Sample refactor

.gitignore

@@ -21,6 +21,8 @@ bld/
 [Bb]in/
 [Oo]bj/
 
+# JetBrains Rider director
+.idea/
 # Visual Studio 2015 cache/options directory
 .vs/
 # Uncomment if you have tasks that create the project's static files in wwwroot

src/AuthNZ/AuthNSample/AuthN.API/AuthN.API.csproj

@@ -0,0 +1,14 @@
+<Project Sdk="Microsoft.NET.Sdk.Web">
+
+    <PropertyGroup>
+        <TargetFramework>net6.0</TargetFramework>
+        <Nullable>enable</Nullable>
+        <ImplicitUsings>enable</ImplicitUsings>
+        <UserSecretsId>d475610a-7a11-433f-aa9c-cf3927afbe7a</UserSecretsId>
+    </PropertyGroup>
+
+    <ItemGroup>
+        <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="6.0.5" />
+    </ItemGroup>
+
+</Project>

src/AuthNZ/AuthNSample/AuthN.API/AuthenticationExtensions.cs

@@ -0,0 +1,72 @@
+using System.IdentityModel.Tokens.Jwt;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.Net.Http.Headers;
+
+namespace Microsoft.Extensions.DependencyInjection;
+
+public static class AuthenticationExtensions
+{
+    public static IServiceCollection AddApiAuthentication(this IServiceCollection services, IConfiguration configuration)
+    {
+        // Clear all the claim type mappings
+        JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
+
+        var schemeNames = new TokenAuthority[] {
+                new TokenAuthority { Name = "Auth0", Issuer = configuration["Auth0:Authority"] },
+                new TokenAuthority { Name = "Okta", Issuer = configuration["Okta:Authority"] },
+            };
+
+            services
+                .AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
+                .AddJwtBearer(options =>
+                {
+                    options.ForwardDefaultSelector = context =>
+                    {
+                        string authorization = context.Request.Headers[HeaderNames.Authorization];
+
+                        if (!string.IsNullOrEmpty(authorization))
+                        {
+                            if (authorization.StartsWith(JwtBearerDefaults.AuthenticationScheme, StringComparison.OrdinalIgnoreCase))
+                            {
+                                var token = authorization.Substring(JwtBearerDefaults.AuthenticationScheme.Length + 1).Trim();
+                                var jwtHandler = new JwtSecurityTokenHandler();
+
+                                if (jwtHandler.CanReadToken(token))
+                                {
+                                    var jwtToken = jwtHandler.ReadJwtToken(token);
+                                    var authority = schemeNames.FirstOrDefault(scheme => string.Equals(scheme.Issuer, jwtToken.Issuer));
+
+                                    return authority?.Name;
+                                }
+                            }
+                        }
+
+                        return null;
+                    };
+                })
+                .AddJwtBearer("Auth0", options =>
+                {
+                    options.Authority = configuration["Auth0:Authority"];
+                    options.RefreshOnIssuerKeyNotFound = true;
+
+                    options.TokenValidationParameters.IgnoreTrailingSlashWhenValidatingAudience = true;
+                    options.TokenValidationParameters.ValidateActor = false;
+                    options.TokenValidationParameters.ValidateAudience = false;
+                    options.TokenValidationParameters.ValidateIssuer = false;
+                    options.TokenValidationParameters.ValidateLifetime = true;
+                })
+                .AddJwtBearer("Okta", options =>
+                {
+                    options.Authority = configuration["Okta:Authority"];
+                    options.RefreshOnIssuerKeyNotFound = true;
+
+                    options.TokenValidationParameters.IgnoreTrailingSlashWhenValidatingAudience = true;
+                    options.TokenValidationParameters.ValidateActor = false;
+                    options.TokenValidationParameters.ValidateAudience = false;
+                    options.TokenValidationParameters.ValidateIssuer = false;
+                    options.TokenValidationParameters.ValidateLifetime = true;
+                });
+
+            return services;
+    }
+}

src/AuthNZ/AuthNSample/AuthN.API/Controllers/ClaimEcho.cs

@@ -0,0 +1,7 @@
+namespace AuthN.API.Controllers;
+
+public class ClaimEcho
+{
+    public string Type { get; set; }
+    public string Value { get; set; }
+}

src/AuthNZ/AuthNSample/AuthN.API/Controllers/EchoController.cs

@@ -0,0 +1,17 @@
+using Microsoft.AspNetCore.Mvc;
+
+namespace AuthN.API.Controllers;
+
+[ApiController, Route("echo")]
+public class EchoController : Controller
+{
+    [HttpGet, Route("")]
+    public ClaimEcho[] Get()
+    {
+        var user = User;
+        var claims = user.Claims.Select(c => 
+            new ClaimEcho {Type = c.Type, Value = c.Value}).ToArray();
+
+        return claims;
+    }
+}

src/AuthNZ/AuthNSample/AuthN.API/Program.cs

@@ -0,0 +1,18 @@
+var builder = WebApplication.CreateBuilder(args);
+
+var services = builder.Services;
+var configuration = builder.Configuration;
+
+services.AddControllers();
+services.AddApiAuthentication(configuration);
+
+var app = builder.Build();
+
+app.UseHttpsRedirection();
+
+app.UseAuthentication();
+app.UseAuthorization();
+
+app.MapControllers().RequireAuthorization();
+
+app.Run();

src/AuthNZ/AuthNSample/AuthN.API/Properties/launchSettings.json

@@ -0,0 +1,31 @@
+{
+  "$schema": "https://json.schemastore.org/launchsettings.json",
+  "iisSettings": {
+    "windowsAuthentication": false,
+    "anonymousAuthentication": true,
+    "iisExpress": {
+      "applicationUrl": "http://localhost:22768",
+      "sslPort": 44316
+    }
+  },
+  "profiles": {
+    "AuthN.API": {
+      "commandName": "Project",
+      "dotnetRunMessages": true,
+      "launchBrowser": true,
+      "launchUrl": "echo",
+      "applicationUrl": "https://localhost:7043;http://localhost:5279",
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      }
+    },
+    "IIS Express": {
+      "commandName": "IISExpress",
+      "launchBrowser": true,
+      "launchUrl": "swagger",
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      }
+    }
+  }
+}

src/AuthNZ/AuthNSample/AuthN.API/TokenAuthority.cs

@@ -0,0 +1,8 @@
+namespace Microsoft.Extensions.DependencyInjection;
+
+public class TokenAuthority
+{
+    public string Name { get; set; }
+    public string Issuer { get; set; }
+    public string Endpoint { get; set; }
+}

src/AuthNZ/AuthNSample/AuthN.API/appsettings.Development.json

@@ -0,0 +1,8 @@
+{
+  "Logging": {
+    "LogLevel": {
+      "Default": "Information",
+      "Microsoft.AspNetCore": "Warning"
+    }
+  }
+}

src/AuthNZ/AuthNSample/AuthN.API/appsettings.json

@@ -0,0 +1,15 @@
+{
+  "Logging": {
+    "LogLevel": {
+      "Default": "Information",
+      "Microsoft.AspNetCore": "Warning"
+    }
+  },
+  "AllowedHosts": "*",
+  "Okta": {
+    "Authority": ""
+  },
+  "Auth0": {
+    "Authority": ""
+  }
+}

src/AuthNZ/AuthNSample/AuthN.sln

@@ -0,0 +1,22 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "AuthN", "AuthN\AuthN.csproj", "{CE2709E2-B355-4DFC-8DFD-0108A945740A}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "AuthN.API", "AuthN.API\AuthN.API.csproj", "{16D36146-034B-47EB-B8C9-BB4142A42CEA}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Release|Any CPU = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{CE2709E2-B355-4DFC-8DFD-0108A945740A}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{CE2709E2-B355-4DFC-8DFD-0108A945740A}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{CE2709E2-B355-4DFC-8DFD-0108A945740A}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{CE2709E2-B355-4DFC-8DFD-0108A945740A}.Release|Any CPU.Build.0 = Release|Any CPU
+		{16D36146-034B-47EB-B8C9-BB4142A42CEA}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{16D36146-034B-47EB-B8C9-BB4142A42CEA}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{16D36146-034B-47EB-B8C9-BB4142A42CEA}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{16D36146-034B-47EB-B8C9-BB4142A42CEA}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+EndGlobal

src/AuthNZ/AuthNSample/AuthN/.vscode/launch.json

@@ -0,0 +1,35 @@
+{
+    "version": "0.2.0",
+    "configurations": [
+        {
+            // Use IntelliSense to find out which attributes exist for C# debugging
+            // Use hover for the description of the existing attributes
+            // For further information visit https://github.com/OmniSharp/omnisharp-vscode/blob/master/debugger-launchjson.md
+            "name": ".NET Core Launch (web)",
+            "type": "coreclr",
+            "request": "launch",
+            "preLaunchTask": "build",
+            // If you have changed target frameworks, make sure to update the program path.
+            "program": "${workspaceFolder}/bin/Debug/net6.0/AuthN.dll",
+            "args": [],
+            "cwd": "${workspaceFolder}",
+            "stopAtEntry": false,
+            // Enable launching a web browser when ASP.NET Core starts. For more information: https://aka.ms/VSCode-CS-LaunchJson-WebBrowser
+            "serverReadyAction": {
+                "action": "openExternally",
+                "pattern": "\\bNow listening on:\\s+(https?://\\S+)"
+            },
+            "env": {
+                "ASPNETCORE_ENVIRONMENT": "Development"
+            },
+            "sourceFileMap": {
+                "/Views": "${workspaceFolder}/Views"
+            }
+        },
+        {
+            "name": ".NET Core Attach",
+            "type": "coreclr",
+            "request": "attach"
+        }
+    ]
+}

src/AuthNZ/AuthNSample/AuthN/.vscode/tasks.json

@@ -0,0 +1,41 @@
+{
+    "version": "2.0.0",
+    "tasks": [
+        {
+            "label": "build",
+            "command": "dotnet",
+            "type": "process",
+            "args": [
+                "build",
+                "${workspaceFolder}/AuthN.csproj",
+                "/property:GenerateFullPaths=true",
+                "/consoleloggerparameters:NoSummary"
+            ],
+            "problemMatcher": "$msCompile"
+        },
+        {
+            "label": "publish",
+            "command": "dotnet",
+            "type": "process",
+            "args": [
+                "publish",
+                "${workspaceFolder}/AuthN.csproj",
+                "/property:GenerateFullPaths=true",
+                "/consoleloggerparameters:NoSummary"
+            ],
+            "problemMatcher": "$msCompile"
+        },
+        {
+            "label": "watch",
+            "command": "dotnet",
+            "type": "process",
+            "args": [
+                "watch",
+                "run",
+                "--project",
+                "${workspaceFolder}/AuthN.csproj"
+            ],
+            "problemMatcher": "$msCompile"
+        }
+    ]
+}

src/AuthNZ/AuthNSample/AuthN/AuthN.csproj

@@ -0,0 +1,21 @@
+<Project Sdk="Microsoft.NET.Sdk.Web">
+    <PropertyGroup>
+        <TargetFramework>net6.0</TargetFramework>
+        <Nullable>enable</Nullable>
+        <ImplicitUsings>enable</ImplicitUsings>
+        <UserSecretsId>a60bbdf6-02b2-4305-9199-5acc4d8579cf</UserSecretsId>
+    </PropertyGroup>
+
+    <ItemGroup>
+        <PackageReference Include="Auth0.AspNetCore.Authentication" Version="1.0.3" />
+        <PackageReference Include="Microsoft.AspNetCore.Authentication.Cookies" Version="2.2.0" />
+        <PackageReference Include="Microsoft.AspNetCore.Authentication.Google" Version="6.0.5" />
+        <PackageReference Include="Microsoft.AspNetCore.Authentication.MicrosoftAccount" Version="6.0.5" />
+
+        <PackageReference Include="AspNet.Security.OAuth.GitHub" Version="6.0.6" />
+
+        <PackageReference Include="Okta.AspNetCore" Version="4.2.0" />
+
+        <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="6.19.0" />
+    </ItemGroup>
+</Project>