Developer login
The developer login extension is an authentication component that is intended for testing and development only.
Once ShareAspace web and the ShareAspace collection are configured to use the developer login the system will have only one password. Once the correct password is provided on the login screen a list of all registered ShareAspace users will be presented. Clicking on one of the users allows you to impersonate that user.
This component also has a simplified mailbox per user. All emails sent by ShareAspace to users will be caught by this component.
This component must be registered as a Nova extension on a bootstrapped ShareAspace collection for it to work.
For the simplified user mailbox to work one email extension (like the SMTP or the SendGrid extensions) should be registered on the ShareAspace collection.
Prerequisites
The installation of the ShareAspace Developer login extension requires to have a machine that is running a Web Server (IIS).
- Software prerequisites for a Developer login server (IIS)
Installation steps
Run the installer
Run installer DeveloperLogin-x.y.z.build.msi to install the ShareAspace Developer login extension on a Web Server (IIS).
Configuration
The Developer login component need configuration values set in the appsettings.json file found in the installation folder of the Developer login (normally at C:\Program Files\Eurostep\ShareAspace\DeveloperLogin).
{
"Logging": {
"LogLevel": {
"Default": "Debug"
}
},
"AllowedHosts": "*",
"NovaConfig": {
"SymmetricKey": "iE3xB7qr...qbO129/zHq4l31z1hoGg==",
"EnableApiEndpoints": true,
"BaseAddress": "https://xyz.eurostep.com/DeveloperLogin",
"ServerAddress": "https://sashost:5001",
"UsersConfig": {
"Admin": "CfDJ8G208q18...C7n5HYfwqItzzAfU15r9"
}
}
}
SymmetricKey- a symmetric key generated (that should be generated) - this key must be provided when registering the developer login extension on a ShareAspace collection.BaseAddress- the address where the developer login component is hosted.ServerAddress- the ShareAspace Host address or the Reverse proxy address.UsersConfig.Admin- A secret representing the one password for the system.
SymmetricKey
The SymmetricKey key should be generated as described in the section
Generate Symmetric Signing Keys.
UsersConfig.Admin
To generate the a secret for a password run the Developer Login in console mode providing the --secret switch.
.\Eurostep.SAS.DeveloperLoginHost.exe --secret "pAssw0rd"
The tool will print a protected string to be used in the configuration:
CfDJ8G208q18...C7n5HYfwqItzzAfU15r9
The unprotected string holds the secret in JSON format
{ "Secret": "**SHA512HASH**" }
ASP.NET Data Protection keys are persisted to the ProgramData folder:
C:\ProgramData\Eurostep\DeveloperLogin\
Extension registration
This component must be registered as a Nova Extension on a bootstrapped ShareAspace collection for it to work.
Note
The Developer login component must be up and running during the registration process since a manifest exchange will take place between ShareAspace and the extension.
param (
[Parameter(Mandatory = $true)]
[string]$NovaHost,
[Parameter(Mandatory = $true)]
[string]$PersonalAccessToken,
[Parameter(Mandatory = $true)]
[string]$Extension,
[Parameter(Mandatory = $true)]
[string]$ExtensionApiKey
)
$uri = "{0}/collection/externalExtension/novaExtension" -f $NovaHost
$pat = [System.Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes(":$PersonalAccessToken"))
$headers = @{ "Authorization" = "Basic $pat" }
$body = @{ "hostUri" = $Extension; "apiKey" = $ExtensionApiKey; "tokenLifeTime" = 15 } | ConvertTo-Json
Invoke-WebRequest -Method Post -Uri $uri -Headers $headers -Body $body -ContentType "application/json"
Example:
.\Setup-Extension.ps1 -NovaHost https://xyz:5001 -PersonalAccessToken " ... " -Extension "https://xyz.eurostep.com/DeveloperLogin" -ExtensionApiKey " ... "
IIS settings
When installing the ShareAspace Developer login, an Application Pool named "DeveloperLogin" is created in IIS. By default the account running the Application Pool is the built-in account "LocalSystem".
Note
If another account has to be used for running the "DeveloperLogin" Application Pool, this account running the "DeveloperLogin" Application Pool must have read access to the Developer login installation folder.