ygrette
/
Digitalisation_EPA_Serveur
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Gestion des autorisations avec JwtBearer

Browse Source
develop
jboinembalome 4 years ago
parent ebc246b31d
commit b809486cd3
4 changed files with 140 additions and 74 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 15
      Controllers/CollaborateursApi.cs
  2. 1
      EPAServeur.csproj
  3. 74
      Startup.cs
  4. 4
      appsettings.json

15
Controllers/CollaborateursApi.cs
Unescape View File

@ -24,6 +24,7 @@ using EPAServeur.Exceptions;
using IO.Swagger.ClientCollaborateur; using IO.Swagger.ClientCollaborateur;
using Microsoft.AspNetCore.Server.Kestrel.Core; using Microsoft.AspNetCore.Server.Kestrel.Core;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication.JwtBearer;
namespace IO.Swagger.Controllers namespace IO.Swagger.Controllers
{ {
@ -50,7 +51,7 @@ namespace IO.Swagger.Controllers
/// <response code="404">Ressource n&#x27;a pas été trouvée</response> /// <response code="404">Ressource n&#x27;a pas été trouvée</response>
[HttpGet] [HttpGet]
[Route("/api/collaborateurs/{idCollaborateur}")] [Route("/api/collaborateurs/{idCollaborateur}")]
//[Authorize(AuthenticationSchemes = BearerAuthenticationHandler.SchemeName)] //[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme, Roles = "RH,Assistante,Commercial")]
[ValidateModelState] [ValidateModelState]
[SwaggerOperation("GetCollaborateurById")] [SwaggerOperation("GetCollaborateurById")]
[SwaggerResponse(statusCode: 200, type: typeof(CollaborateurDTO), description: "OK")] [SwaggerResponse(statusCode: 200, type: typeof(CollaborateurDTO), description: "OK")]
@ -72,7 +73,7 @@ namespace IO.Swagger.Controllers
} }
catch (CollaborateurNotFoundException) catch (CollaborateurNotFoundException)
{ {
logger.LogError("Le ccollaborateur {id} est introuvable", idCollaborateur); logger.LogError("Le collaborateur {id} est introuvable", idCollaborateur);
ErreurDTO erreurDTO = new ErreurDTO() ErreurDTO erreurDTO = new ErreurDTO()
{ {
Code = "404", Code = "404",
@ -98,7 +99,7 @@ namespace IO.Swagger.Controllers
/// <response code="404">Ressource n&#x27;a pas été trouvée</response> /// <response code="404">Ressource n&#x27;a pas été trouvée</response>
[HttpGet] [HttpGet]
[Route("/api/collaborateurs/mail/{mail}")] [Route("/api/collaborateurs/mail/{mail}")]
//[Authorize(AuthenticationSchemes = BearerAuthenticationHandler.SchemeName)] //[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme, Roles = "RH,Assistante,Commercial")]
[ValidateModelState] [ValidateModelState]
[SwaggerOperation("GetCollaborateurByMail")] [SwaggerOperation("GetCollaborateurByMail")]
[SwaggerResponse(statusCode: 200, type: typeof(CollaborateurDTO), description: "OK")] [SwaggerResponse(statusCode: 200, type: typeof(CollaborateurDTO), description: "OK")]
@ -116,7 +117,7 @@ namespace IO.Swagger.Controllers
} }
catch (CollaborateurNotFoundException) catch (CollaborateurNotFoundException)
{ {
logger.LogError("Le ccollaborateur {mail} est introuvable", mail); logger.LogError("Le collaborateur {mail} est introuvable", mail);
ErreurDTO erreurDTO = new ErreurDTO() ErreurDTO erreurDTO = new ErreurDTO()
{ {
Code = "404", Code = "404",
@ -152,7 +153,7 @@ namespace IO.Swagger.Controllers
/// <response code="403">Acces interdit</response> /// <response code="403">Acces interdit</response>
[HttpGet] [HttpGet]
[Route("/api/collaborateurs")] [Route("/api/collaborateurs")]
//[Authorize(AuthenticationSchemes = BearerAuthenticationHandler.SchemeName)] [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme, Roles = "RH,Assistante,Commercial")]
[ValidateModelState] [ValidateModelState]
[SwaggerOperation("GetCollaborateurs")] [SwaggerOperation("GetCollaborateurs")]
[SwaggerResponse(statusCode: 200, type: typeof(List<CollaborateurDTO>), description: "OK")] [SwaggerResponse(statusCode: 200, type: typeof(List<CollaborateurDTO>), description: "OK")]
@ -195,7 +196,7 @@ namespace IO.Swagger.Controllers
/// <response code="404">Ressource n&#x27;a pas été trouvée</response> /// <response code="404">Ressource n&#x27;a pas été trouvée</response>
[HttpGet] [HttpGet]
[Route("/api/collaborateurs/referent/{idReferent}")] [Route("/api/collaborateurs/referent/{idReferent}")]
//[Authorize(AuthenticationSchemes = BearerAuthenticationHandler.SchemeName)] //[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme, Roles = "RH,Assistante,Commercial")]
[ValidateModelState] [ValidateModelState]
[SwaggerOperation("GetCollaborateursByReferent")] [SwaggerOperation("GetCollaborateursByReferent")]
[SwaggerResponse(statusCode: 200, type: typeof(List<CollaborateurDTO>), description: "OK")] [SwaggerResponse(statusCode: 200, type: typeof(List<CollaborateurDTO>), description: "OK")]
@ -242,7 +243,7 @@ namespace IO.Swagger.Controllers
/// <response code="404">Ressource n&#x27;a pas été trouvée</response> /// <response code="404">Ressource n&#x27;a pas été trouvée</response>
[HttpGet] [HttpGet]
[Route("/api/collaborateurs/profil/{mail}/")] [Route("/api/collaborateurs/profil/{mail}/")]
//[Authorize(AuthenticationSchemes = BearerAuthenticationHandler.SchemeName)] //[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme, Roles = "RH,Assistante,Commercial")]
[ValidateModelState] [ValidateModelState]
[SwaggerOperation("GetProfilCollaborateurByMail")] [SwaggerOperation("GetProfilCollaborateurByMail")]
[SwaggerResponse(statusCode: 200, type: typeof(ProfilDTO), description: "OK")] [SwaggerResponse(statusCode: 200, type: typeof(ProfilDTO), description: "OK")]

1
EPAServeur.csproj
Unescape View File

@ -6,6 +6,7 @@
</PropertyGroup> </PropertyGroup>
<ItemGroup> <ItemGroup>
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="3.1.9" />
<PackageReference Include="Microsoft.EntityFrameworkCore" Version="3.1.7" /> <PackageReference Include="Microsoft.EntityFrameworkCore" Version="3.1.7" />
<PackageReference Include="MySql.Data.EntityFrameworkCore" Version="8.0.21" /> <PackageReference Include="MySql.Data.EntityFrameworkCore" Version="8.0.21" />
<PackageReference Include="Newtonsoft.Json" Version="12.0.3" /> <PackageReference Include="Newtonsoft.Json" Version="12.0.3" />

74
Startup.cs
Unescape View File

@ -2,10 +2,10 @@ using EPAServeur.Context;
using EPAServeur.IServices; using EPAServeur.IServices;
using EPAServeur.Services; using EPAServeur.Services;
using IO.Swagger.ApiCollaborateur; using IO.Swagger.ApiCollaborateur;
using IO.Swagger.Security; using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting; using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.Configuration; using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting; using Microsoft.Extensions.Hosting;
@ -16,22 +16,75 @@ namespace EPAServeur
{ {
public class Startup public class Startup
{ {
public Startup(IConfiguration configuration) readonly string AllowCrossClientEPA = "_AllowsCrossOriginClientEPA";
public Startup(IConfiguration configuration, IWebHostEnvironment env)
{ {
Configuration = configuration; Configuration = configuration;
Environment = env;
} }
public IConfiguration Configuration { get; } public IConfiguration Configuration { get; }
public IWebHostEnvironment Environment { get; }
// This method gets called by the runtime. Use this method to add services to the container. // This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services) public void ConfigureServices(IServiceCollection services)
{ {
services.AddCors(options =>
{
options.AddPolicy(name: AllowCrossClientEPA,
builder =>
{
builder.WithOrigins("http://localhost:4200").AllowAnyHeader().AllowAnyMethod();
});
});
services.AddControllers(); services.AddControllers();
services.AddAuthentication(BearerAuthenticationHandler.SchemeName)
.AddScheme<AuthenticationSchemeOptions, BearerAuthenticationHandler>(BearerAuthenticationHandler.SchemeName, null); services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(o =>
{
o.Authority = Configuration["Jwt:Authority"];
o.Audience = Configuration["Jwt:Audience"];
if (Environment.IsDevelopment())
{
o.RequireHttpsMetadata = false;
}
o.Events = new JwtBearerEvents()
{
OnAuthenticationFailed = c =>
{
c.NoResult();
c.Response.StatusCode = 500;
c.Response.ContentType = "text/plain";
if (Environment.IsDevelopment())
{
return c.Response.WriteAsync(c.Exception.ToString());
}
return c.Response.WriteAsync("Une erreur s'est produite lors du processus d'authentification.");
},
OnForbidden = c =>
{
c.NoResult();
c.Response.StatusCode = 403;
c.Response.ContentType = "text/plain";
return c.Response.WriteAsync("L'utilisateur n'est pas autorisé à accéder à cette ressource.");
}
};
});
services.AddDbContext<EpContext>(); services.AddDbContext<EpContext>();
using(var context = new EpContext()) using (var context = new EpContext())
{ {
context.Database.EnsureDeleted(); //PENSEZ A ENLEVER CETTE LIGNE ET A NE JAMAIS LA REMETTRE QUAND LE SERVEUR SERA MIS EN PRODUCTION ^^ context.Database.EnsureDeleted(); //PENSEZ A ENLEVER CETTE LIGNE ET A NE JAMAIS LA REMETTRE QUAND LE SERVEUR SERA MIS EN PRODUCTION ^^
context.Database.EnsureCreated(); context.Database.EnsureCreated();
@ -55,13 +108,14 @@ namespace EPAServeur
services.AddScoped<INoteService, NoteService>(); services.AddScoped<INoteService, NoteService>();
services.AddScoped<IReferentService, ReferentService>(); services.AddScoped<IReferentService, ReferentService>();
services.AddScoped<IEngagementService, EngagementService>(); services.AddScoped<IEngagementService, EngagementService>();
} }
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline. // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, ILoggerFactory logger) public void Configure(IApplicationBuilder app, IWebHostEnvironment env, ILoggerFactory logger)
{ {
string path = Directory.GetCurrentDirectory(); string path = Directory.GetCurrentDirectory();
logger.AddFile(path+"Log/loggerfile-{Date}.txt"); logger.AddFile(path + "Log/loggerfile-{Date}.txt");
if (env.IsDevelopment()) if (env.IsDevelopment())
{ {
app.UseDeveloperExceptionPage(); app.UseDeveloperExceptionPage();
@ -71,12 +125,18 @@ namespace EPAServeur
app.UseRouting(); app.UseRouting();
app.UseCors(AllowCrossClientEPA);
app.UseAuthentication();
app.UseAuthorization(); app.UseAuthorization();
app.UseEndpoints(endpoints => app.UseEndpoints(endpoints =>
{ {
endpoints.MapControllers(); endpoints.MapControllers();
}); });
} }
} }
} }

4
appsettings.json
Unescape View File

@ -1,4 +1,8 @@
{ {
"Jwt": {
"Authority": "http://localhost:8080/auth/realms/Apside",
"Audience": "account"
},
"Logging": { "Logging": {
"LogLevel": { "LogLevel": {
"Default": "Information", "Default": "Information",

Write Preview
Loading…
Cancel
Save