Added API token functionality
This commit is contained in:
2
.idea/.idea.HopFrame/.idea/dataSources.xml
generated
2
.idea/.idea.HopFrame/.idea/dataSources.xml
generated
@@ -5,7 +5,7 @@
|
|||||||
<driver-ref>sqlite.xerial</driver-ref>
|
<driver-ref>sqlite.xerial</driver-ref>
|
||||||
<synchronize>true</synchronize>
|
<synchronize>true</synchronize>
|
||||||
<jdbc-driver>org.sqlite.JDBC</jdbc-driver>
|
<jdbc-driver>org.sqlite.JDBC</jdbc-driver>
|
||||||
<jdbc-url>jdbc:sqlite:$PROJECT_DIR$/test/RestApiTest/bin/Debug/net8.0/test.db</jdbc-url>
|
<jdbc-url>jdbc:sqlite:C:\Users\leon\Documents\Projekte\HopFrame\testing\HopFrame.Testing.Api\bin\Debug\net8.0\test.db</jdbc-url>
|
||||||
<jdbc-additional-properties>
|
<jdbc-additional-properties>
|
||||||
<property name="com.intellij.clouds.kubernetes.db.enabled" value="false" />
|
<property name="com.intellij.clouds.kubernetes.db.enabled" value="false" />
|
||||||
</jdbc-additional-properties>
|
</jdbc-additional-properties>
|
||||||
|
|||||||
@@ -69,6 +69,7 @@
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
</wpf:ResourceDictionary>
|
</wpf:ResourceDictionary>
|
||||||
@@ -23,18 +23,18 @@ internal class AuthLogic(IUserRepository users, ITokenRepository tokens, ITokenC
|
|||||||
var refreshToken = await tokens.CreateToken(Token.RefreshTokenType, user);
|
var refreshToken = await tokens.CreateToken(Token.RefreshTokenType, user);
|
||||||
var accessToken = await tokens.CreateToken(Token.AccessTokenType, user);
|
var accessToken = await tokens.CreateToken(Token.AccessTokenType, user);
|
||||||
|
|
||||||
accessor.HttpContext?.Response.Cookies.Append(ITokenContext.RefreshTokenType, refreshToken.Content.ToString(), new CookieOptions {
|
accessor.HttpContext?.Response.Cookies.Append(ITokenContext.RefreshTokenType, refreshToken.TokenId.ToString(), new CookieOptions {
|
||||||
MaxAge = options.Value.RefreshTokenTime,
|
MaxAge = options.Value.RefreshTokenTime,
|
||||||
HttpOnly = true,
|
HttpOnly = true,
|
||||||
Secure = true
|
Secure = true
|
||||||
});
|
});
|
||||||
accessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.Content.ToString(), new CookieOptions {
|
accessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.TokenId.ToString(), new CookieOptions {
|
||||||
MaxAge = options.Value.AccessTokenTime,
|
MaxAge = options.Value.AccessTokenTime,
|
||||||
HttpOnly = true,
|
HttpOnly = true,
|
||||||
Secure = true
|
Secure = true
|
||||||
});
|
});
|
||||||
|
|
||||||
return LogicResult<SingleValueResult<string>>.Ok(accessToken.Content.ToString());
|
return LogicResult<SingleValueResult<string>>.Ok(accessToken.TokenId.ToString());
|
||||||
}
|
}
|
||||||
|
|
||||||
public async Task<LogicResult<SingleValueResult<string>>> Register(UserRegister register) {
|
public async Task<LogicResult<SingleValueResult<string>>> Register(UserRegister register) {
|
||||||
@@ -54,18 +54,18 @@ internal class AuthLogic(IUserRepository users, ITokenRepository tokens, ITokenC
|
|||||||
var refreshToken = await tokens.CreateToken(Token.RefreshTokenType, user);
|
var refreshToken = await tokens.CreateToken(Token.RefreshTokenType, user);
|
||||||
var accessToken = await tokens.CreateToken(Token.AccessTokenType, user);
|
var accessToken = await tokens.CreateToken(Token.AccessTokenType, user);
|
||||||
|
|
||||||
accessor.HttpContext?.Response.Cookies.Append(ITokenContext.RefreshTokenType, refreshToken.Content.ToString(), new CookieOptions {
|
accessor.HttpContext?.Response.Cookies.Append(ITokenContext.RefreshTokenType, refreshToken.TokenId.ToString(), new CookieOptions {
|
||||||
MaxAge = options.Value.RefreshTokenTime,
|
MaxAge = options.Value.RefreshTokenTime,
|
||||||
HttpOnly = true,
|
HttpOnly = true,
|
||||||
Secure = true
|
Secure = true
|
||||||
});
|
});
|
||||||
accessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.Content.ToString(), new CookieOptions {
|
accessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.TokenId.ToString(), new CookieOptions {
|
||||||
MaxAge = options.Value.AccessTokenTime,
|
MaxAge = options.Value.AccessTokenTime,
|
||||||
HttpOnly = false,
|
HttpOnly = false,
|
||||||
Secure = true
|
Secure = true
|
||||||
});
|
});
|
||||||
|
|
||||||
return LogicResult<SingleValueResult<string>>.Ok(accessToken.Content.ToString());
|
return LogicResult<SingleValueResult<string>>.Ok(accessToken.TokenId.ToString());
|
||||||
}
|
}
|
||||||
|
|
||||||
public async Task<LogicResult<SingleValueResult<string>>> Authenticate() {
|
public async Task<LogicResult<SingleValueResult<string>>> Authenticate() {
|
||||||
@@ -87,13 +87,13 @@ internal class AuthLogic(IUserRepository users, ITokenRepository tokens, ITokenC
|
|||||||
|
|
||||||
var accessToken = await tokens.CreateToken(Token.AccessTokenType, token.Owner);
|
var accessToken = await tokens.CreateToken(Token.AccessTokenType, token.Owner);
|
||||||
|
|
||||||
accessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.Content.ToString(), new CookieOptions {
|
accessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.TokenId.ToString(), new CookieOptions {
|
||||||
MaxAge = options.Value.AccessTokenTime,
|
MaxAge = options.Value.AccessTokenTime,
|
||||||
HttpOnly = false,
|
HttpOnly = false,
|
||||||
Secure = true
|
Secure = true
|
||||||
});
|
});
|
||||||
|
|
||||||
return LogicResult<SingleValueResult<string>>.Ok(accessToken.Content.ToString());
|
return LogicResult<SingleValueResult<string>>.Ok(accessToken.TokenId.ToString());
|
||||||
}
|
}
|
||||||
|
|
||||||
public async Task<LogicResult> Logout() {
|
public async Task<LogicResult> Logout() {
|
||||||
|
|||||||
@@ -30,5 +30,10 @@ public abstract class HopDbContextBase : DbContext {
|
|||||||
.HasMany(g => g.Permissions)
|
.HasMany(g => g.Permissions)
|
||||||
.WithOne(p => p.Group)
|
.WithOne(p => p.Group)
|
||||||
.OnDelete(DeleteBehavior.Cascade);
|
.OnDelete(DeleteBehavior.Cascade);
|
||||||
|
|
||||||
|
modelBuilder.Entity<Token>()
|
||||||
|
.HasMany(t => t.Permissions)
|
||||||
|
.WithOne(t => t.Token)
|
||||||
|
.OnDelete(DeleteBehavior.Cascade);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -21,6 +21,9 @@ public class Permission {
|
|||||||
[ForeignKey("GroupName"), JsonIgnore]
|
[ForeignKey("GroupName"), JsonIgnore]
|
||||||
public virtual PermissionGroup Group { get; set; }
|
public virtual PermissionGroup Group { get; set; }
|
||||||
|
|
||||||
|
[ForeignKey("TokenId"), JsonIgnore]
|
||||||
|
public virtual Token Token { get; set; }
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public interface IPermissionOwner;
|
public interface IPermissionOwner;
|
||||||
|
|||||||
@@ -4,24 +4,32 @@ using System.Text.Json.Serialization;
|
|||||||
|
|
||||||
namespace HopFrame.Database.Models;
|
namespace HopFrame.Database.Models;
|
||||||
|
|
||||||
public class Token {
|
public class Token : IPermissionOwner {
|
||||||
public const int RefreshTokenType = 0;
|
public const int RefreshTokenType = 0;
|
||||||
public const int AccessTokenType = 1;
|
public const int AccessTokenType = 1;
|
||||||
|
public const int ApiTokenType = 2;
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Defines the Type of the stored Token
|
/// Defines the Type of the stored Token
|
||||||
/// 0: Refresh token
|
/// 0: Refresh token
|
||||||
/// 1: Access token
|
/// 1: Access token
|
||||||
|
/// 2: Api token
|
||||||
/// </summary>
|
/// </summary>
|
||||||
[Required, MinLength(1), MaxLength(1)]
|
[Required, MinLength(1), MaxLength(1)]
|
||||||
public int Type { get; set; }
|
public int Type { get; set; }
|
||||||
|
|
||||||
[Key, Required, MinLength(36), MaxLength(36)]
|
[Key, Required, MinLength(36), MaxLength(36)]
|
||||||
public Guid Content { get; set; }
|
public Guid TokenId { get; set; }
|
||||||
|
|
||||||
|
/// <summary>
|
||||||
|
/// Defines the creation date of the token
|
||||||
|
/// In case of an api token it defines the date it becomes invalid
|
||||||
|
/// </summary>
|
||||||
[Required]
|
[Required]
|
||||||
public DateTime CreatedAt { get; set; }
|
public DateTime CreatedAt { get; set; }
|
||||||
|
|
||||||
[ForeignKey("UserId"), JsonIgnore]
|
[ForeignKey("UserId"), JsonIgnore]
|
||||||
public virtual User Owner { get; set; }
|
public virtual User Owner { get; set; }
|
||||||
|
|
||||||
|
public virtual List<Permission> Permissions { get; set; }
|
||||||
}
|
}
|
||||||
@@ -6,4 +6,5 @@ public interface ITokenRepository {
|
|||||||
Task<Token> GetToken(string content);
|
Task<Token> GetToken(string content);
|
||||||
Task<Token> CreateToken(int type, User owner);
|
Task<Token> CreateToken(int type, User owner);
|
||||||
Task DeleteUserTokens(User owner);
|
Task DeleteUserTokens(User owner);
|
||||||
|
Task<Token> CreateApiToken(User owner, DateTime expirationDate);
|
||||||
}
|
}
|
||||||
@@ -24,6 +24,10 @@ internal sealed class PermissionRepository<TDbContext>(TDbContext context, IGrou
|
|||||||
entry.User = user;
|
entry.User = user;
|
||||||
}else if (owner is PermissionGroup group) {
|
}else if (owner is PermissionGroup group) {
|
||||||
entry.Group = group;
|
entry.Group = group;
|
||||||
|
}else if (owner is Token token) {
|
||||||
|
if (token.Type != Token.ApiTokenType)
|
||||||
|
throw new ArgumentException("Only API tokens can have permissions!");
|
||||||
|
entry.Token = token;
|
||||||
}
|
}
|
||||||
|
|
||||||
await context.Permissions.AddAsync(entry);
|
await context.Permissions.AddAsync(entry);
|
||||||
@@ -48,6 +52,13 @@ internal sealed class PermissionRepository<TDbContext>(TDbContext context, IGrou
|
|||||||
.Where(p =>p.Group.Name == group.Name)
|
.Where(p =>p.Group.Name == group.Name)
|
||||||
.Where(p => p.PermissionName == permission)
|
.Where(p => p.PermissionName == permission)
|
||||||
.SingleOrDefaultAsync();
|
.SingleOrDefaultAsync();
|
||||||
|
}else if (owner is Token token) {
|
||||||
|
entry = await context.Permissions
|
||||||
|
.Include(p => p.Token)
|
||||||
|
.Where(p => p.Token != null)
|
||||||
|
.Where(p => p.Token.TokenId == token.TokenId)
|
||||||
|
.Where(p => p.PermissionName == permission)
|
||||||
|
.SingleOrDefaultAsync();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (entry is not null) {
|
if (entry is not null) {
|
||||||
@@ -74,6 +85,14 @@ internal sealed class PermissionRepository<TDbContext>(TDbContext context, IGrou
|
|||||||
.Where(p =>p.Group.Name == group.Name)
|
.Where(p =>p.Group.Name == group.Name)
|
||||||
.ToListAsync();
|
.ToListAsync();
|
||||||
|
|
||||||
|
permissions.AddRange(perms.Select(p => p.PermissionName));
|
||||||
|
}else if (owner is Token token) {
|
||||||
|
var perms = await context.Permissions
|
||||||
|
.Include(p => p.Token)
|
||||||
|
.Where(p => p.Token != null)
|
||||||
|
.Where(p =>p.Token.TokenId == token.TokenId)
|
||||||
|
.ToListAsync();
|
||||||
|
|
||||||
permissions.AddRange(perms.Select(p => p.PermissionName));
|
permissions.AddRange(perms.Select(p => p.PermissionName));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -11,14 +11,14 @@ internal sealed class TokenRepository<TDbContext>(TDbContext context) : ITokenRe
|
|||||||
|
|
||||||
return await context.Tokens
|
return await context.Tokens
|
||||||
.Include(t => t.Owner)
|
.Include(t => t.Owner)
|
||||||
.Where(t => t.Content == guid)
|
.Where(t => t.TokenId == guid)
|
||||||
.SingleOrDefaultAsync();
|
.SingleOrDefaultAsync();
|
||||||
}
|
}
|
||||||
|
|
||||||
public async Task<Token> CreateToken(int type, User owner) {
|
public async Task<Token> CreateToken(int type, User owner) {
|
||||||
var token = new Token {
|
var token = new Token {
|
||||||
CreatedAt = DateTime.Now,
|
CreatedAt = DateTime.Now,
|
||||||
Content = Guid.NewGuid(),
|
TokenId = Guid.NewGuid(),
|
||||||
Type = type,
|
Type = type,
|
||||||
Owner = owner
|
Owner = owner
|
||||||
};
|
};
|
||||||
@@ -38,4 +38,18 @@ internal sealed class TokenRepository<TDbContext>(TDbContext context) : ITokenRe
|
|||||||
context.Tokens.RemoveRange(tokens);
|
context.Tokens.RemoveRange(tokens);
|
||||||
await context.SaveChangesAsync();
|
await context.SaveChangesAsync();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public async Task<Token> CreateApiToken(User owner, DateTime expirationDate) {
|
||||||
|
var token = new Token {
|
||||||
|
CreatedAt = expirationDate,
|
||||||
|
TokenId = Guid.NewGuid(),
|
||||||
|
Type = Token.ApiTokenType,
|
||||||
|
Owner = owner
|
||||||
|
};
|
||||||
|
|
||||||
|
await context.Tokens.AddAsync(token);
|
||||||
|
await context.SaveChangesAsync();
|
||||||
|
|
||||||
|
return token;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
@@ -1,5 +1,6 @@
|
|||||||
using System.Security.Claims;
|
using System.Security.Claims;
|
||||||
using System.Text.Encodings.Web;
|
using System.Text.Encodings.Web;
|
||||||
|
using HopFrame.Database.Models;
|
||||||
using HopFrame.Database.Repositories;
|
using HopFrame.Database.Repositories;
|
||||||
using HopFrame.Security.Claims;
|
using HopFrame.Security.Claims;
|
||||||
using Microsoft.AspNetCore.Authentication;
|
using Microsoft.AspNetCore.Authentication;
|
||||||
@@ -33,7 +34,10 @@ public class HopFrameAuthentication(
|
|||||||
var tokenEntry = await tokens.GetToken(accessToken);
|
var tokenEntry = await tokens.GetToken(accessToken);
|
||||||
|
|
||||||
if (tokenEntry is null) return AuthenticateResult.Fail("The provided Access Token does not exist");
|
if (tokenEntry is null) return AuthenticateResult.Fail("The provided Access Token does not exist");
|
||||||
if (tokenEntry.CreatedAt + tokenOptions.Value.AccessTokenTime < DateTime.Now) return AuthenticateResult.Fail("The provided Access Token is expired");
|
|
||||||
|
if (tokenEntry.Type == Token.ApiTokenType) {
|
||||||
|
if (tokenEntry.CreatedAt < DateTime.Now) return AuthenticateResult.Fail("The provided API Token is expired");
|
||||||
|
}else if (tokenEntry.CreatedAt + tokenOptions.Value.AccessTokenTime < DateTime.Now) return AuthenticateResult.Fail("The provided Access Token is expired");
|
||||||
|
|
||||||
if (tokenEntry.Owner is null)
|
if (tokenEntry.Owner is null)
|
||||||
return AuthenticateResult.Fail("The provided Access Token does not match any user");
|
return AuthenticateResult.Fail("The provided Access Token does not match any user");
|
||||||
@@ -43,7 +47,15 @@ public class HopFrameAuthentication(
|
|||||||
new(HopFrameClaimTypes.UserId, tokenEntry.Owner.Id.ToString())
|
new(HopFrameClaimTypes.UserId, tokenEntry.Owner.Id.ToString())
|
||||||
};
|
};
|
||||||
|
|
||||||
var permissions = await perms.GetFullPermissions(tokenEntry.Owner);
|
IList<string> permissions;
|
||||||
|
|
||||||
|
if (tokenEntry.Type == Token.ApiTokenType) {
|
||||||
|
permissions = await perms.GetFullPermissions(tokenEntry);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
permissions = await perms.GetFullPermissions(tokenEntry.Owner);
|
||||||
|
}
|
||||||
|
|
||||||
claims.AddRange(permissions.Select(perm => new Claim(HopFrameClaimTypes.Permission, perm)));
|
claims.AddRange(permissions.Select(perm => new Claim(HopFrameClaimTypes.Permission, perm)));
|
||||||
|
|
||||||
var principal = new ClaimsPrincipal();
|
var principal = new ClaimsPrincipal();
|
||||||
|
|||||||
@@ -22,7 +22,7 @@ public sealed class AuthMiddleware(IAuthService auth, IPermissionRepository perm
|
|||||||
}
|
}
|
||||||
|
|
||||||
var claims = new List<Claim> {
|
var claims = new List<Claim> {
|
||||||
new(HopFrameClaimTypes.AccessTokenId, token.Content.ToString()),
|
new(HopFrameClaimTypes.AccessTokenId, token.TokenId.ToString()),
|
||||||
new(HopFrameClaimTypes.UserId, token.Owner.Id.ToString())
|
new(HopFrameClaimTypes.UserId, token.Owner.Id.ToString())
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|||||||
@@ -28,12 +28,12 @@ internal class AuthService(
|
|||||||
var refreshToken = await tokens.CreateToken(Token.RefreshTokenType, user);
|
var refreshToken = await tokens.CreateToken(Token.RefreshTokenType, user);
|
||||||
var accessToken = await tokens.CreateToken(Token.AccessTokenType, user);
|
var accessToken = await tokens.CreateToken(Token.AccessTokenType, user);
|
||||||
|
|
||||||
httpAccessor.HttpContext?.Response.Cookies.Append(ITokenContext.RefreshTokenType, refreshToken.Content.ToString(), new CookieOptions {
|
httpAccessor.HttpContext?.Response.Cookies.Append(ITokenContext.RefreshTokenType, refreshToken.TokenId.ToString(), new CookieOptions {
|
||||||
MaxAge = options.Value.RefreshTokenTime,
|
MaxAge = options.Value.RefreshTokenTime,
|
||||||
HttpOnly = true,
|
HttpOnly = true,
|
||||||
Secure = true
|
Secure = true
|
||||||
});
|
});
|
||||||
httpAccessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.Content.ToString(), new CookieOptions {
|
httpAccessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.TokenId.ToString(), new CookieOptions {
|
||||||
MaxAge = options.Value.AccessTokenTime,
|
MaxAge = options.Value.AccessTokenTime,
|
||||||
HttpOnly = false,
|
HttpOnly = false,
|
||||||
Secure = true
|
Secure = true
|
||||||
@@ -49,12 +49,12 @@ internal class AuthService(
|
|||||||
var refreshToken = await tokens.CreateToken(Token.RefreshTokenType, user);
|
var refreshToken = await tokens.CreateToken(Token.RefreshTokenType, user);
|
||||||
var accessToken = await tokens.CreateToken(Token.AccessTokenType, user);
|
var accessToken = await tokens.CreateToken(Token.AccessTokenType, user);
|
||||||
|
|
||||||
httpAccessor.HttpContext?.Response.Cookies.Append(ITokenContext.RefreshTokenType, refreshToken.Content.ToString(), new CookieOptions {
|
httpAccessor.HttpContext?.Response.Cookies.Append(ITokenContext.RefreshTokenType, refreshToken.TokenId.ToString(), new CookieOptions {
|
||||||
MaxAge = options.Value.RefreshTokenTime,
|
MaxAge = options.Value.RefreshTokenTime,
|
||||||
HttpOnly = true,
|
HttpOnly = true,
|
||||||
Secure = true
|
Secure = true
|
||||||
});
|
});
|
||||||
httpAccessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.Content.ToString(), new CookieOptions {
|
httpAccessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.TokenId.ToString(), new CookieOptions {
|
||||||
MaxAge = options.Value.AccessTokenTime,
|
MaxAge = options.Value.AccessTokenTime,
|
||||||
HttpOnly = false,
|
HttpOnly = false,
|
||||||
Secure = true
|
Secure = true
|
||||||
@@ -83,7 +83,7 @@ internal class AuthService(
|
|||||||
|
|
||||||
var accessToken = await tokens.CreateToken(Token.AccessTokenType, token.Owner);
|
var accessToken = await tokens.CreateToken(Token.AccessTokenType, token.Owner);
|
||||||
|
|
||||||
httpAccessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.Content.ToString(), new CookieOptions {
|
httpAccessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.TokenId.ToString(), new CookieOptions {
|
||||||
MaxAge = options.Value.AccessTokenTime,
|
MaxAge = options.Value.AccessTokenTime,
|
||||||
HttpOnly = false,
|
HttpOnly = false,
|
||||||
Secure = true
|
Secure = true
|
||||||
|
|||||||
@@ -58,13 +58,13 @@ public class AuthLogicTests {
|
|||||||
tokens
|
tokens
|
||||||
.Setup(t => t.CreateToken(It.Is<int>(t => t == Token.RefreshTokenType), It.IsAny<User>()))
|
.Setup(t => t.CreateToken(It.Is<int>(t => t == Token.RefreshTokenType), It.IsAny<User>()))
|
||||||
.ReturnsAsync(new Token {
|
.ReturnsAsync(new Token {
|
||||||
Content = _refreshToken,
|
TokenId = _refreshToken,
|
||||||
Type = Token.RefreshTokenType
|
Type = Token.RefreshTokenType
|
||||||
});
|
});
|
||||||
tokens
|
tokens
|
||||||
.Setup(t => t.CreateToken(It.Is<int>(t => t == Token.AccessTokenType), It.IsAny<User>()))
|
.Setup(t => t.CreateToken(It.Is<int>(t => t == Token.AccessTokenType), It.IsAny<User>()))
|
||||||
.ReturnsAsync(new Token {
|
.ReturnsAsync(new Token {
|
||||||
Content = _accessToken,
|
TokenId = _accessToken,
|
||||||
Type = Token.AccessTokenType
|
Type = Token.AccessTokenType
|
||||||
});
|
});
|
||||||
tokens
|
tokens
|
||||||
@@ -229,11 +229,11 @@ public class AuthLogicTests {
|
|||||||
// Arrange
|
// Arrange
|
||||||
var token = new Token {
|
var token = new Token {
|
||||||
Type = Token.RefreshTokenType,
|
Type = Token.RefreshTokenType,
|
||||||
Content = _refreshToken,
|
TokenId = _refreshToken,
|
||||||
CreatedAt = DateTime.Now,
|
CreatedAt = DateTime.Now,
|
||||||
Owner = CreateDummyUser()
|
Owner = CreateDummyUser()
|
||||||
};
|
};
|
||||||
var (auth, context) = SetupEnvironment(true, token, token.Content.ToString());
|
var (auth, context) = SetupEnvironment(true, token, token.TokenId.ToString());
|
||||||
|
|
||||||
// Act
|
// Act
|
||||||
var result = await auth.Authenticate();
|
var result = await auth.Authenticate();
|
||||||
@@ -277,11 +277,11 @@ public class AuthLogicTests {
|
|||||||
// Arrange
|
// Arrange
|
||||||
var token = new Token {
|
var token = new Token {
|
||||||
Type = Token.AccessTokenType,
|
Type = Token.AccessTokenType,
|
||||||
Content = _refreshToken,
|
TokenId = _refreshToken,
|
||||||
CreatedAt = DateTime.Now,
|
CreatedAt = DateTime.Now,
|
||||||
Owner = CreateDummyUser()
|
Owner = CreateDummyUser()
|
||||||
};
|
};
|
||||||
var (auth, context) = SetupEnvironment(true, token, token.Content.ToString());
|
var (auth, context) = SetupEnvironment(true, token, token.TokenId.ToString());
|
||||||
|
|
||||||
// Act
|
// Act
|
||||||
var result = await auth.Authenticate();
|
var result = await auth.Authenticate();
|
||||||
@@ -297,11 +297,11 @@ public class AuthLogicTests {
|
|||||||
// Arrange
|
// Arrange
|
||||||
var token = new Token {
|
var token = new Token {
|
||||||
Type = Token.RefreshTokenType,
|
Type = Token.RefreshTokenType,
|
||||||
Content = _refreshToken,
|
TokenId = _refreshToken,
|
||||||
CreatedAt = DateTime.MinValue,
|
CreatedAt = DateTime.MinValue,
|
||||||
Owner = CreateDummyUser()
|
Owner = CreateDummyUser()
|
||||||
};
|
};
|
||||||
var (auth, context) = SetupEnvironment(true, token, token.Content.ToString());
|
var (auth, context) = SetupEnvironment(true, token, token.TokenId.ToString());
|
||||||
|
|
||||||
// Act
|
// Act
|
||||||
var result = await auth.Authenticate();
|
var result = await auth.Authenticate();
|
||||||
|
|||||||
@@ -14,7 +14,7 @@ public class TokenRepositoryTests {
|
|||||||
|
|
||||||
for (int i = 0; i < count; i++) {
|
for (int i = 0; i < count; i++) {
|
||||||
await context.Tokens.AddAsync(new() {
|
await context.Tokens.AddAsync(new() {
|
||||||
Content = Guid.NewGuid(),
|
TokenId = Guid.NewGuid(),
|
||||||
Owner = CreateTestUser(),
|
Owner = CreateTestUser(),
|
||||||
Type = Token.AccessTokenType
|
Type = Token.AccessTokenType
|
||||||
});
|
});
|
||||||
@@ -37,7 +37,7 @@ public class TokenRepositoryTests {
|
|||||||
var token = context.Tokens.First();
|
var token = context.Tokens.First();
|
||||||
|
|
||||||
// Act
|
// Act
|
||||||
var result = await repo.GetToken(token.Content.ToString());
|
var result = await repo.GetToken(token.TokenId.ToString());
|
||||||
|
|
||||||
// Assert
|
// Assert
|
||||||
Assert.Equal(token, result);
|
Assert.Equal(token, result);
|
||||||
@@ -64,12 +64,12 @@ public class TokenRepositoryTests {
|
|||||||
var user = CreateTestUser();
|
var user = CreateTestUser();
|
||||||
await context.Tokens.AddRangeAsync(new List<Token> {
|
await context.Tokens.AddRangeAsync(new List<Token> {
|
||||||
new() {
|
new() {
|
||||||
Content = Guid.NewGuid(),
|
TokenId = Guid.NewGuid(),
|
||||||
Owner = user,
|
Owner = user,
|
||||||
Type = Token.AccessTokenType
|
Type = Token.AccessTokenType
|
||||||
},
|
},
|
||||||
new() {
|
new() {
|
||||||
Content = Guid.NewGuid(),
|
TokenId = Guid.NewGuid(),
|
||||||
Owner = user,
|
Owner = user,
|
||||||
Type = Token.RefreshTokenType
|
Type = Token.RefreshTokenType
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -30,7 +30,7 @@ public class AuthenticationTests {
|
|||||||
|
|
||||||
var provideCorrectToken = correctToken is null;
|
var provideCorrectToken = correctToken is null;
|
||||||
correctToken ??= new Token {
|
correctToken ??= new Token {
|
||||||
Content = Guid.NewGuid(),
|
TokenId = Guid.NewGuid(),
|
||||||
CreatedAt = DateTime.Now,
|
CreatedAt = DateTime.Now,
|
||||||
Type = Token.AccessTokenType,
|
Type = Token.AccessTokenType,
|
||||||
Owner = new User {
|
Owner = new User {
|
||||||
@@ -39,7 +39,7 @@ public class AuthenticationTests {
|
|||||||
};
|
};
|
||||||
|
|
||||||
tokens
|
tokens
|
||||||
.Setup(x => x.GetToken(It.Is<string>(t => t == correctToken.Content.ToString())))
|
.Setup(x => x.GetToken(It.Is<string>(t => t == correctToken.TokenId.ToString())))
|
||||||
.ReturnsAsync(correctToken);
|
.ReturnsAsync(correctToken);
|
||||||
|
|
||||||
perms
|
perms
|
||||||
@@ -49,7 +49,7 @@ public class AuthenticationTests {
|
|||||||
var auth = new HopFrameAuthentication(options.Object, logger.Object, encoder.Object, clock.Object, tokens.Object, perms.Object, new OptionsWrapper<HopFrameAuthenticationOptions>(new HopFrameAuthenticationOptions()));
|
var auth = new HopFrameAuthentication(options.Object, logger.Object, encoder.Object, clock.Object, tokens.Object, perms.Object, new OptionsWrapper<HopFrameAuthenticationOptions>(new HopFrameAuthenticationOptions()));
|
||||||
var context = new DefaultHttpContext();
|
var context = new DefaultHttpContext();
|
||||||
if (provideCorrectToken)
|
if (provideCorrectToken)
|
||||||
context.HttpContext.Request.Headers.Append(HopFrameAuthentication.SchemeName, correctToken.Content.ToString());
|
context.HttpContext.Request.Headers.Append(HopFrameAuthentication.SchemeName, correctToken.TokenId.ToString());
|
||||||
if (providedToken is not null)
|
if (providedToken is not null)
|
||||||
context.HttpContext.Request.Headers.Append(HopFrameAuthentication.SchemeName, providedToken);
|
context.HttpContext.Request.Headers.Append(HopFrameAuthentication.SchemeName, providedToken);
|
||||||
|
|
||||||
@@ -101,12 +101,12 @@ public class AuthenticationTests {
|
|||||||
public async Task Authentication_With_ExpiredToken_Should_Fail() {
|
public async Task Authentication_With_ExpiredToken_Should_Fail() {
|
||||||
// Arrange
|
// Arrange
|
||||||
var token = new Token {
|
var token = new Token {
|
||||||
Content = Guid.NewGuid(),
|
TokenId = Guid.NewGuid(),
|
||||||
CreatedAt = DateTime.MinValue,
|
CreatedAt = DateTime.MinValue,
|
||||||
Type = Token.AccessTokenType,
|
Type = Token.AccessTokenType,
|
||||||
Owner = new User()
|
Owner = new User()
|
||||||
};
|
};
|
||||||
var auth = await SetupEnvironment(token, token.Content.ToString());
|
var auth = await SetupEnvironment(token, token.TokenId.ToString());
|
||||||
|
|
||||||
// Act
|
// Act
|
||||||
var result = await auth.AuthenticateAsync();
|
var result = await auth.AuthenticateAsync();
|
||||||
@@ -121,12 +121,12 @@ public class AuthenticationTests {
|
|||||||
public async Task Authentication_With_UnownedToken_Should_Fail() {
|
public async Task Authentication_With_UnownedToken_Should_Fail() {
|
||||||
// Arrange
|
// Arrange
|
||||||
var token = new Token {
|
var token = new Token {
|
||||||
Content = Guid.NewGuid(),
|
TokenId = Guid.NewGuid(),
|
||||||
CreatedAt = DateTime.Now,
|
CreatedAt = DateTime.Now,
|
||||||
Type = Token.AccessTokenType,
|
Type = Token.AccessTokenType,
|
||||||
Owner = null
|
Owner = null
|
||||||
};
|
};
|
||||||
var auth = await SetupEnvironment(token, token.Content.ToString());
|
var auth = await SetupEnvironment(token, token.TokenId.ToString());
|
||||||
|
|
||||||
// Act
|
// Act
|
||||||
var result = await auth.AuthenticateAsync();
|
var result = await auth.AuthenticateAsync();
|
||||||
|
|||||||
@@ -61,7 +61,7 @@ public class AuthMiddlewareTests {
|
|||||||
public async Task InvokeAsync_With_InvalidLoginValidToken_Should_Succeed() {
|
public async Task InvokeAsync_With_InvalidLoginValidToken_Should_Succeed() {
|
||||||
// Arrange
|
// Arrange
|
||||||
var token = new Token {
|
var token = new Token {
|
||||||
Content = Guid.NewGuid(),
|
TokenId = Guid.NewGuid(),
|
||||||
CreatedAt = DateTime.Now,
|
CreatedAt = DateTime.Now,
|
||||||
Type = Token.AccessTokenType,
|
Type = Token.AccessTokenType,
|
||||||
Owner = CreateDummyUser()
|
Owner = CreateDummyUser()
|
||||||
@@ -74,7 +74,7 @@ public class AuthMiddlewareTests {
|
|||||||
|
|
||||||
// Assert
|
// Assert
|
||||||
Assert.Equal(token.Owner.Id.ToString(), context.User.FindFirstValue(HopFrameClaimTypes.UserId));
|
Assert.Equal(token.Owner.Id.ToString(), context.User.FindFirstValue(HopFrameClaimTypes.UserId));
|
||||||
Assert.Equal(token.Content.ToString(), context.User.FindFirstValue(HopFrameClaimTypes.AccessTokenId));
|
Assert.Equal(token.TokenId.ToString(), context.User.FindFirstValue(HopFrameClaimTypes.AccessTokenId));
|
||||||
Assert.Equal(token.Owner.Permissions.First().PermissionName, context.User.FindFirstValue(HopFrameClaimTypes.Permission));
|
Assert.Equal(token.Owner.Permissions.First().PermissionName, context.User.FindFirstValue(HopFrameClaimTypes.Permission));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -47,13 +47,13 @@ public class AuthServiceTests {
|
|||||||
tokens
|
tokens
|
||||||
.Setup(t => t.CreateToken(It.Is<int>(t => t == Token.RefreshTokenType), It.IsAny<User>()))
|
.Setup(t => t.CreateToken(It.Is<int>(t => t == Token.RefreshTokenType), It.IsAny<User>()))
|
||||||
.ReturnsAsync(new Token {
|
.ReturnsAsync(new Token {
|
||||||
Content = _refreshToken,
|
TokenId = _refreshToken,
|
||||||
Type = Token.RefreshTokenType
|
Type = Token.RefreshTokenType
|
||||||
});
|
});
|
||||||
tokens
|
tokens
|
||||||
.Setup(t => t.CreateToken(It.Is<int>(t => t == Token.AccessTokenType), It.IsAny<User>()))
|
.Setup(t => t.CreateToken(It.Is<int>(t => t == Token.AccessTokenType), It.IsAny<User>()))
|
||||||
.ReturnsAsync(new Token {
|
.ReturnsAsync(new Token {
|
||||||
Content = _accessToken,
|
TokenId = _accessToken,
|
||||||
Type = Token.AccessTokenType
|
Type = Token.AccessTokenType
|
||||||
});
|
});
|
||||||
tokens
|
tokens
|
||||||
@@ -171,18 +171,18 @@ public class AuthServiceTests {
|
|||||||
// Arrange
|
// Arrange
|
||||||
var token = new Token {
|
var token = new Token {
|
||||||
Type = Token.RefreshTokenType,
|
Type = Token.RefreshTokenType,
|
||||||
Content = _refreshToken,
|
TokenId = _refreshToken,
|
||||||
CreatedAt = DateTime.Now,
|
CreatedAt = DateTime.Now,
|
||||||
Owner = CreateDummyUser()
|
Owner = CreateDummyUser()
|
||||||
};
|
};
|
||||||
var (service, context) = SetupEnvironment(true, token, token.Content.ToString());
|
var (service, context) = SetupEnvironment(true, token, token.TokenId.ToString());
|
||||||
|
|
||||||
// Act
|
// Act
|
||||||
var result = await service.RefreshLogin();
|
var result = await service.RefreshLogin();
|
||||||
|
|
||||||
// Assert
|
// Assert
|
||||||
Assert.NotNull(result);
|
Assert.NotNull(result);
|
||||||
Assert.Equal(_accessToken, result.Content);
|
Assert.Equal(_accessToken, result.TokenId);
|
||||||
Assert.Equal(_accessToken.ToString(), context.Response.Headers.FindCookie(ITokenContext.AccessTokenType));
|
Assert.Equal(_accessToken.ToString(), context.Response.Headers.FindCookie(ITokenContext.AccessTokenType));
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -217,11 +217,11 @@ public class AuthServiceTests {
|
|||||||
// Arrange
|
// Arrange
|
||||||
var token = new Token {
|
var token = new Token {
|
||||||
Type = Token.AccessTokenType,
|
Type = Token.AccessTokenType,
|
||||||
Content = _refreshToken,
|
TokenId = _refreshToken,
|
||||||
CreatedAt = DateTime.Now,
|
CreatedAt = DateTime.Now,
|
||||||
Owner = CreateDummyUser()
|
Owner = CreateDummyUser()
|
||||||
};
|
};
|
||||||
var (service, context) = SetupEnvironment(true, token, token.Content.ToString());
|
var (service, context) = SetupEnvironment(true, token, token.TokenId.ToString());
|
||||||
|
|
||||||
// Act
|
// Act
|
||||||
var result = await service.RefreshLogin();
|
var result = await service.RefreshLogin();
|
||||||
@@ -236,11 +236,11 @@ public class AuthServiceTests {
|
|||||||
// Arrange
|
// Arrange
|
||||||
var token = new Token {
|
var token = new Token {
|
||||||
Type = Token.RefreshTokenType,
|
Type = Token.RefreshTokenType,
|
||||||
Content = _refreshToken,
|
TokenId = _refreshToken,
|
||||||
CreatedAt = DateTime.MinValue,
|
CreatedAt = DateTime.MinValue,
|
||||||
Owner = CreateDummyUser()
|
Owner = CreateDummyUser()
|
||||||
};
|
};
|
||||||
var (service, context) = SetupEnvironment(true, token, token.Content.ToString());
|
var (service, context) = SetupEnvironment(true, token, token.TokenId.ToString());
|
||||||
|
|
||||||
// Act
|
// Act
|
||||||
var result = await service.RefreshLogin();
|
var result = await service.RefreshLogin();
|
||||||
@@ -255,7 +255,7 @@ public class AuthServiceTests {
|
|||||||
// Arrange
|
// Arrange
|
||||||
var token = new Token {
|
var token = new Token {
|
||||||
Type = Token.AccessTokenType,
|
Type = Token.AccessTokenType,
|
||||||
Content = _accessToken,
|
TokenId = _accessToken,
|
||||||
CreatedAt = DateTime.Now,
|
CreatedAt = DateTime.Now,
|
||||||
Owner = CreateDummyUser()
|
Owner = CreateDummyUser()
|
||||||
};
|
};
|
||||||
@@ -285,7 +285,7 @@ public class AuthServiceTests {
|
|||||||
// Arrange
|
// Arrange
|
||||||
var token = new Token {
|
var token = new Token {
|
||||||
Type = Token.RefreshTokenType,
|
Type = Token.RefreshTokenType,
|
||||||
Content = _accessToken,
|
TokenId = _accessToken,
|
||||||
CreatedAt = DateTime.Now,
|
CreatedAt = DateTime.Now,
|
||||||
Owner = CreateDummyUser()
|
Owner = CreateDummyUser()
|
||||||
};
|
};
|
||||||
@@ -303,7 +303,7 @@ public class AuthServiceTests {
|
|||||||
// Arrange
|
// Arrange
|
||||||
var token = new Token {
|
var token = new Token {
|
||||||
Type = Token.AccessTokenType,
|
Type = Token.AccessTokenType,
|
||||||
Content = _accessToken,
|
TokenId = _accessToken,
|
||||||
CreatedAt = DateTime.MinValue,
|
CreatedAt = DateTime.MinValue,
|
||||||
Owner = CreateDummyUser()
|
Owner = CreateDummyUser()
|
||||||
};
|
};
|
||||||
@@ -321,7 +321,7 @@ public class AuthServiceTests {
|
|||||||
// Arrange
|
// Arrange
|
||||||
var token = new Token {
|
var token = new Token {
|
||||||
Type = Token.AccessTokenType,
|
Type = Token.AccessTokenType,
|
||||||
Content = _accessToken,
|
TokenId = _accessToken,
|
||||||
CreatedAt = DateTime.Now,
|
CreatedAt = DateTime.Now,
|
||||||
Owner = null
|
Owner = null
|
||||||
};
|
};
|
||||||
|
|||||||
Reference in New Issue
Block a user