redis endpoint info added

Author: HasanJaved-Developer

CentralizedLogging.Sdk/CentralizedLogging.Sdk.csproj

@@ -9,13 +9,13 @@
   <ItemGroup>
     <PackageReference Include="Microsoft.AspNetCore.Http.Abstractions" Version="2.3.0" />
     <PackageReference Include="Microsoft.AspNetCore.Mvc.Core" Version="2.3.0" />
-    <PackageReference Include="Microsoft.Extensions.Caching.Abstractions" Version="9.0.8" />
+    <PackageReference Include="Microsoft.Extensions.Caching.Abstractions" Version="9.0.10" />
     <PackageReference Include="Microsoft.Extensions.Configuration.Abstractions" Version="9.0.8" />
     <PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="9.0.8" />
-    <PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="9.0.9" />
+    <PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="9.0.10" />
     <PackageReference Include="Microsoft.Extensions.Http" Version="9.0.8" />
     <PackageReference Include="Microsoft.Extensions.Http.Polly" Version="9.0.8" />
-    <PackageReference Include="Microsoft.Extensions.Options" Version="9.0.8" />
+    <PackageReference Include="Microsoft.Extensions.Options" Version="9.0.10" />
     <PackageReference Include="Newtonsoft.Json" Version="13.0.1" />
     <PackageReference Include="Polly" Version="8.6.3" />
     <PackageReference Include="Polly.Extensions.Http" Version="3.0.0" />

CentralizedLogging.Sdk/CentralizedLoggingClient.cs

@@ -2,6 +2,8 @@
 using CentralizedLogging.Contracts.Models;
 using CentralizedLogging.Sdk.Abstractions;
 using Microsoft.AspNetCore.Mvc;
+using SharedLibrary;
+using System.Net;
 using System.Net.Http.Json;
 using System.Text.Json;
 
@@ -15,8 +17,17 @@ internal sealed class CentralizedLoggingClient : ICentralizedLoggingClient
 
         public async Task<List<GetAllErrorsResponseModel>> GetAllErrorAsync(CancellationToken ct = default)
         {
-            var resp = await _http.GetFromJsonAsync<List<GetAllErrorsResponseModel>>("api/errorlogs");
-            return resp;
+            var request = new HttpRequestMessage(HttpMethod.Get, "api/errorlogs");
+            var response = await _http.SendAsync(request, ct);
+
+            if (response.StatusCode is HttpStatusCode.Forbidden or HttpStatusCode.Unauthorized)
+            {                
+                throw new PermissionDeniedException((int)response.StatusCode);                
+            }
+
+            response.EnsureSuccessStatusCode(); // for 200 OK only
+
+            return await response.Content.ReadFromJsonAsync<List<GetAllErrorsResponseModel>>(cancellationToken: ct);
         }
 
         public async Task LogErrorAsync(CreateErrorLogDto request, CancellationToken ct)

CentralizedLogging.Sdk/Extensions/ServiceCollectionExtensions.cs

@@ -26,14 +26,6 @@ public static IServiceCollection AddCentralizedLoggingSdk(
             if (configure is not null)
                 services.PostConfigure(configure);
 
-            // Delegating handler MUST be transient
-            services.AddTransient<BearerTokenHandler>();
-
-            // Register the token provider (memory-based)
-            services.AddScoped<ICacheAccessProvider, CacheAccessProvider>();
-
-
-
             // The Typed client
             services.AddHttpClient<ICentralizedLoggingClient, CentralizedLoggingClient>((sp, http) =>
             {

CentralizedLoggingApi/Controllers/ErrorLogsController.cs

@@ -6,6 +6,7 @@
 using Microsoft.EntityFrameworkCore;
 using CentralizedLogging.Contracts.Models;
 using CentralizedLogging.Contracts.DTO;
+using SharedLibrary.Auth;
 
 namespace CentralizedLoggingApi.Controllers
 {
@@ -61,7 +62,7 @@ public async Task<IActionResult> GetErrorById(long id)
             return Ok(error);
         }
 
-        [Authorize]
+        [Authorize(Policy = PolicyType.API_LEVEL)]
         // GET api/errorlogs
         [HttpGet]
         public async Task<IActionResult> GetAllErrors()

CentralizedLoggingApi/appsettings.Development.json

@@ -1,4 +1,8 @@
 {
+  "Redis": {
+    "Endpoint": "localhost:6379",
+    "Password": "Bisp@123"
+  },
   "JAEGER_HOST": "localhost",
   "ConnectionStrings": {
     "DefaultConnection": "Server=(localdb)\\mssqllocaldb;Database=CentralizedLoggingDB;Trusted_Connection=True;MultipleActiveResultSets=true",

CentralizedLoggingApi/appsettings.Production.json

@@ -1,4 +1,8 @@
 {
+  "Redis": {
+    "Endpoint": "dragonfly:6379",
+    "Password": "Bisp@123"
+  },
   "JAEGER_HOST": "jaeger",
   "ConnectionStrings": {
     "DefaultConnection": "Server=db,1433;Database=CentralizedLoggingDB;User=sa;Password=Bisp@123;MultipleActiveResultSets=true;TrustServerCertificate=True;Encrypt=False;",

SharedLibrary/Auth/PermissionHandler.cs

@@ -0,0 +1,53 @@
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Routing;
+using Microsoft.Extensions.Caching.Distributed;
+using SharedLibrary.Cache;
+using System.Text.Json;
+using UserManagementApi.Contracts.Models;
+using static System.Net.WebRequestMethods;
+
+namespace SharedLibrary.Auth
+{
+    public sealed class PermissionHandler : AuthorizationHandler<PermissionRequirement>
+    {
+        private readonly IHttpContextAccessor _http;
+        private readonly IDistributedCache _cache;
+        private readonly ICacheAccessProvider _tokens;
+
+        public PermissionHandler(IHttpContextAccessor http, IDistributedCache cache, ICacheAccessProvider tokens) => (_http, _cache, _tokens) = (http, cache, tokens);
+
+        protected override async Task HandleRequirementAsync(
+            AuthorizationHandlerContext context, PermissionRequirement requirement)
+        {
+            var userId =
+                context.User.FindFirst("sub")?.Value ??
+                context.User.FindFirst(System.Security.Claims.ClaimTypes.NameIdentifier)?.Value;
+
+            if (string.IsNullOrEmpty(userId))
+                return; // no user → no success
+
+            var rd = _http.HttpContext!.GetRouteData();
+            var area = rd.Values["area"]?.ToString() ?? "";
+            var controller = rd.Values["controller"]?.ToString() ?? "";
+            var action = rd.Values["action"]?.ToString() ?? "";
+
+            var ct = _http.HttpContext?.RequestAborted ?? default;
+            var permissions = await _tokens.GetUserPermissionsAsync(ct);
+
+            IReadOnlyList<Category> categories = new List<Category>();
+            if (permissions != null)
+            {
+                categories = JsonSerializer.Deserialize<List<Category>>(permissions);
+            }
+
+            if (categories is null) return;
+
+            bool IsAllowed = categories.Any( c => c.Modules.Any( m => m.Area == area && m.Controller == controller && m.Action == action));
+            
+            
+            if (IsAllowed)
+                context.Succeed(requirement);            
+        }
+    }
+}

SharedLibrary/Auth/PermissionRequirement.cs

@@ -0,0 +1,10 @@
+using Microsoft.AspNetCore.Authorization;
+
+namespace SharedLibrary.Auth
+{
+    public sealed class PermissionRequirement : IAuthorizationRequirement
+    {
+        public string Permission { get; }
+        public PermissionRequirement(string permission) => Permission = permission;
+    }
+}

SharedLibrary/Auth/PolicyType.cs

@@ -0,0 +1,15 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Reflection.Metadata;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace SharedLibrary.Auth
+{
+    public static class PolicyType
+    {
+        public const string WEB_LEVEL = "WebPolicy";
+        public const string API_LEVEL = "APIPolicy";
+    }
+}

SharedLibrary/Cache/CacheAccessProvider.cs

@@ -1,64 +1,84 @@
 using Microsoft.AspNetCore.Http;
-using Microsoft.Extensions.Caching.Memory;
+using Microsoft.Extensions.Caching.Distributed;
 using System.Security.Claims;
 
 namespace SharedLibrary.Cache
 {
     public sealed class CacheAccessProvider : ICacheAccessProvider
     {
-        private readonly IMemoryCache _cache;
+        private readonly IDistributedCache _cache;
         private readonly IHttpContextAccessor _http;        
 
-        public CacheAccessProvider(IMemoryCache cache, IHttpContextAccessor http)
+        public CacheAccessProvider(IDistributedCache cache, IHttpContextAccessor http)
         {
             _cache = cache;
             _http = http;
         }
 
-        public Task<string?> GetAccessTokenAsync(CancellationToken ct = default)
+        public async Task<string?> GetAccessTokenAsync(CancellationToken ct = default)
         {
             var user = _http.HttpContext?.User;
             var uid =
                 user?.FindFirst("sub")?.Value
              ?? user?.FindFirst(ClaimTypes.NameIdentifier)?.Value;
 
-            if (string.IsNullOrEmpty(uid)) return Task.FromResult<string?>(null);
+            if (string.IsNullOrEmpty(uid)) return null;
 
-            var key = $"token:{uid}";
-            _cache.TryGetValue(key, out string? token);
-            return Task.FromResult(token);
+            var key = $"auth:token:{uid}";
+            var token = await _cache.GetStringAsync(key, ct);
+            return token;
+            
         }
 
-        public Task<string?> GetUserPermissionsAsync(CancellationToken ct = default)
+        public async Task<string?> GetUserPermissionsAsync(CancellationToken ct = default)
         {
             var user = _http.HttpContext?.User;
             var uid =
                 user?.FindFirst("sub")?.Value
              ?? user?.FindFirst(ClaimTypes.NameIdentifier)?.Value;
 
-            if (string.IsNullOrEmpty(uid)) return Task.FromResult<string?>(null);
+            if (string.IsNullOrEmpty(uid)) return null;
 
-            var key = $"perm:{uid}";
-            _cache.TryGetValue(key, out string? permissions);
-            return Task.FromResult(permissions);
+            var key = $"auth:permissions:{uid}";
+            var permissions = await _cache.GetStringAsync(key, ct);
+            return permissions;
         }
 
         // Optional helper method to set the token into cache
-        public void SetAccessToken(string token, int userId, DateTime expiresAtUtc)
-        {            
-            var ttl = ToTtl(expiresAtUtc);            
-            _cache.Set($"token:{userId}", token, ttl);
+        public async Task SetAccessToken(string token, int userId, DateTime expiresAtUtc, CancellationToken ct = default)
+        {
+            var ttl = ToTtl(expiresAtUtc);
+
+            var options = new DistributedCacheEntryOptions
+            {
+                AbsoluteExpirationRelativeToNow = ttl
+            };
+
+            // IMPORTANT: Do not manually prefix here if using InstanceName in startup.
+            var key = $"auth:token:{userId}";
+
+            await _cache.SetStringAsync(key, token, options, ct);
         }
 
-        public void SetUserPermissions(string permissions, int userId, DateTime expiresAtUtc)
+        public async Task SetUserPermissions(string permissions, int userId, DateTime expiresAtUtc, CancellationToken ct = default)
         {
             var ttl = ToTtl(expiresAtUtc);
-            _cache.Set($"perm:{userId}", permissions, ttl);
+
+            var options = new DistributedCacheEntryOptions
+            {
+                AbsoluteExpirationRelativeToNow = ttl
+            };
+
+            // IMPORTANT: Do not manually prefix here if using InstanceName in startup.
+            var key = $"auth:permissions:{userId}";
+
+            await _cache.SetStringAsync(key, permissions, options, ct);
         }
 
         public Task RemoveAsync(string userId, CancellationToken ct = default)
         {   
-            _cache.Remove($"token:{userId}");
+            _cache.Remove($"auth:token:{userId}");
+            _cache.Remove($"auth:permissions:{userId}");
             return Task.CompletedTask;
         }