feat: JwtBearerEvents hinzugefügt, um Token aus Cookie oder Query-String lesen zu können

2025-03-11 09:36:17 +01:00 · 2025-03-11 09:36:17 +01:00 · 17d8373739
commit 17d8373739
parent d6ccc10244
3 changed files with 30 additions and 2 deletions
--- a/WorkFlow.API/Models/AuthTokenKeys.cs
+++ b/WorkFlow.API/Models/AuthTokenKeys.cs
@ -0,0 +1,8 @@
+namespace WorkFlow.API.Models;
+
+public class AuthTokenKeys
+{
+    public string Cookie { get; init; } = "AuthToken";
+
+    public string QueryString { get; init; } = "AuthToken";
+}
--- a/WorkFlow.API/Program.cs
+++ b/WorkFlow.API/Program.cs
@ -14,6 +14,7 @@ using WorkFlow.API.Extensions;
 using WorkFlow.API.Filters;
 using Microsoft.OpenApi.Models;
 using DigitalData.Auth.Client;
+using Microsoft.AspNetCore.Authentication.JwtBearer;

 var logger = LogManager.Setup().LoadConfigurationFromAppSettings().GetCurrentClassLogger();
 logger.Info("Logging initialized.");
@ -54,6 +55,8 @@ try

    builder.Services.AddControllers();

+    var authTokenKeys = config.GetSection(nameof(AuthTokenKeys)).Get<AuthTokenKeys>() ?? new();
+
    builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
        .AddJwtBearer(opt =>
        {
@ -67,7 +70,23 @@ try
                ValidateIssuer = true,
                ValidIssuer = authPublicKey.Issuer,
                ValidateAudience = true,
-                ValidAudience = authPublicKey.Audience
+                ValidAudience = authPublicKey.Audience,
+            };
+
+            opt.Events = new JwtBearerEvents
+            {
+                OnMessageReceived = context =>
+                {
+                    // if there is no token read related cookie or query string
+                    if (context.Token is null)   // if there is no token
+                    {
+                        if (context.Request.Cookies.TryGetValue(authTokenKeys.Cookie, out var cookieToken) && cookieToken is not null)
+                            context.Token = cookieToken;
+                        else if (context.Request.Query.TryGetValue(authTokenKeys.QueryString, out var queryStrToken))
+                            context.Token = queryStrToken;
+                    }
+                    return Task.CompletedTask;
+                }
            };
        });

--- a/WorkFlow.API/appsettings.json
+++ b/WorkFlow.API/appsettings.json
@ -83,6 +83,7 @@
  },
  "AuthPublicKey": {
    "Issuer": "auth.digitaldata.works",
-    "Audience": "work-flow.digitaldata.works"
+    "Audience": "work-flow.digitaldata.works",
+    "Content": "-----BEGIN PUBLIC KEY-----MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3QCd7dH/xOUITFZbitMa/xnh8a0LyL6ZBvSRAwkI9ceplTRSHJXoM1oB+xtjWE1kOuHVLe941Tm03szS4+/rHIm0Ejva/KKlv7sPFAHE/pWuoPS303vOHgI4HAFcuwywA8CghUWzaaK5LU/Hl8srWwxBHv5hKIUjJFJygeAIENvFOZ1gFbB3MPEC99PiPOwAmfl4tMQUmSsFyspl/RWVi7bTv26ZE+m3KPcWppmvmYjXlSitxRaySxnfFvpca/qWfd/uUUg2KWKtpAwWVkqr0qD9v3TyKSgHoGDsrFpwSx8qufUJSinmZ1u/0iKl6TXeHubYS4C4SUSVjOWXymI2ZQIDAQAB-----END PUBLIC KEY-----"
  }
 }