public Auth0Helper Create(HttpRequest request)
{
var logger = _loggerFactory.CreateLogger("Revature.Account.Api.Auth0Helper");
var auth = new Auth0Helper(request, logger);
auth.ConnectManagementClient();
return(auth);
}
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context,
RoleRequirement requirement)
{
if (context.Resource is AuthorizationFilterContext mvcContext)
{
var logger = _loggerFactory.CreateLogger("Revature.Account.Api.Auth0Helper");
// We just want to read the token, no management client, so we don't use the factory
var auth = new Auth0Helper(mvcContext.HttpContext.Request, logger);
foreach (var role in auth.Roles)
{
if (role == requirement.Role)
{
context.Succeed(requirement);
}
}
}
return(Task.CompletedTask);
}
public void ConfigureServices(IServiceCollection services)
{
Auth0Helper.SetSecretValues(Configuration.GetSection("Auth0").GetValue <string>("Domain"),
Configuration.GetSection("Auth0").GetValue <string>("Audience"),
Configuration.GetSection("Auth0").GetValue <string>("ClientId"),
Configuration.GetSection("Auth0").GetValue <string>("ClientSecret"));
services.AddControllers();
services.AddDbContext <AccountDbContext>(options =>
options.UseNpgsql(Configuration.GetConnectionString(ConnectionStringName)));
services.AddCors(options =>
{
options.AddPolicy(CorsPolicyName, builder =>
{
builder.WithOrigins("http://localhost:4200",
"https://localhost:4200",
"http://housing.revature.xyz",
"https://housing.revature.xyz",
"http://housingdev.revature.xyz",
"https://housingdev.revature.xyz",
"https://housing-angular-dev.azurewebsites.net")
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials();
});
});
services.AddSingleton <IMapper, Mapper>();
services.AddScoped <IGenericRepository, GenericRepository>();
services.AddTransient <IAuth0HelperFactory, Auth0HelperFactory>();
services.AddSingleton <IAuthorizationHandler, RoleRequirementHandler>();
// This line configures how to view and validate the token
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(options =>
{
options.Authority = $"http://{Auth0Helper.Domain}/";
options.Audience = Auth0Helper.Audience;
options.RequireHttpsMetadata = !Configuration.GetSection("Auth0").GetValue <bool>("IsDevelopment");
});
// This method is for adding policies and other settings to the Authorize attribute
services.AddAuthorization(options =>
{
options.AddPolicy("ApprovedProviderRole", policy =>
policy.Requirements.Add(new RoleRequirement(Auth0Helper.ApprovedProviderRole)));
options.AddPolicy("CoordinatorRole", policy =>
policy.Requirements.Add(new RoleRequirement(Auth0Helper.CoordinatorRole)));
// To fix needing to manually specify the schema every time I want to call [Authorize]
// Found it at https://github.com/aspnet/AspNetCore/issues/2193
options.DefaultPolicy = new AuthorizationPolicyBuilder(JwtBearerDefaults.AuthenticationScheme)
.RequireAuthenticatedUser()
.Build();
});
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new OpenApiInfo {
Title = "Revature Account", Version = "v1"
});
c.OrderActionsBy((apiDesc) => $"{apiDesc.ActionDescriptor.RouteValues["controller"]}_{apiDesc.HttpMethod}");
c.AddSecurityDefinition("BearerAuth", new OpenApiSecurityScheme
{
Type = SecuritySchemeType.ApiKey,
Description = "Bearer authentication scheme with JWT, e.g. \"Bearer eyJhbGciOiJIUzI1NiJ9.e30\"",
Name = "Authorization",
In = ParameterLocation.Header
});
c.OperationFilter <SwaggerFilter>();
});
}
