chore(*): finish up auth, add services

cyberhck · cyberhck · commit dcd0e38d194e · 2020-11-24T00:20:17.000+07:00
diff --git a/Micro.AppRegistration.Api/Auth/CustomClaims.cs b/Micro.AppRegistration.Api/Auth/CustomClaims.cs
@@ -0,0 +1,7 @@
+namespace Micro.AppRegistration.Api.Auth
+{
+    public class CustomClaims
+    {
+        public const string Permission = "Permission";
+    }
+}
diff --git a/Micro.AppRegistration.Api/Auth/RequirePermission.cs b/Micro.AppRegistration.Api/Auth/RequirePermission.cs
@@ -0,0 +1,32 @@
+using System;
+using System.Linq;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Filters;
+
+namespace Micro.AppRegistration.Api.Auth
+{
+    [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = true)]
+    public class RequirePermission : Attribute, IAuthorizeData, IAuthorizationFilter
+    {
+        public string AuthenticationSchemes { get; set; }
+        public string Policy { get; set; }
+        public string Roles { get; set; }
+        private readonly string _permission;
+
+        public RequirePermission(string permission)
+        {
+            _permission = permission;
+        }
+
+        public void OnAuthorization(AuthorizationFilterContext context)
+        {
+            var permissionClaims = context.HttpContext?.User?.Claims?.Where(c => c.Type == CustomClaims.Permission);
+            var hasClaim = permissionClaims?.Any(x => x.Value == _permission || x.Value == "sudo");
+            if (!hasClaim.HasValue || !hasClaim.Value)
+            {
+                context.Result = new ForbidResult();
+            }
+        }
+    }
+}
diff --git a/Micro.AppRegistration.Api/CreateApplication/AppRegistrationController.cs b/Micro.AppRegistration.Api/CreateApplication/AppRegistrationController.cs
@@ -1,3 +1,8 @@
+using System;
+using System.Threading.Tasks;
+using Micro.AppRegistration.Api.UserDataExtensions;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 
 namespace Micro.AppRegistration.Api.CreateApplication
@@ -6,6 +11,29 @@ namespace Micro.AppRegistration.Api.CreateApplication
     [Route("api/[controller]")]
     public class AppRegistrationController : ControllerBase
     {
-        
+        private readonly IAppRegistrationService _appRegistrationService;
+
+        public AppRegistrationController(IAppRegistrationService appRegistrationService)
+        {
+            _appRegistrationService = appRegistrationService;
+        }
+
+        [HttpPost]
+        [Authorize]
+        public async Task<IActionResult> Test(CreateApplicationRequest request)
+        {
+            try
+            {
+                var application = await _appRegistrationService.CreateApplication(request, this.GetUserId());
+                return Ok(application);
+            }
+            catch (Exception e)
+            {
+                return StatusCode(StatusCodes.Status500InternalServerError, new ProblemDetails
+                {
+                    Title = "internal server error"
+                });
+            }
+        }
     }
 }
diff --git a/Micro.AppRegistration.Api/CreateApplication/AppRegistrationService.cs b/Micro.AppRegistration.Api/CreateApplication/AppRegistrationService.cs
@@ -1,5 +1,9 @@
+using System;
+using System.Security.Cryptography;
 using System.Threading.Tasks;
 using Micro.AppRegistration.Api.Models;
+using Micro.AppRegistration.Api.Uuid;
+using Microsoft.AspNetCore.Identity;
 
 namespace Micro.AppRegistration.Api.CreateApplication
 {
@@ -10,9 +14,45 @@ public interface IAppRegistrationService
 
     public class AppRegistrationService : IAppRegistrationService
     {
+        private readonly IPasswordHasher<Application> _hasher;
+        private readonly ICreateApplicationRepository _applicationRepository;
+
+        public AppRegistrationService(IPasswordHasher<Application> hasher, ICreateApplicationRepository applicationRepository)
+        {
+            _hasher = hasher;
+            _applicationRepository = applicationRepository;
+        }
+
         public async Task<Application> CreateApplication(CreateApplicationRequest request, string userId)
         {
-            throw new System.NotImplementedException();
+            var secret = GenerateApplicationSecret();
+            var hashedSecret = _hasher.HashPassword(null, secret);
+            var application = await _applicationRepository.Create(new Application
+            {
+                Approved = false,
+                Name = request.Name,
+                Secret = hashedSecret,
+                User = userId,
+                CreatedBy = userId,
+                UseDefaultCode = request.UseDefault,
+                ShortCode = request.ShortCode
+            });
+            application.Secret = secret;
+            return application;
+        }
+
+        private static string GenerateApplicationSecret()
+        {
+            return Convert.ToBase64String(GenerateRandomBytes(256));
+        }
+
+        private static byte[] GenerateRandomBytes(int keyBitLength)
+        {
+            using var provider = new RNGCryptoServiceProvider();
+            var lengthInByte = keyBitLength / 8;
+            var randomNumber = new byte[lengthInByte];
+            provider.GetBytes(randomNumber);
+            return randomNumber;
         }
     }
 }
diff --git a/Micro.AppRegistration.Api/CreateApplication/CreateApplicationRepository.cs b/Micro.AppRegistration.Api/CreateApplication/CreateApplicationRepository.cs
@@ -0,0 +1,41 @@
+using System;
+using System.Threading.Tasks;
+using Micro.AppRegistration.Api.Models;
+using Micro.AppRegistration.Api.Uuid;
+
+namespace Micro.AppRegistration.Api.CreateApplication
+{
+    public interface ICreateApplicationRepository
+    {
+        public Task<Application> Create(Application application);
+    }
+    public class CreateApplicationRepository : ICreateApplicationRepository
+    {
+        private readonly ApplicationContext _applicationContext;
+        private readonly IUuidService _uuidService;
+
+        public CreateApplicationRepository(ApplicationContext applicationContext, IUuidService uuidService)
+        {
+            _applicationContext = applicationContext;
+            _uuidService = uuidService;
+        }
+
+        public async Task<Application> Create(Application application)
+        {
+            var result = await _applicationContext.Applications.AddAsync(new Application
+            {
+                Id = _uuidService.GenerateUuId(),
+                User = application.User,
+                Approved = application.Approved,
+                Name = application.Name,
+                Secret = application.Secret,
+                CreatedAt = DateTime.Now,
+                CreatedBy = application.CreatedBy,
+                ShortCode = application.ShortCode,
+                UseDefaultCode = application.UseDefaultCode
+            });
+            await _applicationContext.SaveChangesAsync();
+            return result.Entity;
+        }
+    }
+}
diff --git a/Micro.AppRegistration.Api/Startup.cs b/Micro.AppRegistration.Api/Startup.cs
@@ -29,6 +29,7 @@ public void ConfigureServices(IServiceCollection services)
             services.AddControllers();
             services.ConfigureSwagger();
             services.RegisterWorker();
+            services.ConfigureIdentityServices(Configuration);
         }
 
         // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
@@ -40,6 +41,7 @@ public void Configure(IApplicationBuilder app, IWebHostEnvironment env, ILoggerF
                 app.UseDeveloperExceptionPage();
             }
             app.UseRouting();
+            app.UseAuthentication();
             app.UseAuthorization();
             app.AddSwaggerWithUi();
             app.UseEndpoints(endpoints =>
diff --git a/Micro.AppRegistration.Api/StartupExtensions/DependencyInjection.cs b/Micro.AppRegistration.Api/StartupExtensions/DependencyInjection.cs
@@ -2,8 +2,10 @@
 using Fossapps.Micro.KeyStore;
 using Micro.AppRegistration.Api.Auth;
 using Micro.AppRegistration.Api.Configs;
+using Micro.AppRegistration.Api.CreateApplication;
 using Micro.AppRegistration.Api.Models;
 using Micro.AppRegistration.Api.Uuid;
+using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 
@@ -16,6 +18,9 @@ public static void ConfigureRequiredDependencies(this IServiceCollection service
             services.AddDbContext<ApplicationContext>();
             services.AddSingleton<IUuidService, UuidService>();
             services.AddSingleton<IKeyResolver, KeyResolver>();
+            services.AddScoped<IAppRegistrationService, AppRegistrationService>();
+            services.AddScoped<ICreateApplicationRepository, CreateApplicationRepository>();
+            services.AddSingleton<IPasswordHasher<Application>, PasswordHasher<Application>>();
             services.AddSingleton(SetupKeyStoreHttpClient(configuration.GetSection("Services").Get<Services>().KeyStore));
         }
 
diff --git a/Micro.AppRegistration.Api/StartupExtensions/Identity.cs b/Micro.AppRegistration.Api/StartupExtensions/Identity.cs
@@ -19,7 +19,10 @@ public static void ConfigureIdentityServices(this IServiceCollection serviceColl
                 options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                 options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
                 options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
-            }).AddJwtBearer();
+            }).AddJwtBearer(config =>
+            {
+                ConfigureJwtBearer(serviceCollection, config);
+            });
         }
 
         private static void ConfigureJwtBearer(IServiceCollection services, JwtBearerOptions config)
diff --git a/Micro.AppRegistration.Api/UserDataExtensions/UserIdExtension.cs b/Micro.AppRegistration.Api/UserDataExtensions/UserIdExtension.cs
@@ -0,0 +1,13 @@
+using System.Security.Claims;
+using Microsoft.AspNetCore.Mvc;
+
+namespace Micro.AppRegistration.Api.UserDataExtensions
+{
+    public static class UserIdExtension
+    {
+        public static string? GetUserId(this ControllerBase controller)
+        {
+            return controller.User.FindFirst(ClaimTypes.NameIdentifier)?.Value;
+        }
+    }
+}
diff --git a/Micro.AppRegistration.Api/appsettings.json b/Micro.AppRegistration.Api/appsettings.json
@@ -12,7 +12,7 @@
   },
   "DatabaseConfig": {
     "Host": "localhost",
-    "Port": 15433,
+    "Port": 15432,
     "Name": "app_registration",
     "User": "postgres",
     "Password": "postgres"

Original file line number	Diff line number	Diff line change
`@@ -29,6 +29,7 @@ public void ConfigureServices(IServiceCollection services)`
`29`	`29`	`services.AddControllers();`
`30`	`30`	`services.ConfigureSwagger();`
`31`	`31`	`services.RegisterWorker();`
	`32`	`+ services.ConfigureIdentityServices(Configuration);`
`32`	`33`	`}`
`33`	`34`
`34`	`35`	`// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.`
`@@ -40,6 +41,7 @@ public void Configure(IApplicationBuilder app, IWebHostEnvironment env, ILoggerF`
`40`	`41`	`app.UseDeveloperExceptionPage();`
`41`	`42`	`}`
`42`	`43`	`app.UseRouting();`
	`44`	`+ app.UseAuthentication();`
`43`	`45`	`app.UseAuthorization();`
`44`	`46`	`app.AddSwaggerWithUi();`
`45`	`47`	`app.UseEndpoints(endpoints =>`