feat: Logging für unerwartete Ausnahmen hinzugefügt, um eine bessere Fehlerverfolgung und Problemlösung zu gewährleisten.
This commit is contained in:
Developer 02
parent
8ef879a663
commit
a69e13c2ab
@ -17,24 +17,26 @@ using NLog.Web;
|
|||||||
var logger = LogManager.Setup().LoadConfigurationFromAppSettings().GetCurrentClassLogger();
|
var logger = LogManager.Setup().LoadConfigurationFromAppSettings().GetCurrentClassLogger();
|
||||||
logger.Info("Logging initialized.");
|
logger.Info("Logging initialized.");
|
||||||
|
|
||||||
var builder = WebApplication.CreateBuilder(args);
|
try
|
||||||
|
{
|
||||||
|
var builder = WebApplication.CreateBuilder(args);
|
||||||
|
|
||||||
builder.Configuration.AddJsonFile("consumer-repository.json", true, true);
|
builder.Configuration.AddJsonFile("consumer-repository.json", true, true);
|
||||||
|
|
||||||
var config = builder.Configuration;
|
var config = builder.Configuration;
|
||||||
|
|
||||||
var apiParams = config.Get<AuthApiParams>() ?? throw new InvalidOperationException("AuthApiOptions is missing or invalid in appsettings.");
|
var apiParams = config.Get<AuthApiParams>() ?? throw new InvalidOperationException("AuthApiOptions is missing or invalid in appsettings.");
|
||||||
|
|
||||||
// Add services to the container.
|
// Add services to the container.
|
||||||
builder.Services.Configure<AuthApiParams>(config);
|
builder.Services.Configure<AuthApiParams>(config);
|
||||||
builder.Services.AddAuthService(config);
|
builder.Services.AddAuthService(config);
|
||||||
builder.Services.AddCryptoFactory(config.GetSection("CryptParams"));
|
builder.Services.AddCryptoFactory(config.GetSection("CryptParams"));
|
||||||
builder.Services.AddJwtSignatureHandler<Consumer>(api => new Dictionary<string, object>
|
builder.Services.AddJwtSignatureHandler<Consumer>(api => new Dictionary<string, object>
|
||||||
{
|
{
|
||||||
{ JwtRegisteredClaimNames.Sub, api.Id },
|
{ JwtRegisteredClaimNames.Sub, api.Id },
|
||||||
{ JwtRegisteredClaimNames.Iat, DateTimeOffset.UtcNow.ToUnixTimeSeconds() }
|
{ JwtRegisteredClaimNames.Iat, DateTimeOffset.UtcNow.ToUnixTimeSeconds() }
|
||||||
});
|
});
|
||||||
builder.Services.AddJwtSignatureHandler<UserReadDto>(user => new Dictionary<string, object>
|
builder.Services.AddJwtSignatureHandler<UserReadDto>(user => new Dictionary<string, object>
|
||||||
{
|
{
|
||||||
{ JwtRegisteredClaimNames.Sub, user.Id },
|
{ JwtRegisteredClaimNames.Sub, user.Id },
|
||||||
{ JwtRegisteredClaimNames.UniqueName, user.Username },
|
{ JwtRegisteredClaimNames.UniqueName, user.Username },
|
||||||
@ -43,29 +45,29 @@ builder.Services.AddJwtSignatureHandler<UserReadDto>(user => new Dictionary<stri
|
|||||||
{ JwtRegisteredClaimNames.FamilyName, user.Name ?? string.Empty },
|
{ JwtRegisteredClaimNames.FamilyName, user.Name ?? string.Empty },
|
||||||
{ JwtRegisteredClaimNames.Iat, DateTimeOffset.UtcNow.ToUnixTimeSeconds() }
|
{ JwtRegisteredClaimNames.Iat, DateTimeOffset.UtcNow.ToUnixTimeSeconds() }
|
||||||
});
|
});
|
||||||
builder.Services.AddDirectorySearchService(config.GetSection("DirectorySearchOptions"));
|
builder.Services.AddDirectorySearchService(config.GetSection("DirectorySearchOptions"));
|
||||||
builder.Services.AddSignalR();
|
builder.Services.AddSignalR();
|
||||||
|
|
||||||
var cnn_str = builder.Configuration.GetConnectionString("Default") ?? throw new InvalidOperationException("Default connection string is not found.");
|
var cnn_str = builder.Configuration.GetConnectionString("Default") ?? throw new InvalidOperationException("Default connection string is not found.");
|
||||||
|
|
||||||
builder.Services.AddUserManager(cnn_str);
|
builder.Services.AddUserManager(cnn_str);
|
||||||
|
|
||||||
builder.Services.AddControllers();
|
builder.Services.AddControllers();
|
||||||
|
|
||||||
builder.Services.AddEndpointsApiExplorer();
|
builder.Services.AddEndpointsApiExplorer();
|
||||||
builder.Services.AddSwaggerGen(options =>
|
builder.Services.AddSwaggerGen(options =>
|
||||||
{
|
|
||||||
options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
|
|
||||||
{
|
{
|
||||||
Name = "Authorization",
|
options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
|
||||||
Type = SecuritySchemeType.Http,
|
{
|
||||||
Scheme = "bearer",
|
Name = "Authorization",
|
||||||
BearerFormat = "JWT",
|
Type = SecuritySchemeType.Http,
|
||||||
In = ParameterLocation.Header,
|
Scheme = "bearer",
|
||||||
Description = "Enter 'Bearer' [space] and then your valid token."
|
BearerFormat = "JWT",
|
||||||
});
|
In = ParameterLocation.Header,
|
||||||
|
Description = "Enter 'Bearer' [space] and then your valid token."
|
||||||
|
});
|
||||||
|
|
||||||
options.AddSecurityRequirement(new OpenApiSecurityRequirement
|
options.AddSecurityRequirement(new OpenApiSecurityRequirement
|
||||||
{
|
{
|
||||||
{
|
{
|
||||||
new OpenApiSecurityScheme
|
new OpenApiSecurityScheme
|
||||||
@ -82,69 +84,75 @@ builder.Services.AddSwaggerGen(options =>
|
|||||||
new List<string>()
|
new List<string>()
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
});
|
|
||||||
|
|
||||||
// Add authentication
|
|
||||||
Lazy<SecurityKey>? issuerSigningKeyInitiator = null;
|
|
||||||
|
|
||||||
builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
|
|
||||||
.AddJwtBearer(options =>
|
|
||||||
{
|
|
||||||
options.RequireHttpsMetadata = apiParams!.RequireHttpsMetadata;
|
|
||||||
options.ClaimsIssuer = apiParams!.Issuer;
|
|
||||||
options.Audience = apiParams.LocalConsumer.Audience;
|
|
||||||
options.TokenValidationParameters = new()
|
|
||||||
{
|
|
||||||
ValidateIssuer = true,
|
|
||||||
ValidIssuer = apiParams!.Issuer,
|
|
||||||
ValidateAudience = true,
|
|
||||||
ValidAudience = apiParams.LocalConsumer.Audience,
|
|
||||||
ValidateLifetime = true,
|
|
||||||
IssuerSigningKey = issuerSigningKeyInitiator?.Value
|
|
||||||
};
|
|
||||||
|
|
||||||
options.Events = new JwtBearerEvents
|
|
||||||
{
|
|
||||||
OnMessageReceived = context =>
|
|
||||||
{
|
|
||||||
// if there is no token read related cookie or query string
|
|
||||||
if (context.Token is null) // if there is no token
|
|
||||||
{
|
|
||||||
if (context.Request.Cookies.TryGetValue(apiParams!.DefaultCookieName, out var cookieToken) && cookieToken is not null)
|
|
||||||
context.Token = cookieToken;
|
|
||||||
else if (context.Request.Query.TryGetValue(apiParams.DefaultQueryStringKey, out var queryStrToken))
|
|
||||||
context.Token = queryStrToken;
|
|
||||||
}
|
|
||||||
return Task.CompletedTask;
|
|
||||||
}
|
|
||||||
};
|
|
||||||
});
|
});
|
||||||
|
|
||||||
var app = builder.Build();
|
// Add authentication
|
||||||
|
Lazy<SecurityKey>? issuerSigningKeyInitiator = null;
|
||||||
|
|
||||||
issuerSigningKeyInitiator = new Lazy<SecurityKey>(() =>
|
builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
|
||||||
{
|
.AddJwtBearer(options =>
|
||||||
var factory = app.Services.GetRequiredService<ICryptoFactory>();
|
{
|
||||||
var desc = factory.TokenDescriptors.Get(apiParams.Issuer, apiParams.LocalConsumer.Audience);
|
options.RequireHttpsMetadata = apiParams!.RequireHttpsMetadata;
|
||||||
return desc.Validator.SecurityKey;
|
options.ClaimsIssuer = apiParams!.Issuer;
|
||||||
});
|
options.Audience = apiParams.LocalConsumer.Audience;
|
||||||
|
options.TokenValidationParameters = new()
|
||||||
|
{
|
||||||
|
ValidateIssuer = true,
|
||||||
|
ValidIssuer = apiParams!.Issuer,
|
||||||
|
ValidateAudience = true,
|
||||||
|
ValidAudience = apiParams.LocalConsumer.Audience,
|
||||||
|
ValidateLifetime = true,
|
||||||
|
IssuerSigningKey = issuerSigningKeyInitiator?.Value
|
||||||
|
};
|
||||||
|
|
||||||
// Configure the HTTP request pipeline.
|
options.Events = new JwtBearerEvents
|
||||||
var use_swagger = config.GetValue<bool>("UseSwagger");
|
{
|
||||||
if (app.Environment.IsDevelopment() || use_swagger)
|
OnMessageReceived = context =>
|
||||||
{
|
{
|
||||||
app.UseSwagger();
|
// if there is no token read related cookie or query string
|
||||||
app.UseSwaggerUI();
|
if (context.Token is null) // if there is no token
|
||||||
|
{
|
||||||
|
if (context.Request.Cookies.TryGetValue(apiParams!.DefaultCookieName, out var cookieToken) && cookieToken is not null)
|
||||||
|
context.Token = cookieToken;
|
||||||
|
else if (context.Request.Query.TryGetValue(apiParams.DefaultQueryStringKey, out var queryStrToken))
|
||||||
|
context.Token = queryStrToken;
|
||||||
|
}
|
||||||
|
return Task.CompletedTask;
|
||||||
|
}
|
||||||
|
};
|
||||||
|
});
|
||||||
|
|
||||||
|
var app = builder.Build();
|
||||||
|
|
||||||
|
issuerSigningKeyInitiator = new Lazy<SecurityKey>(() =>
|
||||||
|
{
|
||||||
|
var factory = app.Services.GetRequiredService<ICryptoFactory>();
|
||||||
|
var desc = factory.TokenDescriptors.Get(apiParams.Issuer, apiParams.LocalConsumer.Audience);
|
||||||
|
return desc.Validator.SecurityKey;
|
||||||
|
});
|
||||||
|
|
||||||
|
// Configure the HTTP request pipeline.
|
||||||
|
var use_swagger = config.GetValue<bool>("UseSwagger");
|
||||||
|
if (app.Environment.IsDevelopment() || use_swagger)
|
||||||
|
{
|
||||||
|
app.UseSwagger();
|
||||||
|
app.UseSwaggerUI();
|
||||||
|
}
|
||||||
|
|
||||||
|
app.UseHttpsRedirection();
|
||||||
|
|
||||||
|
app.UseAuthentication();
|
||||||
|
|
||||||
|
app.UseAuthorization();
|
||||||
|
|
||||||
|
app.MapControllers();
|
||||||
|
|
||||||
|
app.MapHub<AuthHub>("/auth-hub");
|
||||||
|
|
||||||
|
app.Run();
|
||||||
}
|
}
|
||||||
|
catch(Exception ex)
|
||||||
app.UseHttpsRedirection();
|
{
|
||||||
|
logger.Error(ex, "Stopped program because of exception.");
|
||||||
app.UseAuthentication();
|
throw;
|
||||||
|
}
|
||||||
app.UseAuthorization();
|
|
||||||
|
|
||||||
app.MapControllers();
|
|
||||||
|
|
||||||
app.MapHub<AuthHub>("/auth-hub");
|
|
||||||
|
|
||||||
app.Run();
|
|
||||||
Loading…
x
Reference in New Issue
Block a user