From 0e19bc35e494491f0d6b50bbe92256504509ae61 Mon Sep 17 00:00:00 2001 From: Kun Deng Date: Sun, 23 Jun 2019 13:09:40 -0400 Subject: [PATCH] Update README.md #30 --- README.md | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) diff --git a/README.md b/README.md index edf5a4b..ec55357 100644 --- a/README.md +++ b/README.md @@ -32,6 +32,56 @@ There are several things that need to be completed to properly setup and secure ### Auth0 API configuration +Securing Icarus is required, preventing the API from being publicly accessible. To do so, create an Auth0 account (it's free), for the sake of this section of the documentation, I will not go over how to create an Auth0 account. Once created, create a tentant and proceed to create an API +

+ +

+ +Create the API and enter an approrpiate name and identified. For the identified, append **api** like in the example +

+ +

+Replace [domain] with the domain name of the created tenant. This can be found in the Default App from the Application menu. Replace [identifier] with the identifer root name in the appsettings environment file. Not the friendly name but the root name of the identifier, omitting the http protocol and the *api* path. + +```Json + "Auth0": { + "Domain": "[domain].auth0.com", + "ApiIdentifier": "https://[identifier]/api" + }, +``` + +For the sake of this section, I will not go over configuring the API to accept the signing algorithm since it has already been configured in the [Startip](Startup.cs).cs file. Click on permissions to create the permissions for the API. +

+ +

+ +The permissions ensure that a validated user can interact with the API with a token that has not expired. Ensure that the permissions match, the description can change but the permission identifier must match. +

+ +

+ +On the left side, click on Application and create a new Application. Choose the Machine to Machine Application +

+ +

+ +With the grant permissions you created from the API, enable all the permissions. This is important because if they are not enabled then even with a valid token the request will return 403 (unauthorized) +

+ +

+ +From the Application page, copy the client id and client secret. These values will be used for the API to interact with API. +

+ +

+Enter the information in the corresponding appsettings json file +```Json + "Auth0": { + "ClientId":"", + "ClientSecret":"" + }, +``` + ### API filesystem paths For the purposes of properly uploading, downloading, updating, deleting, and streaming songs the API filesystem paths must be configured. What is meant by this is that the `RootMusicPath` directory where all music will be stored must exist as well as the `ArchivePath` and `TemporaryMusicPath` paths. An example on a Linux system: