Exemplo n.º 1
0
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);

            // Configure JWT authentication
            services.Configure <TokenPayload>(Configuration.GetSection("tokenPayload"));
            TokenPayload tokenPayload = Configuration.GetSection("tokenPayload").Get <TokenPayload>();
            // Overwrite dummy secret value in appsettings.json with actual value from Azure Key Vault
            const string issuerSigningKeyId = "https://extriviaganza-vault.vault.azure.net/secrets/QbQuestionsIssuerSigningKey";

            tokenPayload.Secret = _secretManagementService.GetKeyVaultSecret(issuerSigningKeyId).Result;

            services
            .AddAuthentication(x =>
            {
                x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                x.DefaultChallengeScheme    = JwtBearerDefaults.AuthenticationScheme;
            })
            .AddJwtBearer(x =>
            {
                x.RequireHttpsMetadata      = false;
                x.SaveToken                 = true;
                x.TokenValidationParameters =
                    new TokenValidationParameters()
                {
                    ValidateIssuerSigningKey = true,
                    IssuerSigningKey         = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(tokenPayload.Secret)),
                    ValidIssuer      = tokenPayload.Issuer,
                    ValidAudience    = tokenPayload.Audience,
                    ValidateIssuer   = false,
                    ValidateAudience = false
                };
            });

            // Connect to database
            const string connectionStringId = "https://extriviaganza-vault.vault.azure.net/secrets/QbQuestionsDbConnectionString";
            string       connectionString   = _secretManagementService.GetKeyVaultSecret(connectionStringId).Result;

            services.AddDbContext <AppDbContext>(options => options.UseSqlServer(connectionString));

            // Configure service lifetimes
            services.AddScoped <IQbQuestionRepository, QbQuestionRepository>();
            services.AddScoped <IUnitOfWork, UnitOfWork>();
            services.AddScoped <IUserRepository, UserRepository>();
            services.AddScoped <IQbQuestionService, QbQuestionService>();
            services.AddScoped <IAuthenticateService, AuthenticateService>();
            services.AddScoped <IUserService, UserService>();

            services.AddAutoMapper(
                Assembly.GetAssembly(typeof(ModelToResourceProfile)),
                Assembly.GetAssembly(typeof(ResourceToModelProfile))
                );
        }
        public void IsAuthenticatedSuccessTest()
        {
            // Arrange
            IUserService userService = Substitute.For <IUserService>();

            userService.IsValidUser(Arg.Any <User>()).Returns(true);
            ISecretManagementService secretManagementService = Substitute.For <ISecretManagementService>();

            secretManagementService.GetKeyVaultSecret(Arg.Any <string>()).Returns(Task.FromResult("very_long_token_secret"));
            IOptions <TokenPayload> options = Options.Create(new TokenPayload {
                Secret            = string.Empty,
                Issuer            = string.Empty,
                Audience          = string.Empty,
                AccessExpiration  = 1,
                RefreshExpiration = 1
            });
            IAuthenticateService authenticateService = new AuthenticateService(userService, secretManagementService, options);
            User user = new User {
                Username = "******"
            };
            string token;

            // Act
            bool success = authenticateService.IsAuthenticated(user, out token);

            // Assert
            success.Should().Be(true);
        }
Exemplo n.º 3
0
        public bool IsAuthenticated(User user, out string token)
        {
            token = string.Empty;

            if (!_userService.IsValidUser(user))
            {
                return(false);
            }

            Claim[] claim = new[]
            {
                new Claim(ClaimTypes.Name, user.Username)
            };

            const string issuerSigningKeyId = "https://extriviaganza-vault.vault.azure.net/secrets/QbQuestionsIssuerSigningKey";

            _tokenPayload.Secret = _secretManagementService.GetKeyVaultSecret(issuerSigningKeyId).Result;

            SymmetricSecurityKey key         = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(_tokenPayload.Secret));
            SigningCredentials   credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);

            JwtSecurityToken jwtToken = new JwtSecurityToken(
                _tokenPayload.Issuer,
                _tokenPayload.Audience,
                claim,
                expires: DateTime.Now.AddSeconds(_tokenPayload.AccessExpiration),
                signingCredentials: credentials
                );

            token = new JwtSecurityTokenHandler().WriteToken(jwtToken);
            return(true);
        }