features/role-updates #18

Merged
jtom38 merged 8 commits from features/role-updates into main 2023-08-06 13:39:48 -07:00
Showing only changes of commit ff272ab146 - Show all commits

View File

@ -3,6 +3,7 @@ using System.Security.Claims;
using System.Text; using System.Text;
using Microsoft.AspNetCore.Identity; using Microsoft.AspNetCore.Identity;
using Microsoft.IdentityModel.Tokens; using Microsoft.IdentityModel.Tokens;
using Newsbot.Collector.Api.Domain.Consts;
using Newsbot.Collector.Domain.Results; using Newsbot.Collector.Domain.Results;
using Newsbot.Collector.Domain.Entities; using Newsbot.Collector.Domain.Entities;
using Newsbot.Collector.Domain.Interfaces; using Newsbot.Collector.Domain.Interfaces;
@ -16,22 +17,24 @@ public interface IIdentityService
AuthenticationResult Register(string email, string password); AuthenticationResult Register(string email, string password);
AuthenticationResult Login(string email, string password); AuthenticationResult Login(string email, string password);
AuthenticationResult RefreshToken(string token, string refreshToken); AuthenticationResult RefreshToken(string token, string refreshToken);
void AddRole(string roleName, string userId); void AddRole(string name, string userId);
} }
public class IdentityService : IIdentityService public class IdentityService : IIdentityService
{ {
private readonly UserManager<IdentityUser> _userManager; private readonly UserManager<IdentityUser> _userManager;
private readonly RoleManager<IdentityRole> _roleManager;
private readonly JwtSettings _jwtSettings; private readonly JwtSettings _jwtSettings;
private readonly TokenValidationParameters _tokenValidationParameters; private readonly TokenValidationParameters _tokenValidationParameters;
private readonly IRefreshTokenRepository _refreshTokenRepository; private readonly IRefreshTokenRepository _refreshTokenRepository;
public IdentityService(UserManager<IdentityUser> userManager, JwtSettings jwtSettings, TokenValidationParameters tokenValidationParameters, IRefreshTokenRepository refreshTokenRepository) public IdentityService(UserManager<IdentityUser> userManager, JwtSettings jwtSettings, TokenValidationParameters tokenValidationParameters, IRefreshTokenRepository refreshTokenRepository, RoleManager<IdentityRole> roleManager)
{ {
_userManager = userManager; _userManager = userManager;
_jwtSettings = jwtSettings; _jwtSettings = jwtSettings;
_tokenValidationParameters = tokenValidationParameters; _tokenValidationParameters = tokenValidationParameters;
_refreshTokenRepository = refreshTokenRepository; _refreshTokenRepository = refreshTokenRepository;
_roleManager = roleManager;
} }
public AuthenticationResult Register(string email, string password) public AuthenticationResult Register(string email, string password)
@ -64,6 +67,9 @@ public class IdentityService : IIdentityService
}; };
} }
var addRole = _userManager.AddToRoleAsync(newUser, Authorization.UsersRole);
addRole.Wait();
return GenerateJwtToken(newUser); return GenerateJwtToken(newUser);
} }
@ -109,8 +115,9 @@ public class IdentityService : IIdentityService
var expiryDateUnix = long.Parse(validatedToken.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Exp).Value); var expiryDateUnix = long.Parse(validatedToken.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Exp).Value);
// generate the unix epoc, add expiry time // generate the unix epoc, add expiry time
var expiryDateTimeUtc = new DateTime(1970, 0, 0, 0, 0, 0, DateTimeKind.Utc)
.AddSeconds(expiryDateUnix); var unixTime = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc);
var expiryDateTimeUtc = unixTime.AddSeconds(expiryDateUnix);
// if it expires in the future // if it expires in the future
if (expiryDateTimeUtc > DateTime.Now) if (expiryDateTimeUtc > DateTime.Now)
@ -179,7 +186,7 @@ public class IdentityService : IIdentityService
return GenerateJwtToken(user.Result); return GenerateJwtToken(user.Result);
} }
public void AddRole(string roleName, string userId) public void AddRole(string name, string userId)
{ {
var user = _userManager.FindByIdAsync(userId); var user = _userManager.FindByIdAsync(userId);
user.Wait(); user.Wait();
@ -189,7 +196,14 @@ public class IdentityService : IIdentityService
throw new Exception("User was not found"); throw new Exception("User was not found");
} }
_userManager.AddToRoleAsync(user.Result, roleName); if (!name.Equals(Authorization.AdministratorClaim)
|| !name.Equals(Authorization.UserClaim))
{
throw new Exception("Invalid role");
}
var addRole = _userManager.AddToRoleAsync(user.Result, name);
addRole.Wait();
} }
private ClaimsPrincipal? CheckTokenSigner(string token) private ClaimsPrincipal? CheckTokenSigner(string token)
@ -221,15 +235,25 @@ public class IdentityService : IIdentityService
{ {
var tokenHandler = new JwtSecurityTokenHandler(); var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_jwtSettings.Secret ?? ""); var key = Encoding.ASCII.GetBytes(_jwtSettings.Secret ?? "");
var tokenDescriptor = new SecurityTokenDescriptor
{ var claims = new List<Claim>
Subject = new ClaimsIdentity(new[]
{ {
new Claim(JwtRegisteredClaimNames.Sub, user.Email ?? ""), new Claim(JwtRegisteredClaimNames.Sub, user.Email ?? ""),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.Email, user.Email ?? ""), new Claim(JwtRegisteredClaimNames.Email, user.Email ?? ""),
new Claim("id", user.Id) new Claim("id", user.Id)
}), };
var userRoles = _userManager.GetRolesAsync(user);
userRoles.Wait();
foreach (var role in userRoles.Result)
{
claims.Add(new Claim(ClaimTypes.Role, role));
}
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.UtcNow.AddHours(3), Expires = DateTime.UtcNow.AddHours(3),
SigningCredentials = SigningCredentials =
new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
@ -239,6 +263,7 @@ public class IdentityService : IIdentityService
var refreshToken = new RefreshTokenEntity var refreshToken = new RefreshTokenEntity
{ {
Token = token.Id,
JwtId = token.Id, JwtId = token.Id,
UserId = user.Id, UserId = user.Id,
CreatedDate = DateTime.UtcNow, CreatedDate = DateTime.UtcNow,