From 2d3987b81e58a334d0ecae8f0359acbbb28bfdc7 Mon Sep 17 00:00:00 2001
From: Developer 02 <developer02@didaloghe.onmicrosoft.com>
Date: Mon, 28 Apr 2025 16:18:31 +0200
Subject: [PATCH] Add JWT Bearer authentication support

- Integrated JWT Bearer authentication for API security.
- Replaced previous CookieAuthenticationDefaults with JwtBearerDefaults as the default authentication scheme.
- Configured JWT token validation with issuer, audience, and signing key parameters.
- Added handling for token retrieval from cookies or query strings when missing in the header.
- Updated the authentication configuration to support both Cookie and JWT authentication schemes.
- Enhanced security by validating JWT tokens against provided public keys.
---
 .../EnvelopeGenerator.Application.csproj      |  2 +-
 .../EnvelopeGenerator.Domain.csproj           |  2 +-
 .../EnvelopeGenerator.GeneratorAPI.csproj     |  2 +-
 EnvelopeGenerator.GeneratorAPI/Program.cs     | 42 +++++++++++++++++++
 .../EnvelopeGenerator.Infrastructure.csproj   |  2 +-
 .../EnvelopeGenerator.Terminal.csproj         |  2 +-
 ...EnvelopeGenerator.Tests.Application.csproj |  2 +-
 .../EnvelopeGenerator.Web.csproj              |  2 +-
 8 files changed, 49 insertions(+), 7 deletions(-)

diff --git a/EnvelopeGenerator.Application/EnvelopeGenerator.Application.csproj b/EnvelopeGenerator.Application/EnvelopeGenerator.Application.csproj
index deaf9710..73ba45fe 100644
--- a/EnvelopeGenerator.Application/EnvelopeGenerator.Application.csproj
+++ b/EnvelopeGenerator.Application/EnvelopeGenerator.Application.csproj
@@ -13,7 +13,7 @@
 	</ItemGroup>
 
 	<ItemGroup>
-		<PackageReference Include="DigitalData.Core.Abstractions" Version="3.5.0" />
+		<PackageReference Include="DigitalData.Core.Abstractions" Version="3.6.0" />
 		<PackageReference Include="DigitalData.Core.Application" Version="3.2.1" />
 		<PackageReference Include="DigitalData.Core.Client" Version="2.0.3" />
 		<PackageReference Include="DigitalData.Core.DTO" Version="2.0.1" />
diff --git a/EnvelopeGenerator.Domain/EnvelopeGenerator.Domain.csproj b/EnvelopeGenerator.Domain/EnvelopeGenerator.Domain.csproj
index 60dd3bd2..97b0ca90 100644
--- a/EnvelopeGenerator.Domain/EnvelopeGenerator.Domain.csproj
+++ b/EnvelopeGenerator.Domain/EnvelopeGenerator.Domain.csproj
@@ -7,7 +7,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="DigitalData.Core.Abstractions" Version="3.5.0" />
+    <PackageReference Include="DigitalData.Core.Abstractions" Version="3.6.0" />
     <PackageReference Include="DigitalData.EmailProfilerDispatcher.Abstraction" Version="3.0.0" />
     <PackageReference Include="UserManager.Domain" Version="3.0.2" />
   </ItemGroup>
diff --git a/EnvelopeGenerator.GeneratorAPI/EnvelopeGenerator.GeneratorAPI.csproj b/EnvelopeGenerator.GeneratorAPI/EnvelopeGenerator.GeneratorAPI.csproj
index 30539d93..6e922bad 100644
--- a/EnvelopeGenerator.GeneratorAPI/EnvelopeGenerator.GeneratorAPI.csproj
+++ b/EnvelopeGenerator.GeneratorAPI/EnvelopeGenerator.GeneratorAPI.csproj
@@ -25,7 +25,7 @@
     <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="9.0.4" />
     <PackageReference Include="Scalar.AspNetCore" Version="2.2.1" />
     <PackageReference Include="Swashbuckle.AspNetCore" Version="8.1.1" />
-    <PackageReference Include="DigitalData.Core.Abstractions" Version="3.5.0" />
+    <PackageReference Include="DigitalData.Core.Abstractions" Version="3.6.0" />
     <PackageReference Include="DigitalData.Core.Application" Version="3.2.1" />
     <PackageReference Include="DigitalData.Core.DTO" Version="2.0.1" />
     <PackageReference Include="DigitalData.EmailProfilerDispatcher.Abstraction" Version="3.0.0" />
diff --git a/EnvelopeGenerator.GeneratorAPI/Program.cs b/EnvelopeGenerator.GeneratorAPI/Program.cs
index 33a88b0a..bfdb024b 100644
--- a/EnvelopeGenerator.GeneratorAPI/Program.cs
+++ b/EnvelopeGenerator.GeneratorAPI/Program.cs
@@ -12,6 +12,9 @@ using EnvelopeGenerator.Application;
 using DigitalData.Auth.Client;
 using DigitalData.Core.Abstractions;
 using EnvelopeGenerator.GeneratorAPI.Models;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.IdentityModel.Tokens;
+using DigitalData.Core.Abstractions.Security.Extensions;
 
 var builder = WebApplication.CreateBuilder(args);
 
@@ -93,6 +96,45 @@ builder.Services.AddAuthHubClient(config.GetSection("AuthClientParams"));
 
 var authTokenKeys = config.GetOrDefault<AuthTokenKeys>();
 
+builder.Services.AddAuthentication(options =>
+{
+    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
+    options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
+})
+    .AddJwtBearer(opt =>
+    {
+        opt.TokenValidationParameters = new TokenValidationParameters
+        {
+            ValidateIssuerSigningKey = true,
+            IssuerSigningKeyResolver = (token, securityToken, identifier, parameters) =>
+            {
+                var clientParams = deferredProvider.GetOptions<ClientParams>();
+                var publicKey = clientParams!.PublicKeys.Get(authTokenKeys.Issuer, authTokenKeys.Audience);
+                return new List<SecurityKey>() { publicKey.SecurityKey };
+            },
+            ValidateIssuer = true,
+            ValidIssuer = authTokenKeys.Issuer,
+            ValidateAudience = true,
+            ValidAudience = authTokenKeys.Audience,
+        };
+
+        opt.Events = new JwtBearerEvents
+        {
+            OnMessageReceived = context =>
+            {
+                // if there is no token read related cookie or query string
+                if (context.Token is null)   // if there is no token
+                {
+                    if (context.Request.Cookies.TryGetValue(authTokenKeys.Cookie, out var cookieToken) && cookieToken is not null)
+                        context.Token = cookieToken;
+                    else if (context.Request.Query.TryGetValue(authTokenKeys.QueryString, out var queryStrToken))
+                        context.Token = queryStrToken;
+                }
+                return Task.CompletedTask;
+            }
+        };
+    });
+
 // Authentication
 builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
 .AddCookie(options =>
diff --git a/EnvelopeGenerator.Infrastructure/EnvelopeGenerator.Infrastructure.csproj b/EnvelopeGenerator.Infrastructure/EnvelopeGenerator.Infrastructure.csproj
index aef2abb2..f93f27c1 100644
--- a/EnvelopeGenerator.Infrastructure/EnvelopeGenerator.Infrastructure.csproj
+++ b/EnvelopeGenerator.Infrastructure/EnvelopeGenerator.Infrastructure.csproj
@@ -7,7 +7,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="DigitalData.Core.Abstractions" Version="3.5.0" />
+    <PackageReference Include="DigitalData.Core.Abstractions" Version="3.6.0" />
     <PackageReference Include="DigitalData.Core.Infrastructure" Version="2.0.4" />
     <PackageReference Include="DigitalData.Core.Infrastructure.AutoMapper" Version="1.0.2" />
     <PackageReference Include="DigitalData.EmailProfilerDispatcher" Version="3.0.0" />
diff --git a/EnvelopeGenerator.Terminal/EnvelopeGenerator.Terminal.csproj b/EnvelopeGenerator.Terminal/EnvelopeGenerator.Terminal.csproj
index 5f47b8bc..0fea2531 100644
--- a/EnvelopeGenerator.Terminal/EnvelopeGenerator.Terminal.csproj
+++ b/EnvelopeGenerator.Terminal/EnvelopeGenerator.Terminal.csproj
@@ -19,7 +19,7 @@
     <PackageReference Include="CommandDotNet" Version="7.0.5" />
     <PackageReference Include="CommandDotNet.IoC.MicrosoftDependencyInjection" Version="5.0.1" />
     <PackageReference Include="CommandDotNet.NameCasing" Version="4.0.2" />
-    <PackageReference Include="DigitalData.Core.Abstractions" Version="3.5.0" />
+    <PackageReference Include="DigitalData.Core.Abstractions" Version="3.6.0" />
     <PackageReference Include="DigitalData.Core.Application" Version="3.2.1" />
     <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="7.0.20" />
     <PackageReference Include="Microsoft.Extensions.Caching.SqlServer" Version="7.0.20" />
diff --git a/EnvelopeGenerator.Tests.Application/EnvelopeGenerator.Tests.Application.csproj b/EnvelopeGenerator.Tests.Application/EnvelopeGenerator.Tests.Application.csproj
index cd171c0f..1c549a9b 100644
--- a/EnvelopeGenerator.Tests.Application/EnvelopeGenerator.Tests.Application.csproj
+++ b/EnvelopeGenerator.Tests.Application/EnvelopeGenerator.Tests.Application.csproj
@@ -23,7 +23,7 @@
 
   <ItemGroup>
     <PackageReference Include="coverlet.collector" Version="6.0.0" />
-    <PackageReference Include="DigitalData.Core.Abstractions" Version="3.5.0" />
+    <PackageReference Include="DigitalData.Core.Abstractions" Version="3.6.0" />
     <PackageReference Include="DigitalData.Core.API" Version="2.1.1" />
     <PackageReference Include="DigitalData.Core.Application" Version="3.2.1" />
     <PackageReference Include="Microsoft.EntityFrameworkCore" Version="7.0.20" />
diff --git a/EnvelopeGenerator.Web/EnvelopeGenerator.Web.csproj b/EnvelopeGenerator.Web/EnvelopeGenerator.Web.csproj
index 932642ef..dbbfc909 100644
--- a/EnvelopeGenerator.Web/EnvelopeGenerator.Web.csproj
+++ b/EnvelopeGenerator.Web/EnvelopeGenerator.Web.csproj
@@ -2101,7 +2101,7 @@
   <ItemGroup>
     <PackageReference Include="AutoMapper" Version="13.0.1" />
     <PackageReference Include="BuildBundlerMinifier2022" Version="2.9.9" />
-    <PackageReference Include="DigitalData.Core.Abstractions" Version="3.5.0" />
+    <PackageReference Include="DigitalData.Core.Abstractions" Version="3.6.0" />
     <PackageReference Include="DigitalData.Core.API" Version="2.1.1" />
     <PackageReference Include="DigitalData.Core.Application" Version="3.2.1" />
     <PackageReference Include="DigitalData.EmailProfilerDispatcher" Version="3.0.0" />