AppStd/WorkFlow
8
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat(APIKeyAuthOptions): Datenmodell zur Konfiguration der Autorisierung mit API-Schlüssel erstellt.

Browse Source 
- DI-Erweiterung hinzugefügt
This commit is contained in:
Developer 02 2024-10-29 09:29:14 +01:00
parent e17875dad7
commit 67a62d7311
6 changed files with 25 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
WorkFlow.API/Attributes/ApiKeyAuthAttribute.cs
View File

@ -6,7 +6,7 @@ namespace WorkFlow.API.Attributes
public class APIKeyAuthAttribute : ServiceFilterAttribute public class APIKeyAuthAttribute : ServiceFilterAttribute
{ {
public APIKeyAuthAttribute() public APIKeyAuthAttribute()
: base(typeof(ApiKeyAuthFilter)) : base(typeof(APIKeyAuthFilter))
{ {
} }
} }

8
WorkFlow.API/Extensions/DIExtensions.cs
View File

@ -1,10 +1,14 @@
using WorkFlow.API.Filters; using WorkFlow.API.Filters;
using WorkFlow.API.Models;
namespace WorkFlow.API.Extensions namespace WorkFlow.API.Extensions
{ {
public static class DIExtensions public static class DIExtensions
{ {
public static IServiceCollection AddAPIKeyAuth(this IServiceCollection services, Func<string, bool> isValidKey, string apiKeyHeaderName = "X-API-Key") public static IServiceCollection AddAPIKeyAuth(this IServiceCollection services, Func<string, bool> isValidKey, string headerName = "X-API-Key")
=> services.AddSingleton<APIKeyAuthFilter>(provider => new(isValidKey: isValidKey, apiKeyHeaderName: apiKeyHeaderName)); => services.AddSingleton<APIKeyAuthFilter>(provider => new(isValidKey: isValidKey, headerName: headerName));
public static IServiceCollection AddAPIKeyAuth(this IServiceCollection services, APIKeyAuthOptions options)
=> services.AddAPIKeyAuth(isValidKey: key => key == options.Key, headerName: options.HeaderName);
} }
} }

4
WorkFlow.API/Filters/ApiKeyAuthFilter.cs
View File

@ -3,11 +3,11 @@ using Microsoft.AspNetCore.Mvc;
namespace WorkFlow.API.Filters namespace WorkFlow.API.Filters
{ {
public class APIKeyAuthFilter(Func<string, bool> isValidKey, string apiKeyHeaderName = "X-API-Key") : IAuthorizationFilter public class APIKeyAuthFilter(Func<string, bool> isValidKey, string headerName = "X-API-Key") : IAuthorizationFilter
{ {
public void OnAuthorization(AuthorizationFilterContext context) public void OnAuthorization(AuthorizationFilterContext context)
{ {
string? apiKey = context.HttpContext.Request.Headers[apiKeyHeaderName]; string? apiKey = context.HttpContext.Request.Headers[headerName];
if (apiKey is null || !isValidKey(apiKey)) if (apiKey is null || !isValidKey(apiKey))
{ {

9
WorkFlow.API/Models/APIKeyAuthOptions.cs Normal file
View File

@ -0,0 +1,9 @@
namespace WorkFlow.API.Models
{
public class APIKeyAuthOptions
{
public required string Key { get; init; }
public string HeaderName { get; init; } = "X-API-Key";
}
}

5
WorkFlow.API/Program.cs
View File

@ -36,8 +36,9 @@ try
{ {
Claims = user.ToClaimList().ToDictionary(claim => claim.Type, claim => claim.Value as object) Claims = user.ToClaimList().ToDictionary(claim => claim.Type, claim => claim.Value as object)
}); });
if (config.GetValue<string>("API-Key") is string apiKey)
builder.Services.AddApiKeyAuth(key => key == apiKey); if (config.GetSection("APIKeyAuth").Get<APIKeyAuthOptions>() is APIKeyAuthOptions options)
builder.Services.AddAPIKeyAuth(options);
builder.Services.AddControllers(); builder.Services.AddControllers();

4
WorkFlow.API/appsettings.json
View File

@ -62,5 +62,9 @@
"User": "(&(objectClass=user)(sAMAccountName=*))", "User": "(&(objectClass=user)(sAMAccountName=*))",
"Group": "(&(objectClass=group) (samAccountName=*))" "Group": "(&(objectClass=group) (samAccountName=*))"
} }
},
"APIKeyAuth": {
"Key": "ULbcOUiAXAoCXPviyCGtObZUGnrCHNgDmtNbQNpq5MOhB0EFQn18dObdQ93INNy8xIcnOPMJfEHqOotllELVrJ2R5AjqOfQszT2j00w215GanD3UiJGwFhwmdoNFsmNj",
"HeaderName": "X-API-Key"
} }
} }