Skip to content

Implement Azure AD OIDC role-based authorization #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
kolosovpetro merged 3 commits into from
Apr 9, 2023
Merged

Implement Azure AD OIDC role-based authorization #3

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
3e70797
work in progress
kolosovpetro Apr 4, 2023
1df595c
local auth app set up
kolosovpetro Apr 5, 2023
992b558
consumer authorization
kolosovpetro Apr 5, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions src/consumer/EventTriangleAPI.Consumer.Domain/EventTriangleAPI.Consumer.Domain.csproj
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,4 +6,8 @@
<Nullable>enable</Nullable>
</PropertyGroup>

<ItemGroup>
<ProjectReference Include="..\..\shared\EventTriangleAPI.Shared.Application\EventTriangleAPI.Shared.Application.csproj" />
</ItemGroup>

</Project>
19 changes: 17 additions & 2 deletions src/consumer/EventTriangleAPI.Consumer.Presentation/Controllers/WeatherForecastController.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;

namespace EventTriangleAPI.Consumer.Presentation.Controllers;
Expand All @@ -17,9 +18,23 @@ public WeatherForecastController(ILogger<WeatherForecastController> logger)
{
_logger = logger;
}

[Authorize(Roles = "User, Admin")]
[HttpGet("user_and_admin")]
Copy link
Contributor

@Khachatur-Khachatryan Khachatur-Khachatryan Apr 5, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

use "-" symbol instead of underscore

public IEnumerable<WeatherForecast> GetForUserAndAdmin()
{
return Enumerable.Range(1, 5).Select(index => new WeatherForecast
{
Date = DateTime.Now.AddDays(index),
TemperatureC = Random.Shared.Next(-20, 55),
Summary = Summaries[Random.Shared.Next(Summaries.Length)]
})
.ToArray();
}

[HttpGet(Name = "GetWeatherForecast")]
public IEnumerable<WeatherForecast> Get()
[Authorize(Roles = "Admin")]
[HttpGet("admin")]
public IEnumerable<WeatherForecast> GetForAdmin()
Copy link
Contributor

@Khachatur-Khachatryan Khachatur-Khachatryan Apr 5, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add to project package Swashbuckle.AspnetCore.Annotations and add [SwaggerOperation] attribute to controler methods

{
return Enumerable.Range(1, 5).Select(index => new WeatherForecast
{
Expand Down
6 changes: 5 additions & 1 deletion ...umer/EventTriangleAPI.Consumer.Presentation/EventTriangleAPI.Consumer.Presentation.csproj
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,11 @@
</PropertyGroup>

<ItemGroup>
<PackageReference Include="Swashbuckle.AspNetCore" Version="6.2.3"/>
<PackageReference Include="Swashbuckle.AspNetCore" Version="6.2.3" />
</ItemGroup>

<ItemGroup>
<ProjectReference Include="..\EventTriangleAPI.Consumer.Domain\EventTriangleAPI.Consumer.Domain.csproj" />
</ItemGroup>

</Project>
26 changes: 17 additions & 9 deletions src/consumer/EventTriangleAPI.Consumer.Presentation/Program.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,23 +1,31 @@
var builder = WebApplication.CreateBuilder(args);
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.Identity.Web;
using Microsoft.IdentityModel.Logging;

// Add services to the container.
var builder = WebApplication.CreateBuilder(args);

builder.Services.AddControllers();
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();

var configurationSection = builder.Configuration.GetSection("AzureAd");

builder.Services
.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApi(configurationSection);

var app = builder.Build();

// Configure the HTTP request pipeline.
if (app.Environment.IsDevelopment())
{
app.UseSwagger();
app.UseSwaggerUI();
}
IdentityModelEventSource.ShowPII = true;

app.UseSwagger();
app.UseSwaggerUI();
Copy link
Contributor

@Khachatur-Khachatryan Khachatur-Khachatryan Apr 5, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add Swagger UI config. For example:

app.UseSwaggerUI(c =>
{
    c.SwaggerEndpoint("/swagger/v1/swagger.json", "Event Triangle Consumer API V1");
});

Don't forget about SwaggerGen configureation. For example:

builder.Services.AddSwaggerGen(c =>
{
    c.SwaggerDoc("v1",
        new OpenApiInfo { Title = "Event Triangle Consumer API", Version = "v1" });
});



app.UseHttpsRedirection();

app.UseAuthentication();

app.UseAuthorization();

app.MapControllers();
Expand Down
8 changes: 0 additions & 8 deletions src/consumer/EventTriangleAPI.Consumer.Presentation/appsettings.Development.json
View file
Open in desktop

This file was deleted.

8 changes: 7 additions & 1 deletion src/consumer/EventTriangleAPI.Consumer.Presentation/appsettings.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,5 +5,11 @@
"Microsoft.AspNetCore": "Warning"
}
},
"AllowedHosts": "*"
"AllowedHosts": "*",
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"TenantId": "b40a105f-0643-4922-8e60-10fc1abf9c4b",
"ClientId": "25128d03-9817-4e11-bddf-dc5f6df4042a",
"Scopes": "EventTriangleLocalAuth.All"
}
}
4 changes: 4 additions & 0 deletions src/sender/EventTriangleAPI.Sender.Domain/EventTriangleAPI.Sender.Domain.csproj
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,4 +6,8 @@
<Nullable>enable</Nullable>
</PropertyGroup>

<ItemGroup>
<ProjectReference Include="..\..\shared\EventTriangleAPI.Shared.Application\EventTriangleAPI.Shared.Application.csproj" />
</ItemGroup>

</Project>
21 changes: 19 additions & 2 deletions src/sender/EventTriangleAPI.Sender.Presentation/Controllers/WeatherForecastController.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,12 @@
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Identity.Web.Resource;

namespace EventTriangleAPI.Sender.Presentation.Controllers;

[ApiController]
[Route("[controller]")]
[RequiredScope(RequiredScopesConfigurationKey = "AzureAd:Scopes")]
public class WeatherForecastController : ControllerBase
{
private static readonly string[] Summaries = new[]
Expand All @@ -18,8 +21,22 @@ public WeatherForecastController(ILogger<WeatherForecastController> logger)
_logger = logger;
}

[HttpGet(Name = "GetWeatherForecast")]
public IEnumerable<WeatherForecast> Get()
[Authorize(Roles = "User, Admin")]
[HttpGet("user_and_admin")]
Copy link
Contributor

@Khachatur-Khachatryan Khachatur-Khachatryan Apr 5, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

use "-" symbol instead of underscore

public IEnumerable<WeatherForecast> GetForUserAndAdmin()
Copy link
Contributor

@Khachatur-Khachatryan Khachatur-Khachatryan Apr 5, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add to project package Swashbuckle.AspnetCore.Annotations and add [SwaggerOperation] attribute to controler methods

{
return Enumerable.Range(1, 5).Select(index => new WeatherForecast
{
Date = DateTime.Now.AddDays(index),
TemperatureC = Random.Shared.Next(-20, 55),
Summary = Summaries[Random.Shared.Next(Summaries.Length)]
})
.ToArray();
}

[Authorize(Roles = "Admin")]
[HttpGet("admin")]
public IEnumerable<WeatherForecast> GetForAdmin()
{
return Enumerable.Range(1, 5).Select(index => new WeatherForecast
{
Expand Down
6 changes: 5 additions & 1 deletion src/sender/EventTriangleAPI.Sender.Presentation/EventTriangleAPI.Sender.Presentation.csproj
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,11 @@
</PropertyGroup>

<ItemGroup>
<PackageReference Include="Swashbuckle.AspNetCore" Version="6.2.3"/>
<PackageReference Include="Swashbuckle.AspNetCore" Version="6.2.3" />
</ItemGroup>

<ItemGroup>
<ProjectReference Include="..\EventTriangleAPI.Sender.Domain\EventTriangleAPI.Sender.Domain.csproj" />
</ItemGroup>

</Project>
27 changes: 18 additions & 9 deletions src/sender/EventTriangleAPI.Sender.Presentation/Program.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,23 +1,32 @@
var builder = WebApplication.CreateBuilder(args);
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.Identity.Web;
using Microsoft.IdentityModel.Logging;

// Add services to the container.
var builder = WebApplication.CreateBuilder(args);

builder.Services.AddControllers();
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();

var configurationSection = builder.Configuration.GetSection("AzureAd");

builder.Services
.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApi(configurationSection);

var app = builder.Build();

// Configure the HTTP request pipeline.
if (app.Environment.IsDevelopment())
{
app.UseSwagger();
app.UseSwaggerUI();
}
IdentityModelEventSource.ShowPII = true;


app.UseSwagger();
app.UseSwaggerUI();
Copy link
Contributor

@Khachatur-Khachatryan Khachatur-Khachatryan Apr 5, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add Swagger UI config. For example:

app.UseSwaggerUI(c =>
{
    c.SwaggerEndpoint("/swagger/v1/swagger.json", "Event Triangle Sender API V1");
});

Don't forget about SwaggerGen configureation. For example:

builder.Services.AddSwaggerGen(c =>
{
    c.SwaggerDoc("v1",
        new OpenApiInfo { Title = "Event Triangle Sender API", Version = "v1" });
});



app.UseHttpsRedirection();

app.UseAuthentication();

app.UseAuthorization();

app.MapControllers();
Expand Down
8 changes: 0 additions & 8 deletions src/sender/EventTriangleAPI.Sender.Presentation/appsettings.Development.json
View file
Open in desktop

This file was deleted.

8 changes: 7 additions & 1 deletion src/sender/EventTriangleAPI.Sender.Presentation/appsettings.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,5 +5,11 @@
"Microsoft.AspNetCore": "Warning"
}
},
"AllowedHosts": "*"
"AllowedHosts": "*",
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"TenantId": "b40a105f-0643-4922-8e60-10fc1abf9c4b",
"ClientId": "25128d03-9817-4e11-bddf-dc5f6df4042a",
"Scopes": "EventTriangleLocalAuth.All"
}
}
7 changes: 7 additions & 0 deletions src/shared/EventTriangleAPI.Shared.Application/EventTriangleAPI.Shared.Application.csproj
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,4 +6,11 @@
<Nullable>enable</Nullable>
</PropertyGroup>

<ItemGroup>
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="6.0.15" />
<PackageReference Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="6.0.15" />
<PackageReference Include="Microsoft.Identity.Web" Version="2.7.0" />
<PackageReference Include="Microsoft.Identity.Web.UI" Version="2.7.0" />
</ItemGroup>

</Project>