From fb2803789e012cda1aca4c5f8bef779923f5db61 Mon Sep 17 00:00:00 2001 From: transtrike Date: Wed, 16 Dec 2020 19:00:00 +0200 Subject: Authorization fixed --- src/DevHive.Services/Services/UserService.cs | 15 +++++++++------ .../Configurations/Extensions/ConfigureDatabase.cs | 9 +++++++-- src/DevHive.Web/Configurations/Extensions/ConfigureJWT.cs | 2 +- src/DevHive.Web/Controllers/RoleController.cs | 2 ++ src/DevHive.Web/Controllers/UserController.cs | 5 +++-- src/DevHive.Web/Startup.cs | 1 + 6 files changed, 23 insertions(+), 11 deletions(-) (limited to 'src') diff --git a/src/DevHive.Services/Services/UserService.cs b/src/DevHive.Services/Services/UserService.cs index 05a48b3..24f74f5 100644 --- a/src/DevHive.Services/Services/UserService.cs +++ b/src/DevHive.Services/Services/UserService.cs @@ -11,6 +11,7 @@ using System.Security.Claims; using Microsoft.IdentityModel.Tokens; using System.Security.Cryptography; using System.Text; +using System.Collections.Generic; namespace DevHive.Services.Services { @@ -97,14 +98,16 @@ namespace DevHive.Services.Services private string WriteJWTSecurityToken(string role) { //TODO: Try generating the key - byte[] signingKey = Convert.FromBase64String(_jwtOptions.Secret); - + byte[] signingKey = Encoding.ASCII.GetBytes(_jwtOptions.Secret); + + List claims = new List() + { + new Claim(ClaimTypes.Role, role) + }; + SecurityTokenDescriptor tokenDescriptor = new() { - Subject = new ClaimsIdentity(new Claim[] - { - new Claim(ClaimTypes.Role, role) - }), + Subject = new ClaimsIdentity(claims), Expires = DateTime.Today.AddDays(7), SigningCredentials = new SigningCredentials( new SymmetricSecurityKey(signingKey), diff --git a/src/DevHive.Web/Configurations/Extensions/ConfigureDatabase.cs b/src/DevHive.Web/Configurations/Extensions/ConfigureDatabase.cs index 0fe32de..e656137 100644 --- a/src/DevHive.Web/Configurations/Extensions/ConfigureDatabase.cs +++ b/src/DevHive.Web/Configurations/Extensions/ConfigureDatabase.cs @@ -6,6 +6,7 @@ using DevHive.Data.Models; using Microsoft.AspNetCore.Identity; using Microsoft.AspNetCore.Builder; using System; +using Microsoft.AspNetCore.Authentication.JwtBearer; namespace DevHive.Web.Configurations.Extensions { @@ -40,8 +41,12 @@ namespace DevHive.Web.Configurations.Extensions services.AddAuthorization(options => { - options.AddPolicy($"{Role.DefaultRole}", - policy => policy.RequireRole($"{Role.DefaultRole}")); + options.AddPolicy("User", options => + { + options.RequireAuthenticatedUser(); + options.AuthenticationSchemes.Add(JwtBearerDefaults.AuthenticationScheme); + options.RequireRole("User"); + }); }); } diff --git a/src/DevHive.Web/Configurations/Extensions/ConfigureJWT.cs b/src/DevHive.Web/Configurations/Extensions/ConfigureJWT.cs index bc5ac15..d422bc8 100644 --- a/src/DevHive.Web/Configurations/Extensions/ConfigureJWT.cs +++ b/src/DevHive.Web/Configurations/Extensions/ConfigureJWT.cs @@ -43,7 +43,7 @@ namespace DevHive.Web.Configurations.Extensions x.SaveToken = true; x.TokenValidationParameters = new TokenValidationParameters { - ValidateIssuerSigningKey = true, + //ValidateIssuerSigningKey = false, IssuerSigningKey = new SymmetricSecurityKey(key), ValidateIssuer = false, ValidateAudience = false diff --git a/src/DevHive.Web/Controllers/RoleController.cs b/src/DevHive.Web/Controllers/RoleController.cs index 1e11ee1..610d370 100644 --- a/src/DevHive.Web/Controllers/RoleController.cs +++ b/src/DevHive.Web/Controllers/RoleController.cs @@ -6,11 +6,13 @@ using DevHive.Web.Models.Identity.Role; using AutoMapper; using DevHive.Services.Models.Identity.Role; using System; +using Microsoft.AspNetCore.Authorization; namespace DevHive.Web.Controllers { [ApiController] [Route("/api/[controller]")] + //[Authorize(Roles = "Admin")] public class RoleController { private readonly RoleService _roleService; diff --git a/src/DevHive.Web/Controllers/UserController.cs b/src/DevHive.Web/Controllers/UserController.cs index f952355..80e1bde 100644 --- a/src/DevHive.Web/Controllers/UserController.cs +++ b/src/DevHive.Web/Controllers/UserController.cs @@ -14,6 +14,7 @@ namespace DevHive.Web.Controllers { [ApiController] [Route("/api/[controller]")] + [Authorize(Roles = "User")] public class UserController: ControllerBase { private readonly UserService _userService; @@ -27,6 +28,7 @@ namespace DevHive.Web.Controllers [HttpPost] [Route("Login")] + [AllowAnonymous] public async Task Login([FromBody] LoginWebModel loginModel) { LoginServiceModel loginServiceModel = this._userMapper.Map(loginModel); @@ -39,6 +41,7 @@ namespace DevHive.Web.Controllers [HttpPost] [Route("Register")] + [AllowAnonymous] public async Task Register([FromBody] RegisterWebModel registerModel) { RegisterServiceModel registerServiceModel = this._userMapper.Map(registerModel); @@ -61,7 +64,6 @@ namespace DevHive.Web.Controllers //Update [HttpPut] - [Authorize(Roles = Role.DefaultRole)] public async Task Update(Guid id, [FromBody] UpdateUserWebModel updateModel) { UpdateUserServiceModel updateUserServiceModel = this._userMapper.Map(updateModel); @@ -76,7 +78,6 @@ namespace DevHive.Web.Controllers //Delete [HttpDelete] - [Authorize(Roles = Role.DefaultRole)] public async Task Delete(Guid id) { await this._userService.DeleteUser(id); diff --git a/src/DevHive.Web/Startup.cs b/src/DevHive.Web/Startup.cs index 104ba4a..35dd5c3 100644 --- a/src/DevHive.Web/Startup.cs +++ b/src/DevHive.Web/Startup.cs @@ -46,6 +46,7 @@ namespace DevHive.Web } app.UseDatabaseConfiguration(); + app.UseEndpoints(endpoints => { -- cgit v1.2.3