diff --git a/src/Infrastructure/Identity/IdentityService.cs b/src/Infrastructure/Identity/IdentityService.cs index 02b5ce0..9997316 100644 --- a/src/Infrastructure/Identity/IdentityService.cs +++ b/src/Infrastructure/Identity/IdentityService.cs @@ -218,12 +218,15 @@ public class IdentityService( { return null; } - + var user = await GetUserByUserNameAsync(userName); + + var jwtSection = configuration.GetRequiredSection("Authentication:Jwt"); + var token = JwtTokenHelper.GenerateJwtToken( - issuer: configuration["Jwt-Issuer"] ?? "", - audience: configuration["Jwt-Audience"] ?? "", - key: configuration["Jwt-Key"] ?? "", + issuer: jwtSection["Issuer"] ?? "", + audience: jwtSection["Audience"] ?? "", + key: jwtSection["Key"] ?? "", userId: user?.Id ?? ""); return token; diff --git a/src/Web/DependencyInjection.cs b/src/Web/DependencyInjection.cs index 3a7eb61..27f1ac1 100644 --- a/src/Web/DependencyInjection.cs +++ b/src/Web/DependencyInjection.cs @@ -30,7 +30,7 @@ public static class DependencyInjection services.AddExceptionHandler(); services.AddRazorPages(); - + services.AddHttpClient(); // Customise default API behaviour @@ -44,13 +44,16 @@ public static class DependencyInjection configure.Title = "Hutopy API"; // Add JWT - configure.AddSecurity("JWT", Enumerable.Empty(), new OpenApiSecurityScheme - { - Type = OpenApiSecuritySchemeType.ApiKey, - Name = "Authorization", - In = OpenApiSecurityApiKeyLocation.Header, - Description = "Type into the textbox: Bearer {your JWT token}." - }); + configure.AddSecurity( + "JWT", + [], + new OpenApiSecurityScheme + { + Type = OpenApiSecuritySchemeType.ApiKey, + Name = "Authorization", + In = OpenApiSecurityApiKeyLocation.Header, + Description = "Type into the textbox: Bearer {your JWT token}." + }); configure.OperationProcessors.Add(new AspNetCoreOperationSecurityScopeProcessor("JWT")); }); @@ -58,7 +61,8 @@ public static class DependencyInjection return services; } - public static IServiceCollection AddKeyVaultIfConfigured(this IServiceCollection services, ConfigurationManager configuration) + public static IServiceCollection AddKeyVaultIfConfigured(this IServiceCollection services, + ConfigurationManager configuration) { var keyVaultUri = configuration["KeyVaultUri"]; if (!string.IsNullOrWhiteSpace(keyVaultUri)) @@ -70,10 +74,11 @@ public static class DependencyInjection return services; } - - public static IServiceCollection AddAuthorizationAndAuthentication(this IServiceCollection services, ConfigurationManager configuration) + + public static IServiceCollection AddAuthorizationAndAuthentication(this IServiceCollection services, + ConfigurationManager configuration) { - services.AddAuthentication(options => + var authenticationBuilder = services.AddAuthentication(options => { options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme; @@ -82,35 +87,50 @@ public static class DependencyInjection { options.LoginPath = "/api/Users/login"; }) - .AddCookie() - .AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, jwtBearerOptions => + .AddCookie(); + + var authJwt = configuration.GetSection("Authentication:Jwt"); + if (authJwt.Exists()) + { + authenticationBuilder.AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, jwtBearerOptions => { jwtBearerOptions.Authority = "https://hutopy.com"; jwtBearerOptions.TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = true, - ValidIssuer = configuration["Jwt-Issuer"], + ValidIssuer = authJwt["Issuer"], ValidateAudience = true, - ValidAudience = configuration["Jwt-Audience"], + ValidAudience = authJwt["Audience"], ValidateLifetime = true, - IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(configuration["Jwt-Key"] ?? + IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(authJwt["Key"] ?? throw new ArgumentNullException("The Jwt Key is missing."))) }; - }) - .AddGoogle(GoogleDefaults.AuthenticationScheme, options => + }); + } + + var authGoogle = configuration.GetSection("Authentication:Google"); + if (authGoogle.Exists()) + { + authenticationBuilder.AddGoogle(GoogleDefaults.AuthenticationScheme, options => { - options.ClientId = configuration["Google-ClientId"] ?? - throw new ArgumentNullException("The Google ClientId is missing.");; - options.ClientSecret = configuration["Google-ClientSecret"] ?? - throw new ArgumentNullException("The Google ClientSecret is missing.");; - }) - .AddFacebook(FacebookDefaults.AuthenticationScheme, options => + options.ClientId = authGoogle["ClientId"] ?? + throw new ArgumentNullException("The Google ClientId is missing."); + options.ClientSecret = authGoogle["ClientSecret"] ?? + throw new ArgumentNullException("The Google ClientSecret is missing."); + }); + } + + var authFacebook = configuration.GetSection("Authentication:Facebook"); + if (authFacebook.Exists()) + { + authenticationBuilder.AddFacebook(FacebookDefaults.AuthenticationScheme, options => { - options.ClientId = configuration["Facebook-ClientId"] ?? + options.ClientId = authFacebook["ClientId"] ?? throw new ArgumentNullException("The Facebook ClientId is missing."); - options.ClientSecret = configuration["Facebook-ClientSecret"] ?? + options.ClientSecret = authFacebook["ClientSecret"] ?? throw new ArgumentNullException("The Facebook ClientSecret is missing."); }); + } return services; }