chore(auth): integrate auth service

Author: cyberhck

Micro.AppRegistration.Api/Auth/Exceptions/KeyNotFoundException.cs

@@ -0,0 +1,11 @@
+using System;
+
+namespace Micro.AppRegistration.Api.Auth.Exceptions
+{
+    public class KeyNotFoundException : Exception
+    {
+        public KeyNotFoundException(string message) : base(message)
+        {
+        }
+    }
+}

Micro.AppRegistration.Api/Auth/KeyResolver.cs

@@ -0,0 +1,31 @@
+using System.Threading.Tasks;
+using Fossapps.Micro.KeyStore;
+using Fossapps.Micro.KeyStore.Models;
+using Micro.AppRegistration.Api.Auth.Exceptions;
+
+namespace Micro.AppRegistration.Api.Auth
+{
+    public interface IKeyResolver
+    {
+        Task<string> ResolveKey(string keyId);
+    }
+    public class KeyResolver : IKeyResolver
+    {
+        private readonly IKeyStoreClient _keyStoreClient;
+
+        public KeyResolver(IKeyStoreClient keyStoreClient)
+        {
+            _keyStoreClient = keyStoreClient;
+        }
+
+        public async Task<string> ResolveKey(string keyId)
+        {
+            var response = await _keyStoreClient.Keys.GetAsync(keyId);
+            return response switch
+            {
+                KeyCreatedResponse keyCreatedResponse => keyCreatedResponse.Body,
+                _ => throw new KeyNotFoundException($"key: '{keyId}' not found")
+            };
+        }
+    }
+}

Micro.AppRegistration.Api/Configs/Services.cs

@@ -0,0 +1,12 @@
+namespace Micro.AppRegistration.Api.Configs
+{
+    public class Services
+    {
+        public KeyStoreConfig KeyStore { set; get; }
+    }
+
+    public class KeyStoreConfig
+    {
+        public string Url { set; get; }
+    }
+}

Micro.AppRegistration.Api/Micro.AppRegistration.Api.csproj

@@ -9,12 +9,14 @@
       <PackageReference Include="App.Metrics.AspNetCore.Mvc" Version="3.2.0-dev0002" />
       <PackageReference Include="App.Metrics.Extensions.Configuration" Version="3.2.0-dev0002" />
       <PackageReference Include="App.Metrics.Reporting.InfluxDB" Version="3.2.0-dev0002" />
+      <PackageReference Include="Fossapps.Micro.KeyStore" Version="1.10.0" />
       <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="3.0.3" />
       <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="3.0.0-preview8.19405.11" />
       <PackageReference Include="Microsoft.Extensions.Logging.Slack" Version="1.1.0" />
       <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL" Version="3.0.0-preview8" />
       <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL.Design" Version="1.1.1" />
       <None Include="./appsettings.ci.json" CopyToPublishDirectory="Always" />
+      <PackageReference Include="PemUtils" Version="3.0.0.82" />
       <PackageReference Include="Swashbuckle.AspNetCore" Version="5.0.0-rc2" />
     </ItemGroup>
 

Micro.AppRegistration.Api/Startup.cs

@@ -24,7 +24,7 @@ public void ConfigureServices(IServiceCollection services)
         {
             services.AddConfiguration(Configuration);
             services.AddMetrics();
-            services.ConfigureRequiredDependencies();
+            services.ConfigureRequiredDependencies(Configuration);
             services.ConfigureHealthChecks();
             services.AddControllers();
             services.ConfigureSwagger();

Micro.AppRegistration.Api/StartupExtensions/Configuration.cs

@@ -10,6 +10,7 @@ public static void AddConfiguration(this IServiceCollection services, IConfigura
         {
             services.Configure<DatabaseConfig>(configuration.GetSection("DatabaseConfig"));
             services.Configure<SlackLoggingConfig>(configuration.GetSection("Logging").GetSection("Slack"));
+            services.Configure<Services>(configuration.GetSection("Services"));
         }
     }
 }

Micro.AppRegistration.Api/StartupExtensions/DependencyInjection.cs

@@ -1,15 +1,30 @@
+using System;
+using Fossapps.Micro.KeyStore;
+using Micro.AppRegistration.Api.Auth;
+using Micro.AppRegistration.Api.Configs;
 using Micro.AppRegistration.Api.Models;
 using Micro.AppRegistration.Api.Uuid;
+using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 
 namespace Micro.AppRegistration.Api.StartupExtensions
 {
     public static class DependencyInjection
     {
-        public static void ConfigureRequiredDependencies(this IServiceCollection services)
+        public static void ConfigureRequiredDependencies(this IServiceCollection services, IConfiguration configuration)
         {
             services.AddDbContext<ApplicationContext>();
             services.AddSingleton<IUuidService, UuidService>();
+            services.AddSingleton<IKeyResolver, KeyResolver>();
+            services.AddSingleton(SetupKeyStoreHttpClient(configuration.GetSection("Services").Get<Services>().KeyStore));
+        }
+
+        private static IKeyStoreClient SetupKeyStoreHttpClient(KeyStoreConfig config)
+        {
+            return new KeyStoreClient
+            {
+                BaseUri = new Uri(config.Url)
+            };
         }
     }
-}
+}

Micro.AppRegistration.Api/StartupExtensions/Identity.cs

@@ -1,9 +1,11 @@
 using System;
+using System.IO;
+using Micro.AppRegistration.Api.Auth;
 using Microsoft.AspNetCore.Authentication.JwtBearer;
-using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.IdentityModel.Tokens;
+using PemUtils;
 
 namespace Micro.AppRegistration.Api.StartupExtensions
 {
@@ -36,12 +38,16 @@ private static void ConfigureJwtBearer(IServiceCollection services, JwtBearerOpt
                 ClockSkew = TimeSpan.Zero,
                 IssuerSigningKeyResolver = (token, secToken, kid, parameters) =>
                 {
-                    // todo: first get keystore to generate a sdk and publish to nuget automatically
-                    // add that package as a dependency
-                    // and finally copy logic from micro.auth
-                    throw new NotImplementedException();
-                }
+                    // todo: I know this .Result is a very bad idea (converting from async to sync)
+                    // however there's no other way to do this, signing key resolver doesn't have a
+                    // async version of this method, they are looking into it though
+                    // https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/issues/468
+                    var key = services.BuildServiceProvider().GetRequiredService<IKeyResolver>()
+                        .ResolveKey(kid).Result;
+                    var pemReader = new PemReader(new MemoryStream(System.Text.Encoding.UTF8.GetBytes(key)));
+                    var publicKeyParameters = pemReader.ReadRsaKey();
+                    return new []{new RsaSecurityKey(publicKeyParameters)};                }
             };
         }
     }
-}
+}

Micro.AppRegistration.Api/appsettings.json

@@ -23,5 +23,10 @@
       "Database": "monitoring"
     }
   },
+  "Services": {
+    "KeyStore": {
+      "Url": "http://localhost:15000"
+    }
+  },
   "AllowedHosts": "*"
 }