ygrette
/
Digitalisation_EPA_Serveur
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Gestion des autorisations avec JwtBearer

Browse Source
develop
jboinembalome 4 years ago
parent ebc246b31d
commit b809486cd3
4 changed files with 140 additions and 74 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 15
      Controllers/CollaborateursApi.cs
  2. 1
      EPAServeur.csproj
  3. 70
      Startup.cs
  4. 4
      appsettings.json

15
Controllers/CollaborateursApi.cs
Unescape View File

@ -24,6 +24,7 @@ using EPAServeur.Exceptions;
using IO.Swagger.ClientCollaborateur;
using Microsoft.AspNetCore.Server.Kestrel.Core;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication.JwtBearer;
namespace IO.Swagger.Controllers
{
@ -50,7 +51,7 @@ namespace IO.Swagger.Controllers
/// <response code="404">Ressource n&#x27;a pas été trouvée</response>
[HttpGet]
[Route("/api/collaborateurs/{idCollaborateur}")]
//[Authorize(AuthenticationSchemes = BearerAuthenticationHandler.SchemeName)]
//[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme, Roles = "RH,Assistante,Commercial")]
[ValidateModelState]
[SwaggerOperation("GetCollaborateurById")]
[SwaggerResponse(statusCode: 200, type: typeof(CollaborateurDTO), description: "OK")]
@ -72,7 +73,7 @@ namespace IO.Swagger.Controllers
}
catch (CollaborateurNotFoundException)
{
logger.LogError("Le ccollaborateur {id} est introuvable", idCollaborateur);
logger.LogError("Le collaborateur {id} est introuvable", idCollaborateur);
ErreurDTO erreurDTO = new ErreurDTO()
{
Code = "404",
@ -98,7 +99,7 @@ namespace IO.Swagger.Controllers
/// <response code="404">Ressource n&#x27;a pas été trouvée</response>
[HttpGet]
[Route("/api/collaborateurs/mail/{mail}")]
//[Authorize(AuthenticationSchemes = BearerAuthenticationHandler.SchemeName)]
//[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme, Roles = "RH,Assistante,Commercial")]
[ValidateModelState]
[SwaggerOperation("GetCollaborateurByMail")]
[SwaggerResponse(statusCode: 200, type: typeof(CollaborateurDTO), description: "OK")]
@ -116,7 +117,7 @@ namespace IO.Swagger.Controllers
}
catch (CollaborateurNotFoundException)
{
logger.LogError("Le ccollaborateur {mail} est introuvable", mail);
logger.LogError("Le collaborateur {mail} est introuvable", mail);
ErreurDTO erreurDTO = new ErreurDTO()
{
Code = "404",
@ -152,7 +153,7 @@ namespace IO.Swagger.Controllers
/// <response code="403">Acces interdit</response>
[HttpGet]
[Route("/api/collaborateurs")]
//[Authorize(AuthenticationSchemes = BearerAuthenticationHandler.SchemeName)]
[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme, Roles = "RH,Assistante,Commercial")]
[ValidateModelState]
[SwaggerOperation("GetCollaborateurs")]
[SwaggerResponse(statusCode: 200, type: typeof(List<CollaborateurDTO>), description: "OK")]
@ -195,7 +196,7 @@ namespace IO.Swagger.Controllers
/// <response code="404">Ressource n&#x27;a pas été trouvée</response>
[HttpGet]
[Route("/api/collaborateurs/referent/{idReferent}")]
//[Authorize(AuthenticationSchemes = BearerAuthenticationHandler.SchemeName)]
//[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme, Roles = "RH,Assistante,Commercial")]
[ValidateModelState]
[SwaggerOperation("GetCollaborateursByReferent")]
[SwaggerResponse(statusCode: 200, type: typeof(List<CollaborateurDTO>), description: "OK")]
@ -242,7 +243,7 @@ namespace IO.Swagger.Controllers
/// <response code="404">Ressource n&#x27;a pas été trouvée</response>
[HttpGet]
[Route("/api/collaborateurs/profil/{mail}/")]
//[Authorize(AuthenticationSchemes = BearerAuthenticationHandler.SchemeName)]
//[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme, Roles = "RH,Assistante,Commercial")]
[ValidateModelState]
[SwaggerOperation("GetProfilCollaborateurByMail")]
[SwaggerResponse(statusCode: 200, type: typeof(ProfilDTO), description: "OK")]

1
EPAServeur.csproj
Unescape View File

@ -6,6 +6,7 @@
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="3.1.9" />
<PackageReference Include="Microsoft.EntityFrameworkCore" Version="3.1.7" />
<PackageReference Include="MySql.Data.EntityFrameworkCore" Version="8.0.21" />
<PackageReference Include="Newtonsoft.Json" Version="12.0.3" />

70
Startup.cs
Unescape View File

@ -2,10 +2,10 @@ using EPAServeur.Context;
using EPAServeur.IServices;
using EPAServeur.Services;
using IO.Swagger.ApiCollaborateur;
using IO.Swagger.Security;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
@ -16,19 +16,72 @@ namespace EPAServeur
{
public class Startup
{
public Startup(IConfiguration configuration)
readonly string AllowCrossClientEPA = "_AllowsCrossOriginClientEPA";
public Startup(IConfiguration configuration, IWebHostEnvironment env)
{
Configuration = configuration;
Environment = env;
}
public IConfiguration Configuration { get; }
public IWebHostEnvironment Environment { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddCors(options =>
{
options.AddPolicy(name: AllowCrossClientEPA,
builder =>
{
builder.WithOrigins("http://localhost:4200").AllowAnyHeader().AllowAnyMethod();
});
});
services.AddControllers();
services.AddAuthentication(BearerAuthenticationHandler.SchemeName)
.AddScheme<AuthenticationSchemeOptions, BearerAuthenticationHandler>(BearerAuthenticationHandler.SchemeName, null);
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(o =>
{
o.Authority = Configuration["Jwt:Authority"];
o.Audience = Configuration["Jwt:Audience"];
if (Environment.IsDevelopment())
{
o.RequireHttpsMetadata = false;
}
o.Events = new JwtBearerEvents()
{
OnAuthenticationFailed = c =>
{
c.NoResult();
c.Response.StatusCode = 500;
c.Response.ContentType = "text/plain";
if (Environment.IsDevelopment())
{
return c.Response.WriteAsync(c.Exception.ToString());
}
return c.Response.WriteAsync("Une erreur s'est produite lors du processus d'authentification.");
},
OnForbidden = c =>
{
c.NoResult();
c.Response.StatusCode = 403;
c.Response.ContentType = "text/plain";
return c.Response.WriteAsync("L'utilisateur n'est pas autorisé à accéder à cette ressource.");
}
};
});
services.AddDbContext<EpContext>();
using (var context = new EpContext())
@ -55,6 +108,7 @@ namespace EPAServeur
services.AddScoped<INoteService, NoteService>();
services.AddScoped<IReferentService, ReferentService>();
services.AddScoped<IEngagementService, EngagementService>();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
@ -71,12 +125,18 @@ namespace EPAServeur
app.UseRouting();
app.UseCors(AllowCrossClientEPA);
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
}
}

4
appsettings.json
Unescape View File

@ -1,4 +1,8 @@
{
"Jwt": {
"Authority": "http://localhost:8080/auth/realms/Apside",
"Audience": "account"
},
"Logging": {
"LogLevel": {
"Default": "Information",

Write Preview
Loading…
Cancel
Save