Added Azure sql setup for User access micro service

2023-09-29 12:30:20 -04:00
parent 4eb8f84d5b 15acd00959
commit 26096f108a
110 changed files with 2525 additions and 639 deletions
--- a/DamageAssesmentApi/DamageAssesment.Api.Attachments/Controllers/AttachmentsController.cs
+++ b/DamageAssesmentApi/DamageAssesment.Api.Attachments/Controllers/AttachmentsController.cs
@ -1,6 +1,7 @@
 using Azure;
 using DamageAssesment.Api.Attachments.Interfaces;
 using DamageAssesment.Api.Attachments.Models;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using System.Net.Http.Headers;
@ -21,7 +22,7 @@ namespace DamageAssesment.Api.Attachments.Controllers
        /// <summary>
        /// Get all attachments.
        /// </summary>
-
+        [Authorize(Roles = "admin")]
        [HttpGet("Attachments")]
        public async Task<ActionResult> GetAttachmentsAsync()
        {
@ -37,6 +38,7 @@ namespace DamageAssesment.Api.Attachments.Controllers
        /// <summary>
        /// Get all attachments by attachmentId.
        /// </summary>
+        [Authorize(Roles = "admin")]
        [HttpGet("Attachments/{id}")]
        public async Task<ActionResult> GetAttachmentbyIdAsync(int id)
        {
@ -80,7 +82,7 @@ namespace DamageAssesment.Api.Attachments.Controllers
        /// <summary>
        /// Save new Attachment(s)
        /// </summary>
-
+        [Authorize(Roles = "admin")]
        [HttpPost("Attachments"), DisableRequestSizeLimit]
        public async Task<IActionResult> UploadAttachmentAsync(AttachmentInfo attachmentInfo)
        {
@ -107,7 +109,7 @@ namespace DamageAssesment.Api.Attachments.Controllers
        /// <summary>
        /// Modify an new attachment.
        /// </summary>
-
+        [Authorize(Roles = "admin")]
        [HttpPut("Attachments"), DisableRequestSizeLimit]
        public async Task<IActionResult> UpdateAttachmentAsync(AttachmentInfo attachmentInfo)
        {
@ -138,6 +140,7 @@ namespace DamageAssesment.Api.Attachments.Controllers
        /// <summary>
        /// Delete an existing attachment.
        /// </summary>
+        [Authorize(Roles = "admin")]
        [HttpDelete("Attachments/{id}")]
        public async Task<IActionResult> DeleteAttachment(int id)
        {
--- a/DamageAssesmentApi/DamageAssesment.Api.Attachments/Program.cs
+++ b/DamageAssesmentApi/DamageAssesment.Api.Attachments/Program.cs
@ -1,25 +1,75 @@
 using DamageAssesment.Api.Attachments.Db;
 using DamageAssesment.Api.Attachments.Interfaces;
 using DamageAssesment.Api.Attachments.Providers;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
 using Microsoft.AspNetCore.Http.Features;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.Extensions.FileProviders;
+using Microsoft.IdentityModel.Tokens;
+using Microsoft.OpenApi.Models;
 using System.Reflection;
+using System.Text;

 var builder = WebApplication.CreateBuilder(args);
-
+var authkey = builder.Configuration.GetValue<string>("JwtSettings:securitykey");
+builder.Services.AddAuthentication(item =>
+{
+    item.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
+    item.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
+}).AddJwtBearer(item =>
+{
+    item.RequireHttpsMetadata = true;
+    item.SaveToken = true;
+    item.TokenValidationParameters = new TokenValidationParameters()
+    {
+        ValidateIssuerSigningKey = true,
+        IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(authkey)),
+        ValidateIssuer = false,
+        ValidateAudience = false,
+        ClockSkew = TimeSpan.Zero
+    };
+});
 // Add services to the container.

 builder.Services.AddControllers();
 // Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
 builder.Services.AddEndpointsApiExplorer();
 //builder.Services.AddSwaggerGen();
-builder.Services.AddSwaggerGen(c =>
+builder.Services.AddSwaggerGen(options =>
 {
    // Include XML comments from your assembly
    var xmlFile = $"{Assembly.GetExecutingAssembly().GetName().Name}.xml";
    var xmlPath = Path.Combine(AppContext.BaseDirectory, xmlFile);
-    c.IncludeXmlComments(xmlPath);
+    options.IncludeXmlComments(xmlPath);
+
+    OpenApiSecurityScheme securityDefinition = new OpenApiSecurityScheme()
+    {
+        Name = "Bearer",
+        BearerFormat = "JWT",
+        Scheme = "bearer",
+        Description = "Specify the authorization token.",
+        In = ParameterLocation.Header,
+        Type = SecuritySchemeType.Http,
+    };
+
+    options.AddSecurityDefinition("jwt_auth", securityDefinition);
+
+    // Make sure swagger UI requires a Bearer token specified
+    OpenApiSecurityScheme securityScheme = new OpenApiSecurityScheme()
+    {
+        Reference = new OpenApiReference()
+        {
+            Id = "jwt_auth",
+            Type = ReferenceType.SecurityScheme
+        }
+    };
+
+    OpenApiSecurityRequirement securityRequirements = new OpenApiSecurityRequirement()
+    {
+        {securityScheme, new string[] { }},
+    };
+
+    options.AddSecurityRequirement(securityRequirements);
 });
 builder.Services.AddScoped<IAttachmentsProvider, AttachmentsProvider>();
 builder.Services.AddScoped<IUploadService, UploadService>();
@ -45,6 +95,7 @@ if (app.Environment.IsDevelopment())
    app.UseSwaggerUI();
 }

+app.UseAuthentication();
 app.UseAuthorization();
 app.UseHttpsRedirection();