Update project version to 1.3.0

Bump <Version>, <AssemblyVersion>, and <FileVersion> in DigitalData.Auth.API.csproj from 1.2.0 to 1.3.0.

DigitalData.Auth.sln

@@ -23,16 +23,16 @@ Global
 		{1AF05BC2-6F15-420A-85F6-E6F8740CD557}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{1AF05BC2-6F15-420A-85F6-E6F8740CD557}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{1AF05BC2-6F15-420A-85F6-E6F8740CD557}.Release|Any CPU.Build.0 = Release|Any CPU
-		{521A2BC0-AEA8-4500-AAA9-1951556EDF9F}.Debug|Any CPU.ActiveCfg = Release|Any CPU
+		{521A2BC0-AEA8-4500-AAA9-1951556EDF9F}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
-		{521A2BC0-AEA8-4500-AAA9-1951556EDF9F}.Debug|Any CPU.Build.0 = Release|Any CPU
+		{521A2BC0-AEA8-4500-AAA9-1951556EDF9F}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{521A2BC0-AEA8-4500-AAA9-1951556EDF9F}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{521A2BC0-AEA8-4500-AAA9-1951556EDF9F}.Release|Any CPU.Build.0 = Release|Any CPU
 		{AF517FD9-3EBE-4452-AAEC-DFF17CC270E3}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
 		{AF517FD9-3EBE-4452-AAEC-DFF17CC270E3}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{AF517FD9-3EBE-4452-AAEC-DFF17CC270E3}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{AF517FD9-3EBE-4452-AAEC-DFF17CC270E3}.Release|Any CPU.Build.0 = Release|Any CPU
-		{09FF9BF0-25BB-4EB2-B1B2-6D2873B9538C}.Debug|Any CPU.ActiveCfg = Release|Any CPU
+		{09FF9BF0-25BB-4EB2-B1B2-6D2873B9538C}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
-		{09FF9BF0-25BB-4EB2-B1B2-6D2873B9538C}.Debug|Any CPU.Build.0 = Release|Any CPU
+		{09FF9BF0-25BB-4EB2-B1B2-6D2873B9538C}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{09FF9BF0-25BB-4EB2-B1B2-6D2873B9538C}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{09FF9BF0-25BB-4EB2-B1B2-6D2873B9538C}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection

src/DigitalData.Auth.API/DigitalData.Auth.API.csproj

@@ -1,12 +1,12 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
 
   <PropertyGroup>
-    <TargetFramework>net8.0</TargetFramework>
+    <TargetFrameworks>net7.0;net8.0</TargetFrameworks>
     <Nullable>enable</Nullable>
     <ImplicitUsings>enable</ImplicitUsings>
-    <Version>1.2.0</Version>
+    <Version>1.3.0</Version>
-    <AssemblyVersion>1.2.0</AssemblyVersion>
+    <AssemblyVersion>1.3.0</AssemblyVersion>
-    <FileVersion>1.2.0</FileVersion>
+    <FileVersion>1.3.0</FileVersion>
   </PropertyGroup>
 
   <ItemGroup>
@@ -15,19 +15,25 @@
     <PackageReference Include="DigitalData.Core.Abstractions.Security" Version="1.0.0" />
     <PackageReference Include="DigitalData.Core.Application" Version="3.2.0" />
     <PackageReference Include="DigitalData.Core.Security" Version="1.2.2" />
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.12" />
     <PackageReference Include="Microsoft.AspNetCore.SignalR" Version="1.2.0" />
     <PackageReference Include="Microsoft.IdentityModel.Tokens" Version="8.3.1" />
     <PackageReference Include="NLog" Version="5.4.0" />
     <PackageReference Include="NLog.Extensions.Logging" Version="5.4.0" />
     <PackageReference Include="NLog.Web.AspNetCore" Version="5.4.0" />
-	<PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="8.3.1" />
     <PackageReference Include="Swashbuckle.AspNetCore" Version="7.2.0" />
     <PackageReference Include="UserManager.Application" Version="3.1.2" />
     <PackageReference Include="UserManager.Domain" Version="3.0.1" />
     <PackageReference Include="UserManager.Infrastructure" Version="3.0.1" />
   </ItemGroup>
 
+  <ItemGroup Condition="'$(TargetFramework)' == 'net7.0'">
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="7.0.20" />
+  </ItemGroup>
+
+  <ItemGroup Condition="'$(TargetFramework)' == 'net8.0'">
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.12" />
+  </ItemGroup>
+	
   <ItemGroup>
     <ProjectReference Include="..\..\DigitalData.Auth.Abstractions\DigitalData.Auth.Abstractions.csproj" />
   </ItemGroup>

src/DigitalData.Auth.API/Program.cs

@@ -9,12 +9,12 @@ using DigitalData.Core.Security.Extensions;
 using DigitalData.UserManager.Application;
 using DigitalData.UserManager.Application.DTOs.User;
 using Microsoft.AspNetCore.Authentication.JwtBearer;
-using Microsoft.Extensions.Options;
 using Microsoft.IdentityModel.JsonWebTokens;
 using Microsoft.IdentityModel.Tokens;
 using Microsoft.OpenApi.Models;
 using NLog;
 using NLog.Web;
+using System.Security.Claims;
 
 var logger = LogManager.Setup().LoadConfigurationFromAppSettings().GetCurrentClassLogger();
 logger.Info("Logging initialized.");
@@ -22,12 +22,14 @@ logger.Info("Logging initialized.");
 try
 {
     var builder = WebApplication.CreateBuilder(args);
-
+        
-    builder.Logging.ClearProviders();
     builder.Logging.SetMinimumLevel(Microsoft.Extensions.Logging.LogLevel.Trace);
-    builder.Host.UseNLog();
 
-    builder.Configuration.AddJsonFile("consumer-repository.json", true, true);
+    if (!builder.Environment.IsDevelopment())
+    {
+        builder.Logging.ClearProviders();
+        builder.Host.UseNLog();
+    }
 
     builder.Configuration.AddJsonFile("consumer-repository.json", true, true);
 
@@ -36,26 +38,37 @@ try
     var config = builder.Configuration;
 
     var apiParams = config.Get<AuthApiParams>() ?? throw new InvalidOperationException("AuthApiOptions is missing or invalid in appsettings.");
-
+    
     // Add services to the container.
     builder.Services.Configure<BackdoorParams>(config.GetSection(nameof(BackdoorParams)));
     builder.Services.Configure<AuthApiParams>(config);
     builder.Services.AddAuthService(config);
     builder.Services.AddRSAPool(config.GetSection("CryptParams"));
     builder.Services.AddJwtSignatureHandler<Consumer>(api => new Dictionary<string, object>
-{
+    {
-    { JwtRegisteredClaimNames.Sub, api.Id },
+        { JwtRegisteredClaimNames.Sub, api.Id },
-    { JwtRegisteredClaimNames.Iat, DateTimeOffset.UtcNow.ToUnixTimeSeconds() }
+        { JwtRegisteredClaimNames.Iat, DateTimeOffset.UtcNow.ToUnixTimeSeconds() }
-});
+    });
-    builder.Services.AddJwtSignatureHandler<UserReadDto>(user => new Dictionary<string, object>
+
-{
+    var commonUserRoles = config.GetSection("CommonUserRoles").Get<string[]>()?.Where(r => !string.IsNullOrWhiteSpace(r)).ToArray() ?? Array.Empty<string>();
-    { JwtRegisteredClaimNames.Sub, user.Id },
+
-    { JwtRegisteredClaimNames.UniqueName, user.Username },
+    builder.Services.AddJwtSignatureHandler<UserReadDto>(user =>
-    { JwtRegisteredClaimNames.Email, user.Email ?? string.Empty },
+    {
-    { JwtRegisteredClaimNames.GivenName, user.Prename ?? string.Empty },
+        var claims = new Dictionary<string, object>
-    { JwtRegisteredClaimNames.FamilyName, user.Name ?? string.Empty },
+        {
-    { JwtRegisteredClaimNames.Iat, DateTimeOffset.UtcNow.ToUnixTimeSeconds() }
+            { JwtRegisteredClaimNames.Sub, user.Id },
-});
+            { JwtRegisteredClaimNames.UniqueName, user.Username },
+            { JwtRegisteredClaimNames.Email, user.Email ?? string.Empty },
+            { JwtRegisteredClaimNames.GivenName, user.Prename ?? string.Empty },
+            { JwtRegisteredClaimNames.FamilyName, user.Name ?? string.Empty },
+            { JwtRegisteredClaimNames.Iat, DateTimeOffset.UtcNow.ToUnixTimeSeconds() }
+        };
+
+        if (commonUserRoles.Length > 0)
+            claims.Add(ClaimTypes.Role, commonUserRoles);
+
+        return claims;
+    });
     builder.Services.AddDirectorySearchService(config.GetSection("DirectorySearchOptions"));
     builder.Services.AddSignalR();
 

src/DigitalData.Auth.API/Properties/launchSettings.json

@@ -14,7 +14,7 @@
       "dotnetRunMessages": true,
       "launchBrowser": false,
       "launchUrl": "swagger",
-      "applicationUrl": "http://localhost:5075",
+      "applicationUrl": "http://localhost:9090",
       "environmentVariables": {
         "ASPNETCORE_ENVIRONMENT": "Development"
       }
@@ -24,7 +24,7 @@
       "dotnetRunMessages": true,
       "launchBrowser": false,
       "launchUrl": "swagger",
-      "applicationUrl": "https://localhost:7192;http://localhost:5075",
+      "applicationUrl": "https://localhost:9090;http://localhost:5075",
       "environmentVariables": {
         "ASPNETCORE_ENVIRONMENT": "Development"
       }

src/DigitalData.Auth.API/appsettings.json

@@ -15,6 +15,12 @@
     "Root": "DC=dd-gan,DC=local,DC=digitaldata,DC=works"
   },
   "Issuer": "auth.digitaldata.works",
+  "CommonUserRoles": [
+    "Admin",
+    "UserManager",
+    "ContentManager",
+    "Signatory"
+  ],
   "LocalConsumer": {
     "Id": -1,
     "Name": "auth-flow",
@@ -55,7 +61,7 @@
       {
         "Id": "f3c0881b-c349-442a-ac24-d02da0798abd",
         "Issuer": "auth.digitaldata.works",
-        "Audience": "sign-flow-gen.digitaldata.works",
+        "Audience": "sign-flow.digitaldata.works",
         "IsEncrypted": true,
         "Lifetime": "12:00:00"
       }

src/DigitalData.Auth.API/consumer-repository.json

@@ -14,8 +14,8 @@
     },
     {
       "Id": 2,
-      "Name": "sign-flow-gen",
+      "Name": "sign-flow",
-      "Audience": "sign-flow-gen.digitaldata.works",
+      "Audience": "sign-flow.digitaldata.works",
       "Password": "Gpm63fny0W63Klc2eWC"
     }
   ]