implementation of Authentication using JWT. Security applied on all microservices endpoints.

DamageAssesmentApi/DamageAssesment.Api.UsersAccess/Services/EmployeeServiceProvider.cs

@@ -0,0 +1,50 @@
+using DamageAssesment.Api.UsersAccess.Interfaces;
+using DamageAssesment.Api.UsersAccess.Models;
+using Newtonsoft.Json;
+
+namespace DamageAssesment.Api.UsersAccess.Services
+{
+    public class EmployeeServiceProvider : ServiceProviderBase, IEmployeeServiceProvider
+    {
+        public EmployeeServiceProvider(IConfiguration configuration, IHttpUtil httpUtil, ILogger<EmployeeServiceProvider> logger) : base(configuration, httpUtil, logger, configuration.GetValue<string>("RessourceSettings:Employee"), configuration.GetValue<string>("EndPointSettings:EmployeeUrlBase"))
+        {
+        }
+
+        public async Task<List<Employee>> getEmployeesAsync()
+        {
+            try
+            {
+                var responseJsonString = await httpUtil.SendAsync(HttpMethod.Get, url, null);
+                var employees = JsonConvert.DeserializeObject<List<Employee>>(responseJsonString);
+
+                if (employees == null || !employees.Any())
+                    return new List<Employee>();
+                else return employees;
+            }
+            catch (Exception ex)
+            {
+                logger?.LogError($"Exception Found : {ex.Message} - Ref: EmployeeServiceProvider.getEmployeesAsync()");
+                return new List<Employee>();
+            }
+        }
+
+        public async Task<Employee> getEmployeeAsync(int employeeId)
+        {
+            try
+            {
+                url = urlBase + string.Format(configuration.GetValue<string>("RessourceSettings:EmployeeById"), employeeId); 
+                var responseJsonString = await httpUtil.SendAsync(HttpMethod.Get, url, null);
+                var employee = JsonConvert.DeserializeObject<Employee>(responseJsonString);
+
+                if (employee == null)
+                    return null;
+                else return employee;
+            }
+            catch (Exception ex)
+            {
+                logger?.LogError($"Exception Found : {ex.Message} - Ref: EmployeeServiceProvider.getEmployeeAsync()");
+                return null;
+            }
+        }
+    }
+}

DamageAssesmentApi/DamageAssesment.Api.UsersAccess/Services/HttpUtil.cs

@@ -0,0 +1,42 @@
+using DamageAssesment.Api.UsersAccess.Interfaces;
+using System.Net.Http.Headers;
+using System.Text;
+
+namespace DamageAssesment.Api.UsersAccess.Services
+{
+    public class HttpUtil : IHttpUtil
+    {
+        private readonly HttpClient httpClient;
+        private readonly ILogger<HttpUtil> logger;
+
+        public HttpUtil(HttpClient httpClient, ILogger<HttpUtil> logger)
+        {
+            this.httpClient = httpClient;
+            this.logger = logger;
+        }
+        public async Task<string> SendAsync(HttpMethod method, string url, string JsonInput)
+        {
+            try
+            {
+                var request = new HttpRequestMessage(method, url);
+                request.Headers.Accept.Clear();
+                request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
+
+                //request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token);
+                if (method == HttpMethod.Post)
+                {
+                    request.Content = new StringContent(JsonInput, Encoding.UTF8, "application/json");
+                }
+                var response = await httpClient.SendAsync(request, CancellationToken.None);
+                response.EnsureSuccessStatusCode();
+                var responseString = await response.Content.ReadAsStringAsync();
+                return responseString;
+            }
+            catch (Exception ex)
+            {
+                logger?.LogError($"Exception Message : {ex.Message} - Ref: HttpUtil.SendAsync()");
+                return null;
+            }
+        }
+    }
+}

DamageAssesmentApi/DamageAssesment.Api.UsersAccess/Services/ServiceProviderBase.cs

@@ -0,0 +1,25 @@
+using DamageAssesment.Api.UsersAccess.Interfaces;
+
+namespace DamageAssesment.Api.UsersAccess.Services
+{
+    public class ServiceProviderBase
+    {
+        protected readonly IConfiguration configuration;
+        protected readonly IHttpUtil httpUtil;
+        protected readonly ILogger<ServiceProviderBase> logger;
+        protected string ressource;
+        protected string urlBase;
+        protected string url;
+        
+
+        public ServiceProviderBase(IConfiguration configuration, IHttpUtil httpUtil, ILogger<ServiceProviderBase> logger, string ressource, string urlBase)
+        {
+            this.configuration = configuration;
+            this.httpUtil = httpUtil;
+            this.logger = logger;
+            this.ressource = ressource;
+            this.urlBase = urlBase;
+            url = urlBase + ressource;
+        }
+    }
+}

DamageAssesmentApi/DamageAssesment.Api.UsersAccess/Services/TokenServiceProvider.cs

@@ -0,0 +1,59 @@
+using System.IdentityModel.Tokens.Jwt;
+using System.Security.Claims;
+using System.Security.Cryptography;
+using System.Text;
+using DamageAssesment.Api.UsersAccess.Db;
+using DamageAssesment.Api.UsersAccess.Interfaces;
+using DamageAssesment.Api.UsersAccess.Models;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.Extensions.Options;
+using Microsoft.IdentityModel.Tokens;
+
+namespace DamageAssesment.Api.UsersAccess.Services
+{
+    public class TokenServiceProvider : ITokenServiceProvider
+    {
+        private readonly UsersAccessDbContext usersAccessDbContext;
+        private readonly JwtSettings jwtSettings;
+        public TokenServiceProvider(IOptions<JwtSettings> options, UsersAccessDbContext usersAccessDbContext)
+        {
+            this.usersAccessDbContext = usersAccessDbContext;
+            this.jwtSettings = options.Value;
+        }
+        public async Task<string> GenerateToken(Models.User user)
+        {
+            var randomnumber = new byte[32];
+            using (var ramdomnumbergenerator = RandomNumberGenerator.Create())
+            {
+                ramdomnumbergenerator.GetBytes(randomnumber);
+                string refreshtoken = Convert.ToBase64String(randomnumber);
+                var token = await usersAccessDbContext.Tokens.FirstOrDefaultAsync(item => item.UserId == user.Id);
+                if (token != null)
+                {
+                    token.RefreshToken = refreshtoken;
+                }
+                else
+                {
+                    usersAccessDbContext.Tokens.Add(new Db.Token()
+                    {
+                        UserId = user.Id,
+                        RefreshToken = refreshtoken,
+                        IsActive = true
+                    });
+                }
+                await usersAccessDbContext.SaveChangesAsync();
+
+                return refreshtoken;
+            }
+        }
+
+        public async Task<TokenResponse> TokenAuthenticate(Models.User user, Claim[] claims)
+        {
+            var token = new JwtSecurityToken(claims: claims, expires: DateTime.Now.AddSeconds(20),
+              signingCredentials: new SigningCredentials(new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSettings.securitykey)), SecurityAlgorithms.HmacSha256)
+            );
+            var jwttoken = new JwtSecurityTokenHandler().WriteToken(token);
+            return new TokenResponse() { jwttoken = jwttoken, refreshtoken = await GenerateToken(user) };
+        }
+    }
+}