Compare commits
10 Commits
035da054d6
...
feature/ad
| Author | SHA1 | Date | |
|---|---|---|---|
| e3d75fbfa8 | |||
| 9872c1b88b | |||
| fe4c0696e8 | |||
| 3b752f182f | |||
| 4a2ed52a2f | |||
| 5277896bdc | |||
| 9a02f0e4d6 | |||
| 4cd89c6a83 | |||
| 0bd46f2594 | |||
| 7bbb8ebfe5 |
@@ -11,6 +11,7 @@ namespace Core.Thalos.BuildingBlocks
|
|||||||
public UserAdapter? User { get; set; }
|
public UserAdapter? User { get; set; }
|
||||||
|
|
||||||
public RoleAdapter? Role { get; set; }
|
public RoleAdapter? Role { get; set; }
|
||||||
|
public TenantAdapter? Tenant { get; set; }
|
||||||
|
|
||||||
public IEnumerable<PermissionAdapter>? Permissions { get; set; }
|
public IEnumerable<PermissionAdapter>? Permissions { get; set; }
|
||||||
public IEnumerable<ModuleAdapter> Modules { get; set; } = null!;
|
public IEnumerable<ModuleAdapter> Modules { get; set; } = null!;
|
||||||
|
|||||||
@@ -16,14 +16,6 @@ namespace Core.Thalos.BuildingBlocks
|
|||||||
[CollectionAttributeName("Users")]
|
[CollectionAttributeName("Users")]
|
||||||
public class UserAdapter : Document
|
public class UserAdapter : Document
|
||||||
{
|
{
|
||||||
/// <summary>
|
|
||||||
/// Gets or sets the guid of the user.
|
|
||||||
/// </summary>
|
|
||||||
[BsonElement("guid")]
|
|
||||||
[BsonRepresentation(BsonType.String)]
|
|
||||||
[JsonPropertyName("guid")]
|
|
||||||
public string? Guid { get; set; }
|
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Gets or sets the email address of the user.
|
/// Gets or sets the email address of the user.
|
||||||
/// </summary>
|
/// </summary>
|
||||||
@@ -64,6 +56,14 @@ namespace Core.Thalos.BuildingBlocks
|
|||||||
[JsonPropertyName("displayName")]
|
[JsonPropertyName("displayName")]
|
||||||
public string? DisplayName { get; set; }
|
public string? DisplayName { get; set; }
|
||||||
|
|
||||||
|
/// <summary>
|
||||||
|
/// Gets or sets the Tenand ID of the user.
|
||||||
|
/// </summary>
|
||||||
|
[BsonElement("tenantId")]
|
||||||
|
[BsonRepresentation(BsonType.ObjectId)]
|
||||||
|
[JsonPropertyName("tenantId")]
|
||||||
|
public string TenantId { get; set; } = null!;
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Gets or sets the role ID of the user.
|
/// Gets or sets the role ID of the user.
|
||||||
/// </summary>
|
/// </summary>
|
||||||
|
|||||||
@@ -5,9 +5,9 @@ using Microsoft.Extensions.Configuration;
|
|||||||
namespace Core.Thalos.BuildingBlocks
|
namespace Core.Thalos.BuildingBlocks
|
||||||
{
|
{
|
||||||
public class GoogleAuthorization(
|
public class GoogleAuthorization(
|
||||||
IGoogleAuthHelper googleHelper, IConfiguration config) : IGoogleAuthorization
|
IGoogleAuthHelper googleHelper, IConfiguration config, GoogleAuthSettings googlesettings) : IGoogleAuthorization
|
||||||
{
|
{
|
||||||
private string RedirectUrl = config["Authentication:Google:RedirectUri"]!;
|
private string RedirectUrl = googlesettings.RedirectUri ?? string.Empty;
|
||||||
|
|
||||||
public async Task<UserCredential> ExchangeCodeForToken(string code)
|
public async Task<UserCredential> ExchangeCodeForToken(string code)
|
||||||
{
|
{
|
||||||
|
|||||||
@@ -23,10 +23,20 @@ namespace Core.Thalos.BuildingBlocks
|
|||||||
/// <summary>
|
/// <summary>
|
||||||
/// Claim name for user's ID.
|
/// Claim name for user's ID.
|
||||||
/// </summary>
|
/// </summary>
|
||||||
public const string Id = "id";
|
public const string Id = "_id";
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Claim name for user's role ID.
|
/// Claim name for user's tenant name.
|
||||||
|
/// </summary>
|
||||||
|
public const string Tenant = "tenant";
|
||||||
|
|
||||||
|
/// <summary>
|
||||||
|
/// Claim name for user's tenant identifier.
|
||||||
|
/// </summary>
|
||||||
|
public const string TenantId = "tenantId";
|
||||||
|
|
||||||
|
/// <summary>
|
||||||
|
/// Claim name for user's role name.
|
||||||
/// </summary>
|
/// </summary>
|
||||||
public const string Role = "role";
|
public const string Role = "role";
|
||||||
|
|
||||||
|
|||||||
@@ -9,7 +9,6 @@ using Microsoft.AspNetCore.Authentication.JwtBearer;
|
|||||||
using Microsoft.AspNetCore.Authorization;
|
using Microsoft.AspNetCore.Authorization;
|
||||||
using Microsoft.Extensions.Configuration;
|
using Microsoft.Extensions.Configuration;
|
||||||
using Microsoft.Extensions.DependencyInjection;
|
using Microsoft.Extensions.DependencyInjection;
|
||||||
using Microsoft.Extensions.Options;
|
|
||||||
using Microsoft.Identity.Web;
|
using Microsoft.Identity.Web;
|
||||||
using Microsoft.IdentityModel.Tokens;
|
using Microsoft.IdentityModel.Tokens;
|
||||||
using System.Security.Cryptography;
|
using System.Security.Cryptography;
|
||||||
@@ -87,8 +86,6 @@ namespace Core.Thalos.BuildingBlocks.Configuration
|
|||||||
options.Audience = jwtIssuerOptions?.Audience;
|
options.Audience = jwtIssuerOptions?.Audience;
|
||||||
options.SigningCredentials = new SigningCredentials(rsaPrivateKey, SecurityAlgorithms.RsaSha256);
|
options.SigningCredentials = new SigningCredentials(rsaPrivateKey, SecurityAlgorithms.RsaSha256);
|
||||||
});
|
});
|
||||||
|
|
||||||
services.AddSingleton<IOptions<JwtIssuerOptions>>(Microsoft.Extensions.Options.Options.Create(jwtIssuerOptions));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public static void AddAzureAuthentication(AuthSettings authSettings, IConfiguration configuration, IServiceCollection services)
|
public static void AddAzureAuthentication(AuthSettings authSettings, IConfiguration configuration, IServiceCollection services)
|
||||||
@@ -116,6 +113,8 @@ namespace Core.Thalos.BuildingBlocks.Configuration
|
|||||||
|
|
||||||
public static void AddGoogleAuthentication(IServiceCollection services, GoogleAuthSettings googleAuthSettings)
|
public static void AddGoogleAuthentication(IServiceCollection services, GoogleAuthSettings googleAuthSettings)
|
||||||
{
|
{
|
||||||
|
services.AddSingleton<GoogleAuthSettings>(googleAuthSettings);
|
||||||
|
|
||||||
services.AddAuthentication(options =>
|
services.AddAuthentication(options =>
|
||||||
{
|
{
|
||||||
options.DefaultAuthenticateScheme = Schemes.GoogleScheme;
|
options.DefaultAuthenticateScheme = Schemes.GoogleScheme;
|
||||||
|
|||||||
@@ -11,7 +11,10 @@ namespace Core.Thalos.BuildingBlocks
|
|||||||
public class GoogleAccessTokenAuthenticationHandler(IOptionsMonitor<AuthenticationSchemeOptions> options,
|
public class GoogleAccessTokenAuthenticationHandler(IOptionsMonitor<AuthenticationSchemeOptions> options,
|
||||||
ILoggerFactory logger,
|
ILoggerFactory logger,
|
||||||
UrlEncoder encoder,
|
UrlEncoder encoder,
|
||||||
IConfiguration config) : AuthenticationHandler<AuthenticationSchemeOptions>(options, logger, encoder)
|
IConfiguration config,
|
||||||
|
GoogleAuthSettings googleSettings
|
||||||
|
) : AuthenticationHandler<AuthenticationSchemeOptions>(options, logger, encoder)
|
||||||
|
|
||||||
{
|
{
|
||||||
protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
|
protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
|
||||||
{
|
{
|
||||||
@@ -31,7 +34,7 @@ namespace Core.Thalos.BuildingBlocks
|
|||||||
idToken,
|
idToken,
|
||||||
new GoogleJsonWebSignature.ValidationSettings
|
new GoogleJsonWebSignature.ValidationSettings
|
||||||
{
|
{
|
||||||
Audience = new[] { config["Authentication:Google:ClientId"]! }
|
Audience = new[] { googleSettings.ClientId! }
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
catch (InvalidJwtException)
|
catch (InvalidJwtException)
|
||||||
|
|||||||
@@ -4,12 +4,12 @@ using Microsoft.Extensions.Configuration;
|
|||||||
|
|
||||||
namespace Core.Thalos.BuildingBlocks
|
namespace Core.Thalos.BuildingBlocks
|
||||||
{
|
{
|
||||||
public class GoogleAuthHelper(IConfiguration config) : IGoogleAuthHelper
|
public class GoogleAuthHelper(IConfiguration config, GoogleAuthSettings googleSettings) : IGoogleAuthHelper
|
||||||
{
|
{
|
||||||
public ClientSecrets GetClientSecrets()
|
public ClientSecrets GetClientSecrets()
|
||||||
{
|
{
|
||||||
string clientId = config["Authentication:Google:ClientId"]!;
|
string clientId = googleSettings.ClientId ?? string.Empty;
|
||||||
string clientSecret = config["Authentication:Google:ClientSecret"]!;
|
string clientSecret = googleSettings.ClientSecret ?? string.Empty;
|
||||||
|
|
||||||
return new() { ClientId = clientId, ClientSecret = clientSecret };
|
return new() { ClientId = clientId, ClientSecret = clientSecret };
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -87,8 +87,10 @@ namespace Core.Thalos.BuildingBlocks
|
|||||||
{
|
{
|
||||||
|
|
||||||
new Claim(Claims.Name, adapter?.User?.DisplayName ?? string.Empty),
|
new Claim(Claims.Name, adapter?.User?.DisplayName ?? string.Empty),
|
||||||
new Claim(Claims.GUID, adapter?.User?.Guid ?? string.Empty),
|
new Claim(Claims.Id, adapter?.User?.Id ?? string.Empty),
|
||||||
new Claim(Claims.Email, adapter?.User?.Email ?? string.Empty),
|
new Claim(Claims.Email, adapter?.User?.Email ?? string.Empty),
|
||||||
|
new Claim(Claims.Tenant, adapter?.Tenant?.Name ?? string.Empty),
|
||||||
|
new Claim(Claims.Tenant, adapter?.Tenant?.Id ?? string.Empty),
|
||||||
new Claim(Claims.Role, adapter?.Role?.Name ?? string.Empty),
|
new Claim(Claims.Role, adapter?.Role?.Name ?? string.Empty),
|
||||||
new Claim(Claims.RoleId, adapter?.Role?.Id ?? string.Empty),
|
new Claim(Claims.RoleId, adapter?.Role?.Id ?? string.Empty),
|
||||||
new Claim(Claims.Applications, JsonSerializer.Serialize(adapter?.Role?.Applications), JsonClaimValueTypes.JsonArray),
|
new Claim(Claims.Applications, JsonSerializer.Serialize(adapter?.Role?.Applications), JsonClaimValueTypes.JsonArray),
|
||||||
|
|||||||
Reference in New Issue
Block a user