public AccountController(
UserManager <ApplicationUser> userManager,
SignInManager <ApplicationUser> signInManager,
ILoggerFactory loggerFactory,
[FromServices] JwtTokenConfigurations jwtTokenConfigurations,
[FromServices] SigningCredentialsConfigurations signingConfigurations,
IDomainNotificationHandler <DomainNotification> notifications,
IBus bus,
IUser user) : base(notifications, bus, user)
{
_userManager = userManager;
_signInManager = signInManager;
_bus = bus;
_logger = loggerFactory.CreateLogger <AccountController>();
_jwtTokenConfigurations = jwtTokenConfigurations;
_signingConfigurations = signingConfigurations;
}
public AccountController(UserManager <ApplicationUser> userManager,
SignInManager <ApplicationUser> signManager,
INotificationHandler <DomainNotification> notifications,
ILoggerFactory loggerFactory,
[FromServices] JwtTokenConfigurations jwtTokenConfigurations,
[FromServices] SigningCredentialsConfigurations signingConfigurations,
IMediatorHandler mediator,
IOrganizadorRepository organizadorRepository,
IUser user) : base(notifications, user, mediator)
{
_userManager = userManager;
_signManager = signManager;
_mediator = mediator;
_logger = loggerFactory.CreateLogger <AccountController>();
_organizadorRepository = organizadorRepository;
_jwtTokenConfigurations = jwtTokenConfigurations;
_signingConfigurations = signingConfigurations;
}
public static IServiceCollection AddJwtSecurity(
this IServiceCollection services,
SigningCredentialsConfigurations signinConfigurations,
JwtTokenConfigurations tokenConfigurations)
{
return services;
services.AddMvc(options =>
{
// Adiciona a policy no filtro de autenticação
options.Filters.Add(new AuthorizeFilter(policy));
}
}
public static void AddMvcSecurity(this IServiceCollection services, IConfiguration Configuration)
{
if (services == null)
{
throw new ArgumentException(nameof(services));
}
// Ativando a utilização do ASP.NET Identity, a fim de
// permitir a recuperação de seus objetos via injeção de dependências
services.AddIdentity <ApplicationUser, IdentityRole>()
.AddEntityFrameworkStores <ApplicationDbContext>()
.AddDefaultTokenProviders();
var signinConfigurations = new SigningCredentialsConfigurations();
services.AddSingleton(signinConfigurations);
var tokenConfigurations = new JwtTokenConfigurations();
new ConfigureFromConfigurationOptions <JwtTokenConfigurations>(
Configuration.GetSection(nameof(JwtTokenConfigurations)))
.Configure(tokenConfigurations);
services.AddSingleton(tokenConfigurations);
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(options =>
{
var validatonParameters = options.TokenValidationParameters;
validatonParameters.IssuerSigningKey = signinConfigurations.Key;
validatonParameters.ValidateAudience = true;
validatonParameters.ValidAudience = tokenConfigurations.Audience;
validatonParameters.ValidateIssuer = true;
validatonParameters.ValidIssuer = tokenConfigurations.Issuer;
// Valida a assinatura de um token recebido
validatonParameters.ValidateIssuerSigningKey = true;
validatonParameters.RequireExpirationTime = true;
// Verifica se um token recebido ainda é válido
validatonParameters.ValidateLifetime = true;
// Tempo de tolerância para a expiração de um token (utilizado
// caso haja problemas de sincronismo de horário entre diferentes
// computadores envolvidos no processo de comunicação)
validatonParameters.ClockSkew = TimeSpan.Zero;
});
// Ativa o uso do token como forma de autorizar o acesso
// a recursos deste projeto
services.AddAuthorization(options =>
{
options.AddPolicy("PodeConsultar", policy => policy.RequireClaim("Eventos", "Consultar"));
options.AddPolicy("PodeGravar", policy => policy.RequireClaim("Eventos", "Gravar"));
options.AddPolicy("PodeExcluir", policy => policy.RequireClaim("Eventos", "Excluir"));
options.AddPolicy("Bearer", new AuthorizationPolicyBuilder()
.AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme)
.RequireAuthenticatedUser()
.Build());
});
}
