Merge pull request #1325 from TechnologyEnhancedLearning/Develop/Fixes/TD-5490-auth-fix-for-openapi

TD-5490 auth issues for LH api  request when user is yet to login

Author: OluwatobiAwe

OpenAPI/LearningHub.Nhs.OpenApi/Controllers/BookmarkController.cs

@@ -4,13 +4,15 @@
     using System.Threading.Tasks;
     using LearningHub.Nhs.Models.Bookmark;
     using LearningHub.Nhs.OpenApi.Services.Interface.Services;
+    using Microsoft.AspNetCore.Authorization;
     using Microsoft.AspNetCore.Mvc;
 
     /// <summary>
     /// Learning Hub Bookmark controller.
     /// </summary>
     [Route("Bookmark")]
     [ApiController]
+    [Authorize]
     public class BookmarkController : OpenApiControllerBase
     {
         private readonly IBookmarkService bookmarkService;

OpenAPI/LearningHub.Nhs.OpenApi/Controllers/CatalogueController.cs

@@ -14,6 +14,7 @@
     /// </summary>
     [Route("Catalogue")]
     [Authorize]
+    [ApiController]
     public class CatalogueController : OpenApiControllerBase
     {
         private readonly ICatalogueService catalogueService;

OpenAPI/LearningHub.Nhs.OpenApi/Controllers/ResourceController.cs

@@ -29,6 +29,7 @@ namespace LearningHub.NHS.OpenAPI.Controllers
     /// </summary>
     [Route("Resource")]
     [Authorize]
+    [ApiController]
     public class ResourceController : OpenApiControllerBase
     {
         private const int MaxNumberOfReferenceIds = 1000;

OpenAPI/LearningHub.Nhs.OpenApi/Controllers/SearchController.cs

@@ -11,13 +11,15 @@
     using LearningHub.Nhs.OpenApi.Models.Configuration;
     using LearningHub.Nhs.OpenApi.Repositories.Interface.Repositories;
     using LearningHub.Nhs.OpenApi.Services.Interface.Services;
+    using Microsoft.AspNetCore.Authorization;
     using Microsoft.AspNetCore.Mvc;
     using Microsoft.Extensions.Logging;
     using Microsoft.Extensions.Options;
 
     /// <summary>
     /// Search operations.
     /// </summary>
+    [Authorize]
     [Route("Search")]
     [ApiController]
     public class SearchController : OpenApiControllerBase

OpenAPI/LearningHub.Nhs.OpenApi/Startup.cs

@@ -8,30 +8,29 @@ namespace LearningHub.NHS.OpenAPI
     using System.Collections.Generic;
     using System.IO;
     using AspNetCore.Authentication.ApiKey;
+    using LearningHub.Nhs.Api.Authentication;
     using LearningHub.Nhs.Caching;
     using LearningHub.Nhs.Models.Enums;
     using LearningHub.Nhs.Models.Extensions;
     using LearningHub.NHS.OpenAPI.Auth;
+    using LearningHub.NHS.OpenAPI.Authentication;
     using LearningHub.NHS.OpenAPI.Configuration;
     using LearningHub.NHS.OpenAPI.Middleware;
     using LearningHub.Nhs.OpenApi.Repositories;
     using LearningHub.Nhs.OpenApi.Repositories.EntityFramework;
     using LearningHub.Nhs.OpenApi.Services;
     using Microsoft.AspNetCore.Authentication;
     using Microsoft.AspNetCore.Authentication.JwtBearer;
+    using Microsoft.AspNetCore.Authorization;
     using Microsoft.AspNetCore.Builder;
     using Microsoft.AspNetCore.Hosting;
-    using Microsoft.AspNetCore.Mvc.Authorization;
     using Microsoft.EntityFrameworkCore;
     using Microsoft.Extensions.Configuration;
     using Microsoft.Extensions.DependencyInjection;
     using Microsoft.Extensions.FileProviders;
     using Microsoft.Extensions.Hosting;
     using Microsoft.IdentityModel.Tokens;
     using Microsoft.OpenApi.Models;
-    using Microsoft.AspNetCore.Authorization;
-    using LearningHub.NHS.OpenAPI.Authentication;
-    using LearningHub.Nhs.Api.Authentication;
 
     /// <summary>
     /// The Startup class.
@@ -62,8 +61,12 @@ public void ConfigureServices(IServiceCollection services)
 
             services.AddApiKeyAuth();
 
-            services.AddAuthentication()
-            .AddJwtBearer(options =>
+            services.AddAuthentication(options =>
+            {
+                options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
+                options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
+            })
+           .AddJwtBearer(options =>
             {
                 options.Authority = this.Configuration.GetValue<string>("LearningHUbAuthServiceConfig:Authority");
                 options.TokenValidationParameters = new TokenValidationParameters()
@@ -76,7 +79,7 @@ public void ConfigureServices(IServiceCollection services)
             });
 
             services.AddCustomMiddleware();
-            services.AddSingleton<IAuthorizationHandler, ReadWriteHandler>(); 
+            services.AddSingleton<IAuthorizationHandler, ReadWriteHandler>();
             services.AddSingleton<IAuthorizationHandler, AuthorizeOrCallFromLHHandler>();
 
             services.AddRepositories(this.Configuration);
@@ -89,7 +92,6 @@ public void ConfigureServices(IServiceCollection services)
             services.AddControllers(options =>
             {
                 options.Filters.Add(new HttpResponseExceptionFilter());
-                options.Filters.Add(new AuthorizeFilter());
             });
 
             services.AddMvc()