AgileWebs/Core.Thalos.BuildingBlocks
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

reeplace cerberos by thalos

Browse Source
This commit is contained in:
Sergio Matias Urquin
2025-05-18 18:46:31 -06:00
parent 5b3cd5589d
commit 4fdd80db55
40 changed files with 85 additions and 85 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
Core.Cerberos.Adapters/Adapters/Base/BaseAdapterResponse.cs
View File

@@ -1,33 +0,0 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Text.Json;
using System.Threading.Tasks;
namespace Core.Cerberos.Adapters
{
public class BaseAdapterResponse
{
public bool HasError { get; set; } = false;
public bool IsSuccess { get; private set; } = false;
public string Message { get; set; }
public void SetResult(string message)
{
HasError = false;
IsSuccess = true;
Message = message;
}
public string SetErrorMessage(string message)
{
var _message = new
{
Content = JsonSerializer.Serialize(message),
HasError = true
};
return JsonSerializer.Serialize(_message);
}
}
}

118
Core.Cerberos.Adapters/Adapters/ModuleAdapter.cs
View File

@@ -1,118 +0,0 @@
// ***********************************************************************
// <copyright file="ModuleAdapter.cs">
// AgileWebs
// </copyright>
// ***********************************************************************
using Core.Cerberos.Adapters.Common.Enums;
using MongoDB.Bson;
using MongoDB.Bson.Serialization.Attributes;
using System.Text.Json.Serialization;
namespace Core.Cerberos.Adapters
{
/// <summary>
/// Adapter for representing a module.
/// </summary>
public class ModuleAdapter
{
/// <summary>
/// Gets or sets the ID of the module.
/// </summary>
[BsonId]
[BsonElement("_id")]
[BsonRepresentation(BsonType.ObjectId)]
[JsonPropertyName("id")]
public string Id { get; set; } = null!;
/// <summary>
/// Gets or sets the name of the module.
/// </summary>
[BsonElement("name")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("name")]
public string Name { get; set; } = null!;
/// <summary>
/// Gets or sets the description of the module.
/// </summary>
[BsonElement("description")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("description")]
public string? Description { get; set; }
/// <summary>
/// Gets or sets the description of the module.
/// </summary>
[BsonElement("icon")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("icon")]
public string? Icon { get; set; }
/// <summary>
/// Gets or sets the description of the module.
/// </summary>
[BsonElement("route")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("route")]
public string Route { get; set; } = null!;
/// <summary>
/// Gets or sets the order of the module.
/// </summary>
[BsonElement("order")]
[BsonRepresentation(BsonType.Int32)]
[JsonPropertyName("order")]
public int? Order { get; set; }
/// <summary>
/// Gets or sets the application of the module.
/// </summary>
[BsonElement("application")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("application")]
[JsonConverter(typeof(JsonStringEnumConverter))]
public ApplicationsEnum? Application { get; set; } = null!;
/// <summary>
/// Gets or sets the date and time when the module was created.
/// </summary>
[BsonElement("createdAt")]
[BsonRepresentation(BsonType.DateTime)]
[JsonPropertyName("createdAt")]
public DateTime CreatedAt { get; set; } = DateTime.UtcNow;
/// <summary>
/// Gets or sets the user who created the module.
/// </summary>
[BsonElement("createdBy")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("createdBy")]
public string? CreatedBy { get; set; }
/// <summary>
/// Gets or sets the date and time when the module was last updated.
/// </summary>
[BsonElement("updatedAt")]
[BsonRepresentation(BsonType.DateTime)]
[JsonPropertyName("updatedAt")]
public DateTime? UpdatedAt { get; set; } = null;
/// <summary>
/// Gets or sets the user who last updated the module.
/// </summary>
[BsonElement("updatedBy")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("updatedBy")]
public string? UpdatedBy { get; set; } = null;
/// <summary>
/// Gets or sets the status of the module.
/// </summary>
[BsonElement("status")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("status")]
[JsonConverter(typeof(JsonStringEnumConverter))]
public StatusEnum Status { get; set; } = StatusEnum.Active;
}
}

95
Core.Cerberos.Adapters/Adapters/PermissionAdapter.cs
View File

@@ -1,95 +0,0 @@
// ***********************************************************************
// <copyright file="PermissionAdapter.cs">
// AgileWebs
// </copyright>
// ***********************************************************************
using Core.Cerberos.Adapters.Common.Constants;
using Core.Cerberos.Adapters.Common.Enums;
using MongoDB.Bson;
using MongoDB.Bson.Serialization.Attributes;
using System.Text.Json.Serialization;
namespace Core.Cerberos.Adapters
{
/// <summary>
/// Adapter for representing a permission.
/// </summary>
public class PermissionAdapter
{
/// <summary>
/// Gets or sets the ID of the entity.
/// </summary>
[BsonId]
[BsonElement("_id")]
[BsonRepresentation(BsonType.ObjectId)]
[JsonPropertyName("id")]
public string Id { get; set; } = null!;
/// <summary>
/// Gets or sets the name of the entity.
/// </summary>
[BsonElement("name")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("name")]
public string Name { get; set; } = null!;
/// <summary>
/// Gets or sets the description of the entity.
/// </summary>
[BsonElement("description")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("description")]
public string? Description { get; set; }
/// <summary>
/// Gets or sets the status of the entity object.
/// </summary>
[BsonElement("accessLevel")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("accessLevel")]
[JsonConverter(typeof(JsonStringEnumConverter))]
public AccessLevelEnum? AccessLevel { get; set; } = null!;
/// <summary>
/// Gets or sets the date and time when the entity was created.
/// </summary>
[BsonElement("createdAt")]
[BsonRepresentation(BsonType.DateTime)]
[JsonPropertyName("createdAt")]
public DateTime CreatedAt { get; set; } = DateTime.UtcNow;
/// <summary>
/// Gets or sets the user who created the entity.
/// </summary>
[BsonElement("createdBy")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("createdBy")]
public string? CreatedBy { get; set; }
/// <summary>
/// Gets or sets the date and time when the entity was last updated.
/// </summary>
[BsonElement("updatedAt")]
[BsonRepresentation(BsonType.DateTime)]
[JsonPropertyName("updatedAt")]
public DateTime? UpdatedAt { get; set; } = null;
/// <summary>
/// Gets or sets the user who last updated the entity.
/// </summary>
[BsonElement("updatedBy")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("updatedBy")]
public string? UpdatedBy { get; set; } = null;
/// <summary>
/// Gets or sets the status of the entity.
/// </summary>
[BsonElement("status")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("status")]
[JsonConverter(typeof(JsonStringEnumConverter))]
public StatusEnum Status { get; set; } = StatusEnum.Active;
}
}

107
Core.Cerberos.Adapters/Adapters/RoleAdapter.cs
View File

@@ -1,107 +0,0 @@
// ***********************************************************************
// <copyright file="RoleAdapter.cs">
// AgileWebs
// </copyright>
// ***********************************************************************
using Core.Cerberos.Adapters.Common.Enums;
using MongoDB.Bson;
using MongoDB.Bson.Serialization.Attributes;
using System.Text.Json.Serialization;
namespace Core.Cerberos.Adapters
{
/// <summary>
/// Adapter representing a role.
/// </summary>
public class RoleAdapter
{
/// <summary>
/// Gets or sets the unique identifier of the role.
/// </summary>
[BsonId]
[BsonElement("_id")]
[BsonRepresentation(BsonType.ObjectId)]
[JsonPropertyName("id")]
public string Id { get; set; } = null!;
/// <summary>
/// Gets or sets the name of the role.
/// </summary>
[BsonElement("name")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("name")]
public string Name { get; set; } = null!;
/// <summary>
/// Gets or sets the description of the role.
/// </summary>
[BsonElement("description")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("description")]
public string? Description { get; set; }
/// <summary>
/// Gets or sets the status of the entity.
/// </summary>
[BsonElement("applications")]
[JsonPropertyName("applications")]
[JsonConverter(typeof(EnumArrayJsonConverter<ApplicationsEnum>))]
public ApplicationsEnum[]? Applications { get; set; }
/// <summary>
/// Gets or sets the modules of the role.
/// </summary>
[BsonElement("modules")]
[JsonPropertyName("modules")]
public string[] Modules { get; set; } = null!;
/// <summary>
/// Gets or sets the permissions of the role.
/// </summary>
[BsonElement("permissions")]
[JsonPropertyName("permissions")]
public string[] Permissions { get; set; } = null!;
/// <summary>
/// Gets or sets the date and time when the entity was created.
/// </summary>
[BsonElement("createdAt")]
[BsonRepresentation(BsonType.DateTime)]
[JsonPropertyName("createdAt")]
public DateTime CreatedAt { get; set; } = DateTime.UtcNow;
/// <summary>
/// Gets or sets the user who created the entity.
/// </summary>
[BsonElement("createdBy")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("createdBy")]
public string? CreatedBy { get; set; }
/// <summary>
/// Gets or sets the date and time when the entity was last updated.
/// </summary>
[BsonElement("updatedAt")]
[BsonRepresentation(BsonType.DateTime)]
[JsonPropertyName("updatedAt")]
public DateTime? UpdatedAt { get; set; } = null;
/// <summary>
/// Gets or sets the user who last updated the entity.
/// </summary>
[BsonElement("updatedBy")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("updatedBy")]
public string? UpdatedBy { get; set; } = null;
/// <summary>
/// Gets or sets the status of the entity.
/// </summary>
[BsonElement("status")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("status")]
[JsonConverter(typeof(JsonStringEnumConverter))]
public StatusEnum Status { get; set; } = StatusEnum.Active;
}
}

18
Core.Cerberos.Adapters/Adapters/TokenAdapter.cs
View File

@@ -1,18 +0,0 @@
// ***********************************************************************
// <copyright file="TokenAdapter.cs">
// AgileWebs
// </copyright>
// ***********************************************************************
namespace Core.Cerberos.Adapters
{
public class TokenAdapter
{
public UserAdapter? User { get; set; }
public RoleAdapter? Role { get; set; }
public IEnumerable<PermissionAdapter>? Permissions { get; set; }
public IEnumerable<ModuleAdapter> Modules { get; set; } = null!;
}
}

171
Core.Cerberos.Adapters/Adapters/UserAdapter.cs
View File

@@ -1,171 +0,0 @@
// ***********************************************************************
// <copyright file="UserAdapter.cs">
// AgileWebs
// </copyright>
// ***********************************************************************
using Core.Cerberos.Adapters.Common.Enums;
using MongoDB.Bson;
using MongoDB.Bson.Serialization.Attributes;
using System.Text.Json.Serialization;
namespace Core.Cerberos.Adapters
{
/// <summary>
/// Adapter representing a user.
/// </summary>
public class UserAdapter : BaseAdapterResponse
{
/// <summary>
/// Gets or sets the unique identifier of the user.
/// </summary>
[BsonId]
[BsonElement("_id")]
[BsonRepresentation(BsonType.ObjectId)]
[JsonPropertyName("id")]
public string Id { get; set; } = null!;
/// <summary>
/// Gets or sets the guid of the user.
/// </summary>
[BsonElement("guid")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("guid")]
public string? Guid { get; set; }
/// <summary>
/// Gets or sets the email address of the user.
/// </summary>
[BsonElement("email")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("email")]
public string Email { get; set; } = null!;
/// <summary>
/// Gets or sets the name of the user.
/// </summary>
[BsonElement("name")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("name")]
public string Name { get; set; } = null!;
/// <summary>
/// Gets or sets the middlename of the user.
/// </summary>
[BsonElement("middleName")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("middleName")]
public string? MiddleName { get; set; }
/// <summary>
/// Gets or sets the last name of the user.
/// </summary>
[BsonElement("lastName")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("lastName")]
public string LastName { get; set; } = null!;
/// <summary>
/// Gets or sets the name of the user.
/// </summary>
[BsonElement("displayName")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("displayName")]
public string? DisplayName { get; set; }
/// <summary>
/// Gets or sets the role ID of the user.
/// </summary>
[BsonElement("roleId")]
[BsonRepresentation(BsonType.ObjectId)]
[JsonPropertyName("roleId")]
public string RoleId { get; set; } = null!;
/// <summary>
/// Gets or sets the array of companies associated with the user.
/// </summary>
[BsonElement("companies")]
[JsonPropertyName("companies")]
public string[] Companies { get; set; } = null!;
/// <summary>
/// Gets or sets the array of projects associated with the user.
/// </summary>
[BsonElement("projects")]
[JsonPropertyName("projects")]
public string[]? Projects { get; set; }
/// <summary>
/// Gets or sets the boolean of the consent form accepted by the user.
/// </summary>
[BsonElement("consentFormAccepted")]
[JsonPropertyName("consentFormAccepted")]
[BsonIgnoreIfNull]
public bool ConsentFormAccepted { get; set; }
/// <summary>
/// Gets or sets the timestamp of the last login of the user.
/// </summary>
[BsonElement("lastLogIn")]
[BsonRepresentation(BsonType.DateTime)]
[JsonPropertyName("lastLogIn")]
public DateTime? LastLogIn { get; set; }
/// <summary>
/// Gets or sets the timestamp of the last logout of the user.
/// </summary>
[BsonElement("lastLogOut")]
[BsonRepresentation(BsonType.DateTime)]
[JsonPropertyName("lastLogOut")]
public DateTime? LastLogOut { get; set; }
/// <summary>
/// Gets or sets the token associated with the user.
/// </summary>
[BsonElement("token")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("token")]
public string? Token { get; set; } = null;
/// <summary>
/// Gets or sets the date and time when the entity was created.
/// </summary>
[BsonElement("createdAt")]
[BsonRepresentation(BsonType.DateTime)]
[JsonPropertyName("createdAt")]
public DateTime CreatedAt { get; set; } = DateTime.UtcNow;
/// <summary>
/// Gets or sets the user who created the entity.
/// </summary>
[BsonElement("createdBy")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("createdBy")]
public string? CreatedBy { get; set; }
/// <summary>
/// Gets or sets the date and time when the entity was last updated.
/// </summary>
[BsonElement("updatedAt")]
[BsonRepresentation(BsonType.DateTime)]
[JsonPropertyName("updatedAt")]
public DateTime? UpdatedAt { get; set; } = null;
/// <summary>
/// Gets or sets the user who last updated the entity.
/// </summary>
[BsonElement("updatedBy")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("updatedBy")]
public string? UpdatedBy { get; set; } = null;
/// <summary>
/// Gets or sets the status of the entity.
/// </summary>
[BsonElement("status")]
[BsonRepresentation(BsonType.String)]
[JsonPropertyName("status")]
[JsonConverter(typeof(JsonStringEnumConverter))]
public StatusEnum Status { get; set; } = StatusEnum.Active;
}
}

9
Core.Cerberos.Adapters/Attributes/Permission.cs
View File

@@ -1,9 +0,0 @@
namespace Core.Cerberos.Adapters
{
public class Permission
{
public string Name { get; set; }
public string AccessLevel { get; set; }
}
}

72
Core.Cerberos.Adapters/Attributes/PermissionAttribute.cs
View File

@@ -1,72 +0,0 @@
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Filters;
namespace Core.Cerberos.Adapters.Attributes
{
/// <summary>
/// Custom authorization attribute that checks if the user has any of the required permissions.
/// </summary>
[System.Diagnostics.CodeAnalysis.ExcludeFromCodeCoverage]
public class PermissionAttribute : AuthorizeAttribute, IAuthorizationFilter
{
private readonly string _requiredPermissions;
/// <summary>
/// Initializes a new instance of the <see cref="PermissionAttribute"/> class.
/// </summary>
/// <param name="requiredPermissions">The array of permissions required to access the resource.</param>
public PermissionAttribute(string requiredPermissions)
{
_requiredPermissions = requiredPermissions;
}
/// <summary>
/// Called during the authorization process to determine if the user has any of the required permissions.
/// </summary>
/// <param name="context">The context in which the authorization filter operates.</param>
public void OnAuthorization(AuthorizationFilterContext context)
{
try
{
var hasPermission = false;
var servicePermissionsList = _requiredPermissions.Replace(" ", "").Split(',').ToList();
var servicePermissions = servicePermissionsList.Select(s => new Permission
{
Name = s.Substring(0, s.IndexOf('.')),
AccessLevel = s.Substring(s.IndexOf('.') + 1),
});
var userPermissionsList = context.HttpContext.User.Claims
.Where(c => c.Type == "permissions")
.Select(c => c.Value)
.ToList();
var userPermissions = userPermissionsList.Select(s => new Permission
{
Name = s.Substring(0, s.IndexOf('.')),
AccessLevel = s.Substring(s.IndexOf('.') + 1),
});
foreach (var servicePermission in servicePermissions)
{
hasPermission = userPermissions
.Where(up => up.Name == servicePermission.Name && up.AccessLevel == "All"
|| up.Name == servicePermission.Name && up.AccessLevel == servicePermission.AccessLevel)
.Count() > 0 ? true : false;
if (hasPermission) break;
}
if (!hasPermission)
context.Result = new UnauthorizedResult();
}
catch (Exception ex)
{
context.Result = new UnauthorizedResult();
}
}
}
}

32
Core.Cerberos.Adapters/Common/Constants/AccessLevelEnum.cs
View File

@@ -1,32 +0,0 @@
// ***********************************************************************
// <copyright file="AccessLevelEnum.cs">
// AgileWebs
// </copyright>
// ***********************************************************************
using System.Text.Json.Serialization;
namespace Core.Cerberos.Adapters.Common.Constants
{
/// <summary>
/// Specifies different access level for a permission.
/// </summary>
[JsonConverter(typeof(JsonStringEnumConverter))]
public enum AccessLevelEnum
{
/// <summary>
/// The object is accessible for reading.
/// </summary>
Read = 0,
/// <summary>
/// The object is accessible for writing.
/// </summary>
Write = 1,
/// <summary>
/// The object is accessible for all operations.
/// </summary>
All = 2
}
}

43
Core.Cerberos.Adapters/Common/Constants/AzureAd.cs
View File

@@ -1,43 +0,0 @@
// ***********************************************************************
// <copyright file="AzureAd.cs">
// AgileWebs
// </copyright>
// ***********************************************************************
namespace Core.Cerberos.Adapters.Common.Constants
{
/// <summary>
/// Constants for Azure Active Directory.
/// </summary>
public class AzureAd
{
/// <summary>
/// The ClientId parameter.
/// </summary>
public const string ClientId = "AzureAdB2C:ClientId";
/// <summary>
/// The TenantId parameter.
/// </summary>
public const string TenantId = "AzureAdB2C:TenantId";
/// <summary>
/// The ClientSecret parameter.
/// </summary>
public const string ClientSecret = "AzureAdB2C:ClientSecret";
/// <summary>
/// The MicrosoftOnlineUri parameter.
/// </summary>
public const string MicrosoftOnlineUri = "https://login.microsoftonline.com/";
/// <summary>
/// The GraphUri parameter.
/// </summary>
public const string GraphUri = "https://graph.microsoft.com/.default";
/// <summary>
/// The Instance parameter.
/// </summary>
public const string Instance = "AzureAdB2C:Instance";
}
}

73
Core.Cerberos.Adapters/Common/Constants/Claims.cs
View File

@@ -1,73 +0,0 @@
// ***********************************************************************
// <copyright file="Claims.cs">
// AgileWebs
// </copyright>
// ***********************************************************************
namespace Core.Cerberos.Adapters.Common.Constants
{
/// <summary>
/// Constants for claims used in JWT tokens.
/// </summary>
public class Claims
{
/// <summary>
/// Claim name for user's name.
/// </summary>
public const string Name = "name";
/// <summary>
/// Claim name for user's guid.
/// </summary>
public const string GUID = "guid";
/// <summary>
/// Claim name for user's ID.
/// </summary>
public const string Id = "id";
/// <summary>
/// Claim name for user's role ID.
/// </summary>
public const string Role = "role";
/// <summary>
/// Claim name for user's role Iidentifier.
/// </summary>
public const string RoleId = "roleId";
/// <summary>
/// Claim name for user's companies.
/// </summary>
public const string Companies = "companies";
/// <summary>
/// Claim name for user's projects.
/// </summary>
public const string Projects = "projects";
/// <summary>
/// Claim name for user's applications.
/// </summary>
public const string Applications = "applications";
/// <summary>
/// Claim name for application's modules.
/// </summary>
public const string Modules = "modules";
/// <summary>
/// Claim name for user's permissions.
/// </summary>
public const string Permissions = "permissions";
/// <summary>
/// Claim name for user's ID.
/// </summary>
public const string Email = "email";
/// <summary>
/// Claim name for user's role.
/// </summary>
public const string LSARoleId = "LSARoleId";
}
}

25
Core.Cerberos.Adapters/Common/Constants/CollectionNames.cs
View File

@@ -1,25 +0,0 @@
namespace Core.Cerberos.Adapters.Common.Constants
{
public static class CollectionNames
{
/// <summary>
/// The User collection name.
/// </summary>
public const string User = "Users";
/// <summary>
/// The Role collection name.
/// </summary>
public const string Role = "Roles";
/// <summary>
/// The Permission collection name.
/// </summary>
public const string Permission = "Permissions";
/// <summary>
/// The Module collection name.
/// </summary>
public const string Module = "Modules";
}
}

21
Core.Cerberos.Adapters/Common/Constants/EnvironmentVariables.cs
View File

@@ -1,21 +0,0 @@
// ***********************************************************************
// <copyright file="EnvironmentVariables.cs">
// AgileWebs
// </copyright>
// ***********************************************************************
namespace Core.Cerberos.Adapters.Common.Constants
{
/// <summary>
/// Constants of the environment variables for this service.
/// </summary>
public static class EnvironmentVariables
{
/// <summary>
/// The stage environment vriable.
/// </summary>
public const string Stage = "ASPNETCORE_ENVIRONMENT";
}
}

33
Core.Cerberos.Adapters/Common/Constants/KeyVaultConfiguration.cs
View File

@@ -1,33 +0,0 @@
// ***********************************************************************
// <copyright file="KeyVaultConfiguration.cs">
// AgileWebs
// </copyright>
// ***********************************************************************
namespace Core.Cerberos.Adapters.Common.Constants
{
/// <summary>
/// Constants for Key Vault configuration.
/// </summary>
public class KeyVaultConfiguration
{
/// <summary>
/// The KeyVaultUrl parameter.
/// </summary>
public const string KeyVaultUrl = "KeyVaultConfiguration:KeyVaultUrl";
/// <summary>
/// The TenantId parameter.
/// </summary>
public const string TenantId = "KeyVaultConfiguration:TenantId";
/// <summary>
/// The ClientId parameter.
/// </summary>
public const string ClientId = "KeyVaultConfiguration:ClientId";
/// <summary>
/// The ClientSecretId parameter.
/// </summary>
public const string ClientSecretId = "KeyVaultConfiguration:ClientSecretId";
}
}

153
Core.Cerberos.Adapters/Common/Constants/MimeTypes.cs
View File

@@ -1,153 +0,0 @@
// ***********************************************************************
// <copyright file="MimeTypes.cs">
// Axen IT
// </copyright>
// ***********************************************************************
using System.Globalization;
namespace Core.Cerberos.Adapters.Common.Constants
{
/// <summary>
/// Constants for the mime types.
/// </summary>
public static class MimeTypes
{
/// <summary>
/// The application version.
/// </summary>
public const string ApplicationVersion = "1.0";
/// <summary>
/// The service application/json mime type.
/// </summary>
public const string ApplicationJson = "application/json";
/// <summary>
/// The application/pdf mime type.
/// </summary>
public const string ApplicationPdf = "application/pdf";
/// <summary>
/// The end index.
/// </summary>
public const int EndIndex = 5;
/// <summary>
/// The JPEG extension.
/// </summary>
public const string ExtensionGif = "gif";
/// <summary>
/// The JPEG extension.
/// </summary>
public const string ExtensionJpeg = "jpeg";
/// <summary>
/// The PNG extension.
/// </summary>
public const string ExtensionPng = "png";
/// <summary>
/// The SVG extension.
/// </summary>
public const string ExtensionSvg = "svg";
/// <summary>
/// The image/gif mime type.
/// </summary>
public const string ImageGif = "image/gif";
/// <summary>
/// The image/jpeg mime type.
/// </summary>
public const string ImageJpeg = "image/jpeg";
/// <summary>
/// The image/png mime type.
/// </summary>
public const string ImagePng = "image/png";
/// <summary>
/// The image/svg+xml mime type.
/// </summary>
public const string ImageSvg = "image/svg+xml";
/// <summary>
/// The identifier GIF.
/// </summary>
public const string IdentifierGif = "R0LGO";
/// <summary>
/// The identifier PNG.
/// </summary>
public const string IdentifierJpeg = "/9J/4";
/// <summary>
/// The identifier PDF.
/// </summary>
public const string IdentifierPdf = "JVBER";
/// <summary>
/// The identifier PNG.
/// </summary>
public const string IdentifierPng = "IVBOR";
/// <summary>
/// The identifier SVG.
/// </summary>
public const string IdentifierSvg = "PHN2Z";
/// <summary>
/// The parameter name.
/// </summary>
public const string ParameterName = "MimeType";
/// <summary>
/// The start index.
/// </summary>
public const int StartIndex = 0;
/// <summary>
/// The mime type dictionary.
/// </summary>
public static readonly Dictionary<string, string> Dictionary = new Dictionary<string, string>
{
{ IdentifierJpeg, ImageJpeg },
{ IdentifierPng, ImagePng },
{ IdentifierGif, ImageGif },
{ IdentifierSvg, ImageSvg },
};
/// <summary>
/// The mime type dictionary.
/// </summary>
public static readonly Dictionary<string, string> DictionaryExtension = new Dictionary<string, string>
{
{ IdentifierJpeg, ExtensionJpeg },
{ IdentifierPng, ExtensionPng },
{ IdentifierGif, ExtensionGif },
{ IdentifierSvg, ExtensionSvg },
};
/// <summary>
/// Gets the mime type.
/// </summary>
/// <param name="content">The content with mime type identifier, substring 0, 5 from content.</param>
/// <returns>A <see cref="string"/> representing the value.</returns>
public static string GetMimeType(this string content)
{
return Dictionary.FirstOrDefault(_ => _.Key == content[..EndIndex].ToUpper(CultureInfo.InvariantCulture)).Value;
}
/// <summary>
/// Gets the extension.
/// </summary>
/// <param name="content">The mime type identifier, substring 0, 5 from content.</param>
/// <returns>A <see cref="string"/> representing the value.</returns>
public static string GetExtension(this string content)
{
return DictionaryExtension.FirstOrDefault(_ => _.Key == content[..EndIndex].ToUpper(CultureInfo.InvariantCulture)).Value;
}
}
}

114
Core.Cerberos.Adapters/Common/Constants/Routes.cs
View File

@@ -1,114 +0,0 @@
// ***********************************************************************
// <copyright file="Routes.cs">
// AgileWebs
// </copyright>
// ***********************************************************************
namespace Core.Cerberos.Adapters.Common.Constants
{
/// <summary>
/// Constants of the routes of this service.
/// </summary>
public static class Routes
{
/// <summary>
/// The User route.
/// </summary>
public const string User = "users";
/// <summary>
/// The Register User route.
/// </summary>
public const string Register = "{sendInvitation}/send-invitation/register";
/// <summary>
/// The identifier route.
/// </summary>
public const string Id = "{id}";
/// <summary>
/// The Authentication route.
/// </summary>
public const string Authentication = "api/v1/authentication";
/// <summary>
/// The LogIn route.
/// </summary>
public const string LogIn = "{email}/login";
/// <summary>
/// The LogOut route.
/// </summary>
public const string LogOut = "{email}/logout";
/// <summary>
/// The Generate Token route.
/// </summary>
public const string GenerateToken = "GenerateToken";
/// <summary>
/// The refresh token route.
/// </summary>
public const string RefreshToken = "RefreshToken";
/// <summary>
/// The InviteUser route.
/// </summary>
public const string InviteUser = "invite-user";
/// <summary>
/// The role identifier route.
/// </summary>
public const string RoleId = "role/{roleId}";
/// <summary>
/// The GetPermissionList route.
/// </summary>
public const string GetPermissionList = "GetPermissionList";
/// <summary>
/// The GetModuleList route.
/// </summary>
public const string GetModuleList = "GetModuleList";
/// <summary>
/// The ChangeStatus route.
/// </summary>
public const string ChangeStatus = "{id}/{newStatus}/ChangeStatus";
/// <summary>
/// The AddCompany route.
/// </summary>
public const string AddCompany = "{userId}/Companies/{companyId}/Add";
/// <summary>
/// The RemoveCompany route.
/// </summary>
public const string RemoveCompany = "{userId}/Companies/{companyId}/Remove";
/// <summary>
/// The AddProject route.
/// </summary>
public const string AddProject = "{userId}/Projects/{projectId}/Add";
/// <summary>
/// The RemoveProject route.
/// </summary>
public const string RemoveProject = "{userId}/Projects/{projectId}/Remove";
/// <summary>
/// The AddApplication route.
/// </summary>
public const string AddApplication = "{roleId}/{application}/AddApplication";
/// <summary>
/// The RemoveApplication route.
/// </summary>
public const string RemoveApplication = "{roleId}/{application}/RemoveApplication";
/// <summary>
/// The email route.
/// </summary>
public const string Email = "{email}/GetByEmail";
}
}

18
Core.Cerberos.Adapters/Common/Constants/Schemes.cs
View File

@@ -1,18 +0,0 @@
namespace Core.Cerberos.Adapters.Common.Constants
{
/// <summary>
/// Constants for schemes.
/// </summary>
public class Schemes
{
/// <summary>
/// The heath scheme.
/// </summary>
public const string HeathScheme = "HeathScheme";
/// <summary>
/// The azure scheme.
/// </summary>
public const string AzureScheme = "AzureScheme";
}
}

59
Core.Cerberos.Adapters/Common/Constants/Secrets.cs
View File

@@ -1,59 +0,0 @@
// ***********************************************************************
// <copyright file="AppSettings.cs">
// AgileWebs
// </copyright>
// ***********************************************************************
namespace Core.Cerberos.Adapters.Common.Constants
{
/// <summary>
/// Constants for secrets in azure key vault.
/// </summary>
public class Secrets
{
/// <summary>
/// The MongoDBName parameter.
/// </summary>
public const string MongoDBName = "MongoDBName";
/// <summary>
/// The MongoDBConnection parameter.
/// </summary>
public const string MongoDBConnection = "MongoDBConnection";
/// <summary>
/// The Issuer parameter for JWT settings.
/// </summary>
public const string Issuer = "Issuer";
/// <summary>
/// The Audience parameter for JWT settings.
/// </summary>
public const string Audience = "Audience";
/// <summary>
/// The TokenExpirationInMinutes parameter for JWT settings.
/// </summary>
public const string TokenExpirationInMinutes = "TokenExpirationInMinutes";
/// <summary>
/// The TokenExpirationInHours parameter for JWT settings.
/// </summary>
public const string TokenExpirationInHours = "TokenExpirationInHours";
/// <summary>
/// The IssuerSigningKey parameter for JWT settings.
/// </summary>
public const string IssuerSigningKey = "IssuerSigningKey";
public const string AzureADInstance = "B2C:InstanceUri";
public const string AzureADTenantId = "B2C:TenantId";
public const string AzureADClientId = "B2C:ClientId";
public const string AzureADClientSecret = "B2C:ClientSecret";
public const string HeathCerberosAppAuthorizationUrl = "Swagger:AuthorizationUri";
public const string HeathCerberosAppTokenUrl = "Swagger:TokenUri";
public const string HeathCerberosAppClientId = "Swagger:ClientId";
public const string HeathCerberosAppScope = "Swagger:Scope";
public const string PrivateKey = "B2C:JwtIssuerOptions:TokenPrivateKey";
public const string PublicKey = "B2C:JwtIssuerOptions:TokenPublicKey";
}
}

42
Core.Cerberos.Adapters/Common/Enums/ApplicationsEnum.cs
View File

@@ -1,42 +0,0 @@
// ***********************************************************************
// <copyright file="ApplicationsEnum.cs">
// AgileWebs
// </copyright>
// ***********************************************************************
using System.Text.Json.Serialization;
namespace Core.Cerberos.Adapters.Common.Enums
{
/// <summary>
/// Defines the applications associated with the role.
/// </summary>
[JsonConverter(typeof(JsonStringEnumConverter))]
public enum ApplicationsEnum
{
/// <summary>
/// LSA Web Portal application.
/// </summary>
LSAWebPortal = 0,
/// <summary>
/// Customer DashBoard application.
/// </summary>
CustomerDashboard = 1,
/// <summary>
/// Discover application.
/// </summary>
Discover = 2,
/// <summary>
/// LSA Mobile application.
/// </summary>
LSAMobile = 3,
/// <summary>
/// BluePrint application.
/// </summary>
BluePrint = 4,
}
}

32
Core.Cerberos.Adapters/Common/Enums/StatusEnum.cs
View File

@@ -1,32 +0,0 @@
// ***********************************************************************
// <copyright file="StatusEnum.cs">
// AgileWebs
// </copyright>
// ***********************************************************************
using System.Text.Json.Serialization;
namespace Core.Cerberos.Adapters.Common.Enums
{
/// <summary>
/// Defines the status of an entity.
/// </summary>
[JsonConverter(typeof(JsonStringEnumConverter))]
public enum StatusEnum
{
/// <summary>
/// Indicates the entity is active.
/// </summary>
Active = 0,
/// <summary>
/// Indicates the entity is inactive.
/// </summary>
Inactive = 1,
/// <summary>
/// Indicates the entity is deleted.
/// </summary>
Deleted = 2
}
}

17
Core.Cerberos.Adapters/Common/SchemaFilters/EnumArrayJsonConverter.cs
View File

@@ -1,17 +0,0 @@
using System.Text.Json;
using System.Text.Json.Serialization;
public class EnumArrayJsonConverter<T> : JsonConverter<T[]> where T : Enum
{
public override T[] Read(ref Utf8JsonReader reader, Type typeToConvert, JsonSerializerOptions options)
{
var values = JsonSerializer.Deserialize<string[]>(ref reader, options);
return Array.ConvertAll(values, value => (T)Enum.Parse(typeof(T), value));
}
public override void Write(Utf8JsonWriter writer, T[] value, JsonSerializerOptions options)
{
var stringValues = Array.ConvertAll(value, v => v.ToString());
JsonSerializer.Serialize(writer, stringValues, options);
}
}

31
Core.Cerberos.Adapters/Common/SchemaFilters/EnumSchemaFilter.cs
View File

@@ -1,31 +0,0 @@
// ***********************************************************************
// <copyright file="EnumSchemaFilter.cs">
// AgileWebs
// </copyright>
// ***********************************************************************
using Microsoft.OpenApi.Any;
using Microsoft.OpenApi.Models;
using Swashbuckle.AspNetCore.SwaggerGen;
/// <summary>
/// Applies enumeration schema to OpenAPI schema definitions.
/// </summary>
public class EnumSchemaFilter : ISchemaFilter
{
/// <summary>
/// Applies the schema filter to an OpenAPI schema.
/// </summary>
/// <param name="schema">The OpenAPI schema to apply the filter to.</param>
/// <param name="context">The context information for the schema filter.</param>
public void Apply(OpenApiSchema schema, SchemaFilterContext context)
{
if (context.Type.IsEnum)
{
schema.Enum.Clear();
Enum.GetNames(context.Type)
.ToList()
.ForEach(name => schema.Enum.Add(new OpenApiString(name)));
}
}
}

19
Core.Cerberos.Adapters/Contracts/ITokenProvider.cs
View File

@@ -1,19 +0,0 @@
// ***********************************************************************
// <copyright file="ITokenProvider.cs">
// AgileWebs
// </copyright>
// ***********************************************************************
namespace Core.Cerberos.Adapters.Contracts
{
/// <summary>
/// Interface for token provider.
/// </summary>
public interface ITokenProvider
{
/// <summary>
/// Get token from headers.
/// </summary>
string GetToken();
}
}

32
Core.Cerberos.Adapters/Contracts/ITokenService.cs
View File

@@ -1,32 +0,0 @@
// ***********************************************************************
// <copyright file="ITokenService.cs">
// AgileWebs
// </copyright>
// ***********************************************************************
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
namespace Core.Cerberos.Adapters.Contracts
{
/// <summary>
/// Interface for authenticacion service.
/// </summary>
public interface ITokenService
{
/// <summary>
/// Refreshes the access token.
/// </summary>
(string, IEnumerable<ModuleAdapter>) GenerateAccessToken(TokenAdapter adapter);
/// <summary>
/// Refreshes the access token.
/// </summary>
IActionResult RefreshAccessToken(HttpContext context, TokenAdapter adapter);
/// <summary>
/// Extracts the user email claim from the http context.
/// </summary>
string GetEmailClaim(HttpContext httpContext);
}
}

30
Core.Cerberos.Adapters/Core.Cerberos.Adapters.csproj
View File

@@ -1,30 +0,0 @@
<Project Sdk="Microsoft.NET.Sdk">
<ItemGroup>
<FrameworkReference Include="Microsoft.AspNetCore.App" />
</ItemGroup>
<PropertyGroup>
<TargetFramework>net8.0</TargetFramework>
<ImplicitUsings>enable</ImplicitUsings>
<Nullable>enable</Nullable>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Asp.Versioning.Mvc.ApiExplorer" Version="8.1.0" />
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.10" />
<PackageReference Include="Microsoft.Extensions.Configuration.AzureAppConfiguration" Version="8.0.0" />
<PackageReference Include="Microsoft.Identity.Web" Version="3.2.2" />
<PackageReference Include="Microsoft.Identity.Web.MicrosoftGraph" Version="3.2.2" />
<PackageReference Include="MongoDB.Bson" Version="3.0.0" />
<PackageReference Include="OpenTelemetry" Version="1.9.0" />
<PackageReference Include="OpenTelemetry.Exporter.Console" Version="1.9.0" />
<PackageReference Include="OpenTelemetry.Extensions.Hosting" Version="1.9.0" />
<PackageReference Include="OpenTelemetry.Instrumentation.AspNetCore" Version="1.9.0" />
<PackageReference Include="OpenTelemetry.Instrumentation.Http" Version="1.9.0" />
<PackageReference Include="Portable.BouncyCastle" Version="1.9.0" />
<PackageReference Include="Swashbuckle.AspNetCore" Version="6.9.0" />
<PackageReference Include="System.Text.Json" Version="8.0.5" />
</ItemGroup>
</Project>

97
Core.Cerberos.Adapters/Extensions/AuthenticationExtension.cs
View File

@@ -1,97 +0,0 @@
// ***********************************************************************
// <copyright file="AuthExtension.cs">
// AgileWebs
// </copyright>
// ***********************************************************************
using Core.Cerberos.Adapters.Common.Constants;
using Core.Cerberos.Adapters.Contracts;
using Core.Cerberos.Adapters.Handlers;
using Core.Cerberos.Adapters.Options;
using Core.Cerberos.Adapters.Services;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.Authorization;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Identity.Web;
using Microsoft.IdentityModel.Tokens;
using System.Security.Cryptography;
namespace Core.Cerberos.Adapters.Extensions
{
/// <summary>
/// Extension methods for configuring authentication with various Azure AD setups.
/// </summary>
public static class AuthenticationExtension
{
/// <summary>
/// Configures authentication using Azure AD for an API that requires downstream API access.
/// </summary>
/// <param name="services">The <see cref="IServiceCollection"/> to add the services to.</param>
/// <param name="configuration">The <see cref="IConfiguration"/> containing Azure AD configuration settings.</param>
public static void ConfigureAuthentication(this IServiceCollection services, IConfiguration configuration, AuthSettings authSettings)
{
var environment = Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT") ?? string.Empty;
var azureAdInMemorySettings = new Dictionary<string, string?>
{
{ "AzureAdB2C:Instance", authSettings.AzureADInstance ?? string.Empty },
{ "AzureAdB2C:TenantId", authSettings.AzureADTenantId ?? string.Empty },
{ "AzureAdB2C:ClientId", authSettings.AzureADClientId ?? string.Empty },
{ "AzureAdB2C:ClientSecret", authSettings.AzureADClientSecret ?? string.Empty }
};
var configurationBuilder = new ConfigurationBuilder()
.AddConfiguration(configuration)
.AddInMemoryCollection(azureAdInMemorySettings);
var combinedConfiguration = configurationBuilder.Build();
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApi(combinedConfiguration.GetSection("AzureAdB2C"), Schemes.AzureScheme)
.EnableTokenAcquisitionToCallDownstreamApi()
.AddMicrosoftGraph(configuration.GetSection("MicrosoftGraph"))
.AddInMemoryTokenCaches();
var rsa = RSA.Create();
rsa.ImportFromPem(authSettings.PrivateKey?.ToCharArray());
var rsaPrivateKey = new RsaSecurityKey(rsa);
var rsaPublic = RSA.Create();
rsaPublic.ImportFromPem(authSettings.PublicKey?.ToCharArray());
var rsaPublicKey = new RsaSecurityKey(rsaPublic);
var jwtAppSettingOptions = configuration.GetSection("B2C:JwtIssuerOptions");
var jwtIssuerOptions = jwtAppSettingOptions.Get<JwtIssuerOptions>();
if (string.IsNullOrEmpty(jwtIssuerOptions?.Issuer) || string.IsNullOrEmpty(jwtIssuerOptions.Audience))
throw new InvalidOperationException("JwtIssuerOptions are not configured correctly.");
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(Schemes.HeathScheme, x =>
{
x.TokenValidationParameters = new TokenValidationParameters
{
ValidIssuer = jwtIssuerOptions?.Issuer,
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
ValidAudience = jwtIssuerOptions?.Audience,
IssuerSigningKey = rsaPublicKey
};
});
services.Configure<JwtIssuerOptions>(options =>
{
options.Issuer = jwtIssuerOptions?.Issuer;
options.Audience = jwtIssuerOptions?.Audience;
options.SigningCredentials = new SigningCredentials(rsaPrivateKey, SecurityAlgorithms.RsaSha256);
});
services.AddSingleton(jwtAppSettingOptions);
services.AddTransient<IAuthorizationHandler, PermissionsAuthorizationHandler>();
services.AddTransient<ITokenService, TokenService>();
}
}
}

193
Core.Cerberos.Adapters/Extensions/SwaggerExtensions.cs
View File

@@ -1,193 +0,0 @@
// ***********************************************************************
// <copyright file="SwaggerExtensions.cs">
// AgileWebs
// </copyright>
// ***********************************************************************
using Asp.Versioning.ApiExplorer;
using Core.Cerberos.Adapters.Common.Constants;
using Core.Cerberos.Adapters.Extensions;
using Microsoft.AspNetCore.Builder;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Options;
using Microsoft.OpenApi.Any;
using Microsoft.OpenApi.Models;
using Swashbuckle.AspNetCore.SwaggerGen;
using Swashbuckle.AspNetCore.SwaggerUI;
namespace Core.Cerberos.Adapters.Extensions
{
/// <summary>
/// Extension methods for configuring Swagger documentation and UI.
/// </summary>
public static class SwaggerExtensions
{
private static readonly string? environment = Environment.GetEnvironmentVariable(EnvironmentVariables.Stage);
/// <summary>
/// Adds Swagger services to the specified <see cref="IServiceCollection"/>.
/// </summary>
/// <param name="services">The <see cref="IServiceCollection"/> to add the services to.</param>
public static void AddSwagger(this IServiceCollection services, IConfiguration configuration, string DocumentationFile, AuthSettings authSettings)
{
services.AddEndpointsApiExplorer();
services.AddSwaggerGen(configuration, DocumentationFile, authSettings);
services.AddTransient<IConfigureOptions<SwaggerGenOptions>, ConfigureSwaggerOptions>();
}
/// <summary>
/// Configures Swagger generation with OAuth2 security and XML comments.
/// </summary>
/// <param name="services">The <see cref="IServiceCollection"/> to add the services to.</param>
/// <param name="configuration">The <see cref="IConfiguration"/> containing Swagger and OAuth2 configuration settings.</param>
public static void AddSwaggerGen(this IServiceCollection services, IConfiguration configuration, string DocumentationFile, AuthSettings authSettings)
{
services.AddSwaggerGen(c =>
{
c.AddSecurityDefinition("oauth2", new OpenApiSecurityScheme
{
Description = "OAuth2.0 Authorization Code flow",
Name = "oauth2.0",
Type = SecuritySchemeType.OAuth2,
Flows = new OpenApiOAuthFlows
{
AuthorizationCode = new OpenApiOAuthFlow
{
AuthorizationUrl = new Uri(authSettings.HeathCerberosAppAuthorizationUrl ?? string.Empty),
TokenUrl = new Uri(authSettings.HeathCerberosAppTokenUrl ?? string.Empty),
Scopes = new Dictionary<string, string>
{
{ authSettings.HeathCerberosAppScope ?? string.Empty, "Access API as User" }
}
}
}
});
c.AddSecurityRequirement(new OpenApiSecurityRequirement
{
{
new OpenApiSecurityScheme
{
Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "oauth2" }
},
new[] { authSettings.HeathCerberosAppScope }
}
});
c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
{
Description = "JWT Authorization header using the Bearer scheme",
Name = "Authorization",
In = ParameterLocation.Header,
Type = SecuritySchemeType.Http,
Scheme = "bearer",
BearerFormat = "JWT"
});
c.AddSecurityRequirement(new OpenApiSecurityRequirement
{
{
new OpenApiSecurityScheme
{
Reference = new OpenApiReference
{
Type = ReferenceType.SecurityScheme,
Id = "Bearer"
}
},
Array.Empty<string>()
}
});
var filePath = Path.Combine(AppContext.BaseDirectory, DocumentationFile);
c.IncludeXmlComments(filePath);
c.SchemaFilter<EnumSchemaFilter>();
});
}
/// <summary>
/// Configures Swagger and Swagger UI for the application.
/// </summary>
/// <param name="app">The <see cref="WebApplication"/> instance.</param>
/// <param name="configuration">The <see cref="IConfiguration"/> containing Swagger configuration settings.</param>
public static void ConfigureSwagger(this WebApplication app, IConfiguration configuration)
{
app.UseSwagger();
app.UseSwaggerUI(options =>
{
foreach (var version in app.DescribeApiVersions().Select(version => version.GroupName))
options.SwaggerEndpoint($"/swagger/{version}/swagger.json", version);
options.DisplayRequestDuration();
options.EnableTryItOutByDefault();
options.DocExpansion(DocExpansion.None);
});
}
/// <summary>
/// Configures Swagger UI for the application with OAuth2 settings.
/// </summary>
/// <param name="app">The <see cref="WebApplication"/> instance.</param>
/// <param name="configuration">The <see cref="IConfiguration"/> containing Swagger UI and OAuth2 configuration settings.</param>
public static void UseSwaggerUI(this WebApplication app, IConfiguration configuration, AuthSettings authSettings)
{
app.UseSwaggerUI(options =>
{
options.SwaggerEndpoint("/swagger/v1/swagger.json", "Custom Auth API with Azure AD v1");
options.OAuthClientId(authSettings.HeathCerberosAppClientId);
options.OAuthUsePkce();
options.OAuthScopeSeparator(" ");
});
}
/// <summary>
/// Adds API versioning and API explorer to the application.
/// </summary>
/// <param name="services">The <see cref="IServiceCollection"/> to add the services to.</param>
/// <returns>The modified <see cref="IServiceCollection"/> instance.</returns>
public static IServiceCollection AddVersioning(this IServiceCollection services, IConfiguration configuration)
{
services.AddApiVersioning(options => options.ReportApiVersions = true)
.AddApiExplorer(options =>
{
options.GroupNameFormat = "'v'VVV";
options.SubstituteApiVersionInUrl = true;
});
return services;
}
}
/// <summary>
/// Configures Swagger generation options.
/// </summary>
public class ConfigureSwaggerOptions(IApiVersionDescriptionProvider provider) : IConfigureOptions<SwaggerGenOptions>
{
/// <summary>
/// Configures SwaggerGen options.
/// </summary>
/// <param name="options">The SwaggerGen options to configure.</param>
public void Configure(SwaggerGenOptions options)
{
foreach (var description in provider.ApiVersionDescriptions)
{
options.SwaggerDoc(description.GroupName, new OpenApiInfo
{
Title = AppDomain.CurrentDomain.FriendlyName,
Version = description.ApiVersion.ToString()
});
}
// Map DateOnly type to Swagger schema
options.MapType<DateOnly>(() => new OpenApiSchema
{
Type = "string",
Format = "date",
Example = new OpenApiString(DateOnly.MinValue.ToString())
});
// Customize schema IDs for Swagger
options.CustomSchemaIds(type => type.ToString().Replace("+", "."));
}
}
}

22
Core.Cerberos.Adapters/Extensions/TelemetryExtensions.cs
View File

@@ -1,22 +0,0 @@
using Microsoft.Extensions.DependencyInjection;
using OpenTelemetry.Logs;
using OpenTelemetry.Metrics;
using OpenTelemetry.Resources;
using OpenTelemetry.Trace;
namespace Core.Cerberos.Adapters.Extensions
{
public static class TelemetryExtensions
{
public static void AddTelemetry(this IServiceCollection services)
{
// Add OpenTelemetry Tracing
services.AddOpenTelemetry()
.ConfigureResource(resource => resource.AddService("lsa.dashboard.bff.api"))
.WithTracing(tracing => tracing.AddAspNetCoreInstrumentation().AddConsoleExporter())
.WithMetrics(metrics => metrics.AddAspNetCoreInstrumentation().AddConsoleExporter()).
WithLogging(logs => logs.AddConsoleExporter());
}
}
}

23
Core.Cerberos.Adapters/Extensions/TrackingMechanismExtension.cs
View File

@@ -1,23 +0,0 @@
using Microsoft.AspNetCore.Http;
namespace Core.Cerberos.Adapters.Extensions
{
public sealed class TrackingMechanismExtension : DelegatingHandler
{
private readonly IHttpContextAccessor _httpContextAccessor;
public TrackingMechanismExtension(IHttpContextAccessor httpContextAccessor)
{
_httpContextAccessor = httpContextAccessor ?? throw new ArgumentNullException(nameof(httpContextAccessor));
}
protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
if (_httpContextAccessor.HttpContext.Items.TryGetValue("TrackingId", out var trackingId))
{
request.Headers.Add("TrackingId", trackingId.ToString());
}
return await base.SendAsync(request, cancellationToken).ConfigureAwait(false);
}
}
}

13
Core.Cerberos.Adapters/Handlers/Adapters/PermissionsAuthorizationAdapter.cs
View File

@@ -1,13 +0,0 @@
using Microsoft.AspNetCore.Authorization;
namespace Core.Cerberos.Adapters.Handlers.Adapters
{
public class PermissionsAuthorizationAdapter : IAuthorizationRequirement
{
public PermissionsAuthorizationAdapter(string[] permission)
{
Permission = permission;
}
public string[] Permission { get; set; }
}
}

29
Core.Cerberos.Adapters/Handlers/AuthenticatedHttpClientHandler.cs
View File

@@ -1,29 +0,0 @@
// ***********************************************************************
// <copyright file="AuthenticatedHttpClientHandler.cs">
// AgileWebs
// </copyright>
// ***********************************************************************
using Core.Cerberos.Adapters.Contracts;
namespace Core.Cerberos.Adapters.Handlers
{
/// <summary>
/// Class to inject the token in all requests.
/// </summary>
public class AuthenticatedHttpClientHandler(ITokenProvider tokenProvider) : DelegatingHandler
{
private readonly ITokenProvider _tokenProvider = tokenProvider;
protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
var token = _tokenProvider.GetToken();
if (!string.IsNullOrEmpty(token))
{
request.Headers.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", token);
}
return await base.SendAsync(request, cancellationToken);
}
}
}

18
Core.Cerberos.Adapters/Handlers/PermissionsAuthorizationHandler.cs
View File

@@ -1,18 +0,0 @@
using Core.Cerberos.Adapters.Handlers.Adapters;
using Microsoft.AspNetCore.Authorization;
namespace Core.Cerberos.Adapters.Handlers
{
public class PermissionsAuthorizationHandler : AuthorizationHandler<PermissionsAuthorizationAdapter>
{
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionsAuthorizationAdapter requirement)
{
if (context.User.Claims.Any(x => x.Type == "LSARoleId" && requirement.Permission.Contains(x.Value)))
{
context.Succeed(requirement);
}
return Task.CompletedTask;
}
}
}

52
Core.Cerberos.Adapters/Helpers/AuthHelper.cs
View File

@@ -1,52 +0,0 @@
using Azure.Identity;
using Core.Cerberos.Adapters.Common.Constants;
using Microsoft.AspNetCore.Builder;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.Configuration.AzureAppConfiguration;
using Microsoft.Extensions.Logging;
namespace Core.Cerberos.Adapters.Helpers
{
public static class AuthHelper
{
private static readonly ILogger logger = LoggerFactory.Create(builder =>
{
builder.AddConsole();
}).CreateLogger("AuthHelper");
public static AuthSettings GetAuthSettings(WebApplicationBuilder builder, string appConfigLabel)
{
builder.Configuration.AddAzureAppConfiguration(options =>
{
var endpoint = builder.Configuration.GetSection("Endpoints:AppConfigurationURI").Value;
if (string.IsNullOrEmpty(endpoint))
throw new ArgumentException("The app configuration is missing");
options.Connect(new Uri(endpoint), new DefaultAzureCredential())
.Select(KeyFilter.Any, "cerberos_common")
.Select(KeyFilter.Any, appConfigLabel);
options.ConfigureKeyVault(keyVaultOptions =>
{
keyVaultOptions.SetCredential(new DefaultAzureCredential());
});
});
return new AuthSettings
{
AzureADInstance = builder.Configuration.GetSection(Secrets.AzureADInstance).Value,
AzureADTenantId = builder.Configuration.GetSection(Secrets.AzureADTenantId).Value,
AzureADClientId = builder.Configuration.GetSection(Secrets.AzureADClientId).Value,
AzureADClientSecret = builder.Configuration.GetSection(Secrets.AzureADClientSecret).Value,
HeathCerberosAppAuthorizationUrl = builder.Configuration.GetSection(Secrets.HeathCerberosAppAuthorizationUrl).Value,
HeathCerberosAppTokenUrl = builder.Configuration.GetSection(Secrets.HeathCerberosAppTokenUrl).Value,
HeathCerberosAppClientId = builder.Configuration.GetSection(Secrets.HeathCerberosAppClientId).Value,
HeathCerberosAppScope = builder.Configuration.GetSection(Secrets.HeathCerberosAppScope).Value,
PrivateKey = builder.Configuration.GetSection(Secrets.PrivateKey).Value,
PublicKey = builder.Configuration.GetSection(Secrets.PublicKey).Value,
};
}
}
}

94
Core.Cerberos.Adapters/Helpers/RsaHelper.cs
View File

@@ -1,94 +0,0 @@
// ***********************************************************************
// <copyright file="RsaHelper.cs">
// AgileWebs
// </copyright>
// ***********************************************************************
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.OpenSsl;
using Org.BouncyCastle.Security;
using System.Security.Cryptography;
using System.Text;
namespace Core.Cerberos.Adapters.Helpers
{
/// <summary>
/// Handles all methods related to RSA encryption"/>.
/// </summary>
public class RsaHelper
{
private readonly RSACryptoServiceProvider _privateKey;
private readonly RSACryptoServiceProvider _publicKey;
private readonly string keysFolder = "Keys\\";
private readonly string exeDirectory = AppContext.BaseDirectory;
/// <summary>
/// Initializes a new instance of <see cref="RsaHelper"/>.
/// </summary>
public RsaHelper()
{
exeDirectory = exeDirectory + keysFolder;
_publicKey = GetPublicKeyFromPemFile();
_privateKey = GetPrivateKeyFromPemFile();
}
/// <summary>
/// Encrypts a text using RSA algorithm.
/// </summary>
/// <param name="text">The text to be encrypted.</param>
/// <returns>The encrypted text.</returns>
public string Encrypt(string text)
{
byte[] dataBytes = Encoding.UTF8.GetBytes(text);
var encryptedBytes = _publicKey.Encrypt(Encoding.UTF8.GetBytes(text), true);
return Convert.ToBase64String(encryptedBytes);
}
/// <summary>
/// Decrypts a text using RSA algorithm.
/// </summary>
/// <param name="text">The encrypted text to be decrypted.</param>
/// <returns>The decrypted text.</returns>
public string Decrypt(string encrypted)
{
var decryptedBytes = _privateKey.Decrypt(Convert.FromBase64String(encrypted), true);
return Encoding.UTF8.GetString(decryptedBytes, 0, decryptedBytes.Length);
}
/// <summary>
///Obtains the private key from a file.
/// </summary>
/// <returns>The private key.</returns>
private RSACryptoServiceProvider GetPrivateKeyFromPemFile()
{
using (TextReader privateKeyTextReader = new StringReader(File.ReadAllText(Path.Combine(exeDirectory, "HeathPrivateKey.pem"))))
{
AsymmetricCipherKeyPair readKeyPair = (AsymmetricCipherKeyPair)new PemReader(privateKeyTextReader).ReadObject();
RSAParameters rsaParams = DotNetUtilities.ToRSAParameters((RsaPrivateCrtKeyParameters)readKeyPair.Private);
RSACryptoServiceProvider csp = new RSACryptoServiceProvider();
csp.ImportParameters(rsaParams);
return csp;
}
}
/// <summary>
///Obtains the public key from a file.
/// </summary>
/// <returns>The public key.</returns>
public RSACryptoServiceProvider GetPublicKeyFromPemFile()
{
using (TextReader publicKeyTextReader = new StringReader(File.ReadAllText(Path.Combine(exeDirectory, "HeathPublicKey.pem"))))
{
RsaKeyParameters publicKeyParam = (RsaKeyParameters)new PemReader(publicKeyTextReader).ReadObject();
RSAParameters rsaParams = DotNetUtilities.ToRSAParameters((RsaKeyParameters)publicKeyParam);
RSACryptoServiceProvider csp = new RSACryptoServiceProvider();
csp.ImportParameters(rsaParams);
return csp;
}
}
}
}

60
Core.Cerberos.Adapters/Options/JwtIssuerOptions.cs
View File

@@ -1,60 +0,0 @@
using Microsoft.IdentityModel.Tokens;
namespace Core.Cerberos.Adapters.Options
{
/// <summary>
/// JWT token Issuer options (used for JWT Factory)
/// </summary>
[System.Diagnostics.CodeAnalysis.ExcludeFromCodeCoverage]
public class JwtIssuerOptions
{
/// <summary>
/// 4.1.1. "iss" (Issuer) Claim - The "iss" (issuer) claim identifies the principal that issued the JWT.
/// </summary>
public string? Issuer { get; set; }
/// <summary>
/// 4.1.2. "sub" (Subject) Claim - The "sub" (subject) claim identifies the principal that is the subject of the JWT.
/// </summary>
public string? Subject { get; set; }
/// <summary>
/// 4.1.3. "aud" (Audience) Claim - The "aud" (audience) claim identifies the recipients that the JWT is intended for.
/// </summary>
public string? Audience { get; set; }
/// <summary>
/// 4.1.4. "exp" (Expiration Time) Claim - The "exp" (expiration time) claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing.
/// </summary>
public DateTime Expiration => IssuedAt.Add(ValidFor);
/// <summary>
/// 4.1.5. "nbf" (Not Before) Claim - The "nbf" (not before) claim identifies the time before which the JWT MUST NOT be accepted for processing.
/// </summary>
public DateTime NotBefore => DateTime.UtcNow;
/// <summary>
/// 4.1.6. "iat" (Issued At) Claim - The "iat" (issued at) claim identifies the time at which the JWT was issued.
/// </summary>
public DateTime IssuedAt => DateTime.UtcNow;
/// <summary>
/// Set the timespan the token will be valid for (default is 120 min)
/// </summary>
public TimeSpan ValidFor { get; set; } = TimeSpan.FromMinutes(525601);
/// <summary>
/// "jti" (JWT ID) Claim (default ID is a GUID)
/// </summary>
public Func<Task<string>> JtiGenerator =>
() => Task.FromResult(Guid.NewGuid().ToString());
/// <summary>
/// The signing key to use when generating tokens.
/// </summary>
public SigningCredentials? SigningCredentials { get; set; }
}
}

143
Core.Cerberos.Adapters/Services/TokenService.cs
View File

@@ -1,143 +0,0 @@
// ***********************************************************************
// <copyright file="T5okenService.cs">
// AgileWebs
// </copyright>
// ***********************************************************************
using Core.Cerberos.Adapters.Common.Constants;
using Core.Cerberos.Adapters.Contracts;
using Core.Cerberos.Adapters.Options;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.Options;
using Microsoft.IdentityModel.Tokens;
using System.Data;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text.Json;
namespace Core.Cerberos.Adapters.Services
{
/// <summary>
/// Service responsible for manage authenticacion.
/// </summary>
public class TokenService : ITokenService
{
private readonly JwtSecurityTokenHandler tokenHandler;
private readonly IConfiguration configuration;
private readonly JwtIssuerOptions jwtOptions;
private readonly JsonSerializerOptions jsonOptions;
/// <summary>
/// Initializes a new instance of the <see cref="TokenService"/> class.
/// </summary>
public TokenService(
IConfiguration configuration,
IOptions<JwtIssuerOptions> jwtOptions
)
{
tokenHandler = new JwtSecurityTokenHandler();
this.configuration = configuration;
this.jwtOptions = jwtOptions.Value;
jsonOptions = new JsonSerializerOptions
{
PropertyNamingPolicy = JsonNamingPolicy.CamelCase,
WriteIndented = false
};
}
/// <summary>
/// Refreshes the token.
/// </summary>
public IActionResult RefreshAccessToken(HttpContext httpContext, TokenAdapter tokenAdapter)
{
var tokenString = httpContext.Request.Headers["Authorization"].FirstOrDefault()?.Split(" ").Last();
if (tokenString is not null)
{
var oldToken = tokenHandler.ReadJwtToken(tokenString);
var tokenExpiration = oldToken.Claims.FirstOrDefault(c => c.Type == "exp")?.Value;
var difference = ValidateTokenExpiration(tokenExpiration ?? "");
if (difference.Value.TotalMinutes <= 5)
return new OkObjectResult(GenerateAccessToken(tokenAdapter));
}
return new BadRequestObjectResult("The token could not be refreshed");
}
/// <summary>
/// Generates a JWT token for the provided user data.
/// </summary>
/// <param name="user">The user data.</param>
/// <returns>The user DTO with the generated token.</returns>
public (string, IEnumerable<ModuleAdapter>) GenerateAccessToken(TokenAdapter adapter)
{
var hours = 1;
var minutes = 0;
var expires = DateTime.UtcNow
.AddHours(hours)
.AddMinutes(minutes);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(Claims.Name, adapter?.User?.DisplayName ?? string.Empty),
new Claim(Claims.GUID, adapter?.User?.Guid ?? string.Empty),
new Claim(Claims.Email, adapter?.User?.Email ?? string.Empty),
new Claim(Claims.Role, adapter?.Role?.Name ?? string.Empty),
new Claim(Claims.RoleId, adapter?.Role?.Id ?? string.Empty),
new Claim(Claims.Applications, JsonSerializer.Serialize(adapter?.Role?.Applications), JsonClaimValueTypes.JsonArray),
new Claim(Claims.Permissions, JsonSerializer.Serialize(adapter?.Permissions?.Select(p => $"{p.Name}.{p.AccessLevel}".Replace(" ", "")).ToArray()), JsonClaimValueTypes.JsonArray),
}),
Expires = expires,
Issuer = jwtOptions.Issuer,
Audience = jwtOptions.Audience,
SigningCredentials = jwtOptions.SigningCredentials
};
var token = tokenHandler.CreateEncodedJwt(tokenDescriptor);
return (token, adapter.Modules);
}
public ActionResult<TimeSpan> ValidateTokenExpiration(string tokenExpiration)
{
long unixTimestamp = long.Parse(tokenExpiration ?? "0");
DateTimeOffset dateTimeOffset = DateTimeOffset.FromUnixTimeSeconds(unixTimestamp);
DateTime dateTimeExpiration = dateTimeOffset.UtcDateTime;
var difference = dateTimeExpiration - DateTime.UtcNow;
if (difference.TotalMinutes <= 0)
return new BadRequestObjectResult("Expired token");
else return difference;
}
/// <summary>
/// Extracts the user email claim from the http context.
/// </summary>
public string GetEmailClaim(HttpContext httpContext)
{
var tokenHandler = new JwtSecurityTokenHandler();
var tokenString = httpContext.Request.Headers.Authorization.FirstOrDefault()?.Split(" ").Last();
var token = tokenHandler.ReadJwtToken(tokenString);
var email = !string.IsNullOrEmpty(token.Claims.FirstOrDefault(c => c.Type == "email")?.Value)
? token.Claims.FirstOrDefault(c => c.Type == "email")?.Value
: token.Claims.FirstOrDefault(c => c.Type == "preferred_username")?.Value;
return (email is not null) ? email : "";
}
}
}

25
Core.Cerberos.Adapters/Settings/AuthSettings.cs
View File

@@ -1,25 +0,0 @@
// ***********************************************************************
// <copyright file="AuthSettings.cs">
// AgileWebs
// </copyright>
// ***********************************************************************
public class AuthSettings
{
// Azure AD Settings
public string? AzureADInstance { get; set; }
public string? AzureADTenantId { get; set; }
public string? AzureADClientId { get; set; }
public string? AzureADClientSecret { get; set; }
// Heath Cerberos App Settings
public string? HeathCerberosAppAuthorizationUrl { get; set; }
public string? HeathCerberosAppTokenUrl { get; set; }
public string? HeathCerberosAppClientId { get; set; }
public string? HeathCerberosAppScope { get; set; }
// Token Keys
public string? PrivateKey { get; set; }
public string? PublicKey { get; set; }
}

32
Core.Cerberos.Adapters/TokenProvider/HttpContextTokenProvider.cs
View File

@@ -1,32 +0,0 @@
// ***********************************************************************
// <copyright file="HttpContextTokenProvider.cs">
// AgileWebs
// </copyright>
// ***********************************************************************
using Core.Cerberos.Adapters.Contracts;
using Microsoft.AspNetCore.Http;
namespace Core.Cerberos.Adapters.TokenProvider
{
/// <summary>
/// Class to return the access token to controllers.
/// </summary>
public class HttpContextTokenProvider : ITokenProvider
{
private readonly IHttpContextAccessor _httpContextAccessor;
public HttpContextTokenProvider(IHttpContextAccessor httpContextAccessor)
{
_httpContextAccessor = httpContextAccessor;
}
/// <summary>
/// Get token from headers.
/// </summary>
public string GetToken()
{
return _httpContextAccessor.HttpContext?.Request.Headers["Authorization"].FirstOrDefault()?.Split(" ").Last();
}
}
}

22
Core.Cerberos.Adapters/UserExistenceAdapter.cs
View File

@@ -1,22 +0,0 @@
// ***********************************************************************
// <copyright file="UserExistenceAdapter.cs">
// AgileWebs
// </copyright>
// ***********************************************************************
using System.Text.Json.Serialization;
namespace Core.Cerberos.Adapters
{
/// <summary>
/// Adapter representing a user.
/// </summary>
public class UserExistenceAdapter
{
/// <summary>
/// user existence.
/// </summary>
[JsonPropertyName("existence")]
public bool Existence { get; set; }
}
}