Compare commits
7 Commits
74444d301d
...
29ad0554bc
| Author | SHA1 | Date | |
|---|---|---|---|
|
29ad0554bc | ||
|
|
583864469c | ||
|
|
85ccc52ca1 | ||
|
|
a69e13c2ab | ||
|
|
8ef879a663 | ||
|
|
ef6d834448 | ||
|
|
1db1b35f3c |
@@ -28,7 +28,7 @@ public class ClientPublicKey : RSAKeyBase, IAsymmetricTokenValidator, IUniqueSec
|
||||
}
|
||||
}
|
||||
|
||||
public void UpdateContent(string content)
|
||||
internal void UpdateContent(string content)
|
||||
{
|
||||
_content = content;
|
||||
RSA.ImportFromPem(content);
|
||||
|
||||
@@ -11,7 +11,7 @@ public static class DIExtensions
|
||||
{
|
||||
public static IServiceCollection AddAuthHubClient(this IServiceCollection services, IConfiguration? configuration = null, Action<ClientParams>? options = null)
|
||||
{
|
||||
var clientParams = configuration?.GetSection(nameof(ClientParams)).Get<ClientParams>() ?? new ClientParams();
|
||||
var clientParams = configuration?.Get<ClientParams>() ?? new ClientParams();
|
||||
options?.Invoke(clientParams);
|
||||
services
|
||||
.AddSingleton(Options.Create(clientParams))
|
||||
|
||||
@@ -5,7 +5,7 @@
|
||||
<ImplicitUsings>enable</ImplicitUsings>
|
||||
<Nullable>enable</Nullable>
|
||||
<PackageId>DigitalData.Auth.Client</PackageId>
|
||||
<Version>1.1.4.1</Version>
|
||||
<Version>1.1.5</Version>
|
||||
<Description>DigitalData.Auth.Client is a SignalR-based authentication client that enables applications to connect to a central authentication hub for real-time message exchange. It provides seamless connection management, automatic reconnection (RetryPolicy), and event-driven communication (ClientEvents). The package includes dependency injection support via DIExtensions, allowing easy integration into ASP.NET Core applications. With built-in retry policies and secure message handling, it ensures a reliable and scalable authentication client for real-time authentication workflows.</Description>
|
||||
<Company>Digital Data GmbH</Company>
|
||||
<Product>Digital Data GmbH</Product>
|
||||
@@ -14,8 +14,8 @@
|
||||
<PackageIcon>auth_icon.png</PackageIcon>
|
||||
<RepositoryUrl>http://git.dd:3000/AppStd/DigitalData.Auth</RepositoryUrl>
|
||||
<PackageTags>Digital Data Auth Authorization Authentication</PackageTags>
|
||||
<AssemblyVersion>1.1.4.1</AssemblyVersion>
|
||||
<FileVersion>1.1.4.1</FileVersion>
|
||||
<AssemblyVersion>1.1.5</AssemblyVersion>
|
||||
<FileVersion>1.1.5</FileVersion>
|
||||
</PropertyGroup>
|
||||
|
||||
<ItemGroup>
|
||||
|
||||
@@ -3,13 +3,13 @@ using DigitalData.Core.Abstractions.Security;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.Extensions.Options;
|
||||
using DigitalData.UserManager.Application.DTOs.Auth;
|
||||
using DigitalData.UserManager.Application.Contracts;
|
||||
using DigitalData.UserManager.Application.DTOs.User;
|
||||
using DigitalData.Core.Abstractions.Application;
|
||||
using DigitalData.Auth.API.Dto;
|
||||
using DigitalData.Auth.API.Services.Contracts;
|
||||
using DigitalData.Auth.API.Entities;
|
||||
using DigitalData.Core.DTO;
|
||||
|
||||
namespace DigitalData.Auth.API.Controllers
|
||||
{
|
||||
@@ -45,18 +45,39 @@ namespace DigitalData.Auth.API.Controllers
|
||||
_consumerSignatureHandler = apiSignatureHandler;
|
||||
}
|
||||
|
||||
private async Task<IActionResult> CreateTokenAsync(LogInDto login, string consumerName, bool cookie = true)
|
||||
private async Task<IActionResult> CreateTokenAsync(UserLogin login, string consumerName, bool cookie = true)
|
||||
{
|
||||
DataResult<UserReadDto>? uRes;
|
||||
if(login.Username is not null && login.UserId is not null)
|
||||
return BadRequest("Both user ID and username cannot be provided.");
|
||||
if (login.Username is not null)
|
||||
{
|
||||
bool isValid = await _dirSearchService.ValidateCredentialsAsync(login.Username, login.Password);
|
||||
|
||||
if (!isValid)
|
||||
return Unauthorized();
|
||||
|
||||
//find the user
|
||||
var uRes = await _userService.ReadByUsernameAsync(login.Username);
|
||||
uRes = await _userService.ReadByUsernameAsync(login.Username);
|
||||
if (uRes.IsFailed)
|
||||
return Unauthorized();
|
||||
}
|
||||
else if(login.UserId is int userId)
|
||||
{
|
||||
uRes = await _userService.ReadByIdAsync(userId);
|
||||
if (uRes.IsFailed)
|
||||
return Unauthorized();
|
||||
|
||||
bool isValid = await _dirSearchService.ValidateCredentialsAsync(uRes.Data.Username, login.Password);
|
||||
|
||||
if (!isValid)
|
||||
return Unauthorized();
|
||||
}
|
||||
else
|
||||
{
|
||||
return BadRequest("User ID or username should be provided.");
|
||||
}
|
||||
|
||||
//find the user
|
||||
var consumer = await _consumerService.ReadByNameAsync(consumerName);
|
||||
if (consumer is null)
|
||||
return Unauthorized();
|
||||
@@ -64,7 +85,7 @@ namespace DigitalData.Auth.API.Controllers
|
||||
if (!_cryptoFactory.TokenDescriptors.TryGet(_apiParams.Issuer, consumer.Audience, out var descriptor))
|
||||
return StatusCode(StatusCodes.Status500InternalServerError);
|
||||
|
||||
var token = _userSignatureHandler.WriteToken(uRes.Data, descriptor);
|
||||
var token = _userSignatureHandler.WriteToken(uRes!.Data, descriptor);
|
||||
|
||||
//set cookie
|
||||
if (cookie)
|
||||
@@ -102,7 +123,7 @@ namespace DigitalData.Auth.API.Controllers
|
||||
//TODO: Add role depends on group name
|
||||
[HttpPost("{consumerName}/login")]
|
||||
[AllowAnonymous]
|
||||
public async Task<IActionResult> Login([FromForm] LogInDto login, [FromRoute] string consumerName)
|
||||
public async Task<IActionResult> Login([FromForm] UserLogin login, [FromRoute] string consumerName)
|
||||
{
|
||||
try
|
||||
{
|
||||
@@ -146,7 +167,7 @@ namespace DigitalData.Auth.API.Controllers
|
||||
}
|
||||
|
||||
[HttpPost("{consumerName}")]
|
||||
public async Task<IActionResult> CreateTokenViaBody([FromBody] LogInDto login, [FromRoute] string consumerName, [FromQuery] bool cookie = false)
|
||||
public async Task<IActionResult> CreateTokenViaBody([FromBody] UserLogin login, [FromRoute] string consumerName, [FromQuery] bool cookie = false)
|
||||
{
|
||||
try
|
||||
{
|
||||
|
||||
@@ -16,6 +16,9 @@
|
||||
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.12" />
|
||||
<PackageReference Include="Microsoft.AspNetCore.SignalR" Version="1.2.0" />
|
||||
<PackageReference Include="Microsoft.IdentityModel.Tokens" Version="8.3.1" />
|
||||
<PackageReference Include="NLog" Version="5.4.0" />
|
||||
<PackageReference Include="NLog.Extensions.Logging" Version="5.4.0" />
|
||||
<PackageReference Include="NLog.Web.AspNetCore" Version="5.4.0" />
|
||||
<PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="8.3.1" />
|
||||
<PackageReference Include="Swashbuckle.AspNetCore" Version="7.2.0" />
|
||||
<PackageReference Include="UserManager.Application" Version="3.1.2" />
|
||||
|
||||
3
src/DigitalData.Auth.API/Dto/UserLogin.cs
Normal file
3
src/DigitalData.Auth.API/Dto/UserLogin.cs
Normal file
@@ -0,0 +1,3 @@
|
||||
namespace DigitalData.Auth.API.Dto;
|
||||
|
||||
public record UserLogin(string Password, int? UserId = null, string? Username = null);
|
||||
@@ -11,7 +11,14 @@ using Microsoft.AspNetCore.Authentication.JwtBearer;
|
||||
using Microsoft.IdentityModel.JsonWebTokens;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
using Microsoft.OpenApi.Models;
|
||||
using NLog;
|
||||
using NLog.Web;
|
||||
|
||||
var logger = LogManager.Setup().LoadConfigurationFromAppSettings().GetCurrentClassLogger();
|
||||
logger.Info("Logging initialized.");
|
||||
|
||||
try
|
||||
{
|
||||
var builder = WebApplication.CreateBuilder(args);
|
||||
|
||||
builder.Configuration.AddJsonFile("consumer-repository.json", true, true);
|
||||
@@ -143,3 +150,9 @@ app.MapControllers();
|
||||
app.MapHub<AuthHub>("/auth-hub");
|
||||
|
||||
app.Run();
|
||||
}
|
||||
catch(Exception ex)
|
||||
{
|
||||
logger.Error(ex, "Stopped program because of exception.");
|
||||
throw;
|
||||
}
|
||||
@@ -1,5 +1,4 @@
|
||||
using DigitalData.Auth.API.Config;
|
||||
using DigitalData.Auth.API.Entities;
|
||||
using DigitalData.Auth.API.Entities;
|
||||
using DigitalData.Auth.API.Services.Contracts;
|
||||
using Microsoft.Extensions.Options;
|
||||
|
||||
@@ -9,7 +8,7 @@ namespace DigitalData.Auth.API.Services
|
||||
{
|
||||
private readonly IEnumerable<Consumer> _consumers;
|
||||
|
||||
public ConfiguredConsumerService(IOptions<IEnumerable<Consumer>> consumeroptions)
|
||||
public ConfiguredConsumerService(IOptions<List<Consumer>> consumeroptions)
|
||||
{
|
||||
_consumers = consumeroptions.Value;
|
||||
}
|
||||
|
||||
@@ -53,5 +53,48 @@
|
||||
"Lifetime": "02:00:00"
|
||||
}
|
||||
]
|
||||
},
|
||||
"NLog": {
|
||||
"throwConfigExceptions": true,
|
||||
"variables": {
|
||||
"logDirectory": "E:\\LogFiles\\Digital Data\\Auth.API",
|
||||
"logFileNamePrefix": "${shortdate}-Auth.API"
|
||||
},
|
||||
"targets": {
|
||||
"infoLogs": {
|
||||
"type": "File",
|
||||
"fileName": "${logDirectory}\\${logFileNamePrefix}-Info.log",
|
||||
"maxArchiveDays": 30
|
||||
},
|
||||
"errorLogs": {
|
||||
"type": "File",
|
||||
"fileName": "${logDirectory}\\${logFileNamePrefix}-Error.log",
|
||||
"maxArchiveDays": 30
|
||||
},
|
||||
"criticalLogs": {
|
||||
"type": "File",
|
||||
"fileName": "${logDirectory}\\${logFileNamePrefix}-Critical.log",
|
||||
"maxArchiveDays": 30
|
||||
}
|
||||
},
|
||||
// Trace, Debug, Info, Warn, Error and *Fatal*
|
||||
"rules": [
|
||||
{
|
||||
"logger": "*",
|
||||
"minLevel": "Info",
|
||||
"maxLevel": "Warn",
|
||||
"writeTo": "infoLogs"
|
||||
},
|
||||
{
|
||||
"logger": "*",
|
||||
"level": "Error",
|
||||
"writeTo": "errorLogs"
|
||||
},
|
||||
{
|
||||
"logger": "*",
|
||||
"level": "Fatal",
|
||||
"writeTo": "criticalLogs"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user