowedGrantTypes = GrantTypes.Code,
                AlwaysIncludeUserClaimsInIdToken = true,
                RedirectUris = { "https://localhost:5003/signin-oidc",
                "http://localhost:5002/signin-oidc"  },
@ -80,7 +81,6 @@ public static class Config
                    "http://localhost:5002/signout-callback-oidc",
                    "https://localhost:5003/signout-callback-oidc" },
                AllowOfflineAccess = true,
                AllowedScopes = { 
                    IdentityServerConstants.StandardScopes.OpenId,
--- a/src/Yavsc.Server/Helpers/BillingHelpers.cs
+++ b/src/Yavsc.Server/Helpers/BillingHelpers.cs
@ -1,10 +1,7 @@
 using System.Collections.Generic;
 using System.Globalization;
 using System.IO;
 using System.Linq;
 using Yavsc.Abstract.FileSystem;
 using Yavsc.Billing;
 using Yavsc.Models.Billing;
 using Yavsc.Server.Helpers;
 using Yavsc.Services;
 namespace Yavsc.Helpers
--- a/src/Yavsc.Server/Helpers/FileSystemHelpers.cs
+++ b/src/Yavsc.Server/Helpers/FileSystemHelpers.cs
@ -11,8 +11,9 @@ using SixLabors.ImageSharp;
 using SixLabors.ImageSharp.Processing;
 using Microsoft.AspNetCore.Http;
 using Yavsc.Exceptions;
-
+using Yavsc.Helpers;
-namespace Yavsc.Helpers
+using Yavsc.Abstract.Helpers;
 namespace Yavsc.Server.Helpers
 {
    public static class FileSystemHelpers 
    {
--- a/src/Yavsc.Server/Helpers/UserHelpers.cs
+++ b/src/Yavsc.Server/Helpers/UserHelpers.cs
@ -9,7 +9,6 @@ namespace Yavsc.Helpers
 {
    public static class UserHelpers
    {
        public static string GetUserId(this ClaimsPrincipal user)
        {
            return user.FindFirstValue("sub");
--- a/src/Yavsc.Server/Services/ProfileService.cs
+++ b/src/Yavsc.Server/Services/ProfileService.cs
@ -9,16 +9,17 @@ using Yavsc.Models;
 namespace Yavsc.Services
 {
-    public class ProfileService : DefaultProfileService, IProfileService
+    public class ProfileService : IProfileService
    {
        private readonly UserManager<ApplicationUser> _userManager;
        public ProfileService(
-            UserManager<ApplicationUser> userManager, ILogger<DefaultProfileService> logger) : base(logger)
+            UserManager<ApplicationUser> userManager, 
            ILogger<DefaultProfileService> logger) 
        {
            _userManager = userManager;
        }
-        public async Task<List<Claim>> GetClaimsFromUserAsync(
+        private async Task<List<Claim>> GetClaimsFromUserAsync(
            ProfileDataRequestContext context,
            ApplicationUser user)
        {
@ -29,10 +30,12 @@ namespace Yavsc.Services
            List<string> claimAdds = new List<string>();
            foreach (var scope in context.RequestedResources.ParsedScopes)
            {
                if (context.Client.AllowedScopes.Contains(scope.ParsedName))
                {
                    claims.Add(new Claim(JwtClaimTypes.Scope, scope.ParsedName));
                    claimAdds.Add(scope.ParsedName);
-                // TODO scope has a ParsedParameter
+                }
            }
            if (claimAdds.Contains(JwtClaimTypes.Profile))
@ -54,13 +57,13 @@ namespace Yavsc.Services
                var roles = await this._userManager.GetRolesAsync(user);
                if (roles.Count()>0)
                {
-                    claims.Add(new Claim("http://schemas.microsoft.com/ws/2008/06/identity/claims/role",String.Join(" ",roles)));
+                    claims.AddRange(roles.Select(r => new Claim(Constants.RoleClaimName, r)));
                }
            }
            return claims;
        }
-        override public async Task GetProfileDataAsync(ProfileDataRequestContext context)
+         public async Task GetProfileDataAsync(ProfileDataRequestContext context)
        {
            var subjectId = GetSubjectId(context.Subject);
            if (subjectId==null) return;
@ -69,7 +72,7 @@ namespace Yavsc.Services
            context.IssuedClaims = await GetClaimsFromUserAsync(context, user);
        }
-        override public async Task IsActiveAsync(IsActiveContext context)
+         public async Task IsActiveAsync(IsActiveContext context)
        {
            string? subjectId = GetSubjectId(context.Subject);
            if (subjectId == null)
--- a/src/Yavsc.Server/ViewModels/LiveCastHandler.cs
+++ b/src/Yavsc.Server/ViewModels/LiveCastHandler.cs
@ -10,6 +10,7 @@ using Newtonsoft.Json;
 using Yavsc.Helpers;
 using Yavsc.Models;
 using Yavsc.Models.FileSystem;
 using Yavsc.Server.Helpers;
 namespace Yavsc.ViewModels.Streaming
 {
--- a/src/Yavsc/Controllers/Contracting/EstimateController.cs
+++ b/src/Yavsc/Controllers/Contracting/EstimateController.cs
@ -12,6 +12,7 @@ namespace Yavsc.Controllers
    using Models.Billing;
    using Models.Workflow;
    using ViewModels.Auth;
    using Yavsc.Server.Helpers;
    [Authorize]
    public class EstimateController : Controller
--- a/src/Yavsc/Controllers/Contracting/FrontOfficeController.cs
+++ b/src/Yavsc/Controllers/Contracting/FrontOfficeController.cs
@ -10,6 +10,7 @@ namespace Yavsc.Controllers
    using Microsoft.Extensions.Localization;
    using Models;
    using ViewModels.FrontOffice;
    using Yavsc.Server.Helpers;
    using Yavsc.Services;
    public class FrontOfficeController : Controller
--- a/src/Yavsc/Controllers/FileSystemController.cs
+++ b/src/Yavsc/Controllers/FileSystemController.cs
@ -1,6 +1,7 @@
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Logging;
 using Yavsc.Helpers;
 using Yavsc.Server.Helpers;
 namespace Yavsc.Controllers
 {
--- a/src/Yavsc/Extensions/HostingExtensions.cs
+++ b/src/Yavsc/Extensions/HostingExtensions.cs
@ -1,8 +1,10 @@
 using System.Diagnostics;
 using System.Globalization;
 using System.Security.Cryptography.X509Certificates;
 using Google.Apis.Util.Store;
 using IdentityServer8;
 using IdentityServer8.Services;
 using IdentityServerHost.Quickstart.UI;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.DataProtection;
@ -27,6 +29,7 @@ using Yavsc.Models.Workflow;
 using Yavsc.Services;
 using Yavsc.Settings;
 using Yavsc.ViewModels.Auth;
 using Yavsc.Server.Helpers;
 namespace Yavsc.Extensions;
@ -137,23 +140,13 @@ public static class HostingExtensions
    {
        IServiceCollection services = LoadConfiguration(builder);
-        services.AddRazorPages();
+        //services.AddRazorPages();
        services.AddSignalR(o =>
        {
            o.EnableDetailedErrors = true;
        });
        AddIdentityDBAndStores(builder).AddDefaultTokenProviders();;
        AddIdentityServer(builder);
        //services.AddScoped<IProfileService, ProfileService>();
        services.AddSession();
        // TODO .AddServerSideSessionStore<YavscServerSideSessionStore>()
        AddAuthentication(services, builder.Configuration);
        // Add the system clock service
        _ = services.AddSingleton<ISystemClock, SystemClock>();
@ -161,6 +154,14 @@ public static class HostingExtensions
        _ = services.AddSingleton<ILiveProcessor, LiveProcessor>();
        _ = services.AddTransient<IFileSystemAuthManager, FileSystemAuthManager>();
        AddIdentityDBAndStores(builder).AddDefaultTokenProviders();
        AddIdentityServer(builder);
        services.AddSignalR(o =>
        {
            o.EnableDetailedErrors = true;
        });
        services.AddMvc(config =>
        {
            /* var policy = new AuthorizationPolicyBuilder()
@ -208,6 +209,7 @@ public static class HostingExtensions
        services.AddSingleton<IAuthorizationHandler, PermissionHandler>();
        AddAuthentication(builder);
        // accepts any access token issued by identity server
        return builder.Build();
@ -297,20 +299,16 @@ public static class HostingExtensions
        return services;
    }
-    private static void AddAuthentication(IServiceCollection services, IConfigurationRoot configurationRoot)
+    private static void AddAuthentication(WebApplicationBuilder builder)
    {
        IServiceCollection services=builder.Services;
        IConfigurationRoot configurationRoot=builder.Configuration;
        string? googleClientId = configurationRoot["Authentication:Google:ClientId"];
        string? googleClientSecret = configurationRoot["Authentication:Google:ClientSecret"];
-        var authenticationBuilder = services.AddAuthentication()
+        var authenticationBuilder = services.AddAuthentication();
        .AddJwtBearer("Bearer", options =>
            {
                options.IncludeErrorDetails = true;
                options.Authority = "https://localhost:5001";
                options.TokenValidationParameters =
                    new() { ValidateAudience = false };
            });
        if (googleClientId!=null && googleClientSecret!=null)
        authenticationBuilder.AddGoogle(options =>
        {
            options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
@ -324,13 +322,22 @@ public static class HostingExtensions
    }
    private static IIdentityServerBuilder AddIdentityServer(WebApplicationBuilder builder)
    {
-        var identityServerBuilder = builder.Services.AddIdentityServer()
+        builder.Services.AddTransient<IProfileService,ProfileService>();
        var identityServerBuilder = builder.Services.AddIdentityServer(options =>
         {
             options.Events.RaiseErrorEvents = true;
             options.Events.RaiseInformationEvents = true;
             options.Events.RaiseFailureEvents = true;
             options.Events.RaiseSuccessEvents = true;
             // see https://IdentityServer8.readthedocs.io/en/latest/topics/resources.html
             options.EmitStaticAudienceClaim = true;
         })
            .AddInMemoryIdentityResources(Config.IdentityResources)
            .AddInMemoryClients(Config.Clients)
            .AddInMemoryApiScopes(Config.ApiScopes)
            .AddAspNetIdentity<ApplicationUser>()
-            .AddJwtBearerClientAuthentication()
+            .AddProfileService<ProfileService>()
          //  .AddProfileService<ProfileService>()
           ;
        if (builder.Environment.IsDevelopment())
        {
@ -338,7 +345,8 @@ public static class HostingExtensions
        }
        else
        {
-            var key = builder.Configuration["YOUR-KEY-NAME"];
+            var key = builder.Configuration["YavscSigningCert"];
            Debug.Assert(key != null);
            var pfxBytes = Convert.FromBase64String(key);
            var cert = new X509Certificate2(pfxBytes, (string)null, X509KeyStorageFlags.MachineKeySet);
            identityServerBuilder.AddSigningCredential(cert);
@ -381,7 +389,7 @@ public static class HostingExtensions
    }
-    public static WebApplication ConfigurePipeline(this WebApplication app)
+    internal static WebApplication ConfigurePipeline(this WebApplication app)
    {
        if (app.Environment.IsDevelopment())
@ -398,13 +406,10 @@ public static class HostingExtensions
        app.UseIdentityServer();
        app.UseAuthorization();
        app.UseCors("default");
-        app.MapControllerRoute(
+        app.MapDefaultControllerRoute();
-            name: "default",
+        //pp.MapRazorPages();
            pattern: "{controller=Home}/{action=Index}/{id?}");
        app.MapRazorPages()
        .RequireAuthorization();
        app.MapHub<ChatHub>("/chatHub");
-        app.MapAreaControllerRoute("api", "api", "~/api/{controller}/{action}/{id?}");
+       
        ConfigureWorkflow();
        var services = app.Services;
        ILoggerFactory loggerFactory = services.GetRequiredService<ILoggerFactory>();
--- a/src/Yavsc/Helpers/UserHelpers.cs
+++ b/src/Yavsc/Helpers/UserHelpers.cs
@ -0,0 +1,10 @@
 using System.Security.Claims;
 namespace Yavsc.Helpers
 {
    public static class UserHelpers
    {
    }
 }
--- a/src/Yavsc/Properties/launchSettings.json
+++ b/src/Yavsc/Properties/launchSettings.json
@ -1,27 +1,19 @@
-{
+{
  "$schema": "http://json.schemastore.org/launchsettings.json",
  "iisSettings": {
    "windowsAuthentication": false,
    "anonymousAuthentication": true,
    "iisExpress": {
-      "applicationUrl": "http://localhost:30089",
+      "applicationUrl": "https://localhost:5001",
-      "sslPort": 44391
+      "sslPort": 5001
    }
  },
  "profiles": {
    "http": {
      "commandName": "Project",
      "dotnetRunMessages": true,
      "launchBrowser": true,
      "applicationUrl": "http://localhost:5172",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
    },
    "https": {
      "commandName": "Project",
      "dotnetRunMessages": true,
      "launchBrowser": true,
-      "applicationUrl": "https://localhost:7062;http://localhost:5172",
+      "applicationUrl": "https://localhost:5001;",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
--- a/src/Yavsc/ScaffoldingReadMe.txt
+++ b/src/Yavsc/ScaffoldingReadMe.txt
@ -1,3 +0,0 @@
 Support for ASP.NET Core Identity was added to your project.
 For setup and configuration information, see https://go.microsoft.com/fwlink/?linkid=2116645.
--- a/src/Yavsc/Startup.cs
+++ b/src/Yavsc/Startup.cs
@ -2,6 +2,7 @@ using Microsoft.AspNetCore.Authorization;
 using Microsoft.Extensions.Localization;
 using Microsoft.Extensions.Options;
 using Yavsc.Helpers;
 using Yavsc.Server.Helpers;
 using Yavsc.Settings;
 namespace Yavsc;
--- a/src/Yavsc/ViewComponents/BillViewComponent.cs
+++ b/src/Yavsc/ViewComponents/BillViewComponent.cs
@ -8,6 +8,7 @@ using Yavsc.ViewModels;
 using Yavsc.ViewModels.Gen;
 using Yavsc.Services;
 using Microsoft.EntityFrameworkCore;
 using Yavsc.Server.Helpers;
 namespace Yavsc.ViewComponents
 {
--- a/src/Yavsc/ViewComponents/DirectoryViewComponent.cs
+++ b/src/Yavsc/ViewComponents/DirectoryViewComponent.cs
@ -3,6 +3,7 @@ using Microsoft.AspNetCore.Mvc;
 using System.Threading.Tasks;
 using Yavsc.Helpers;
 using Yavsc.Models;
 using Yavsc.Server.Helpers;
 using Yavsc.ViewModels.UserFiles;
 namespace Yavsc.ViewComponents
--- a/src/Yavsc/Views/Shared/Error.cshtml
+++ b/src/Yavsc/Views/Shared/Error.cshtml
@ -12,14 +12,3 @@
        <strong>Request ID:</strong> <code>@Model.RequestId</code>
    </p>
 }
 <h3>Development Mode</h3>
 <p>
    Swapping to <strong>Development</strong> environment will display more detailed information about the error that occurred.
 </p>
 <p>
    <strong>The Development environment shouldn't be enabled for deployed applications.</strong>
    It can result in displaying sensitive information from exceptions to end users.
    For local debugging, enable the <strong>Development</strong> environment by setting the <strong>ASPNETCORE_ENVIRONMENT</strong> environment variable to <strong>Development</strong>
    and restarting the app.
 </p>
--- a/src/Yavsc/app.config
+++ b/src/Yavsc/app.config
@ -1,11 +0,0 @@
 <?xml version="1.0" encoding="utf-8"?>
 <configuration>
  <runtime>
    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
      <dependentAssembly>
        <assemblyIdentity name="Newtonsoft.Json" publicKeyToken="30ad4fe6b2a6aeed" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-9.0.0.0" newVersion="9.0.0.0" />
      </dependentAssembly>
    </assemblyBinding>
  </runtime>
 </configuration>
--- a/src/Yavsc/package.json
+++ b/src/Yavsc/package.json
@ -1,14 +0,0 @@
 {
  "name": "yavsc",
  "version": "1.0.7",
  "description": "Yet Another Very Small Company",
  "repository": {
    "type": "Git",
    "url": "https://github.com/pazof/yavsc"
  },
  "license": "GPL-3.0",
  "devDependencies": {},
  "dependencies": {
    "paypal-permissions-sdk": "^1.0.10"
  }
 }
--- a/src/sampleWebAsWebApiClient/Controllers/HomeController.cs
+++ b/src/sampleWebAsWebApiClient/Controllers/HomeController.cs
@ -71,12 +71,11 @@ namespace testOauthClient.Controllers
            var accessToken = await HttpContext.GetTokenAsync("access_token");
            var client = new HttpClient(new HttpClientHandler(){ AllowAutoRedirect=false });
            client.DefaultRequestHeaders.Add("Accept", "application/json");
-            client.SetBearerToken(accessToken);
+            client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
            var content = await client.GetAsync("https://localhost:6001/identity");
            content.EnsureSuccessStatusCode();
-            var json = await content.Content.ReadAsStreamAsync();
+            var json = await content.Content.ReadAsStringAsync();
-            var obj = JsonSerializer.Deserialize<JsonElement>(json);
+            return View("UserInfo", json);
            return View("UserInfo", obj.ToString());
        }
--- a/src/sampleWebAsWebApiClient/Program.cs
+++ b/src/sampleWebAsWebApiClient/Program.cs
@ -1,19 +1,62 @@
-using Microsoft.AspNetCore.Authentication.OAuth;
+/*
 Copyright (c) 2024 HigginsSoft, Alexander Higgins - https://github.com/alexhiggins732/ 
 Copyright (c) 2018, Brock Allen & Dominick Baier. All rights reserved.
 Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. 
 Source code and license this software can be found 
 The above copyright notice and this permission notice shall be included in all
 copies or substantial portions of the Software.
 */
 using System.IdentityModel.Tokens.Jwt;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
-   public class Program
+JwtSecurityTokenHandler.DefaultMapInboundClaims = false;
 var builder = WebApplication.CreateBuilder(args);
 builder.Services.AddControllersWithViews();
 builder.Services
    .AddAuthentication(options =>
    {
-        public static void Main(string[] args)
+        options.DefaultScheme = "Cookies";
        options.DefaultChallengeScheme = "oidc";
    })
    .AddCookie("Cookies")
    .AddOpenIdConnect("oidc", options =>
    {
-            CreateHostBuilder(args).Build().Run();
+        options.Authority = "https://localhost:5001";
        }
-        public static IHostBuilder CreateHostBuilder(string[] args) =>
+        options.ClientId = "mvc";
-            Host.CreateDefaultBuilder(args)
+        options.ClientSecret = "49C1A7E1-0C79-4A89-A3D6-A37998FB86B0";
-                .ConfigureWebHostDefaults(webBuilder =>
+        options.ResponseType = "code";
-                {
+
-                    webBuilder.UseStartup<Startup>();
+        options.Scope.Add("openid");
        options.Scope.Add("profile");
        options.Scope.Add("scope2");
        options.MapInboundClaims = true;
        options.ClaimActions.MapUniqueJsonKey("preferred_username","preferred_username");
        options.ClaimActions.MapUniqueJsonKey("gender", "gender");
        options.SaveTokens = true;
    });
 using (var app = builder.Build())
 {
    if (app.Environment.IsDevelopment())
        app.UseDeveloperExceptionPage();
    else
        app.UseExceptionHandler("/Home/Error");
    app.UseStaticFiles();
    app.UseRouting();
    app.UseAuthentication();
    app.UseAuthorization();
    app.MapDefaultControllerRoute().RequireAuthorization();
    await app.RunAsync();
 }
--- a/src/sampleWebAsWebApiClient/Startup.cs
+++ b/src/sampleWebAsWebApiClient/Startup.cs
@ -1,75 +0,0 @@
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Hosting;
 using Microsoft.IdentityModel.Tokens;
 using System.IdentityModel.Tokens.Jwt;
 public class Startup
 {
    public void ConfigureServices(IServiceCollection services)
    {
        services.AddControllersWithViews();
        services
            .AddAuthentication(options =>
            {
                options.DefaultScheme = "Cookies";
                options.DefaultChallengeScheme = "oidc";
            })
            .AddCookie("Cookies")
            .AddOpenIdConnect("oidc", options =>
            {
                options.Authority = "https://localhost:5001";
                options.ClientId = "mvc";
                options.ClientSecret = "49C1A7E1-0C79-4A89-A3D6-A37998FB86B0";
                options.ResponseType = "code";
                options.Scope.Add("scope2");
                options.SaveTokens = true;
                options.GetClaimsFromUserInfoEndpoint = true;
                options.SaveTokens = true;
                options.ClaimActions.MapUniqueJsonKey(
            "http://schemas.microsoft.com/ws/2008/06/identity/claims/role",
            "http://schemas.microsoft.com/ws/2008/06/identity/claims/role");
                options.ClaimActions.MapUniqueJsonKey("role",
            "http://schemas.microsoft.com/ws/2008/06/identity/claims/role");
                options.ClaimActions.MapUniqueJsonKey("roles",
            "http://schemas.microsoft.com/ws/2008/06/identity/claims/role");
                options.TokenValidationParameters = new TokenValidationParameters
                {
                    NameClaimType = "name",
                    RoleClaimType = "http://schemas.microsoft.com/ws/2008/06/identity/claims/role"
                };
            });
    }
    public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }
        else
        {
            app.UseExceptionHandler("/Home/Error");
        }
        app.UseStaticFiles();
        app.UseRouting();
        app.UseAuthentication();
        app.UseAuthorization();
        app.UseEndpoints(endpoints =>
        {
            endpoints.MapDefaultControllerRoute()
                .RequireAuthorization();
        });
    }
 }
--- a/yavsc.code-workspace
+++ b/yavsc.code-workspace
@ -1,38 +0,0 @@
 {
 	"folders": [
 		{
 			"path": ".vscode"
 		},
 		{
 			"path": "."
 		},
 		{
 			"path": "src/test"
 		},
 		{
 			"path": "src/Yavsc"
 		},
 		{
 			"path": "src/cli"
 		},
 		{
 			"path": "src/GoogleCode"
 		},
 		{
 			"path": "src/OAuth.AspNet.AuthServer"
 		},
 		{
 			"path": "src/OAuth.AspNet.Token"
 		},
 		{
 			"path": "src/Yavsc.Abstract"
 		},
 		{
 			"path": "src/Yavsc.Server"
 		}
 	],
 	"settings": {
 		"mocha.enabled": true,
 		"git.ignoreLimitWarning": true
 	}
 }
--- a/yavsc.mdw
+++ b/yavsc.mdw
@ -1,6 +0,0 @@
 <WorkspaceItem ctype="Workspace">
  <Items>
    <Item>ZicMoove.sln</Item>
    <Item>yagui/yagui.sln</Item>
  </Items>
 </WorkspaceItem>
		`@ -1,3 +0,0 @@`
			`Support for ASP.NET Core Identity was added to your project.`

			`For setup and configuration information, see https://go.microsoft.com/fwlink/?linkid=2116645.`