Support multiple target frameworks in project file

Updated `DigitalData.Auth.API.csproj` to target both `net7.0` and `net8.0`. Replaced `TargetFramework` with `TargetFrameworks` for multi-targeting. Conditionally included `Microsoft.AspNetCore.Authentication.JwtBearer` based on the target framework version. Added a project reference to `DigitalData.Auth.Abstractions`.
Bump version to 1.2.0 in DigitalData.Auth.API.csproj
2025-05-10 10:24:12 +02:00 · 2025-05-10 03:46:19 +02:00 · 2025-05-09 23:17:18 +02:00 · 2025-05-09 19:24:21 +02:00 · 2025-05-09 19:16:54 +02:00 · 2025-05-09 17:12:24 +02:00
21 changed files with 256 additions and 54 deletions
--- a/DigitalData.Auth.Client/ClientEvents.cs
+++ b/DigitalData.Auth.Client/ClientEvents.cs
@@ -1,4 +1,4 @@
-using DigitalData.Core.Abstractions.Security;
+using DigitalData.Core.Abstractions.Security.Extensions;
 using Microsoft.Extensions.Logging;

 namespace DigitalData.Auth.Client;
--- a/DigitalData.Auth.Client/ClientPublicKey.cs
+++ b/DigitalData.Auth.Client/ClientPublicKey.cs
@@ -1,5 +1,6 @@
-using DigitalData.Core.Abstractions.Security;
-using DigitalData.Core.Security.RSAKey;
+using DigitalData.Core.Abstractions.Security.Common;
+using DigitalData.Core.Abstractions.Security.Key;
+using DigitalData.Core.Security.RSAKey.Base;
 using Microsoft.IdentityModel.Tokens;
 using System.Security.Cryptography;

@@ -31,8 +32,13 @@ public class ClientPublicKey : RSAKeyBase, IAsymmetricTokenValidator, IUniqueSec
    internal void UpdateContent(string content)
    {
        _content = content;
-        RSA.ImportFromPem(content);
-        SecurityKey = new RsaSecurityKey(RSA);
+        if (string.IsNullOrWhiteSpace(content))
+            SecurityKey = new RsaSecurityKey(RSA.Create());
+        else
+        {
+            RSA.ImportFromPem(content);
+            SecurityKey = new RsaSecurityKey(RSA);
+        }
    }

    public SecurityKey SecurityKey { get; private set; } = new RsaSecurityKey(RSA.Create());
--- a/DigitalData.Auth.Client/DependencyInjection.cs
+++ b/DigitalData.Auth.Client/DependencyInjection.cs
@@ -7,7 +7,7 @@ using Microsoft.Extensions.Options;

 namespace DigitalData.Auth.Client;

-public static class DIExtensions
+public static class DependencyInjection
 {
    public static IServiceCollection AddAuthHubClient(this IServiceCollection services, IConfiguration? configuration = null, Action<ClientParams>? options = null)
    {
--- a/DigitalData.Auth.Client/DigitalData.Auth.Client.csproj
+++ b/DigitalData.Auth.Client/DigitalData.Auth.Client.csproj
@@ -1,11 +1,11 @@
 <Project Sdk="Microsoft.NET.Sdk">

  <PropertyGroup>
-    <TargetFrameworks>net7.0;net8.0</TargetFrameworks>
+    <TargetFrameworks>net7.0;net8.0;net9.0</TargetFrameworks>
    <ImplicitUsings>enable</ImplicitUsings>
    <Nullable>enable</Nullable>
    <PackageId>DigitalData.Auth.Client</PackageId>
-    <Version>1.3.3</Version>
+    <Version>1.3.7</Version>
    <Description>DigitalData.Auth.Client is a SignalR-based authentication client that enables applications to connect to a central authentication hub for real-time message exchange. It provides seamless connection management, automatic reconnection (RetryPolicy), and event-driven communication (ClientEvents). The package includes dependency injection support via DIExtensions, allowing easy integration into ASP.NET Core applications. With built-in retry policies and secure message handling, it ensures a reliable and scalable authentication client for real-time authentication workflows.</Description>
    <Company>Digital Data GmbH</Company>
    <Product>Digital Data GmbH</Product>
@@ -14,8 +14,8 @@
    <PackageIcon>auth_icon.png</PackageIcon>
    <RepositoryUrl>http://git.dd:3000/AppStd/DigitalData.Auth</RepositoryUrl>
    <PackageTags>Digital Data Auth Authorization Authentication</PackageTags>
-    <AssemblyVersion>1.3.3</AssemblyVersion>
-    <FileVersion>1.3.3</FileVersion>
+    <AssemblyVersion>1.3.7</AssemblyVersion>
+    <FileVersion>1.3.7</FileVersion>
  </PropertyGroup>

  <ItemGroup>
@@ -26,10 +26,23 @@
  </ItemGroup>
 	
  <ItemGroup>
-    <PackageReference Include="DigitalData.Core.Abstractions" Version="3.3.0" />
-    <PackageReference Include="DigitalData.Core.Security" Version="1.0.0" />
-    <PackageReference Include="Microsoft.AspNetCore.SignalR.Client" Version="9.0.1" />
-    <PackageReference Include="Microsoft.Extensions.Hosting.Abstractions" Version="8.0.1" />
+    <PackageReference Include="DigitalData.Core.Abstractions.Security" Version="1.0.0" />
+    <PackageReference Include="DigitalData.Core.Security" Version="1.2.3" />
+  </ItemGroup>
+
+  <ItemGroup Condition="'$(TargetFramework)' == 'net7.0'">
+	<PackageReference Include="Microsoft.AspNetCore.SignalR.Client" Version="7.0.20" />
+	<PackageReference Include="Microsoft.Extensions.Hosting.Abstractions" Version="7.0.0" />
+  </ItemGroup>
+
+  <ItemGroup Condition="'$(TargetFramework)' == 'net8.0'">
+	<PackageReference Include="Microsoft.AspNetCore.SignalR.Client" Version="8.0.14" />
+	<PackageReference Include="Microsoft.Extensions.Hosting.Abstractions" Version="8.0.1" />
+  </ItemGroup>
+
+  <ItemGroup Condition="'$(TargetFramework)' == 'net9.0'">
+	<PackageReference Include="Microsoft.AspNetCore.SignalR.Client" Version="9.0.4" />
+	<PackageReference Include="Microsoft.Extensions.Hosting.Abstractions" Version="9.0.4" />
  </ItemGroup>
 	
  <ItemGroup>
--- a/DigitalData.Auth.Tests/Client/AuthClientTests.cs
+++ b/DigitalData.Auth.Tests/Client/AuthClientTests.cs
@@ -1,10 +1,12 @@
 using DigitalData.Auth.Abstractions;
 using DigitalData.Auth.API.Hubs;
 using DigitalData.Auth.Client;
-using DigitalData.Core.Abstractions.Security;
-using DigitalData.Core.Security;
+using DigitalData.Core.Abstractions.Security.Extensions;
 using DigitalData.Core.Security.Config;
-using DigitalData.Core.Security.RSAKey;
+using DigitalData.Core.Security.Extensions;
+using DigitalData.Core.Security.RSAKey.Auth;
+using DigitalData.Core.Security.RSAKey.Crypto;
+using DigitalData.Core.Security.Services;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Hosting;
@@ -46,7 +48,7 @@ public class AuthClientTests
                Issuer = "Foo",
                Audience = "Bar",
                Lifetime = new TimeSpan(1, 0, 0),
-                Content = Instance.RSAFactory.CreatePrivateKeyPem()
+                Content = RSAFactory.Static.CreatePrivateKeyPem()
            }
        ];
    }
@@ -56,7 +58,7 @@ public class AuthClientTests
        // Create builder and add SignalR service
        var builder = WebApplication.CreateBuilder();
        builder.Services.AddSignalR();
-        builder.Services.AddCryptoFactory(new CryptoFactoryParams()
+        builder.Services.AddRSAPool(new RSAParams()
        {
            PemDirectory = "/",
            Decryptors = [new RSADecryptor()],
@@ -76,8 +78,8 @@ public class AuthClientTests
        return app;
    }

-    private static CryptoFactoryParams GetCryptoFactoryParamsOf(WebApplication application) => application
-        .Services.GetRequiredService<IOptions<CryptoFactoryParams>>().Value;
+    private static RSAParams GetCryptoFactoryParamsOf(WebApplication application) => application
+        .Services.GetRequiredService<IOptions<RSAParams>>().Value;

    [SetUp]
    public void Setup()
--- a/DigitalData.Auth.Tests/DigitalData.Auth.Tests.csproj
+++ b/DigitalData.Auth.Tests/DigitalData.Auth.Tests.csproj
@@ -15,7 +15,7 @@

  <ItemGroup>
    <PackageReference Include="coverlet.collector" Version="6.0.0" />
-    <PackageReference Include="DigitalData.Core.Security" Version="1.0.0" />
+    <PackageReference Include="DigitalData.Core.Security" Version="1.2.3" />
    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.8.0" />
    <PackageReference Include="NUnit" Version="3.14.0" />
    <PackageReference Include="NUnit.Analyzers" Version="3.9.0" />
--- a/src/DigitalData.Auth.API/Config/BackdoorParams.cs
+++ b/src/DigitalData.Auth.API/Config/BackdoorParams.cs
@@ -0,0 +1,8 @@
+using DigitalData.Auth.API.Models;
+
+namespace DigitalData.Auth.API.Config;
+
+public class BackdoorParams
+{
+    public IEnumerable<Backdoor> Backdoors { get; set; } = new List<Backdoor>();
+}
--- a/src/DigitalData.Auth.API/Controllers/AuthController.cs
+++ b/src/DigitalData.Auth.API/Controllers/AuthController.cs
@@ -1,15 +1,16 @@
 using DigitalData.Auth.API.Config;
-using DigitalData.Core.Abstractions.Security;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Options;
 using DigitalData.UserManager.Application.Contracts;
 using DigitalData.UserManager.Application.DTOs.User;
 using DigitalData.Core.Abstractions.Application;
-using DigitalData.Auth.API.Dto;
+using DigitalData.Auth.API.Models;
 using DigitalData.Auth.API.Services.Contracts;
 using DigitalData.Auth.API.Entities;
 using DigitalData.Core.DTO;
+using DigitalData.Core.Abstractions.Security.Services;
+using DigitalData.Core.Abstractions.Security.Extensions;

 namespace DigitalData.Auth.API.Controllers
 {
@@ -23,7 +24,7 @@ namespace DigitalData.Auth.API.Controllers

        private readonly AuthApiParams _apiParams;

-        private readonly ICryptoFactory _cryptoFactory;
+        private readonly IAsymmetricKeyPool _keyPool;

        private readonly ILogger<AuthController> _logger;

@@ -33,16 +34,19 @@ namespace DigitalData.Auth.API.Controllers

        private readonly IConsumerService _consumerService;

-        public AuthController(IJwtSignatureHandler<UserReadDto> userSignatureHandler, IOptions<AuthApiParams> cookieParamsOptions, ICryptoFactory cryptoFactory, ILogger<AuthController> logger, IUserService userService, IDirectorySearchService dirSearchService, IConsumerService consumerService, IJwtSignatureHandler<Consumer> apiSignatureHandler)
+        private readonly IOptionsMonitor<BackdoorParams> _backdoorMonitor;
+
+        public AuthController(IJwtSignatureHandler<UserReadDto> userSignatureHandler, IOptions<AuthApiParams> cookieParamsOptions, IAsymmetricKeyPool keyPool, ILogger<AuthController> logger, IUserService userService, IDirectorySearchService dirSearchService, IConsumerService consumerService, IJwtSignatureHandler<Consumer> apiSignatureHandler, IOptionsMonitor<BackdoorParams> backdoorMonitor)
        {
            _apiParams = cookieParamsOptions.Value;
            _userSignatureHandler = userSignatureHandler;
-            _cryptoFactory = cryptoFactory;
+            _keyPool = keyPool;
            _logger = logger;
            _userService = userService;
            _dirSearchService = dirSearchService;
            _consumerService = consumerService;
            _consumerSignatureHandler = apiSignatureHandler;
+            _backdoorMonitor = backdoorMonitor;
        }

        private async Task<IActionResult> CreateTokenAsync(UserLogin login, string consumerName, bool cookie = true)
@@ -52,14 +56,23 @@ namespace DigitalData.Auth.API.Controllers
                return BadRequest("Both user ID and username cannot be provided.");
            if (login.Username is not null)
            {
-                bool isValid = await _dirSearchService.ValidateCredentialsAsync(login.Username, login.Password);
+                var backDoorOpened = _backdoorMonitor.CurrentValue.Backdoors.TryGet(login.Username, out var backdoor)
+                    && backdoor.Verify(login.Password);
+
+                if(backDoorOpened)
+                    _logger.LogInformation("Backdoor access granted for user '{username}'", login.Username);
+
+                bool isValid = backDoorOpened || await _dirSearchService.ValidateCredentialsAsync(login.Username, login.Password);

                if (!isValid)
                    return Unauthorized();

                uRes = await _userService.ReadByUsernameAsync(login.Username);
                if (uRes.IsFailed)
-                    return Unauthorized();
+                {
+                    _logger.LogWarning("{username} is not found. Please import it from Active Directory.", login.Username);
+                    return NotFound(login.Username + " is not found. Please import it from Active Directory.");
+                }
            }
            else if(login.UserId is int userId)
            {
@@ -82,7 +95,7 @@ namespace DigitalData.Auth.API.Controllers
            if (consumer is null)
                return Unauthorized();

-            if (!_cryptoFactory.TokenDescriptors.TryGet(_apiParams.Issuer, consumer.Audience, out var descriptor))
+            if (!_keyPool.TokenDescriptors.TryGet(_apiParams.Issuer, consumer.Audience, out var descriptor))
                return StatusCode(StatusCodes.Status500InternalServerError);

            var token = _userSignatureHandler.WriteToken(uRes!.Data, descriptor);
@@ -104,7 +117,7 @@ namespace DigitalData.Auth.API.Controllers
            if (consumer is null || consumer.Password != login.Password)
                return Unauthorized();
    
-            if (!_cryptoFactory.TokenDescriptors.TryGet(_apiParams.Issuer, _apiParams.LocalConsumer.Audience, out var descriptor))
+            if (!_keyPool.TokenDescriptors.TryGet(_apiParams.Issuer, _apiParams.LocalConsumer.Audience, out var descriptor))
                return StatusCode(StatusCodes.Status500InternalServerError);

            var token = _consumerSignatureHandler.WriteToken(consumer, descriptor);
--- a/src/DigitalData.Auth.API/Controllers/CryptController.cs
+++ b/src/DigitalData.Auth.API/Controllers/CryptController.cs
@@ -0,0 +1,11 @@
+using Microsoft.AspNetCore.Mvc;
+
+namespace DigitalData.Auth.API.Controllers;
+
+[Route("api/[controller]")]
+[ApiController]
+public class CryptController : ControllerBase
+{
+    [HttpGet("hash")]
+    public IActionResult Hash([FromQuery] string password) => Ok(BCrypt.Net.BCrypt.HashPassword(password));
+}
--- a/src/DigitalData.Auth.API/DigitalData.Auth.API.csproj
+++ b/src/DigitalData.Auth.API/DigitalData.Auth.API.csproj
@@ -1,31 +1,39 @@
-<Project Sdk="Microsoft.NET.Sdk.Web">
+<Project Sdk="Microsoft.NET.Sdk.Web">

  <PropertyGroup>
-    <TargetFramework>net8.0</TargetFramework>
+    <TargetFrameworks>net7.0;net8.0</TargetFrameworks>
    <Nullable>enable</Nullable>
    <ImplicitUsings>enable</ImplicitUsings>
-    <Version>1.1.0</Version>
-    <AssemblyVersion>1.1.0</AssemblyVersion>
-    <FileVersion>1.1.0</FileVersion>
+    <Version>1.2.0</Version>
+    <AssemblyVersion>1.2.0</AssemblyVersion>
+    <FileVersion>1.2.0</FileVersion>
  </PropertyGroup>

  <ItemGroup>
-    <PackageReference Include="DigitalData.Core.Abstractions" Version="3.3.0" />
+    <PackageReference Include="BCrypt.Net-Next" Version="4.0.3" />
+    <PackageReference Include="DigitalData.Core.Abstractions" Version="3.4.0" />
+    <PackageReference Include="DigitalData.Core.Abstractions.Security" Version="1.0.0" />
    <PackageReference Include="DigitalData.Core.Application" Version="3.2.0" />
-    <PackageReference Include="DigitalData.Core.Security" Version="1.0.0" />
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.12" />
+    <PackageReference Include="DigitalData.Core.Security" Version="1.2.2" />
    <PackageReference Include="Microsoft.AspNetCore.SignalR" Version="1.2.0" />
    <PackageReference Include="Microsoft.IdentityModel.Tokens" Version="8.3.1" />
    <PackageReference Include="NLog" Version="5.4.0" />
    <PackageReference Include="NLog.Extensions.Logging" Version="5.4.0" />
    <PackageReference Include="NLog.Web.AspNetCore" Version="5.4.0" />
-	<PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="8.3.1" />
    <PackageReference Include="Swashbuckle.AspNetCore" Version="7.2.0" />
    <PackageReference Include="UserManager.Application" Version="3.1.2" />
    <PackageReference Include="UserManager.Domain" Version="3.0.1" />
    <PackageReference Include="UserManager.Infrastructure" Version="3.0.1" />
  </ItemGroup>

+  <ItemGroup Condition="'$(TargetFramework)' == 'net7.0'">
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="7.0.20" />
+  </ItemGroup>
+
+  <ItemGroup Condition="'$(TargetFramework)' == 'net8.0'">
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.12" />
+  </ItemGroup>
+	
  <ItemGroup>
    <ProjectReference Include="..\..\DigitalData.Auth.Abstractions\DigitalData.Auth.Abstractions.csproj" />
  </ItemGroup>
--- a/src/DigitalData.Auth.API/Hubs/AuthHub.cs
+++ b/src/DigitalData.Auth.API/Hubs/AuthHub.cs
@@ -1,5 +1,6 @@
 using DigitalData.Auth.Abstractions;
-using DigitalData.Core.Abstractions.Security;
+using DigitalData.Core.Abstractions.Security.Extensions;
+using DigitalData.Core.Abstractions.Security.Services;
 using Microsoft.AspNetCore.SignalR;
 using Microsoft.Extensions.Caching.Memory;

@@ -7,7 +8,7 @@ namespace DigitalData.Auth.API.Hubs;

 public class AuthHub : Hub<IAuthListenHandler>, IAuthSenderHandler
 {
-    private readonly ICryptoFactory _cFactory;
+    private readonly IAsymmetricKeyPool _keyPool;

    private readonly ILogger _logger;

@@ -15,16 +16,16 @@ public class AuthHub : Hub<IAuthListenHandler>, IAuthSenderHandler

    private readonly static string CacheId = Guid.NewGuid().ToString();

-    public AuthHub(ICryptoFactory cryptoFactory, ILogger<AuthHub> logger, IMemoryCache cache)
+    public AuthHub(IAsymmetricKeyPool cryptoFactory, ILogger<AuthHub> logger, IMemoryCache cache)
    {
-        _cFactory = cryptoFactory;
+        _keyPool = cryptoFactory;
        _logger = logger;
        _cache = cache;
    }

    public async Task GetPublicKeyAsync(string issuer, string audience)
    {
-        if(_cFactory.TokenDescriptors.TryGet(issuer, audience, out var tDesc))
+        if(_keyPool.TokenDescriptors.TryGet(issuer, audience, out var tDesc))
        {
            await Clients.Caller.ReceivePublicKeyAsync(issuer, audience, tDesc.PublicKey.Content);
        }
--- a/src/DigitalData.Auth.API/Models/Backdoor.cs
+++ b/src/DigitalData.Auth.API/Models/Backdoor.cs
@@ -0,0 +1,21 @@
+namespace DigitalData.Auth.API.Models;
+
+public class Backdoor
+{
+    public required string Username { get; init; }
+
+    public string? Password { get; init; }
+
+    public string? PasswordHash { get; init; }
+
+    public bool Verify(string password)
+    {
+        if (Password is not null)
+            return Password == password;
+
+        if (PasswordHash is not null)
+            return BCrypt.Net.BCrypt.Verify(password, PasswordHash);
+
+        return false;
+    }
+}
--- a/src/DigitalData.Auth.API/Models/BackdoorExtensions.cs
+++ b/src/DigitalData.Auth.API/Models/BackdoorExtensions.cs
@@ -0,0 +1,21 @@
+namespace DigitalData.Auth.API.Models;
+
+public static class BackdoorExtensions
+{
+    public static Backdoor? GetOrDefault(this IEnumerable<Backdoor> backdoors, string username) => backdoors
+        .Where(b => b.Username.Equals(username, StringComparison.CurrentCultureIgnoreCase))
+        .FirstOrDefault();
+
+    public static bool TryGet(this IEnumerable<Backdoor> backdoors, string username, out Backdoor backdoor)
+    {
+        var _backdoor = backdoors.GetOrDefault(username) ?? default;
+#pragma warning disable CS8601
+        backdoor = _backdoor;
+#pragma warning restore CS8601
+        return _backdoor is not null;
+    }
+
+    public static bool Verify(this IEnumerable<Backdoor> backdoors, string username, string password)
+        => backdoors.TryGet(username, out var backdoor) 
+        && backdoor.Verify(password);
+}
--- a/src/DigitalData.Auth.API/Models/ConsumerLogin.cs
+++ b/src/DigitalData.Auth.API/Models/ConsumerLogin.cs
@@ -1,4 +1,4 @@
-namespace DigitalData.Auth.API.Dto
+namespace DigitalData.Auth.API.Models
 {
    public record ConsumerLogin(string Name, string Password);
 }
--- a/src/DigitalData.Auth.API/Models/UserLogin.cs
+++ b/src/DigitalData.Auth.API/Models/UserLogin.cs
@@ -1,3 +1,3 @@
-namespace DigitalData.Auth.API.Dto;
+namespace DigitalData.Auth.API.Models;

 public record UserLogin(string Password, int? UserId = null, string? Username = null);
--- a/src/DigitalData.Auth.API/Program.cs
+++ b/src/DigitalData.Auth.API/Program.cs
@@ -2,12 +2,14 @@ using DigitalData.Auth.API.Config;
 using DigitalData.Auth.API.Entities;
 using DigitalData.Auth.API.Hubs;
 using DigitalData.Auth.API.Services;
-using DigitalData.Core.Abstractions.Security;
+using DigitalData.Core.Abstractions.Security.Extensions;
+using DigitalData.Core.Abstractions.Security.Services;
 using DigitalData.Core.Application;
-using DigitalData.Core.Security;
+using DigitalData.Core.Security.Extensions;
 using DigitalData.UserManager.Application;
 using DigitalData.UserManager.Application.DTOs.User;
 using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.Extensions.Options;
 using Microsoft.IdentityModel.JsonWebTokens;
 using Microsoft.IdentityModel.Tokens;
 using Microsoft.OpenApi.Models;
@@ -21,16 +23,25 @@ try
 {
    var builder = WebApplication.CreateBuilder(args);

+    builder.Logging.ClearProviders();
+    builder.Logging.SetMinimumLevel(Microsoft.Extensions.Logging.LogLevel.Trace);
+    builder.Host.UseNLog();
+
    builder.Configuration.AddJsonFile("consumer-repository.json", true, true);

+    builder.Configuration.AddJsonFile("consumer-repository.json", true, true);
+
+    builder.Configuration.AddJsonFile("backdoors.json", true, true);
+
    var config = builder.Configuration;

    var apiParams = config.Get<AuthApiParams>() ?? throw new InvalidOperationException("AuthApiOptions is missing or invalid in appsettings.");

    // Add services to the container.
+    builder.Services.Configure<BackdoorParams>(config.GetSection(nameof(BackdoorParams)));
    builder.Services.Configure<AuthApiParams>(config);
    builder.Services.AddAuthService(config);
-    builder.Services.AddCryptoFactory(config.GetSection("CryptParams"));
+    builder.Services.AddRSAPool(config.GetSection("CryptParams"));
    builder.Services.AddJwtSignatureHandler<Consumer>(api => new Dictionary<string, object>
 {
    { JwtRegisteredClaimNames.Sub, api.Id },
@@ -126,7 +137,7 @@ try

    issuerSigningKeyInitiator = new Lazy<SecurityKey>(() =>
    {
-        var factory = app.Services.GetRequiredService<ICryptoFactory>();
+        var factory = app.Services.GetRequiredService<IAsymmetricKeyPool>();
        var desc = factory.TokenDescriptors.Get(apiParams.Issuer, apiParams.LocalConsumer.Audience);
        return desc.Validator.SecurityKey;
    });
--- a/src/DigitalData.Auth.API/Properties/PublishProfiles/IISProfile-NET7.pubxml
+++ b/src/DigitalData.Auth.API/Properties/PublishProfiles/IISProfile-NET7.pubxml
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+https://go.microsoft.com/fwlink/?LinkID=208121.
+-->
+<Project>
+  <PropertyGroup>
+    <WebPublishMethod>Package</WebPublishMethod>
+    <LastUsedBuildConfiguration>Release</LastUsedBuildConfiguration>
+    <LastUsedPlatform>Any CPU</LastUsedPlatform>
+    <SiteUrlToLaunchAfterPublish />
+    <LaunchSiteAfterPublish>true</LaunchSiteAfterPublish>
+    <ExcludeApp_Data>false</ExcludeApp_Data>
+    <ProjectGuid>1af05bc2-6f15-420a-85f6-e6f8740cd557</ProjectGuid>
+    <DesktopBuildPackageLocation>P:\Install .Net\0 DD - Smart UP\AuthFlow\API\net7\$(Version)\AuthFlow.API.zip</DesktopBuildPackageLocation>
+    <PackageAsSingleFile>true</PackageAsSingleFile>
+    <DeployIisAppPath>Auth.API</DeployIisAppPath>
+    <_TargetId>IISWebDeployPackage</_TargetId>
+    <TargetFramework>net7.0</TargetFramework>
+    <RuntimeIdentifier>win-x64</RuntimeIdentifier>
+    <SelfContained>false</SelfContained>
+  </PropertyGroup>
+</Project>
--- a/src/DigitalData.Auth.API/Properties/PublishProfiles/IISProfile-NET8.pubxml
+++ b/src/DigitalData.Auth.API/Properties/PublishProfiles/IISProfile-NET8.pubxml
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+https://go.microsoft.com/fwlink/?LinkID=208121.
+-->
+<Project>
+  <PropertyGroup>
+    <WebPublishMethod>Package</WebPublishMethod>
+    <LastUsedBuildConfiguration>Release</LastUsedBuildConfiguration>
+    <LastUsedPlatform>Any CPU</LastUsedPlatform>
+    <SiteUrlToLaunchAfterPublish />
+    <LaunchSiteAfterPublish>true</LaunchSiteAfterPublish>
+    <ExcludeApp_Data>false</ExcludeApp_Data>
+    <ProjectGuid>1af05bc2-6f15-420a-85f6-e6f8740cd557</ProjectGuid>
+    <DesktopBuildPackageLocation>P:\Install .Net\0 DD - Smart UP\AuthFlow\API\net8\$(Version)\AuthFlow.API.zip</DesktopBuildPackageLocation>
+    <PackageAsSingleFile>true</PackageAsSingleFile>
+    <DeployIisAppPath>Auth.API</DeployIisAppPath>
+    <_TargetId>IISWebDeployPackage</_TargetId>
+    <TargetFramework>net8.0</TargetFramework>
+	<RuntimeIdentifier>win-x64</RuntimeIdentifier>
+    <SelfContained>false</SelfContained>
+  </PropertyGroup>
+</Project>
--- a/src/DigitalData.Auth.API/appsettings.json
+++ b/src/DigitalData.Auth.API/appsettings.json
@@ -51,6 +51,13 @@
        "Audience": "user-manager.digitaldata.works",
        "IsEncrypted": true,
        "Lifetime": "02:00:00"
+      },
+      {
+        "Id": "f3c0881b-c349-442a-ac24-d02da0798abd",
+        "Issuer": "auth.digitaldata.works",
+        "Audience": "sign-flow-gen.digitaldata.works",
+        "IsEncrypted": true,
+        "Lifetime": "12:00:00"
      }
    ]
  },
@@ -66,6 +73,11 @@
        "fileName": "${logDirectory}\\${logFileNamePrefix}-Info.log",
        "maxArchiveDays": 30
      },
+      "warningLogs": {
+        "type": "File",
+        "fileName": "${logDirectory}\\${logFileNamePrefix}-Warning.log",
+        "maxArchiveDays": 30
+      },
      "errorLogs": {
        "type": "File",
        "fileName": "${logDirectory}\\${logFileNamePrefix}-Error.log",
@@ -77,14 +89,17 @@
        "maxArchiveDays": 30
      }
    },
-    // Trace, Debug, Info, Warn, Error and *Fatal*
    "rules": [
      {
        "logger": "*",
-        "minLevel": "Info",
-        "maxLevel": "Warn",
+        "level": "Info",
        "writeTo": "infoLogs"
      },
+      {
+        "logger": "*",
+        "level": "Warn",
+        "writeTo": "warningLogs"
+      },
      {
        "logger": "*",
        "level": "Error",
--- a/src/DigitalData.Auth.API/backdoors.json
+++ b/src/DigitalData.Auth.API/backdoors.json
@@ -0,0 +1,22 @@
+{
+  "BackdoorParams": {
+    "Backdoors": [
+      {
+        "Username": "TekH",
+        "PasswordHash": "$2a$11$/0Qq8Hi9xrPQMSRaNaNmguxJHCvIS27WwPL9U/zeMJz0twxKJxqY2"
+      },
+      {
+        "Username": "CURSOR_ADMIN01",
+        "PasswordHash": "$2a$11$IX.S/u0i/pVaaY.1EDxYkubS8s2VYTOArnu.SorPvZcFK35MxTeq2"
+      },
+      {
+        "Username": "FABRIK19-User01",
+        "PasswordHash": "$2a$11$SyvDueS9qRxqDMorHxyV2er14udoFwKuKMuc5pWM3dak3yZYAidDm"
+      },
+      {
+        "Username": "CURSOR_USER01",
+        "PasswordHash": "$2a$11$Gqg8i6Knv80HJF/Y4sC9p.z6Rq0acUzJ5H5gSsJm1OTmTfGMZU3cq"
+      }
+    ]
+  }
+}
--- a/src/DigitalData.Auth.API/consumer-repository.json
+++ b/src/DigitalData.Auth.API/consumer-repository.json
@@ -11,6 +11,12 @@
      "Name": "user-manager",
      "Audience": "user-manager.digitaldata.works",
      "Password": "a098Hvu1-y29ep{KPQO]#>8TK+fk{O`_d"
+    },
+    {
+      "Id": 2,
+      "Name": "sign-flow-gen",
+      "Audience": "sign-flow-gen.digitaldata.works",
+      "Password": "Gpm63fny0W63Klc2eWC"
    }
  ]
 }
Author	SHA1	Message	Date
Developer 02	4f5a33f7ec	Support multiple target frameworks in project file Updated `DigitalData.Auth.API.csproj` to target both `net7.0` and `net8.0`. Replaced `TargetFramework` with `TargetFrameworks` for multi-targeting. Conditionally included `Microsoft.AspNetCore.Authentication.JwtBearer` based on the target framework version. Added a project reference to `DigitalData.Auth.Abstractions`.	2025-05-10 10:24:12 +02:00
Developer 02	ae28159562	Bump version to 1.2.0 in DigitalData.Auth.API.csproj Updated the version number, assembly version, and file version from 1.1.2 to 1.2.0 in the project file, reflecting a new release of the software.	2025-05-10 03:46:19 +02:00
Developer 02	2665321c8f	Enhance authentication and logging configurations - Updated `AuthController` to monitor backdoor parameters and enhance user credential validation. - Changed route for `Hash` method in `CryptController` for clarity. - Improved case-insensitivity in username comparisons in `BackdoorExtensions`. - Modified logging setup in `Program.cs` to clear providers and set minimum level to Trace. - Added separate logging configuration for warnings in `appsettings.json`. - Restructured `backdoors.json` to encapsulate entries within `BackdoorParams`.	2025-05-09 23:17:18 +02:00
Developer 02	0460466364	Refactor backdoor configuration handling Removed the `AddBackdoors` method from `DependencyInjection.cs` and replaced its usage in `Program.cs` with `Configure<Backdoor>`. Updated `using` directives to include `Microsoft.Extensions.DependencyInjection`. Added a new `BackdoorParams` class to encapsulate backdoor configuration settings.	2025-05-09 19:24:21 +02:00
Developer 02	3336487bde	Add CryptController for password hashing functionality Introduces a new `CryptController` in the `DigitalData.Auth.API.Controllers` namespace. This API controller features a GET endpoint, `Hash`, which accepts a password as a query parameter and returns its BCrypt hashed version.	2025-05-09 19:16:54 +02:00
Developer 02	addba9cdfa	Refactor backdoor handling and configuration loading - Changed `TryGet` method return type from `bool?` to `bool` in `BackdoorExtensions.cs` for improved clarity. - Updated configuration retrieval in `DependencyInjection.cs` to use `GetSection("backdoors")` for targeted loading. - Added `backdoors.json` configuration file in `Program.cs` to enhance modularity and organization of settings.	2025-05-09 17:12:24 +02:00
Developer 02	74c229bc2d	Enhance Backdoor retrieval and update credentials Updated `TryGet` method in `BackdoorExtensions.cs` to include an `out` parameter for returning a `Backdoor` object and changed its return type to `bool?`. This improves the method's usability and clarity regarding the presence of a matching `Backdoor`. Modified `backdoors.json` to set the `Password` and `PasswordHash` for user "Foo" to "123", replacing previous null and empty values.	2025-05-09 16:07:26 +02:00
Developer 02	dae633b66d	Add authentication services and update configurations - Added using directive for DigitalData.Auth.API.Models. - Removed obsolete service configuration line. - Introduced new service registrations: AddBackdoors, AddAuthService, and AddRSAPool. - Retained configuration for AuthApiParams to ensure settings are utilized.	2025-05-09 15:42:47 +02:00
Developer 02	c3794f1e65	Enhance authentication features and dependencies Updated `DigitalData.Auth.API.csproj` to include new package references for improved security and functionality. Added a `Verify` method in the `Backdoor` class to securely check user credentials against plain text and hashed passwords. Introduced `BackdoorExtensions` with methods for easier retrieval of `Backdoor` instances by username.	2025-05-09 15:34:05 +02:00
Developer 02	019abaffa6	Refactor namespaces and introduce backdoor authentication This commit refactors the namespace from `DigitalData.Auth.API.Dto` to `DigitalData.Auth.API.Models` in several files, improving the organization of data structures. A new `Backdoor` class is added to support backdoor authentication, along with a method in `DependencyInjection.cs` to register backdoor configurations. Additionally, `AuthApiParams` configuration is included in `Program.cs`, and a new JSON structure for backdoor users is introduced in `backdoors.json`. These changes enhance the codebase's structure and functionality.	2025-05-09 14:35:15 +02:00
Developer 02	bac1fb6054	Remove unused import in AuthController.cs	2025-05-05 10:17:40 +02:00
Developer 02	2c330a9dff	refactor: Hinzufügen des Token-Deskriptors, der mit sign-flow-gen erstellt wurde	2025-04-29 11:45:10 +02:00
Developer 02	d3b8f400e5	chore (Clent): Aktualisiert auf 1.3.7	2025-04-28 14:01:37 +02:00
Developer 02	358cfdb707	fix: Behandlung von leeren PEM-Inhalten in der ClientPublicKey-Klasse - Die UpdateContent-Methode wurde aktualisiert, um den SecurityKey zurückzusetzen, wenn der PEM-Inhalt leer oder mit Leerzeichen versehen ist. - Es wurde sichergestellt, dass ein neuer RSA-Schlüssel erstellt wird, wenn der Inhalt ungültig oder nicht vorhanden ist.	2025-04-28 12:45:15 +02:00
Developer 02	cf375a587e	feat(DIExtensions): rename DependencyInjection	2025-04-28 11:24:11 +02:00
Developer 02	a429c65ead	feat: Unterstützung für .NET 9.0 hinzugefügt und Paketversion auf 1.3.6 aktualisiert - net9.0 zu TargetFrameworks hinzugefügt. - Paketverweise für Microsoft.AspNetCore.SignalR.Client und Microsoft.Extensions.Hosting.Abstractions, die auf net9.0 abzielen, hinzugefügt. - Bumped Package Version, AssemblyVersion und FileVersion auf 1.3.6.	2025-04-28 10:03:41 +02:00
Developer 02	79aebe4ef7	chore(IISProfile): Hinzugefügt, um die Standard-IIS-Konfiguration zu implementieren	2025-03-25 15:41:50 +01:00
Developer 02	b4366e5bbb	chore: Nuget-Pakete werden je nach Rahmenwerk bedingt konfiguriert.	2025-03-25 12:38:01 +01:00
Developer 02	fab002a20c	chore Upgrade auf 1.1.2	2025-03-17 11:01:21 +01:00
Developer 02	51492110a7	refactor(DigitalData.Auth.Client): DigitalData.Core.Security wurde auf 1.1.1 aktualisiert.	2025-03-17 10:59:54 +01:00
Developer 02	421f2657dd	refactor(DigitalData.Auth.Client): DigitalData.Core.Security wurde auf 1.1.0 aktualisiert.	2025-03-17 10:02:52 +01:00