AppStd/DigitalData.Auth
8
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: Logging für unerwartete Ausnahmen hinzugefügt, um eine bessere Fehlerverfolgung und Problemlösung zu gewährleisten.

Browse Source
This commit is contained in:
Developer 02 2025-03-10 15:39:34 +01:00
parent 8ef879a663
commit a69e13c2ab
1 changed files with 96 additions and 88 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

184
src/DigitalData.Auth.API/Program.cs
View File

@ -17,24 +17,26 @@ using NLog.Web;
var logger = LogManager.Setup().LoadConfigurationFromAppSettings().GetCurrentClassLogger();
logger.Info("Logging initialized.");
var builder = WebApplication.CreateBuilder(args);
try
{
var builder = WebApplication.CreateBuilder(args);
builder.Configuration.AddJsonFile("consumer-repository.json", true, true);
builder.Configuration.AddJsonFile("consumer-repository.json", true, true);
var config = builder.Configuration;
var config = builder.Configuration;
var apiParams = config.Get<AuthApiParams>() ?? throw new InvalidOperationException("AuthApiOptions is missing or invalid in appsettings.");
var apiParams = config.Get<AuthApiParams>() ?? throw new InvalidOperationException("AuthApiOptions is missing or invalid in appsettings.");
// Add services to the container.
builder.Services.Configure<AuthApiParams>(config);
builder.Services.AddAuthService(config);
builder.Services.AddCryptoFactory(config.GetSection("CryptParams"));
builder.Services.AddJwtSignatureHandler<Consumer>(api => new Dictionary<string, object>
// Add services to the container.
builder.Services.Configure<AuthApiParams>(config);
builder.Services.AddAuthService(config);
builder.Services.AddCryptoFactory(config.GetSection("CryptParams"));
builder.Services.AddJwtSignatureHandler<Consumer>(api => new Dictionary<string, object>
{
{ JwtRegisteredClaimNames.Sub, api.Id },
{ JwtRegisteredClaimNames.Iat, DateTimeOffset.UtcNow.ToUnixTimeSeconds() }
});
builder.Services.AddJwtSignatureHandler<UserReadDto>(user => new Dictionary<string, object>
builder.Services.AddJwtSignatureHandler<UserReadDto>(user => new Dictionary<string, object>
{
{ JwtRegisteredClaimNames.Sub, user.Id },
{ JwtRegisteredClaimNames.UniqueName, user.Username },
@ -43,29 +45,29 @@ builder.Services.AddJwtSignatureHandler<UserReadDto>(user => new Dictionary<stri
{ JwtRegisteredClaimNames.FamilyName, user.Name ?? string.Empty },
{ JwtRegisteredClaimNames.Iat, DateTimeOffset.UtcNow.ToUnixTimeSeconds() }
});
builder.Services.AddDirectorySearchService(config.GetSection("DirectorySearchOptions"));
builder.Services.AddSignalR();
builder.Services.AddDirectorySearchService(config.GetSection("DirectorySearchOptions"));
builder.Services.AddSignalR();
var cnn_str = builder.Configuration.GetConnectionString("Default") ?? throw new InvalidOperationException("Default connection string is not found.");
var cnn_str = builder.Configuration.GetConnectionString("Default") ?? throw new InvalidOperationException("Default connection string is not found.");
builder.Services.AddUserManager(cnn_str);
builder.Services.AddUserManager(cnn_str);
builder.Services.AddControllers();
builder.Services.AddControllers();
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen(options =>
{
options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen(options =>
{
Name = "Authorization",
Type = SecuritySchemeType.Http,
Scheme = "bearer",
BearerFormat = "JWT",
In = ParameterLocation.Header,
Description = "Enter 'Bearer' [space] and then your valid token."
});
options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
{
Name = "Authorization",
Type = SecuritySchemeType.Http,
Scheme = "bearer",
BearerFormat = "JWT",
In = ParameterLocation.Header,
Description = "Enter 'Bearer' [space] and then your valid token."
});
options.AddSecurityRequirement(new OpenApiSecurityRequirement
options.AddSecurityRequirement(new OpenApiSecurityRequirement
{
{
new OpenApiSecurityScheme
@ -82,69 +84,75 @@ builder.Services.AddSwaggerGen(options =>
new List<string>()
}
});
});
// Add authentication
Lazy<SecurityKey>? issuerSigningKeyInitiator = null;
builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.RequireHttpsMetadata = apiParams!.RequireHttpsMetadata;
options.ClaimsIssuer = apiParams!.Issuer;
options.Audience = apiParams.LocalConsumer.Audience;
options.TokenValidationParameters = new()
{
ValidateIssuer = true,
ValidIssuer = apiParams!.Issuer,
ValidateAudience = true,
ValidAudience = apiParams.LocalConsumer.Audience,
ValidateLifetime = true,
IssuerSigningKey = issuerSigningKeyInitiator?.Value
};
options.Events = new JwtBearerEvents
{
OnMessageReceived = context =>
{
// if there is no token read related cookie or query string
if (context.Token is null) // if there is no token
{
if (context.Request.Cookies.TryGetValue(apiParams!.DefaultCookieName, out var cookieToken) && cookieToken is not null)
context.Token = cookieToken;
else if (context.Request.Query.TryGetValue(apiParams.DefaultQueryStringKey, out var queryStrToken))
context.Token = queryStrToken;
}
return Task.CompletedTask;
}
};
});
var app = builder.Build();
// Add authentication
Lazy<SecurityKey>? issuerSigningKeyInitiator = null;
issuerSigningKeyInitiator = new Lazy<SecurityKey>(() =>
{
var factory = app.Services.GetRequiredService<ICryptoFactory>();
var desc = factory.TokenDescriptors.Get(apiParams.Issuer, apiParams.LocalConsumer.Audience);
return desc.Validator.SecurityKey;
});
builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.RequireHttpsMetadata = apiParams!.RequireHttpsMetadata;
options.ClaimsIssuer = apiParams!.Issuer;
options.Audience = apiParams.LocalConsumer.Audience;
options.TokenValidationParameters = new()
{
ValidateIssuer = true,
ValidIssuer = apiParams!.Issuer,
ValidateAudience = true,
ValidAudience = apiParams.LocalConsumer.Audience,
ValidateLifetime = true,
IssuerSigningKey = issuerSigningKeyInitiator?.Value
};
// Configure the HTTP request pipeline.
var use_swagger = config.GetValue<bool>("UseSwagger");
if (app.Environment.IsDevelopment() || use_swagger)
{
app.UseSwagger();
app.UseSwaggerUI();
options.Events = new JwtBearerEvents
{
OnMessageReceived = context =>
{
// if there is no token read related cookie or query string
if (context.Token is null) // if there is no token
{
if (context.Request.Cookies.TryGetValue(apiParams!.DefaultCookieName, out var cookieToken) && cookieToken is not null)
context.Token = cookieToken;
else if (context.Request.Query.TryGetValue(apiParams.DefaultQueryStringKey, out var queryStrToken))
context.Token = queryStrToken;
}
return Task.CompletedTask;
}
};
});
var app = builder.Build();
issuerSigningKeyInitiator = new Lazy<SecurityKey>(() =>
{
var factory = app.Services.GetRequiredService<ICryptoFactory>();
var desc = factory.TokenDescriptors.Get(apiParams.Issuer, apiParams.LocalConsumer.Audience);
return desc.Validator.SecurityKey;
});
// Configure the HTTP request pipeline.
var use_swagger = config.GetValue<bool>("UseSwagger");
if (app.Environment.IsDevelopment() || use_swagger)
{
app.UseSwagger();
app.UseSwaggerUI();
}
app.UseHttpsRedirection();
app.UseAuthentication();
app.UseAuthorization();
app.MapControllers();
app.MapHub<AuthHub>("/auth-hub");
app.Run();
}
app.UseHttpsRedirection();
app.UseAuthentication();
app.UseAuthorization();
app.MapControllers();
app.MapHub<AuthHub>("/auth-hub");
app.Run();
catch(Exception ex)
{
logger.Error(ex, "Stopped program because of exception.");
throw;
}