code4romania · trupci · Apr 24, 2021 · Apr 23, 2021 · Apr 24, 2021 · Apr 24, 2021
@@ -17,6 +17,7 @@ namespace DeUrgenta.Admin.Api.Controller
     [Produces("application/json")]
     [Consumes("application/json")]
     [Route("blog")]
+    [Authorize]
     public class BlogController : ControllerBase
     {
         private readonly IMediator _mediator;

@@ -39,7 +39,7 @@ public void Apply(OpenApiOperation operation, OperationFilterContext context)
                             {
                                 Reference = new OpenApiReference
                                 {
-                                    Id = "BearerAuth",
+                                    Id = "Bearer",
                                     Type = ReferenceType.SecurityScheme
                                 }
                             },

@@ -1,4 +1,5 @@
 using System;
+using System.Collections.Generic;
 using System.IO;
 using System.Reflection;
 using Microsoft.AspNetCore.Authentication.JwtBearer;
@@ -18,14 +19,19 @@ public static IServiceCollection AddSwaggerFor(this IServiceCollection services,
             // Register the Swagger generator, defining 1 or more Swagger documents
             services.AddSwaggerGen(c =>
             {
-                c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
+                var jwtSecurityScheme = new OpenApiSecurityScheme
                 {
                     Type = SecuritySchemeType.Http,
                     Scheme = JwtBearerDefaults.AuthenticationScheme.ToLowerInvariant(),
                     In = ParameterLocation.Header,
                     Name = "Authorization",
                     BearerFormat = "JWT",
                     Description = "JWT Authorization header using the Bearer scheme."
+                };
+                c.AddSecurityDefinition("Bearer", jwtSecurityScheme);
+                c.AddSecurityRequirement(new OpenApiSecurityRequirement
+                {
+                    { jwtSecurityScheme, Array.Empty<string>() }
                 });
 
                 c.OperationFilter<AuthorizeCheckOperationFilter>();

@@ -34,10 +34,11 @@ public Startup(IConfiguration configuration, IWebHostEnvironment environment)
         // This method gets called by the runtime. Use this method to add services to the container.
         public void ConfigureServices(IServiceCollection services)
         {
+            services.AddBearerAuth(Configuration);
             services.AddControllers();
             services.AddDatabase<DeUrgentaContext>(Configuration.GetConnectionString("DbConnectionString"));
             services.AddExceptionHandling(WebHostEnvironment);
-            services.AddBearerAuth(Configuration);
+
 
             var applicationAssemblies = GetAssemblies();
 
@@ -69,10 +70,13 @@ public void Configure(IApplicationBuilder app)
             app.UseRouting();
             app.UseAuthentication();
             app.UseAuthorization();
+            app.UseEndpoints(endpoints => endpoints.MapControllers());
+
+
 
             app.UseCors(CorsPolicyName);
 
-            app.UseEndpoints(endpoints => endpoints.MapControllers());
+
 
         }
 

@@ -11,14 +11,15 @@
 using Microsoft.AspNetCore.Http;
 using Swashbuckle.AspNetCore.Annotations;
 using Swashbuckle.AspNetCore.Filters;
+using System.Linq;
 
 namespace DeUrgenta.Backpack.Api.Controllers
 {
     [ApiController]
     [Route("backpack")]
     [Produces("application/json")]
     [Consumes("application/json")]
-    [Authorize(AuthenticationSchemes = "backpackApiAuthenticationScheme")]
+    [Authorize]
     public class BackpackController : ControllerBase
     {
         private readonly IMediator _mediator;
@@ -40,6 +41,7 @@ public BackpackController(IMediator mediator)
         [SwaggerResponseExample(StatusCodes.Status500InternalServerError, typeof(ApplicationErrorResponseExample))]
         public async Task<ActionResult<IImmutableList<BackpackModel>>> GetBackpacksAsync()
         {
+            var sub = User.Claims.FirstOrDefault(c => c.Type == "sub");
             throw new NotImplementedException();
         }
 

@@ -5,6 +5,7 @@
 using DeUrgenta.Backpack.Api.Swagger.BackpackItem;
 using DeUrgenta.Common.Swagger;
 using MediatR;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using Swashbuckle.AspNetCore.Annotations;
@@ -16,6 +17,7 @@ namespace DeUrgenta.Backpack.Api.Controllers
     [Route("backpack/{backpackId:guid}")]
     [Produces("application/json")]
     [Consumes("application/json")]
+    [Authorize]
     public class BackpackItemController : ControllerBase
     {
         private readonly IMediator _mediator;

@@ -11,13 +11,15 @@
 using System.Collections.Immutable;
 using System.Threading.Tasks;
 using DeUrgenta.Common.Swagger;
+using Microsoft.AspNetCore.Authorization;
 
 namespace DeUrgenta.Certifications.Api.Controller
 {
     [ApiController]
     [Produces("application/json")]
     [Consumes("application/json")]
     [Route("certifications")]
+    [Authorize]
     public class CertificationController : ControllerBase
     {
         private readonly IMediator _mediator;

@@ -5,6 +5,7 @@
 using DeUrgenta.Group.Api.Models;
 using DeUrgenta.Group.Api.Swagger;
 using MediatR;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using Swashbuckle.AspNetCore.Annotations;
@@ -16,6 +17,7 @@ namespace DeUrgenta.Group.Api.Controllers
     [Route("group")]
     [Produces("application/json")]
     [Consumes("application/json")]
+    [Authorize]
     public class GroupController : ControllerBase
     {
         private readonly IMediator _mediator;

@@ -1,4 +1,5 @@
 using System;
+using System.IdentityModel.Tokens.Jwt;
 using System.Text;
 using DeUrgenta.Infra.Extensions;
 using DeUrgenta.User.Api.Domain;
@@ -18,6 +19,7 @@ public static class AuthExtensions
 
         public static IServiceCollection AddBearerAuth(this IServiceCollection services, IConfiguration configuration)
         {
+            JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
             services.ConfigureAppOptions<JwtConfig>(SecurityOptionsSectionName);
 
             var jwtConfig = services.GetOptions<JwtConfig>(SecurityOptionsSectionName);
@@ -48,6 +50,7 @@ public static IServiceCollection AddBearerAuth(this IServiceCollection services,
                 jwt.SaveToken = true;
                 jwt.TokenValidationParameters = tokenValidationParams;
             });
+
 
             services.Configure<IdentityOptions>(options =>
             {
@@ -58,6 +61,8 @@ public static IServiceCollection AddBearerAuth(this IServiceCollection services,
                 options.Password.RequireUppercase = false;
                 options.Password.RequiredLength = 6;
                 options.Password.RequiredUniqueChars = 0;
+
+
             });
 
             services.AddTransient<IJwtService, JwtService>();