public Auth0Helper Create(HttpRequest request) { var logger = _loggerFactory.CreateLogger("Revature.Account.Api.Auth0Helper"); var auth = new Auth0Helper(request, logger); auth.ConnectManagementClient(); return(auth); }
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, RoleRequirement requirement) { if (context.Resource is AuthorizationFilterContext mvcContext) { var logger = _loggerFactory.CreateLogger("Revature.Account.Api.Auth0Helper"); // We just want to read the token, no management client, so we don't use the factory var auth = new Auth0Helper(mvcContext.HttpContext.Request, logger); foreach (var role in auth.Roles) { if (role == requirement.Role) { context.Succeed(requirement); } } } return(Task.CompletedTask); }
public void ConfigureServices(IServiceCollection services) { Auth0Helper.SetSecretValues(Configuration.GetSection("Auth0").GetValue <string>("Domain"), Configuration.GetSection("Auth0").GetValue <string>("Audience"), Configuration.GetSection("Auth0").GetValue <string>("ClientId"), Configuration.GetSection("Auth0").GetValue <string>("ClientSecret")); services.AddControllers(); services.AddDbContext <AccountDbContext>(options => options.UseNpgsql(Configuration.GetConnectionString(ConnectionStringName))); services.AddCors(options => { options.AddPolicy(CorsPolicyName, builder => { builder.WithOrigins("http://localhost:4200", "https://localhost:4200", "http://housing.revature.xyz", "https://housing.revature.xyz", "http://housingdev.revature.xyz", "https://housingdev.revature.xyz", "https://housing-angular-dev.azurewebsites.net") .AllowAnyMethod() .AllowAnyHeader() .AllowCredentials(); }); }); services.AddSingleton <IMapper, Mapper>(); services.AddScoped <IGenericRepository, GenericRepository>(); services.AddTransient <IAuth0HelperFactory, Auth0HelperFactory>(); services.AddSingleton <IAuthorizationHandler, RoleRequirementHandler>(); // This line configures how to view and validate the token services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }).AddJwtBearer(options => { options.Authority = $"http://{Auth0Helper.Domain}/"; options.Audience = Auth0Helper.Audience; options.RequireHttpsMetadata = !Configuration.GetSection("Auth0").GetValue <bool>("IsDevelopment"); }); // This method is for adding policies and other settings to the Authorize attribute services.AddAuthorization(options => { options.AddPolicy("ApprovedProviderRole", policy => policy.Requirements.Add(new RoleRequirement(Auth0Helper.ApprovedProviderRole))); options.AddPolicy("CoordinatorRole", policy => policy.Requirements.Add(new RoleRequirement(Auth0Helper.CoordinatorRole))); // To fix needing to manually specify the schema every time I want to call [Authorize] // Found it at https://github.com/aspnet/AspNetCore/issues/2193 options.DefaultPolicy = new AuthorizationPolicyBuilder(JwtBearerDefaults.AuthenticationScheme) .RequireAuthenticatedUser() .Build(); }); services.AddSwaggerGen(c => { c.SwaggerDoc("v1", new OpenApiInfo { Title = "Revature Account", Version = "v1" }); c.OrderActionsBy((apiDesc) => $"{apiDesc.ActionDescriptor.RouteValues["controller"]}_{apiDesc.HttpMethod}"); c.AddSecurityDefinition("BearerAuth", new OpenApiSecurityScheme { Type = SecuritySchemeType.ApiKey, Description = "Bearer authentication scheme with JWT, e.g. \"Bearer eyJhbGciOiJIUzI1NiJ9.e30\"", Name = "Authorization", In = ParameterLocation.Header }); c.OperationFilter <SwaggerFilter>(); }); }