Merge pull request #61 from ignatandrei/AddingAuthorizationWithBearer…

…Token adding registration
ignatandrei · May 4, 2020 · 481648f · 481648f
2 parents 7b634a7 + e9342a1
commit 481648f
Show file tree

Hide file tree

Showing 3 changed files with 76 additions and 1 deletion.
diff --git a/src/NetCore2Blockly/TestBlocklyHtml/Authorization/AuthorizationToken.cs b/src/NetCore2Blockly/TestBlocklyHtml/Authorization/AuthorizationToken.cs
@@ -0,0 +1,38 @@
+using Microsoft.Extensions.Configuration;
+using Microsoft.IdentityModel.Tokens;
+using System;
+using System.IdentityModel.Tokens.Jwt;
+using System.Security.Claims;
+using System.Text;
+
+namespace TestBlocklyHtml.Authorization
+{
+    public class AuthorizationToken
+    {
+        private readonly IConfiguration configuration;
+
+        public AuthorizationToken(IConfiguration configuration)
+        {
+            this.configuration = configuration;
+        }
+
+        public string GenerateFrom(string secretCode)
+        {
+            var tokenHandler = new JwtSecurityTokenHandler();
+            var key = Encoding.ASCII.GetBytes(configuration["ApplicationSecret"]);
+            var tokenDescriptor = new SecurityTokenDescriptor
+            {
+                Subject = new ClaimsIdentity(new[]{
+                    new Claim(ClaimTypes.Sid, secretCode)
+                }),
+                Expires = DateTime.Today.AddYears(100),
+                SigningCredentials = new SigningCredentials(
+                    new SymmetricSecurityKey(key),
+                    SecurityAlgorithms.HmacSha512Signature)
+            };
+
+            SecurityToken token = tokenHandler.CreateToken(tokenDescriptor);
+            return tokenHandler.WriteToken(token);
+        }
+    }
+}
diff --git a/src/NetCore2Blockly/TestBlocklyHtml/Controllers/RegistrationController.cs b/src/NetCore2Blockly/TestBlocklyHtml/Controllers/RegistrationController.cs
@@ -0,0 +1,35 @@
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Configuration;
+using TestBlocklyHtml.Authorization;
+
+namespace TestBlocklyHtml.Controllers
+{
+    [Route("api/[controller]")]
+    public class RegistrationController : ControllerBase
+    {
+        private const string ExpectedSecretCode = "blockly";
+        private readonly IConfiguration configuration;
+
+        public RegistrationController(IConfiguration configuration)
+        {
+            this.configuration = configuration;
+        }
+
+        [HttpPost]
+        public IActionResult Register([FromBody] string secretCode)
+        {
+            if (IsRegistrationSuccessful(secretCode))
+            {
+                var authorizationToken = new AuthorizationToken(configuration);
+                return Ok(authorizationToken.GenerateFrom(secretCode));
+            }
+
+            return BadRequest("invalid registration");
+        }
+
+        private bool IsRegistrationSuccessful(string secretCode)
+        {
+            return secretCode == ExpectedSecretCode;
+        }
+    }
+}
diff --git a/src/NetCore2Blockly/TestBlocklyHtml/Startup.cs b/src/NetCore2Blockly/TestBlocklyHtml/Startup.cs
@@ -57,7 +57,8 @@ public void ConfigureServices(IServiceCollection services)
                         ValidateIssuerSigningKey = true,
                         IssuerSigningKey = new SymmetricSecurityKey(key),
                         ValidateIssuer = false,
-                        ValidateAudience = false
+                        ValidateAudience = false,
+                        ValidateLifetime = false
                     };
                 });
         }
@@ -89,6 +90,7 @@ public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
 
             app.UseRouting();
 
+            app.UseAuthentication();
             app.UseAuthorization();
 
             app.UseEndpoints(endpoints =>