diff --git a/Src/DeUrgenta.Admin.Api/Controller/BlogController.cs b/Src/DeUrgenta.Admin.Api/Controller/BlogController.cs index 1969e0c..3fbaef8 100644 --- a/Src/DeUrgenta.Admin.Api/Controller/BlogController.cs +++ b/Src/DeUrgenta.Admin.Api/Controller/BlogController.cs @@ -17,6 +17,7 @@ namespace DeUrgenta.Admin.Api.Controller [Produces("application/json")] [Consumes("application/json")] [Route("blog")] + [Authorize] public class BlogController : ControllerBase { private readonly IMediator _mediator; diff --git a/Src/DeUrgenta.Api/Extensions/AuthorizeCheckOperationFilter.cs b/Src/DeUrgenta.Api/Extensions/AuthorizeCheckOperationFilter.cs index 962da7c..de23457 100644 --- a/Src/DeUrgenta.Api/Extensions/AuthorizeCheckOperationFilter.cs +++ b/Src/DeUrgenta.Api/Extensions/AuthorizeCheckOperationFilter.cs @@ -39,7 +39,7 @@ public void Apply(OpenApiOperation operation, OperationFilterContext context) { Reference = new OpenApiReference { - Id = "BearerAuth", + Id = "Bearer", Type = ReferenceType.SecurityScheme } }, diff --git a/Src/DeUrgenta.Api/Extensions/SwaggerExtensions.cs b/Src/DeUrgenta.Api/Extensions/SwaggerExtensions.cs index df7006b..3865151 100644 --- a/Src/DeUrgenta.Api/Extensions/SwaggerExtensions.cs +++ b/Src/DeUrgenta.Api/Extensions/SwaggerExtensions.cs @@ -1,4 +1,5 @@ using System; +using System.Collections.Generic; using System.IO; using System.Reflection; using Microsoft.AspNetCore.Authentication.JwtBearer; @@ -18,7 +19,7 @@ public static IServiceCollection AddSwaggerFor(this IServiceCollection services, // Register the Swagger generator, defining 1 or more Swagger documents services.AddSwaggerGen(c => { - c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme + var jwtSecurityScheme = new OpenApiSecurityScheme { Type = SecuritySchemeType.Http, Scheme = JwtBearerDefaults.AuthenticationScheme.ToLowerInvariant(), @@ -26,6 +27,11 @@ public static IServiceCollection AddSwaggerFor(this IServiceCollection services, Name = "Authorization", BearerFormat = "JWT", Description = "JWT Authorization header using the Bearer scheme." + }; + c.AddSecurityDefinition("Bearer", jwtSecurityScheme); + c.AddSecurityRequirement(new OpenApiSecurityRequirement + { + { jwtSecurityScheme, Array.Empty() } }); c.OperationFilter(); diff --git a/Src/DeUrgenta.Api/Startup.cs b/Src/DeUrgenta.Api/Startup.cs index a116c76..d48a023 100644 --- a/Src/DeUrgenta.Api/Startup.cs +++ b/Src/DeUrgenta.Api/Startup.cs @@ -34,10 +34,11 @@ public Startup(IConfiguration configuration, IWebHostEnvironment environment) // This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { + services.AddBearerAuth(Configuration); services.AddControllers(); services.AddDatabase(Configuration.GetConnectionString("DbConnectionString")); services.AddExceptionHandling(WebHostEnvironment); - services.AddBearerAuth(Configuration); + var applicationAssemblies = GetAssemblies(); @@ -69,10 +70,13 @@ public void Configure(IApplicationBuilder app) app.UseRouting(); app.UseAuthentication(); app.UseAuthorization(); + app.UseEndpoints(endpoints => endpoints.MapControllers()); + + app.UseCors(CorsPolicyName); - app.UseEndpoints(endpoints => endpoints.MapControllers()); + } diff --git a/Src/DeUrgenta.Backpack.Api/Controllers/BackpackController.cs b/Src/DeUrgenta.Backpack.Api/Controllers/BackpackController.cs index 4862995..cede27a 100644 --- a/Src/DeUrgenta.Backpack.Api/Controllers/BackpackController.cs +++ b/Src/DeUrgenta.Backpack.Api/Controllers/BackpackController.cs @@ -11,6 +11,7 @@ using Microsoft.AspNetCore.Http; using Swashbuckle.AspNetCore.Annotations; using Swashbuckle.AspNetCore.Filters; +using System.Linq; namespace DeUrgenta.Backpack.Api.Controllers { @@ -18,7 +19,7 @@ namespace DeUrgenta.Backpack.Api.Controllers [Route("backpack")] [Produces("application/json")] [Consumes("application/json")] - [Authorize(AuthenticationSchemes = "backpackApiAuthenticationScheme")] + [Authorize] public class BackpackController : ControllerBase { private readonly IMediator _mediator; @@ -40,6 +41,7 @@ public BackpackController(IMediator mediator) [SwaggerResponseExample(StatusCodes.Status500InternalServerError, typeof(ApplicationErrorResponseExample))] public async Task>> GetBackpacksAsync() { + var sub = User.Claims.FirstOrDefault(c => c.Type == "sub"); throw new NotImplementedException(); } diff --git a/Src/DeUrgenta.Backpack.Api/Controllers/BackpackItemController.cs b/Src/DeUrgenta.Backpack.Api/Controllers/BackpackItemController.cs index a29a432..e3e1c78 100644 --- a/Src/DeUrgenta.Backpack.Api/Controllers/BackpackItemController.cs +++ b/Src/DeUrgenta.Backpack.Api/Controllers/BackpackItemController.cs @@ -5,6 +5,7 @@ using DeUrgenta.Backpack.Api.Swagger.BackpackItem; using DeUrgenta.Common.Swagger; using MediatR; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Swashbuckle.AspNetCore.Annotations; @@ -16,6 +17,7 @@ namespace DeUrgenta.Backpack.Api.Controllers [Route("backpack/{backpackId:guid}")] [Produces("application/json")] [Consumes("application/json")] + [Authorize] public class BackpackItemController : ControllerBase { private readonly IMediator _mediator; diff --git a/Src/DeUrgenta.Certifications.Api/Controller/CertificationController.cs b/Src/DeUrgenta.Certifications.Api/Controller/CertificationController.cs index 759c606..5937eea 100644 --- a/Src/DeUrgenta.Certifications.Api/Controller/CertificationController.cs +++ b/Src/DeUrgenta.Certifications.Api/Controller/CertificationController.cs @@ -11,6 +11,7 @@ using System.Collections.Immutable; using System.Threading.Tasks; using DeUrgenta.Common.Swagger; +using Microsoft.AspNetCore.Authorization; namespace DeUrgenta.Certifications.Api.Controller { @@ -18,6 +19,7 @@ namespace DeUrgenta.Certifications.Api.Controller [Produces("application/json")] [Consumes("application/json")] [Route("certifications")] + [Authorize] public class CertificationController : ControllerBase { private readonly IMediator _mediator; diff --git a/Src/DeUrgenta.Group.Api/Controllers/GroupController.cs b/Src/DeUrgenta.Group.Api/Controllers/GroupController.cs index 8a1032c..d9e4a00 100644 --- a/Src/DeUrgenta.Group.Api/Controllers/GroupController.cs +++ b/Src/DeUrgenta.Group.Api/Controllers/GroupController.cs @@ -5,6 +5,7 @@ using DeUrgenta.Group.Api.Models; using DeUrgenta.Group.Api.Swagger; using MediatR; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Swashbuckle.AspNetCore.Annotations; @@ -16,6 +17,7 @@ namespace DeUrgenta.Group.Api.Controllers [Route("group")] [Produces("application/json")] [Consumes("application/json")] + [Authorize] public class GroupController : ControllerBase { private readonly IMediator _mediator; diff --git a/Src/DeUrgenta.User.Api/Extensions/AuthExtensions.cs b/Src/DeUrgenta.User.Api/Extensions/AuthExtensions.cs index be54d59..b889a94 100644 --- a/Src/DeUrgenta.User.Api/Extensions/AuthExtensions.cs +++ b/Src/DeUrgenta.User.Api/Extensions/AuthExtensions.cs @@ -1,4 +1,5 @@ using System; +using System.IdentityModel.Tokens.Jwt; using System.Text; using DeUrgenta.Infra.Extensions; using DeUrgenta.User.Api.Domain; @@ -18,6 +19,7 @@ public static class AuthExtensions public static IServiceCollection AddBearerAuth(this IServiceCollection services, IConfiguration configuration) { + JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear(); services.ConfigureAppOptions(SecurityOptionsSectionName); var jwtConfig = services.GetOptions(SecurityOptionsSectionName); @@ -48,6 +50,7 @@ public static IServiceCollection AddBearerAuth(this IServiceCollection services, jwt.SaveToken = true; jwt.TokenValidationParameters = tokenValidationParams; }); + services.Configure(options => { @@ -58,6 +61,8 @@ public static IServiceCollection AddBearerAuth(this IServiceCollection services, options.Password.RequireUppercase = false; options.Password.RequiredLength = 6; options.Password.RequiredUniqueChars = 0; + + }); services.AddTransient();