implementation of Authentication using JWT. Security applied on all microservices endpoints.

2023-09-20 00:32:30 -04:00
parent 8d386af40a
commit 77816605d1
75 changed files with 1744 additions and 219 deletions
--- a/DamageAssesmentApi/DamageAssesment.Api.Locations/Controllers/LocationsController.cs
+++ b/DamageAssesmentApi/DamageAssesment.Api.Locations/Controllers/LocationsController.cs
@ -1,4 +1,5 @@
 using DamageAssesment.Api.Locations.Interfaces;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;

@ -15,7 +16,7 @@ namespace DamageAssesment.Api.Locations.Controllers
        /// <summary>
        /// Get all locations.
        /// </summary>
-
+        [Authorize(Roles = "admin")]
        [HttpGet("Locations")]
        public async Task<ActionResult> GetLocationsAsync()
        {
@ -31,7 +32,7 @@ namespace DamageAssesment.Api.Locations.Controllers
        /// <summary>
        /// Get all locations based on locationdId.
        /// </summary>
-
+        [Authorize(Roles = "admin")]
        [HttpGet("Locations/{id}")]
        public async Task<ActionResult> GetLocationByIdAsync(int id)
        {
@ -47,7 +48,7 @@ namespace DamageAssesment.Api.Locations.Controllers
        /// <summary>
        /// Update a Location.
        /// </summary>
-
+        [Authorize(Roles = "admin")]
        [HttpPut("Locations/{id}")]
        public async Task<IActionResult> UpdateLocation(int id, Models.Location Location)
        {
@ -65,7 +66,7 @@ namespace DamageAssesment.Api.Locations.Controllers
        /// <summary>
        /// Save a new location.
        /// </summary>
-
+        [Authorize(Roles = "admin")]
        [HttpPost("Locations")]
        public async Task<IActionResult> CreateLocation(Models.Location Location)
        {
@ -83,7 +84,7 @@ namespace DamageAssesment.Api.Locations.Controllers
        /// <summary>
        /// Delete an existing location.
        /// </summary>
-
+        [Authorize(Roles = "admin")]
        [HttpDelete("Locations/{id}")]
        public async Task<IActionResult> DeleteLocation(int id)
        {
--- a/DamageAssesmentApi/DamageAssesment.Api.Locations/Controllers/RegionsController.cs
+++ b/DamageAssesmentApi/DamageAssesment.Api.Locations/Controllers/RegionsController.cs
@ -1,4 +1,5 @@
 using DamageAssesment.Api.Locations.Interfaces;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;

 namespace DamageAssesment.Api.Locations.Controllers
@ -15,7 +16,7 @@ namespace DamageAssesment.Api.Locations.Controllers
        /// <summary>
        /// Get all regions.2
        /// </summary>
-
+        [Authorize(Roles = "admin")]
        [HttpGet("regions")]
        public async Task<ActionResult> GetRegionsAsync()
        {
@ -29,7 +30,7 @@ namespace DamageAssesment.Api.Locations.Controllers
        /// <summary>
        /// GET request for retrieving a region by its ID.
        /// </summary>
-
+        [Authorize(Roles = "admin")]
        [HttpGet("regions/{id}")]
        public async Task<ActionResult> GetRegionAsync(int id)
        {
@ -43,7 +44,7 @@ namespace DamageAssesment.Api.Locations.Controllers
        /// <summary>
        /// POST request for creating a new region.
        /// </summary>
-
+        [Authorize(Roles = "admin")]
        [HttpPost("regions")]
        public async Task<ActionResult> PostRegionAsync(Models.Region region)
        {
@ -57,7 +58,7 @@ namespace DamageAssesment.Api.Locations.Controllers
        /// <summary>
        /// PUT request for updating an existing region.
        /// </summary>
-
+        [Authorize(Roles = "admin")]
        [HttpPut("regions/{id}")]
        public async Task<ActionResult> PutRegionAsync(int id, Models.Region region)
        {
@ -75,7 +76,7 @@ namespace DamageAssesment.Api.Locations.Controllers
        /// DELETE request for deleting a region based on ID.
        /// </summary>

-
+        [Authorize(Roles = "admin")]
        [HttpDelete("regions/{id}")]
        public async Task<ActionResult> DeleteRegionAsync(int id)
        {
--- a/DamageAssesmentApi/DamageAssesment.Api.Locations/Program.cs
+++ b/DamageAssesmentApi/DamageAssesment.Api.Locations/Program.cs
@ -1,23 +1,73 @@
 using DamageAssesment.Api.Locations.Db;
 using DamageAssesment.Api.Locations.Interfaces;
 using DamageAssesment.Api.Locations.Providers;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
 using Microsoft.EntityFrameworkCore;
+using Microsoft.IdentityModel.Tokens;
+using Microsoft.OpenApi.Models;
 using System.Reflection;
+using System.Text;

 var builder = WebApplication.CreateBuilder(args);

 // Add services to the container.
-
+var authkey = builder.Configuration.GetValue<string>("JwtSettings:securitykey");
+builder.Services.AddAuthentication(item =>
+{
+    item.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
+    item.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
+}).AddJwtBearer(item =>
+{
+    item.RequireHttpsMetadata = true;
+    item.SaveToken = true;
+    item.TokenValidationParameters = new TokenValidationParameters()
+    {
+        ValidateIssuerSigningKey = true,
+        IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(authkey)),
+        ValidateIssuer = false,
+        ValidateAudience = false,
+        ClockSkew = TimeSpan.Zero
+    };
+});
 builder.Services.AddControllers();
 // Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
 builder.Services.AddEndpointsApiExplorer();
 //builder.Services.AddSwaggerGen();
-builder.Services.AddSwaggerGen(c =>
+builder.Services.AddSwaggerGen(options =>
 {
    // Include XML comments from your assembly
    var xmlFile = $"{Assembly.GetExecutingAssembly().GetName().Name}.xml";
    var xmlPath = Path.Combine(AppContext.BaseDirectory, xmlFile);
-    c.IncludeXmlComments(xmlPath);
+    options.IncludeXmlComments(xmlPath);
+
+    OpenApiSecurityScheme securityDefinition = new OpenApiSecurityScheme()
+    {
+        Name = "Bearer",
+        BearerFormat = "JWT",
+        Scheme = "bearer",
+        Description = "Specify the authorization token.",
+        In = ParameterLocation.Header,
+        Type = SecuritySchemeType.Http,
+    };
+
+    options.AddSecurityDefinition("jwt_auth", securityDefinition);
+
+    // Make sure swagger UI requires a Bearer token specified
+    OpenApiSecurityScheme securityScheme = new OpenApiSecurityScheme()
+    {
+        Reference = new OpenApiReference()
+        {
+            Id = "jwt_auth",
+            Type = ReferenceType.SecurityScheme
+        }
+    };
+
+    OpenApiSecurityRequirement securityRequirements = new OpenApiSecurityRequirement()
+    {
+        {securityScheme, new string[] { }},
+    };
+
+    options.AddSecurityRequirement(securityRequirements);
 });
 builder.Services.AddScoped<ILocationsProvider, LocationsProvider>();
 builder.Services.AddScoped<IRegionsProvider, RegionsProvider>();
@ -26,7 +76,10 @@ builder.Services.AddDbContext<LocationDbContext>(option =>
 {
    option.UseInMemoryDatabase("Locations");
 });
+
+
 var app = builder.Build();
+// Add services to the container.

 // Configure the HTTP request pipeline.
 if (app.Environment.IsDevelopment())
@ -44,6 +97,7 @@ if (app.Environment.IsDevelopment())
    }
 }

+app.UseAuthentication();
 app.UseAuthorization();

 app.MapControllers();