From dee2e37a4a8759108390c664e06bf147b8385cbf Mon Sep 17 00:00:00 2001 From: transtrike Date: Mon, 14 Dec 2020 23:29:14 +0200 Subject: Stabalized project for compilation. Next step after init architecture --- .../Configurations/Extensions/ConfigureJWT.cs | 54 ++++++++++++++++++++++ 1 file changed, 54 insertions(+) create mode 100644 src/DevHive.Web/Configurations/Extensions/ConfigureJWT.cs (limited to 'src/DevHive.Web/Configurations/Extensions/ConfigureJWT.cs') diff --git a/src/DevHive.Web/Configurations/Extensions/ConfigureJWT.cs b/src/DevHive.Web/Configurations/Extensions/ConfigureJWT.cs new file mode 100644 index 0000000..bc5ac15 --- /dev/null +++ b/src/DevHive.Web/Configurations/Extensions/ConfigureJWT.cs @@ -0,0 +1,54 @@ +using System.Text; +using System.Threading.Tasks; +using DevHive.Services.Options; +using Microsoft.AspNetCore.Authentication.JwtBearer; +using Microsoft.Extensions.Configuration; +using Microsoft.Extensions.DependencyInjection; +using Microsoft.IdentityModel.Tokens; + +namespace DevHive.Web.Configurations.Extensions +{ + public static class JWTExtensions + { + public static void JWTConfiguration(this IServiceCollection services, IConfiguration configuration) + { + services.AddSingleton(new JWTOptions(configuration + .GetSection("AppSettings") + .GetSection("Secret") + .Value)); + + // Get key from appsettings.json + var key = Encoding.ASCII.GetBytes(configuration + .GetSection("AppSettings") + .GetSection("Secret") + .Value); + + // Setup Jwt Authentication + services.AddAuthentication(x => + { + x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; + x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; + }) + .AddJwtBearer(x => + { + x.Events = new JwtBearerEvents + { + OnTokenValidated = context => + { + // TODO: add more authentication + return Task.CompletedTask; + } + }; + x.RequireHttpsMetadata = false; + x.SaveToken = true; + x.TokenValidationParameters = new TokenValidationParameters + { + ValidateIssuerSigningKey = true, + IssuerSigningKey = new SymmetricSecurityKey(key), + ValidateIssuer = false, + ValidateAudience = false + }; + }); + } + } +} \ No newline at end of file -- cgit v1.2.3 From fb2803789e012cda1aca4c5f8bef779923f5db61 Mon Sep 17 00:00:00 2001 From: transtrike Date: Wed, 16 Dec 2020 19:00:00 +0200 Subject: Authorization fixed --- src/DevHive.Services/Services/UserService.cs | 15 +++++++++------ .../Configurations/Extensions/ConfigureDatabase.cs | 9 +++++++-- src/DevHive.Web/Configurations/Extensions/ConfigureJWT.cs | 2 +- src/DevHive.Web/Controllers/RoleController.cs | 2 ++ src/DevHive.Web/Controllers/UserController.cs | 5 +++-- src/DevHive.Web/Startup.cs | 1 + 6 files changed, 23 insertions(+), 11 deletions(-) (limited to 'src/DevHive.Web/Configurations/Extensions/ConfigureJWT.cs') diff --git a/src/DevHive.Services/Services/UserService.cs b/src/DevHive.Services/Services/UserService.cs index 05a48b3..24f74f5 100644 --- a/src/DevHive.Services/Services/UserService.cs +++ b/src/DevHive.Services/Services/UserService.cs @@ -11,6 +11,7 @@ using System.Security.Claims; using Microsoft.IdentityModel.Tokens; using System.Security.Cryptography; using System.Text; +using System.Collections.Generic; namespace DevHive.Services.Services { @@ -97,14 +98,16 @@ namespace DevHive.Services.Services private string WriteJWTSecurityToken(string role) { //TODO: Try generating the key - byte[] signingKey = Convert.FromBase64String(_jwtOptions.Secret); - + byte[] signingKey = Encoding.ASCII.GetBytes(_jwtOptions.Secret); + + List claims = new List() + { + new Claim(ClaimTypes.Role, role) + }; + SecurityTokenDescriptor tokenDescriptor = new() { - Subject = new ClaimsIdentity(new Claim[] - { - new Claim(ClaimTypes.Role, role) - }), + Subject = new ClaimsIdentity(claims), Expires = DateTime.Today.AddDays(7), SigningCredentials = new SigningCredentials( new SymmetricSecurityKey(signingKey), diff --git a/src/DevHive.Web/Configurations/Extensions/ConfigureDatabase.cs b/src/DevHive.Web/Configurations/Extensions/ConfigureDatabase.cs index 0fe32de..e656137 100644 --- a/src/DevHive.Web/Configurations/Extensions/ConfigureDatabase.cs +++ b/src/DevHive.Web/Configurations/Extensions/ConfigureDatabase.cs @@ -6,6 +6,7 @@ using DevHive.Data.Models; using Microsoft.AspNetCore.Identity; using Microsoft.AspNetCore.Builder; using System; +using Microsoft.AspNetCore.Authentication.JwtBearer; namespace DevHive.Web.Configurations.Extensions { @@ -40,8 +41,12 @@ namespace DevHive.Web.Configurations.Extensions services.AddAuthorization(options => { - options.AddPolicy($"{Role.DefaultRole}", - policy => policy.RequireRole($"{Role.DefaultRole}")); + options.AddPolicy("User", options => + { + options.RequireAuthenticatedUser(); + options.AuthenticationSchemes.Add(JwtBearerDefaults.AuthenticationScheme); + options.RequireRole("User"); + }); }); } diff --git a/src/DevHive.Web/Configurations/Extensions/ConfigureJWT.cs b/src/DevHive.Web/Configurations/Extensions/ConfigureJWT.cs index bc5ac15..d422bc8 100644 --- a/src/DevHive.Web/Configurations/Extensions/ConfigureJWT.cs +++ b/src/DevHive.Web/Configurations/Extensions/ConfigureJWT.cs @@ -43,7 +43,7 @@ namespace DevHive.Web.Configurations.Extensions x.SaveToken = true; x.TokenValidationParameters = new TokenValidationParameters { - ValidateIssuerSigningKey = true, + //ValidateIssuerSigningKey = false, IssuerSigningKey = new SymmetricSecurityKey(key), ValidateIssuer = false, ValidateAudience = false diff --git a/src/DevHive.Web/Controllers/RoleController.cs b/src/DevHive.Web/Controllers/RoleController.cs index 1e11ee1..610d370 100644 --- a/src/DevHive.Web/Controllers/RoleController.cs +++ b/src/DevHive.Web/Controllers/RoleController.cs @@ -6,11 +6,13 @@ using DevHive.Web.Models.Identity.Role; using AutoMapper; using DevHive.Services.Models.Identity.Role; using System; +using Microsoft.AspNetCore.Authorization; namespace DevHive.Web.Controllers { [ApiController] [Route("/api/[controller]")] + //[Authorize(Roles = "Admin")] public class RoleController { private readonly RoleService _roleService; diff --git a/src/DevHive.Web/Controllers/UserController.cs b/src/DevHive.Web/Controllers/UserController.cs index f952355..80e1bde 100644 --- a/src/DevHive.Web/Controllers/UserController.cs +++ b/src/DevHive.Web/Controllers/UserController.cs @@ -14,6 +14,7 @@ namespace DevHive.Web.Controllers { [ApiController] [Route("/api/[controller]")] + [Authorize(Roles = "User")] public class UserController: ControllerBase { private readonly UserService _userService; @@ -27,6 +28,7 @@ namespace DevHive.Web.Controllers [HttpPost] [Route("Login")] + [AllowAnonymous] public async Task Login([FromBody] LoginWebModel loginModel) { LoginServiceModel loginServiceModel = this._userMapper.Map(loginModel); @@ -39,6 +41,7 @@ namespace DevHive.Web.Controllers [HttpPost] [Route("Register")] + [AllowAnonymous] public async Task Register([FromBody] RegisterWebModel registerModel) { RegisterServiceModel registerServiceModel = this._userMapper.Map(registerModel); @@ -61,7 +64,6 @@ namespace DevHive.Web.Controllers //Update [HttpPut] - [Authorize(Roles = Role.DefaultRole)] public async Task Update(Guid id, [FromBody] UpdateUserWebModel updateModel) { UpdateUserServiceModel updateUserServiceModel = this._userMapper.Map(updateModel); @@ -76,7 +78,6 @@ namespace DevHive.Web.Controllers //Delete [HttpDelete] - [Authorize(Roles = Role.DefaultRole)] public async Task Delete(Guid id) { await this._userService.DeleteUser(id); diff --git a/src/DevHive.Web/Startup.cs b/src/DevHive.Web/Startup.cs index 104ba4a..35dd5c3 100644 --- a/src/DevHive.Web/Startup.cs +++ b/src/DevHive.Web/Startup.cs @@ -46,6 +46,7 @@ namespace DevHive.Web } app.UseDatabaseConfiguration(); + app.UseEndpoints(endpoints => { -- cgit v1.2.3