Finished most of the auth portion

2019-05-05 20:21:31 -05:00
parent 23e518d225
commit 8e4e504fd8
7 changed files with 90 additions and 30 deletions
--- a/BrightGlimmer.Auth/Startup.cs
+++ b/BrightGlimmer.Auth/Startup.cs
@@ -1,8 +1,11 @@
 using System;
 using System.Collections.Generic;
 using System.Linq;
+using System.Text;
 using System.Threading.Tasks;
 using BrightGlimmer.Data;
+using JsonNet.PrivateSettersContractResolvers;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.HttpsPolicy;
@@ -12,6 +15,7 @@ using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
+using Microsoft.IdentityModel.Tokens;

 namespace BrightGlimmer.Auth
 {
@@ -22,12 +26,38 @@ namespace BrightGlimmer.Auth
            Configuration = configuration;
        }

-        public IConfiguration Configuration { get; }
+        public static IConfiguration Configuration { get; private set; }

        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
-            services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
+            services.AddMvc()
+                    .SetCompatibilityVersion(CompatibilityVersion.Version_2_2)
+                    .AddJsonOptions(options =>
+                    {
+                        // Allow private fields to deserialize
+                        options.SerializerSettings.ContractResolver = new PrivateSetterContractResolver();
+                    });
+
+            /* Setup Jwt Authentication */
+            var key = Encoding.UTF8.GetBytes(Configuration.GetSection("Keys")["JwtPrivateKey"]); /* TODO: Change to Azure Key Vault */
+            services.AddAuthentication(x =>
+            {
+                x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
+                x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
+            })
+            .AddJwtBearer(x =>
+            {
+                x.RequireHttpsMetadata = false;
+                x.SaveToken = true;
+                x.TokenValidationParameters = new TokenValidationParameters
+                {
+                    ValidateIssuerSigningKey = true,
+                    IssuerSigningKey = new SymmetricSecurityKey(key),
+                    ValidateIssuer = false, /* TODO: Add validation for both issuer and audience */
+                    ValidateAudience = false
+                };
+            });

            /* Configure EF Core DbContext */
            services.AddDbContext<AuthContext>(options => options.UseLazyLoadingProxies()
@@ -48,6 +78,7 @@ namespace BrightGlimmer.Auth
            }

            app.UseHttpsRedirection();
+            app.UseAuthentication();
            app.UseMvc();

            // Makes sure that the database is in fact created