@@ -32,6 +32,56 @@ There are several things that need to be completed to properly setup and secure
|
|||||||
|
|
||||||
### Auth0 API configuration
|
### Auth0 API configuration
|
||||||
|
|
||||||
|
Securing Icarus is required, preventing the API from being publicly accessible. To do so, create an Auth0 account (it's free), for the sake of this section of the documentation, I will not go over how to create an Auth0 account. Once created, create a tentant and proceed to create an API
|
||||||
|
<h1 align=center>
|
||||||
|
<img src="Images/Configuration/create_api.png" width=100%>
|
||||||
|
</h1>
|
||||||
|
|
||||||
|
Create the API and enter an approrpiate name and identified. For the identified, append **api** like in the example
|
||||||
|
<h1 align="center">
|
||||||
|
<img src="Images/Configuration/enter_api_info.png" width=100%>
|
||||||
|
</h1>
|
||||||
|
Replace [domain] with the domain name of the created tenant. This can be found in the Default App from the Application menu. Replace [identifier] with the identifer root name in the appsettings environment file. Not the friendly name but the root name of the identifier, omitting the http protocol and the *api* path.
|
||||||
|
|
||||||
|
```Json
|
||||||
|
"Auth0": {
|
||||||
|
"Domain": "[domain].auth0.com",
|
||||||
|
"ApiIdentifier": "https://[identifier]/api"
|
||||||
|
},
|
||||||
|
```
|
||||||
|
|
||||||
|
For the sake of this section, I will not go over configuring the API to accept the signing algorithm since it has already been configured in the [Startip](Startup.cs).cs file. Click on permissions to create the permissions for the API.
|
||||||
|
<h1 align "center">
|
||||||
|
<img src="Images/Configuration/configure_api.png" width=100%>
|
||||||
|
</h1>
|
||||||
|
|
||||||
|
The permissions ensure that a validated user can interact with the API with a token that has not expired. Ensure that the permissions match, the description can change but the permission identifier must match.
|
||||||
|
<h1 align="center">
|
||||||
|
<img src="Images/Configuration/permissions.png" width=100%>
|
||||||
|
</h1>
|
||||||
|
|
||||||
|
On the left side, click on Application and create a new Application. Choose the Machine to Machine Application
|
||||||
|
<h1 align="center">
|
||||||
|
<img src="Images/Configuration/create_m2m.png" width=100%>
|
||||||
|
</h1>
|
||||||
|
|
||||||
|
With the grant permissions you created from the API, enable all the permissions. This is important because if they are not enabled then even with a valid token the request will return 403 (unauthorized)
|
||||||
|
<h1 align="center">
|
||||||
|
<img src="Images/Configuration/authorize_app.png" width=100%>
|
||||||
|
</h1>
|
||||||
|
|
||||||
|
From the Application page, copy the client id and client secret. These values will be used for the API to interact with API.
|
||||||
|
<h1 align="center">
|
||||||
|
<img src="Images/Configuration/api_cred.png" width=100%>
|
||||||
|
</h1>
|
||||||
|
Enter the information in the corresponding appsettings json file
|
||||||
|
```Json
|
||||||
|
"Auth0": {
|
||||||
|
"ClientId":"",
|
||||||
|
"ClientSecret":""
|
||||||
|
},
|
||||||
|
```
|
||||||
|
|
||||||
### API filesystem paths
|
### API filesystem paths
|
||||||
|
|
||||||
For the purposes of properly uploading, downloading, updating, deleting, and streaming songs the API filesystem paths must be configured. What is meant by this is that the `RootMusicPath` directory where all music will be stored must exist as well as the `ArchivePath` and `TemporaryMusicPath` paths. An example on a Linux system:
|
For the purposes of properly uploading, downloading, updating, deleting, and streaming songs the API filesystem paths must be configured. What is meant by this is that the `RootMusicPath` directory where all music will be stored must exist as well as the `ArchivePath` and `TemporaryMusicPath` paths. An example on a Linux system:
|
||||||
|
|||||||
Reference in New Issue
Block a user