Code cleanup
This commit is contained in:
@@ -12,18 +12,7 @@ namespace Icarus.Authorization.Handlers
|
|||||||
{
|
{
|
||||||
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, HasScopeRequirement requirement)
|
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, HasScopeRequirement requirement)
|
||||||
{
|
{
|
||||||
var issuer = requirement.Issuer;
|
if (!context.User.HasClaim(c => c.Type == "scope" && c.Issuer == requirement.Issuer))
|
||||||
var scope = requirement.Scope;
|
|
||||||
var claim = string.Empty;
|
|
||||||
// if (!context.User.HasClaim(c => c.Type == "scope" && c.Issuer == requirement.Issuer))
|
|
||||||
if (!context.User.HasClaim(c =>
|
|
||||||
{
|
|
||||||
var i = 0;
|
|
||||||
var b = 99;
|
|
||||||
claim = c.Type;
|
|
||||||
return c.Type == "scope";
|
|
||||||
})
|
|
||||||
)
|
|
||||||
{
|
{
|
||||||
return Task.CompletedTask;
|
return Task.CompletedTask;
|
||||||
}
|
}
|
||||||
|
|||||||
+1
-8
@@ -8,7 +8,6 @@ using Org.BouncyCastle.OpenSsl;
|
|||||||
|
|
||||||
namespace Icarus.Certs
|
namespace Icarus.Certs
|
||||||
{
|
{
|
||||||
|
|
||||||
public class SigningIssuerCertificate : IDisposable
|
public class SigningIssuerCertificate : IDisposable
|
||||||
{
|
{
|
||||||
private readonly RSACryptoServiceProvider _rsa;
|
private readonly RSACryptoServiceProvider _rsa;
|
||||||
@@ -18,7 +17,6 @@ namespace Icarus.Certs
|
|||||||
_rsa = new RSACryptoServiceProvider();
|
_rsa = new RSACryptoServiceProvider();
|
||||||
}
|
}
|
||||||
|
|
||||||
// public or private key?
|
|
||||||
public RsaSecurityKey GetIssuerSigningKey(string publicKeyPath)
|
public RsaSecurityKey GetIssuerSigningKey(string publicKeyPath)
|
||||||
{
|
{
|
||||||
var file = publicKeyPath;
|
var file = publicKeyPath;
|
||||||
@@ -47,22 +45,17 @@ namespace Icarus.Certs
|
|||||||
|
|
||||||
public class SigningAudienceCertificate : IDisposable
|
public class SigningAudienceCertificate : IDisposable
|
||||||
{
|
{
|
||||||
// private readonly RSA _rsa;
|
|
||||||
private readonly RSACryptoServiceProvider _rsa;
|
private readonly RSACryptoServiceProvider _rsa;
|
||||||
|
|
||||||
public SigningAudienceCertificate()
|
public SigningAudienceCertificate()
|
||||||
{
|
{
|
||||||
_rsa = new RSACryptoServiceProvider();
|
_rsa = new RSACryptoServiceProvider();
|
||||||
}
|
}
|
||||||
// public or private key?
|
|
||||||
public SigningCredentials GetAudienceSigningKey(string keyPath)
|
public SigningCredentials GetAudienceSigningKey(string keyPath)
|
||||||
{
|
{
|
||||||
// string privateXmlKey = System.IO.File.ReadAllText("./private_key.xml");
|
|
||||||
// rsa.FromXmlString(privateXmlKey);
|
|
||||||
|
|
||||||
var file = keyPath;
|
var file = keyPath;
|
||||||
var publicKey = System.IO.File.ReadAllText(file);
|
var publicKey = System.IO.File.ReadAllText(file);
|
||||||
// var rsa = new RSACryptoServiceProvider();
|
|
||||||
|
|
||||||
using (var reader = System.IO.File.OpenText(file))
|
using (var reader = System.IO.File.OpenText(file))
|
||||||
{
|
{
|
||||||
|
|||||||
@@ -180,18 +180,9 @@ namespace Icarus.Controllers.Managers
|
|||||||
DirectoryManager dirMgr = new DirectoryManager(_config, song);
|
DirectoryManager dirMgr = new DirectoryManager(_config, song);
|
||||||
dirMgr.CreateDirectory();
|
dirMgr.CreateDirectory();
|
||||||
|
|
||||||
/**
|
|
||||||
await Task.Run(() =>
|
|
||||||
{
|
|
||||||
System.IO.File.Delete(song.SongPath());
|
|
||||||
});
|
|
||||||
*/
|
|
||||||
|
|
||||||
var tempPath = song.SongPath();
|
var tempPath = song.SongPath();
|
||||||
song.Filename = song.GenerateFilename(1);
|
song.Filename = song.GenerateFilename(1);
|
||||||
var filePath = $"{dirMgr.SongDirectory}{song.Filename}";
|
var filePath = $"{dirMgr.SongDirectory}{song.Filename}";
|
||||||
// $"{dirMgr.SongDirectory}";
|
|
||||||
// filePath += $"{song.Filename}";
|
|
||||||
|
|
||||||
_logger.Info($"Absolute song path: {filePath}");
|
_logger.Info($"Absolute song path: {filePath}");
|
||||||
|
|
||||||
@@ -202,7 +193,6 @@ namespace Icarus.Controllers.Managers
|
|||||||
{
|
{
|
||||||
var songBytes = System.IO.File.ReadAllBytes(tempPath);
|
var songBytes = System.IO.File.ReadAllBytes(tempPath);
|
||||||
|
|
||||||
// System.IO.File.WriteAllBytes(filePath, songBytes);
|
|
||||||
_logger.Info("Saving song to the filesystem");
|
_logger.Info("Saving song to the filesystem");
|
||||||
fileStream.Write(songBytes, 0, songBytes.Count());
|
fileStream.Write(songBytes, 0, songBytes.Count());
|
||||||
|
|
||||||
@@ -267,26 +257,9 @@ namespace Icarus.Controllers.Managers
|
|||||||
var filePath = song.SongPath();
|
var filePath = song.SongPath();
|
||||||
_logger.Info($"Absolute song path: {filePath}");
|
_logger.Info($"Absolute song path: {filePath}");
|
||||||
|
|
||||||
if (System.IO.File.Exists(filePath))
|
|
||||||
{
|
|
||||||
_logger.Info("Why does the file exist?");
|
|
||||||
}
|
|
||||||
|
|
||||||
if (System.IO.File.Exists(tempPath))
|
|
||||||
{
|
|
||||||
// System.IO.File.Move(tempPath, filePath);
|
|
||||||
// _logger.Info("Moved song from temporary location to final location");
|
|
||||||
}
|
|
||||||
|
|
||||||
using (var fileStream = new FileStream(filePath, FileMode.Create))
|
using (var fileStream = new FileStream(filePath, FileMode.Create))
|
||||||
{
|
{
|
||||||
var songBytes = System.IO.File.ReadAllBytes(tempPath);
|
var songBytes = System.IO.File.ReadAllBytes(tempPath);
|
||||||
// fileStream.ReadAsync(songBytes)
|
|
||||||
|
|
||||||
if (System.IO.File.Exists(filePath))
|
|
||||||
{
|
|
||||||
_logger.Info("Why does the file exist?");
|
|
||||||
}
|
|
||||||
|
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
@@ -297,9 +270,6 @@ namespace Icarus.Controllers.Managers
|
|||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
// System.IO.File.WriteAllBytes(filePath, songBytes);
|
|
||||||
//
|
|
||||||
|
|
||||||
fileStream.Write(songBytes, 0, songBytes.Count());
|
fileStream.Write(songBytes, 0, songBytes.Count());
|
||||||
_logger.Info("Saved song to filesystem: {0}", filePath);
|
_logger.Info("Saved song to filesystem: {0}", filePath);
|
||||||
|
|
||||||
|
|||||||
@@ -21,16 +21,6 @@ using Icarus.Models;
|
|||||||
namespace Icarus.Controllers.Managers
|
namespace Icarus.Controllers.Managers
|
||||||
{
|
{
|
||||||
#region Classes
|
#region Classes
|
||||||
/**
|
|
||||||
{
|
|
||||||
"scope":"download:songs read:song_details upload:songs delete:songs read:albums read:artists update:songs stream:songs read:genre read:year download:cover_art",
|
|
||||||
"exp":1661616071,
|
|
||||||
"aud":"http://localhost:5002",
|
|
||||||
"iss":"http://localhost:5002",
|
|
||||||
"iat":1661529671
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
|
|
||||||
public class TokenManager : BaseManager
|
public class TokenManager : BaseManager
|
||||||
{
|
{
|
||||||
#region Fields
|
#region Fields
|
||||||
|
|||||||
@@ -1,20 +0,0 @@
|
|||||||
using System;
|
|
||||||
|
|
||||||
namespace Icarus.Exceptions
|
|
||||||
{
|
|
||||||
public class InvalidCredentialsException : Exception
|
|
||||||
{
|
|
||||||
public InvalidCredentialsException()
|
|
||||||
{
|
|
||||||
}
|
|
||||||
|
|
||||||
public InvalidCredentialsException(string message) : base(message)
|
|
||||||
{
|
|
||||||
}
|
|
||||||
|
|
||||||
public InvalidCredentialsException(string message,
|
|
||||||
Exception exception) : base(message, exception)
|
|
||||||
{
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1,21 +0,0 @@
|
|||||||
using System.Collections.Generic;
|
|
||||||
using System.Linq;
|
|
||||||
using System.Security.Claims;
|
|
||||||
|
|
||||||
namespace Icarus.Models.Shared
|
|
||||||
{
|
|
||||||
public class User
|
|
||||||
{
|
|
||||||
public string Username { get; set; }
|
|
||||||
public string Password { get; set; }
|
|
||||||
public IEnumerable<string> Roles { get; set; }
|
|
||||||
|
|
||||||
public IEnumerable<Claim> Claims()
|
|
||||||
{
|
|
||||||
var claims = new List<Claim> { new Claim(ClaimTypes.Name, Username) };
|
|
||||||
claims.AddRange(Roles.Select(role => new Claim(ClaimTypes.Role, role)));
|
|
||||||
|
|
||||||
return claims;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1,8 +0,0 @@
|
|||||||
namespace Icarus.Models.Shared
|
|
||||||
{
|
|
||||||
public class UserCredentials
|
|
||||||
{
|
|
||||||
public string Username { get; set; }
|
|
||||||
public string Password { get; set; }
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1,37 +0,0 @@
|
|||||||
// using JwtAuthentication.Shared.Models;
|
|
||||||
// using Icarus.Models.Shared;
|
|
||||||
using System.Collections.Generic;
|
|
||||||
using System.Linq;
|
|
||||||
|
|
||||||
namespace Icarus.Repositories
|
|
||||||
{
|
|
||||||
// TODO: Replace this with the UserContext.
|
|
||||||
public class UserRepository
|
|
||||||
{
|
|
||||||
private readonly IEnumerable<Icarus.Models.User> users;
|
|
||||||
|
|
||||||
public UserRepository()
|
|
||||||
{
|
|
||||||
users = new List<Icarus.Models.User>
|
|
||||||
{
|
|
||||||
new Icarus.Models.User
|
|
||||||
{
|
|
||||||
Username = "john.doe",
|
|
||||||
Password = "john.password",
|
|
||||||
Roles = new []{"User"}
|
|
||||||
},
|
|
||||||
new Icarus.Models.User
|
|
||||||
{
|
|
||||||
Username = "jane.doe",
|
|
||||||
Password = "jane.password",
|
|
||||||
Roles = new []{"User", "Admin"}
|
|
||||||
}
|
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
||||||
public Icarus.Models.User GetUser(string username)
|
|
||||||
{
|
|
||||||
return users.SingleOrDefault(u => u.Username.Equals(username));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1,31 +0,0 @@
|
|||||||
// using JwtAuthentication.Shared.Models;
|
|
||||||
// using JwtAuthentication.Shared.Services;
|
|
||||||
using Icarus;
|
|
||||||
using Icarus.Repositories;
|
|
||||||
using Icarus.Models.Shared;
|
|
||||||
using Icarus.Services;
|
|
||||||
|
|
||||||
namespace Icarus.Services
|
|
||||||
{
|
|
||||||
public class AuthenticationService
|
|
||||||
{
|
|
||||||
private Microsoft.Extensions.Configuration.IConfiguration _configuration;
|
|
||||||
private readonly UserService userService;
|
|
||||||
private readonly TokenService tokenService;
|
|
||||||
|
|
||||||
public AuthenticationService(UserService userService, TokenService tokenService, Microsoft.Extensions.Configuration.IConfiguration configuration)
|
|
||||||
{
|
|
||||||
this.userService = userService;
|
|
||||||
this.tokenService = tokenService;
|
|
||||||
this._configuration = configuration;
|
|
||||||
}
|
|
||||||
|
|
||||||
public string Authenticate(UserCredentials userCredentials)
|
|
||||||
{
|
|
||||||
userService.ValidateCredentials(userCredentials);
|
|
||||||
string securityToken = tokenService.GetToken(userCredentials.Username);
|
|
||||||
|
|
||||||
return securityToken;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1,82 +0,0 @@
|
|||||||
// using JwtAuthentication.AsymmetricEncryption.Certificates;
|
|
||||||
using System;
|
|
||||||
using System.IdentityModel.Tokens.Jwt;
|
|
||||||
using System.Security.Claims;
|
|
||||||
using System.Linq;
|
|
||||||
|
|
||||||
using Microsoft.IdentityModel.Tokens;
|
|
||||||
using Microsoft.Extensions.Configuration;
|
|
||||||
|
|
||||||
using Icarus;
|
|
||||||
using Icarus.Certs;
|
|
||||||
using Icarus.Database.Contexts;
|
|
||||||
using Icarus.Repositories;
|
|
||||||
using Icarus.Models.Shared;
|
|
||||||
// using JwtAuthentication.Shared;
|
|
||||||
// using JwtAuthentication.Shared.Models;
|
|
||||||
|
|
||||||
namespace Icarus.Services
|
|
||||||
{
|
|
||||||
public class TokenService
|
|
||||||
{
|
|
||||||
private Microsoft.Extensions.Configuration.IConfiguration _configuration;
|
|
||||||
private readonly UserRepository userRepository;
|
|
||||||
private readonly UserContext _userContext;
|
|
||||||
private readonly Icarus.Certs.SigningAudienceCertificate signingAudienceCertificate;
|
|
||||||
private string _publickKeyPath = string.Empty;
|
|
||||||
|
|
||||||
/**
|
|
||||||
public TokenService(UserRepository userRepository)
|
|
||||||
{
|
|
||||||
this.userRepository = userRepository;
|
|
||||||
signingAudienceCertificate = new SigningAudienceCertificate();
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
|
|
||||||
/**
|
|
||||||
public TokenService(UserRepository userRepository, Microsoft.Extensions.Configuration.IConfiguration configuration)
|
|
||||||
{
|
|
||||||
this._configuration = configuration;
|
|
||||||
this.userRepository = userRepository;
|
|
||||||
signingAudienceCertificate = new Icarus.Certs.SigningAudienceCertificate();
|
|
||||||
_publickKeyPath = configuration["RSAKeys:PublicKeyPath"];
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
|
|
||||||
public TokenService(Microsoft.Extensions.Configuration.IConfiguration configuration)
|
|
||||||
{
|
|
||||||
this._configuration = configuration;
|
|
||||||
// this.userRepository = userRepository;
|
|
||||||
this._userContext = new UserContext(configuration.GetConnectionString("DefaultConnection"));
|
|
||||||
signingAudienceCertificate = new Icarus.Certs.SigningAudienceCertificate();
|
|
||||||
_publickKeyPath = configuration["RSAKeys:PublicKeyPath"];
|
|
||||||
}
|
|
||||||
|
|
||||||
public string GetToken(string username)
|
|
||||||
{
|
|
||||||
// var user = userRepository.GetUser(username);
|
|
||||||
var user = _userContext.Users.FirstOrDefault(usr => usr.Username.Equals(username));
|
|
||||||
SecurityTokenDescriptor tokenDescriptor = GetTokenDescriptor(user);
|
|
||||||
|
|
||||||
var tokenHandler = new JwtSecurityTokenHandler();
|
|
||||||
SecurityToken securityToken = tokenHandler.CreateToken(tokenDescriptor);
|
|
||||||
string token = tokenHandler.WriteToken(securityToken);
|
|
||||||
|
|
||||||
return token;
|
|
||||||
}
|
|
||||||
|
|
||||||
private SecurityTokenDescriptor GetTokenDescriptor(Icarus.Models.User user)
|
|
||||||
{
|
|
||||||
const int expiringDays = 7;
|
|
||||||
|
|
||||||
var tokenDescriptor = new SecurityTokenDescriptor
|
|
||||||
{
|
|
||||||
Subject = new ClaimsIdentity(user.Claims()),
|
|
||||||
Expires = DateTime.UtcNow.AddDays(expiringDays),
|
|
||||||
SigningCredentials = signingAudienceCertificate.GetAudienceSigningKey(_publickKeyPath)
|
|
||||||
};
|
|
||||||
|
|
||||||
return tokenDescriptor;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1,53 +0,0 @@
|
|||||||
// using JwtAuthentication.Shared.Exceptions;
|
|
||||||
// using JwtAuthentication.Shared.Models;
|
|
||||||
using System.Linq;
|
|
||||||
|
|
||||||
using Microsoft.Extensions.Configuration;
|
|
||||||
|
|
||||||
using Icarus.Exceptions;
|
|
||||||
using Icarus.Models.Shared;
|
|
||||||
using Icarus.Services;
|
|
||||||
using Icarus.Repositories;
|
|
||||||
using Icarus.Database.Contexts;
|
|
||||||
|
|
||||||
namespace Icarus.Services
|
|
||||||
{
|
|
||||||
public class UserService
|
|
||||||
{
|
|
||||||
private Microsoft.Extensions.Configuration.IConfiguration _configuration;
|
|
||||||
private readonly UserRepository userRepository;
|
|
||||||
private readonly UserContext _userContext;
|
|
||||||
|
|
||||||
public UserService(UserRepository userRepository, Microsoft.Extensions.Configuration.IConfiguration configuration)
|
|
||||||
{
|
|
||||||
this._configuration = configuration;
|
|
||||||
this.userRepository = userRepository;
|
|
||||||
}
|
|
||||||
|
|
||||||
// public UserService(UserContext userContext, Microsoft.Extensions.Configuration.IConfiguration configuration)
|
|
||||||
public UserService(Microsoft.Extensions.Configuration.IConfiguration configuration)
|
|
||||||
{
|
|
||||||
this._configuration = configuration;
|
|
||||||
this._userContext = new UserContext(configuration.GetConnectionString("DefaultConnection"));
|
|
||||||
}
|
|
||||||
|
|
||||||
public void ValidateCredentials(UserCredentials userCredentials)
|
|
||||||
{
|
|
||||||
// Icarus.Models.User user = userRepository.GetUser(userCredentials.Username);
|
|
||||||
var user = _userContext.Users.FirstOrDefault(usr => usr.Username.Equals(userCredentials.Username));
|
|
||||||
bool isValid = user != null && AreValidCredentials(userCredentials, user);
|
|
||||||
|
|
||||||
if (!isValid)
|
|
||||||
{
|
|
||||||
throw new InvalidCredentialsException();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private static bool AreValidCredentials(UserCredentials userCredentials, Icarus.Models.User user)
|
|
||||||
{
|
|
||||||
// TODO: Has the user provided password and compair it to the hash retrieved from
|
|
||||||
// the DB
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
+2
-152
@@ -1,18 +1,7 @@
|
|||||||
using System;
|
using System;
|
||||||
using System.Collections.Generic;
|
|
||||||
using System.Linq;
|
|
||||||
using System.Threading.Tasks;
|
|
||||||
using System.IdentityModel.Tokens.Jwt;
|
|
||||||
using System.Security.Claims;
|
|
||||||
using System.Security.Cryptography;
|
|
||||||
using System.Security.Cryptography.X509Certificates;
|
|
||||||
|
|
||||||
using Microsoft.AspNetCore.Authentication.JwtBearer;
|
|
||||||
using Microsoft.AspNetCore.Authorization;
|
|
||||||
using Microsoft.AspNetCore.Builder;
|
using Microsoft.AspNetCore.Builder;
|
||||||
using Microsoft.AspNetCore.Hosting;
|
using Microsoft.AspNetCore.Hosting;
|
||||||
using Microsoft.AspNetCore.HttpsPolicy;
|
|
||||||
using Microsoft.AspNetCore.Mvc;
|
|
||||||
using Microsoft.Extensions.Configuration;
|
using Microsoft.Extensions.Configuration;
|
||||||
using Microsoft.Extensions.DependencyInjection;
|
using Microsoft.Extensions.DependencyInjection;
|
||||||
using Microsoft.Extensions.Logging;
|
using Microsoft.Extensions.Logging;
|
||||||
@@ -23,84 +12,14 @@ using Newtonsoft.Json;
|
|||||||
using NLog;
|
using NLog;
|
||||||
using NLog.Web;
|
using NLog.Web;
|
||||||
using NLog.Web.AspNetCore;
|
using NLog.Web.AspNetCore;
|
||||||
using Org.BouncyCastle.Crypto;
|
|
||||||
using Org.BouncyCastle.Crypto.Parameters;
|
|
||||||
using Org.BouncyCastle.OpenSsl;
|
|
||||||
using Org.BouncyCastle.Security;
|
|
||||||
|
|
||||||
using Icarus.Services;
|
|
||||||
using Icarus.Repositories;
|
|
||||||
using Icarus.Authorization;
|
|
||||||
using Icarus.Authorization.Handlers;
|
|
||||||
using Icarus.Database.Contexts;
|
using Icarus.Database.Contexts;
|
||||||
|
|
||||||
namespace Icarus
|
namespace Icarus
|
||||||
{
|
{
|
||||||
#region Classes
|
public static class ServiceStartup
|
||||||
/**
|
|
||||||
public class SigningIssuerCertificate
|
|
||||||
{
|
|
||||||
public SigningIssuerCertificate()
|
|
||||||
{
|
|
||||||
}
|
|
||||||
|
|
||||||
// public or private key?
|
|
||||||
public RsaSecurityKey GetIssuerSigningKey(string publicKeyPath)
|
|
||||||
{
|
|
||||||
var file = publicKeyPath;
|
|
||||||
var publicKey = System.IO.File.ReadAllText(file);
|
|
||||||
var rsa = new RSACryptoServiceProvider();
|
|
||||||
|
|
||||||
using (var reader = System.IO.File.OpenText(file))
|
|
||||||
{
|
|
||||||
var pem = new PemReader(reader);
|
|
||||||
var o = (RsaKeyParameters)pem.ReadObject();
|
|
||||||
var parameters = new RSAParameters();
|
|
||||||
parameters.Modulus = o.Modulus.ToByteArray();
|
|
||||||
parameters.Exponent = o.Exponent.ToByteArray();
|
|
||||||
rsa.ImportParameters(parameters);
|
|
||||||
}
|
|
||||||
|
|
||||||
return new RsaSecurityKey(rsa);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
|
|
||||||
/**
|
|
||||||
public class SigningAudienceCertificate
|
|
||||||
{
|
|
||||||
// public or private key?
|
|
||||||
public SigningCredentials GetAudienceSigningKey(string keyPath)
|
|
||||||
{
|
|
||||||
// string privateXmlKey = System.IO.File.ReadAllText("./private_key.xml");
|
|
||||||
// rsa.FromXmlString(privateXmlKey);
|
|
||||||
|
|
||||||
var file = keyPath;
|
|
||||||
var publicKey = System.IO.File.ReadAllText(file);
|
|
||||||
var rsa = new RSACryptoServiceProvider();
|
|
||||||
|
|
||||||
using (var reader = System.IO.File.OpenText(file))
|
|
||||||
{
|
|
||||||
var pem = new PemReader(reader);
|
|
||||||
var o = (RsaKeyParameters)pem.ReadObject();
|
|
||||||
var parameters = new RSAParameters();
|
|
||||||
parameters.Modulus = o.Modulus.ToByteArray();
|
|
||||||
parameters.Exponent = o.Exponent.ToByteArray();
|
|
||||||
rsa.ImportParameters(parameters);
|
|
||||||
}
|
|
||||||
|
|
||||||
return new SigningCredentials(
|
|
||||||
key: new RsaSecurityKey(rsa),
|
|
||||||
algorithm: SecurityAlgorithms.RsaSha256);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
#endregion
|
|
||||||
|
|
||||||
public static class MyClass
|
|
||||||
{
|
{
|
||||||
public static IServiceCollection AddAsymmetricAuthentication(this IServiceCollection services, IConfiguration configuration)
|
public static IServiceCollection AddAsymmetricAuthentication(this IServiceCollection services, IConfiguration configuration)
|
||||||
// public static IServiceCollection AddAsymmetricAuthentication(this IServiceCollection services, IConfiguration configuration)
|
|
||||||
{
|
{
|
||||||
var issuerSigningCertificate = new Icarus.Certs.SigningIssuerCertificate();
|
var issuerSigningCertificate = new Icarus.Certs.SigningIssuerCertificate();
|
||||||
RsaSecurityKey issuerSigningKey = issuerSigningCertificate.GetIssuerSigningKey(configuration["RSAKeys:PublicKeyPath"]);
|
RsaSecurityKey issuerSigningKey = issuerSigningCertificate.GetIssuerSigningKey(configuration["RSAKeys:PublicKeyPath"]);
|
||||||
@@ -151,69 +70,8 @@ namespace Icarus
|
|||||||
var domain = $"https://{auth_id}/";
|
var domain = $"https://{auth_id}/";
|
||||||
var audience = Configuration["Auth0:ApiIdentifier"];
|
var audience = Configuration["Auth0:ApiIdentifier"];
|
||||||
|
|
||||||
/**
|
|
||||||
services
|
|
||||||
.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
|
|
||||||
.AddJwtBearer(options =>
|
|
||||||
{
|
|
||||||
options.Authority = domain;
|
|
||||||
options.Audience = audience;
|
|
||||||
});
|
|
||||||
|
|
||||||
services.AddAuthorization(options =>
|
|
||||||
{
|
|
||||||
options.AddPolicy("download:songs", policy =>
|
|
||||||
policy.Requirements
|
|
||||||
.Add(new HasScopeRequirement("download:songs", domain)));
|
|
||||||
|
|
||||||
options.AddPolicy("download:cover_art", policy =>
|
|
||||||
policy.Requirements
|
|
||||||
.Add(new HasScopeRequirement("download:cover_art", domain)));
|
|
||||||
|
|
||||||
options.AddPolicy("upload:songs", policy =>
|
|
||||||
policy.Requirements
|
|
||||||
.Add(new HasScopeRequirement("upload:songs", domain)));
|
|
||||||
|
|
||||||
options.AddPolicy("delete:songs", policy =>
|
|
||||||
policy.Requirements
|
|
||||||
.Add(new HasScopeRequirement("delete:songs", domain)));
|
|
||||||
|
|
||||||
options.AddPolicy("read:song_details", policy =>
|
|
||||||
policy.Requirements
|
|
||||||
.Add(new HasScopeRequirement("read:song_details", domain)));
|
|
||||||
|
|
||||||
options.AddPolicy("update:songs", policy =>
|
|
||||||
policy.Requirements
|
|
||||||
.Add(new HasScopeRequirement("update:songs", domain)));
|
|
||||||
|
|
||||||
options.AddPolicy("read:artists", policy =>
|
|
||||||
policy.Requirements
|
|
||||||
.Add(new HasScopeRequirement("read:artists", domain)));
|
|
||||||
|
|
||||||
options.AddPolicy("read:albums", policy =>
|
|
||||||
policy.Requirements
|
|
||||||
.Add(new HasScopeRequirement("read:albums", domain)));
|
|
||||||
|
|
||||||
options.AddPolicy("read:genre", policy =>
|
|
||||||
policy.Requirements
|
|
||||||
.Add(new HasScopeRequirement("read:genre", domain)));
|
|
||||||
|
|
||||||
options.AddPolicy("read:year", policy =>
|
|
||||||
policy.Requirements
|
|
||||||
.Add(new HasScopeRequirement("read:year", domain)));
|
|
||||||
|
|
||||||
options.AddPolicy("stream:songs", policy =>
|
|
||||||
policy.Requirements
|
|
||||||
.Add(new HasScopeRequirement("stream:songs", domain)));
|
|
||||||
});
|
|
||||||
|
|
||||||
|
|
||||||
services.AddSingleton<IAuthorizationHandler, HasScopeHandler>();
|
|
||||||
*/
|
|
||||||
|
|
||||||
var connString = Configuration.GetConnectionString("DefaultConnection");
|
var connString = Configuration.GetConnectionString("DefaultConnection");
|
||||||
|
|
||||||
|
|
||||||
services.AddDbContext<SongContext>(options => options.UseMySQL(connString));
|
services.AddDbContext<SongContext>(options => options.UseMySQL(connString));
|
||||||
services.AddDbContext<AlbumContext>(options => options.UseMySQL(connString));
|
services.AddDbContext<AlbumContext>(options => options.UseMySQL(connString));
|
||||||
services.AddDbContext<ArtistContext>(options => options.UseMySQL(connString));
|
services.AddDbContext<ArtistContext>(options => options.UseMySQL(connString));
|
||||||
@@ -223,20 +81,12 @@ namespace Icarus
|
|||||||
|
|
||||||
services.AddAsymmetricAuthentication(Configuration);
|
services.AddAsymmetricAuthentication(Configuration);
|
||||||
|
|
||||||
// services.AddTransient<AuthenticationService>(au => new AuthenticationService(new UserService(new UserRepository(), Configuration), new TokenService(new UserRepository(), Configuration), Configuration));
|
/**
|
||||||
services.AddTransient<AuthenticationService>(au => new AuthenticationService(new UserService(Configuration), new TokenService(Configuration), Configuration));
|
services.AddTransient<AuthenticationService>(au => new AuthenticationService(new UserService(Configuration), new TokenService(Configuration), Configuration));
|
||||||
// services.AddTransient<UserService>(us => new UserService(new UserRepository(), Configuration));
|
|
||||||
services.AddTransient<UserService>(us => new UserService(Configuration));
|
services.AddTransient<UserService>(us => new UserService(Configuration));
|
||||||
// services.AddTransient<TokenService>(tk => new TokenService(new UserRepository(), Configuration));
|
|
||||||
services.AddTransient<TokenService>(tk => new TokenService(Configuration));
|
services.AddTransient<TokenService>(tk => new TokenService(Configuration));
|
||||||
services.AddTransient<UserRepository>();
|
services.AddTransient<UserRepository>();
|
||||||
services.AddTransient<UserContext>(uc => new UserContext(connString));
|
services.AddTransient<UserContext>(uc => new UserContext(connString));
|
||||||
/**
|
|
||||||
services.AddTransient<Func<string, UserContext>((providers) =>
|
|
||||||
{
|
|
||||||
return new Func<string, UserContext>((numParams) =>
|
|
||||||
new UserContext(providers.GetRequiredService<IConfiguration>, numParams));
|
|
||||||
});
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
services.AddControllers()
|
services.AddControllers()
|
||||||
|
|||||||
Reference in New Issue
Block a user