Compare commits
13 Commits
feature/te
...
806b5242b0
| Author | SHA1 | Date | |
|---|---|---|---|
| 806b5242b0 | |||
|
24f5711e1c | ||
| e3d75fbfa8 | |||
| 9872c1b88b | |||
| fe4c0696e8 | |||
| 3b752f182f | |||
| 4a2ed52a2f | |||
| 5277896bdc | |||
| 9a02f0e4d6 | |||
| 4cd89c6a83 | |||
| 0bd46f2594 | |||
| 7bbb8ebfe5 | |||
| 035da054d6 |
@@ -11,6 +11,7 @@ namespace Core.Thalos.BuildingBlocks
|
||||
public UserAdapter? User { get; set; }
|
||||
|
||||
public RoleAdapter? Role { get; set; }
|
||||
public TenantAdapter? Tenant { get; set; }
|
||||
|
||||
public IEnumerable<PermissionAdapter>? Permissions { get; set; }
|
||||
public IEnumerable<ModuleAdapter> Modules { get; set; } = null!;
|
||||
|
||||
@@ -16,14 +16,6 @@ namespace Core.Thalos.BuildingBlocks
|
||||
[CollectionAttributeName("Users")]
|
||||
public class UserAdapter : Document
|
||||
{
|
||||
/// <summary>
|
||||
/// Gets or sets the guid of the user.
|
||||
/// </summary>
|
||||
[BsonElement("guid")]
|
||||
[BsonRepresentation(BsonType.String)]
|
||||
[JsonPropertyName("guid")]
|
||||
public string? Guid { get; set; }
|
||||
|
||||
/// <summary>
|
||||
/// Gets or sets the email address of the user.
|
||||
/// </summary>
|
||||
@@ -64,6 +56,14 @@ namespace Core.Thalos.BuildingBlocks
|
||||
[JsonPropertyName("displayName")]
|
||||
public string? DisplayName { get; set; }
|
||||
|
||||
/// <summary>
|
||||
/// Gets or sets the Tenand ID of the user.
|
||||
/// </summary>
|
||||
[BsonElement("tenantId")]
|
||||
[BsonRepresentation(BsonType.ObjectId)]
|
||||
[JsonPropertyName("tenantId")]
|
||||
public string TenantId { get; set; } = null!;
|
||||
|
||||
/// <summary>
|
||||
/// Gets or sets the role ID of the user.
|
||||
/// </summary>
|
||||
|
||||
@@ -5,9 +5,9 @@ using Microsoft.Extensions.Configuration;
|
||||
namespace Core.Thalos.BuildingBlocks
|
||||
{
|
||||
public class GoogleAuthorization(
|
||||
IGoogleAuthHelper googleHelper, IConfiguration config) : IGoogleAuthorization
|
||||
IGoogleAuthHelper googleHelper, IConfiguration config, GoogleAuthSettings googlesettings) : IGoogleAuthorization
|
||||
{
|
||||
private string RedirectUrl = config["Authentication:Google:RedirectUri"]!;
|
||||
private string RedirectUrl = googlesettings.RedirectUri ?? string.Empty;
|
||||
|
||||
public async Task<UserCredential> ExchangeCodeForToken(string code)
|
||||
{
|
||||
|
||||
@@ -23,10 +23,20 @@ namespace Core.Thalos.BuildingBlocks
|
||||
/// <summary>
|
||||
/// Claim name for user's ID.
|
||||
/// </summary>
|
||||
public const string Id = "id";
|
||||
public const string Id = "_id";
|
||||
|
||||
/// <summary>
|
||||
/// Claim name for user's role ID.
|
||||
/// Claim name for user's tenant name.
|
||||
/// </summary>
|
||||
public const string Tenant = "tenant";
|
||||
|
||||
/// <summary>
|
||||
/// Claim name for user's tenant identifier.
|
||||
/// </summary>
|
||||
public const string TenantId = "tenantId";
|
||||
|
||||
/// <summary>
|
||||
/// Claim name for user's role name.
|
||||
/// </summary>
|
||||
public const string Role = "role";
|
||||
|
||||
|
||||
@@ -74,7 +74,7 @@ namespace Core.Thalos.BuildingBlocks
|
||||
/// <summary>
|
||||
/// The ChangeStatus route.
|
||||
/// </summary>
|
||||
public const string ChangeStatus = "{id}/{newStatus}/ChangeStatus";
|
||||
public const string ChangeStatus = "{_id}/{newStatus}/ChangeStatus";
|
||||
|
||||
/// <summary>
|
||||
/// The AddCompany route.
|
||||
|
||||
@@ -9,7 +9,6 @@ using Microsoft.AspNetCore.Authentication.JwtBearer;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.Extensions.Configuration;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using Microsoft.Extensions.Options;
|
||||
using Microsoft.Identity.Web;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
using System.Security.Cryptography;
|
||||
@@ -87,8 +86,6 @@ namespace Core.Thalos.BuildingBlocks.Configuration
|
||||
options.Audience = jwtIssuerOptions?.Audience;
|
||||
options.SigningCredentials = new SigningCredentials(rsaPrivateKey, SecurityAlgorithms.RsaSha256);
|
||||
});
|
||||
|
||||
services.AddSingleton<IOptions<JwtIssuerOptions>>(Microsoft.Extensions.Options.Options.Create(jwtIssuerOptions));
|
||||
}
|
||||
|
||||
public static void AddAzureAuthentication(AuthSettings authSettings, IConfiguration configuration, IServiceCollection services)
|
||||
@@ -116,6 +113,8 @@ namespace Core.Thalos.BuildingBlocks.Configuration
|
||||
|
||||
public static void AddGoogleAuthentication(IServiceCollection services, GoogleAuthSettings googleAuthSettings)
|
||||
{
|
||||
services.AddSingleton<GoogleAuthSettings>(googleAuthSettings);
|
||||
|
||||
services.AddAuthentication(options =>
|
||||
{
|
||||
options.DefaultAuthenticateScheme = Schemes.GoogleScheme;
|
||||
|
||||
@@ -10,6 +10,7 @@ using Microsoft.Extensions.Configuration;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using Microsoft.Extensions.Options;
|
||||
using Microsoft.OpenApi.Any;
|
||||
using Microsoft.OpenApi.Interfaces;
|
||||
using Microsoft.OpenApi.Models;
|
||||
using Swashbuckle.AspNetCore.SwaggerGen;
|
||||
using Swashbuckle.AspNetCore.SwaggerUI;
|
||||
@@ -114,6 +115,12 @@ namespace Core.Thalos.BuildingBlocks.Configuration
|
||||
c.AddSecurityDefinition(googleScheme, new OpenApiSecurityScheme
|
||||
{
|
||||
Type = SecuritySchemeType.OAuth2,
|
||||
|
||||
Extensions = new Dictionary<string, IOpenApiExtension>
|
||||
{
|
||||
["x-tokenName"] = new OpenApiString("id_token")
|
||||
},
|
||||
|
||||
Flows = new OpenApiOAuthFlows
|
||||
{
|
||||
AuthorizationCode = new OpenApiOAuthFlow
|
||||
|
||||
@@ -11,7 +11,10 @@ namespace Core.Thalos.BuildingBlocks
|
||||
public class GoogleAccessTokenAuthenticationHandler(IOptionsMonitor<AuthenticationSchemeOptions> options,
|
||||
ILoggerFactory logger,
|
||||
UrlEncoder encoder,
|
||||
IConfiguration config) : AuthenticationHandler<AuthenticationSchemeOptions>(options, logger, encoder)
|
||||
IConfiguration config,
|
||||
GoogleAuthSettings googleSettings
|
||||
) : AuthenticationHandler<AuthenticationSchemeOptions>(options, logger, encoder)
|
||||
|
||||
{
|
||||
protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
|
||||
{
|
||||
@@ -31,7 +34,7 @@ namespace Core.Thalos.BuildingBlocks
|
||||
idToken,
|
||||
new GoogleJsonWebSignature.ValidationSettings
|
||||
{
|
||||
Audience = new[] { config["Authentication:Google:ClientId"]! }
|
||||
Audience = new[] { googleSettings.ClientId! }
|
||||
});
|
||||
}
|
||||
catch (InvalidJwtException)
|
||||
|
||||
@@ -4,12 +4,12 @@ using Microsoft.Extensions.Configuration;
|
||||
|
||||
namespace Core.Thalos.BuildingBlocks
|
||||
{
|
||||
public class GoogleAuthHelper(IConfiguration config) : IGoogleAuthHelper
|
||||
public class GoogleAuthHelper(IConfiguration config, GoogleAuthSettings googleSettings) : IGoogleAuthHelper
|
||||
{
|
||||
public ClientSecrets GetClientSecrets()
|
||||
{
|
||||
string clientId = config["Authentication:Google:ClientId"]!;
|
||||
string clientSecret = config["Authentication:Google:ClientSecret"]!;
|
||||
string clientId = googleSettings.ClientId ?? string.Empty;
|
||||
string clientSecret = googleSettings.ClientSecret ?? string.Empty;
|
||||
|
||||
return new() { ClientId = clientId, ClientSecret = clientSecret };
|
||||
}
|
||||
|
||||
@@ -87,8 +87,10 @@ namespace Core.Thalos.BuildingBlocks
|
||||
{
|
||||
|
||||
new Claim(Claims.Name, adapter?.User?.DisplayName ?? string.Empty),
|
||||
new Claim(Claims.GUID, adapter?.User?.Guid ?? string.Empty),
|
||||
new Claim(Claims.Id, adapter?.User?.Id ?? string.Empty),
|
||||
new Claim(Claims.Email, adapter?.User?.Email ?? string.Empty),
|
||||
new Claim(Claims.Tenant, adapter?.Tenant?.Name ?? string.Empty),
|
||||
new Claim(Claims.Tenant, adapter?.Tenant?.Id ?? string.Empty),
|
||||
new Claim(Claims.Role, adapter?.Role?.Name ?? string.Empty),
|
||||
new Claim(Claims.RoleId, adapter?.Role?.Id ?? string.Empty),
|
||||
new Claim(Claims.Applications, JsonSerializer.Serialize(adapter?.Role?.Applications), JsonClaimValueTypes.JsonArray),
|
||||
|
||||
Reference in New Issue
Block a user