From 3e70797594af04003c153061a5f4b95ac7567816 Mon Sep 17 00:00:00 2001 From: kolosovpetro Date: Tue, 4 Apr 2023 19:51:05 +0200 Subject: [PATCH 1/3] work in progress --- .../EventTriangleAPI.Sender.Domain.csproj | 4 ++++ .../Controllers/WeatherForecastController.cs | 21 ++++++++++++++-- ...ventTriangleAPI.Sender.Presentation.csproj | 6 ++++- .../Program.cs | 24 ++++++++++++------- .../appsettings.Development.json | 8 ------- .../appsettings.json | 8 ++++++- ...EventTriangleAPI.Shared.Application.csproj | 7 ++++++ 7 files changed, 57 insertions(+), 21 deletions(-) delete mode 100644 src/sender/EventTriangleAPI.Sender.Presentation/appsettings.Development.json diff --git a/src/sender/EventTriangleAPI.Sender.Domain/EventTriangleAPI.Sender.Domain.csproj b/src/sender/EventTriangleAPI.Sender.Domain/EventTriangleAPI.Sender.Domain.csproj index eb2460e9..60b0fb2c 100644 --- a/src/sender/EventTriangleAPI.Sender.Domain/EventTriangleAPI.Sender.Domain.csproj +++ b/src/sender/EventTriangleAPI.Sender.Domain/EventTriangleAPI.Sender.Domain.csproj @@ -6,4 +6,8 @@ enable + + + + diff --git a/src/sender/EventTriangleAPI.Sender.Presentation/Controllers/WeatherForecastController.cs b/src/sender/EventTriangleAPI.Sender.Presentation/Controllers/WeatherForecastController.cs index 31e52055..823cf27d 100644 --- a/src/sender/EventTriangleAPI.Sender.Presentation/Controllers/WeatherForecastController.cs +++ b/src/sender/EventTriangleAPI.Sender.Presentation/Controllers/WeatherForecastController.cs @@ -1,9 +1,12 @@ +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; +using Microsoft.Identity.Web.Resource; namespace EventTriangleAPI.Sender.Presentation.Controllers; [ApiController] [Route("[controller]")] +[RequiredScope(RequiredScopesConfigurationKey = "AzureAd:Scopes")] public class WeatherForecastController : ControllerBase { private static readonly string[] Summaries = new[] @@ -18,8 +21,22 @@ public WeatherForecastController(ILogger logger) _logger = logger; } - [HttpGet(Name = "GetWeatherForecast")] - public IEnumerable Get() + [Authorize(Roles = "User")] + [HttpGet("user")] + public IEnumerable GetForUser() + { + return Enumerable.Range(1, 5).Select(index => new WeatherForecast + { + Date = DateTime.Now.AddDays(index), + TemperatureC = Random.Shared.Next(-20, 55), + Summary = Summaries[Random.Shared.Next(Summaries.Length)] + }) + .ToArray(); + } + + [Authorize(Roles = "Admin")] + [HttpGet("admin")] + public IEnumerable GetForAdmin() { return Enumerable.Range(1, 5).Select(index => new WeatherForecast { diff --git a/src/sender/EventTriangleAPI.Sender.Presentation/EventTriangleAPI.Sender.Presentation.csproj b/src/sender/EventTriangleAPI.Sender.Presentation/EventTriangleAPI.Sender.Presentation.csproj index 6108b7b2..4964aae2 100644 --- a/src/sender/EventTriangleAPI.Sender.Presentation/EventTriangleAPI.Sender.Presentation.csproj +++ b/src/sender/EventTriangleAPI.Sender.Presentation/EventTriangleAPI.Sender.Presentation.csproj @@ -7,7 +7,11 @@ - + + + + + diff --git a/src/sender/EventTriangleAPI.Sender.Presentation/Program.cs b/src/sender/EventTriangleAPI.Sender.Presentation/Program.cs index 8264bac5..3b63c3da 100644 --- a/src/sender/EventTriangleAPI.Sender.Presentation/Program.cs +++ b/src/sender/EventTriangleAPI.Sender.Presentation/Program.cs @@ -1,23 +1,29 @@ -var builder = WebApplication.CreateBuilder(args); +using Microsoft.AspNetCore.Authentication.JwtBearer; +using Microsoft.Identity.Web; -// Add services to the container. +var builder = WebApplication.CreateBuilder(args); builder.Services.AddControllers(); -// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle builder.Services.AddEndpointsApiExplorer(); builder.Services.AddSwaggerGen(); +var configurationSection = builder.Configuration.GetSection("AzureAd"); + +builder.Services + .AddAuthentication(JwtBearerDefaults.AuthenticationScheme) + .AddMicrosoftIdentityWebApi(configurationSection); + var app = builder.Build(); -// Configure the HTTP request pipeline. -if (app.Environment.IsDevelopment()) -{ - app.UseSwagger(); - app.UseSwaggerUI(); -} + +app.UseSwagger(); +app.UseSwaggerUI(); + app.UseHttpsRedirection(); +app.UseAuthentication(); + app.UseAuthorization(); app.MapControllers(); diff --git a/src/sender/EventTriangleAPI.Sender.Presentation/appsettings.Development.json b/src/sender/EventTriangleAPI.Sender.Presentation/appsettings.Development.json deleted file mode 100644 index 0c208ae9..00000000 --- a/src/sender/EventTriangleAPI.Sender.Presentation/appsettings.Development.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "Logging": { - "LogLevel": { - "Default": "Information", - "Microsoft.AspNetCore": "Warning" - } - } -} diff --git a/src/sender/EventTriangleAPI.Sender.Presentation/appsettings.json b/src/sender/EventTriangleAPI.Sender.Presentation/appsettings.json index 10f68b8c..8b21a3b7 100644 --- a/src/sender/EventTriangleAPI.Sender.Presentation/appsettings.json +++ b/src/sender/EventTriangleAPI.Sender.Presentation/appsettings.json @@ -5,5 +5,11 @@ "Microsoft.AspNetCore": "Warning" } }, - "AllowedHosts": "*" + "AllowedHosts": "*", + "AzureAd": { + "Instance": "https://login.microsoftonline.com/", + "TenantId": "b40a105f-0643-4922-8e60-10fc1abf9c4b", + "ClientId": "9fe0bffe-48cf-4e7d-8528-7e47c6d17015", + "Scopes": "QuickAndSimpleApiAuth.All" + } } diff --git a/src/shared/EventTriangleAPI.Shared.Application/EventTriangleAPI.Shared.Application.csproj b/src/shared/EventTriangleAPI.Shared.Application/EventTriangleAPI.Shared.Application.csproj index eb2460e9..79ab4e2a 100644 --- a/src/shared/EventTriangleAPI.Shared.Application/EventTriangleAPI.Shared.Application.csproj +++ b/src/shared/EventTriangleAPI.Shared.Application/EventTriangleAPI.Shared.Application.csproj @@ -6,4 +6,11 @@ enable + + + + + + + From 1df595cd877def298b3d808a33a9d66fee6d2d22 Mon Sep 17 00:00:00 2001 From: kolosovpetro Date: Wed, 5 Apr 2023 21:40:16 +0200 Subject: [PATCH 2/3] local auth app set up --- .../Controllers/WeatherForecastController.cs | 2 +- src/sender/EventTriangleAPI.Sender.Presentation/Program.cs | 3 +++ .../EventTriangleAPI.Sender.Presentation/appsettings.json | 4 ++-- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/src/sender/EventTriangleAPI.Sender.Presentation/Controllers/WeatherForecastController.cs b/src/sender/EventTriangleAPI.Sender.Presentation/Controllers/WeatherForecastController.cs index 823cf27d..53b7b721 100644 --- a/src/sender/EventTriangleAPI.Sender.Presentation/Controllers/WeatherForecastController.cs +++ b/src/sender/EventTriangleAPI.Sender.Presentation/Controllers/WeatherForecastController.cs @@ -21,7 +21,7 @@ public WeatherForecastController(ILogger logger) _logger = logger; } - [Authorize(Roles = "User")] + [Authorize(Roles = "User, Admin")] [HttpGet("user")] public IEnumerable GetForUser() { diff --git a/src/sender/EventTriangleAPI.Sender.Presentation/Program.cs b/src/sender/EventTriangleAPI.Sender.Presentation/Program.cs index 3b63c3da..e1d7e191 100644 --- a/src/sender/EventTriangleAPI.Sender.Presentation/Program.cs +++ b/src/sender/EventTriangleAPI.Sender.Presentation/Program.cs @@ -1,5 +1,6 @@ using Microsoft.AspNetCore.Authentication.JwtBearer; using Microsoft.Identity.Web; +using Microsoft.IdentityModel.Logging; var builder = WebApplication.CreateBuilder(args); @@ -15,6 +16,8 @@ var app = builder.Build(); +IdentityModelEventSource.ShowPII = true; + app.UseSwagger(); app.UseSwaggerUI(); diff --git a/src/sender/EventTriangleAPI.Sender.Presentation/appsettings.json b/src/sender/EventTriangleAPI.Sender.Presentation/appsettings.json index 8b21a3b7..456ad74a 100644 --- a/src/sender/EventTriangleAPI.Sender.Presentation/appsettings.json +++ b/src/sender/EventTriangleAPI.Sender.Presentation/appsettings.json @@ -9,7 +9,7 @@ "AzureAd": { "Instance": "https://login.microsoftonline.com/", "TenantId": "b40a105f-0643-4922-8e60-10fc1abf9c4b", - "ClientId": "9fe0bffe-48cf-4e7d-8528-7e47c6d17015", - "Scopes": "QuickAndSimpleApiAuth.All" + "ClientId": "25128d03-9817-4e11-bddf-dc5f6df4042a", + "Scopes": "EventTriangleLocalAuth.All" } } From 992b5586fb7fd08342b190be78b626d53eea4a6c Mon Sep 17 00:00:00 2001 From: kolosovpetro Date: Wed, 5 Apr 2023 21:55:11 +0200 Subject: [PATCH 3/3] consumer authorization --- .../EventTriangleAPI.Consumer.Domain.csproj | 4 +++ .../Controllers/WeatherForecastController.cs | 19 ++++++++++++-- ...ntTriangleAPI.Consumer.Presentation.csproj | 6 ++++- .../Program.cs | 26 ++++++++++++------- .../appsettings.Development.json | 8 ------ .../appsettings.json | 8 +++++- .../Controllers/WeatherForecastController.cs | 4 +-- 7 files changed, 52 insertions(+), 23 deletions(-) delete mode 100644 src/consumer/EventTriangleAPI.Consumer.Presentation/appsettings.Development.json diff --git a/src/consumer/EventTriangleAPI.Consumer.Domain/EventTriangleAPI.Consumer.Domain.csproj b/src/consumer/EventTriangleAPI.Consumer.Domain/EventTriangleAPI.Consumer.Domain.csproj index eb2460e9..60b0fb2c 100644 --- a/src/consumer/EventTriangleAPI.Consumer.Domain/EventTriangleAPI.Consumer.Domain.csproj +++ b/src/consumer/EventTriangleAPI.Consumer.Domain/EventTriangleAPI.Consumer.Domain.csproj @@ -6,4 +6,8 @@ enable + + + + diff --git a/src/consumer/EventTriangleAPI.Consumer.Presentation/Controllers/WeatherForecastController.cs b/src/consumer/EventTriangleAPI.Consumer.Presentation/Controllers/WeatherForecastController.cs index ba1c0456..79d9d1b7 100644 --- a/src/consumer/EventTriangleAPI.Consumer.Presentation/Controllers/WeatherForecastController.cs +++ b/src/consumer/EventTriangleAPI.Consumer.Presentation/Controllers/WeatherForecastController.cs @@ -1,3 +1,4 @@ +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; namespace EventTriangleAPI.Consumer.Presentation.Controllers; @@ -17,9 +18,23 @@ public WeatherForecastController(ILogger logger) { _logger = logger; } + + [Authorize(Roles = "User, Admin")] + [HttpGet("user_and_admin")] + public IEnumerable GetForUserAndAdmin() + { + return Enumerable.Range(1, 5).Select(index => new WeatherForecast + { + Date = DateTime.Now.AddDays(index), + TemperatureC = Random.Shared.Next(-20, 55), + Summary = Summaries[Random.Shared.Next(Summaries.Length)] + }) + .ToArray(); + } - [HttpGet(Name = "GetWeatherForecast")] - public IEnumerable Get() + [Authorize(Roles = "Admin")] + [HttpGet("admin")] + public IEnumerable GetForAdmin() { return Enumerable.Range(1, 5).Select(index => new WeatherForecast { diff --git a/src/consumer/EventTriangleAPI.Consumer.Presentation/EventTriangleAPI.Consumer.Presentation.csproj b/src/consumer/EventTriangleAPI.Consumer.Presentation/EventTriangleAPI.Consumer.Presentation.csproj index 6108b7b2..b6a1ce32 100644 --- a/src/consumer/EventTriangleAPI.Consumer.Presentation/EventTriangleAPI.Consumer.Presentation.csproj +++ b/src/consumer/EventTriangleAPI.Consumer.Presentation/EventTriangleAPI.Consumer.Presentation.csproj @@ -7,7 +7,11 @@ - + + + + + diff --git a/src/consumer/EventTriangleAPI.Consumer.Presentation/Program.cs b/src/consumer/EventTriangleAPI.Consumer.Presentation/Program.cs index 8264bac5..64581f84 100644 --- a/src/consumer/EventTriangleAPI.Consumer.Presentation/Program.cs +++ b/src/consumer/EventTriangleAPI.Consumer.Presentation/Program.cs @@ -1,23 +1,31 @@ -var builder = WebApplication.CreateBuilder(args); +using Microsoft.AspNetCore.Authentication.JwtBearer; +using Microsoft.Identity.Web; +using Microsoft.IdentityModel.Logging; -// Add services to the container. +var builder = WebApplication.CreateBuilder(args); builder.Services.AddControllers(); -// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle builder.Services.AddEndpointsApiExplorer(); builder.Services.AddSwaggerGen(); +var configurationSection = builder.Configuration.GetSection("AzureAd"); + +builder.Services + .AddAuthentication(JwtBearerDefaults.AuthenticationScheme) + .AddMicrosoftIdentityWebApi(configurationSection); + var app = builder.Build(); -// Configure the HTTP request pipeline. -if (app.Environment.IsDevelopment()) -{ - app.UseSwagger(); - app.UseSwaggerUI(); -} +IdentityModelEventSource.ShowPII = true; + +app.UseSwagger(); +app.UseSwaggerUI(); + app.UseHttpsRedirection(); +app.UseAuthentication(); + app.UseAuthorization(); app.MapControllers(); diff --git a/src/consumer/EventTriangleAPI.Consumer.Presentation/appsettings.Development.json b/src/consumer/EventTriangleAPI.Consumer.Presentation/appsettings.Development.json deleted file mode 100644 index 0c208ae9..00000000 --- a/src/consumer/EventTriangleAPI.Consumer.Presentation/appsettings.Development.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "Logging": { - "LogLevel": { - "Default": "Information", - "Microsoft.AspNetCore": "Warning" - } - } -} diff --git a/src/consumer/EventTriangleAPI.Consumer.Presentation/appsettings.json b/src/consumer/EventTriangleAPI.Consumer.Presentation/appsettings.json index 10f68b8c..456ad74a 100644 --- a/src/consumer/EventTriangleAPI.Consumer.Presentation/appsettings.json +++ b/src/consumer/EventTriangleAPI.Consumer.Presentation/appsettings.json @@ -5,5 +5,11 @@ "Microsoft.AspNetCore": "Warning" } }, - "AllowedHosts": "*" + "AllowedHosts": "*", + "AzureAd": { + "Instance": "https://login.microsoftonline.com/", + "TenantId": "b40a105f-0643-4922-8e60-10fc1abf9c4b", + "ClientId": "25128d03-9817-4e11-bddf-dc5f6df4042a", + "Scopes": "EventTriangleLocalAuth.All" + } } diff --git a/src/sender/EventTriangleAPI.Sender.Presentation/Controllers/WeatherForecastController.cs b/src/sender/EventTriangleAPI.Sender.Presentation/Controllers/WeatherForecastController.cs index 53b7b721..3c813edd 100644 --- a/src/sender/EventTriangleAPI.Sender.Presentation/Controllers/WeatherForecastController.cs +++ b/src/sender/EventTriangleAPI.Sender.Presentation/Controllers/WeatherForecastController.cs @@ -22,8 +22,8 @@ public WeatherForecastController(ILogger logger) } [Authorize(Roles = "User, Admin")] - [HttpGet("user")] - public IEnumerable GetForUser() + [HttpGet("user_and_admin")] + public IEnumerable GetForUserAndAdmin() { return Enumerable.Range(1, 5).Select(index => new WeatherForecast {