paul/yavsc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

WIP separation Web et API

Browse Source
This commit is contained in:
Paul Schneider
2025-02-12 20:41:14 +00:00
parent 6cd5f1d041
commit c2ae054719
55 changed files with 71 additions and 98 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/Api/Api.csproj
View File

@ -5,6 +5,7 @@
<ImplicitUsings>enable</ImplicitUsings> <ImplicitUsings>enable</ImplicitUsings>
</PropertyGroup> </PropertyGroup>
<ItemGroup> <ItemGroup>
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.12" /> <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.13" />
<ProjectReference Include="../Yavsc/Yavsc.csproj" />
</ItemGroup> </ItemGroup>
</Project> </Project>

0
src/Yavsc/ApiControllers/Blogspot/BlogApiController.cs → src/Api/Controllers/Blogspot/BlogApiController.cs
View File

0
src/Yavsc/ApiControllers/Blogspot/BlogTagsApiController.cs → src/Api/Controllers/Blogspot/BlogTagsApiController.cs
View File

0
src/Yavsc/ApiControllers/Blogspot/CommentsApiController.cs → src/Api/Controllers/Blogspot/CommentsApiController.cs
View File

0
src/Yavsc/ApiControllers/Blogspot/FileSystemApiController.cs → src/Api/Controllers/Blogspot/FileSystemApiController.cs
View File

0
src/Yavsc/ApiControllers/Blogspot/FileSystemStream.cs → src/Api/Controllers/Blogspot/FileSystemStream.cs
View File

0
src/Yavsc/ApiControllers/Blogspot/MoveFileQuery.cs → src/Api/Controllers/Blogspot/MoveFileQuery.cs
View File

0
src/Yavsc/ApiControllers/Blogspot/PostTagsApiController.cs → src/Api/Controllers/Blogspot/PostTagsApiController.cs
View File

0
src/Yavsc/ApiControllers/Blogspot/TagsApiController.cs → src/Api/Controllers/Blogspot/TagsApiController.cs
View File

0
src/Yavsc/ApiControllers/Blogspot/TestApiController.cs → src/Api/Controllers/Blogspot/TestApiController.cs
View File

0
src/Yavsc/ApiControllers/Business/ActivityApiController.cs → src/Api/Controllers/Business/ActivityApiController.cs
View File

0
src/Yavsc/ApiControllers/Business/BillingController.cs → src/Api/Controllers/Business/BillingController.cs
View File

0
src/Yavsc/ApiControllers/Business/BookQueryApiController.cs → src/Api/Controllers/Business/BookQueryApiController.cs
View File

0
src/Yavsc/ApiControllers/Business/EstimateApiController.cs → src/Api/Controllers/Business/EstimateApiController.cs
View File

0
src/Yavsc/ApiControllers/Business/EstimateTemplatesApiController.cs → src/Api/Controllers/Business/EstimateTemplatesApiController.cs
View File

0
src/Yavsc/ApiControllers/Business/FrontOfficeApiController.cs → src/Api/Controllers/Business/FrontOfficeApiController.cs
View File

0
src/Yavsc/ApiControllers/Business/PaymentApiController.cs → src/Api/Controllers/Business/PaymentApiController.cs
View File

0
src/Yavsc/ApiControllers/Business/PerformersApiController.cs → src/Api/Controllers/Business/PerformersApiController.cs
View File

0
src/Yavsc/ApiControllers/Business/ProductApiController.cs → src/Api/Controllers/Business/ProductApiController.cs
View File

0
src/Yavsc/ApiControllers/DimissClicksApiController.cs → src/Api/Controllers/DimissClicksApiController.cs
View File

0
src/Yavsc/ApiControllers/HairCut/BursherProfilesApiController.cs → src/Api/Controllers/HairCut/BursherProfilesApiController.cs
View File

0
src/Yavsc/ApiControllers/HairCut/HairCutController.cs → src/Api/Controllers/HairCut/HairCutController.cs
View File

0
src/Yavsc/ApiControllers/HyperLinkApiController.cs → src/Api/Controllers/HyperLinkApiController.cs
View File

0
src/Yavsc/ApiControllers/IT/GitRefsApiController.cs → src/Api/Controllers/IT/GitRefsApiController.cs
View File

0
src/Yavsc/ApiControllers/MailTemplatingApiController.cs → src/Api/Controllers/MailTemplatingApiController.cs
View File

0
src/Yavsc/ApiControllers/MailingTemplateApiController.cs → src/Api/Controllers/MailingTemplateApiController.cs
View File

0
src/Yavsc/ApiControllers/Musical/DjProfileApiController.cs → src/Api/Controllers/Musical/DjProfileApiController.cs
View File

0
src/Yavsc/ApiControllers/Musical/MusicalPreferencesApiController.cs → src/Api/Controllers/Musical/MusicalPreferencesApiController.cs
View File

0
src/Yavsc/ApiControllers/Musical/MusicalTendenciesApiController.cs → src/Api/Controllers/Musical/MusicalTendenciesApiController.cs
View File

0
src/Yavsc/ApiControllers/Musical/PodcastController.cs → src/Api/Controllers/Musical/PodcastController.cs
View File

0
src/Yavsc/ApiControllers/NativeConfidentialController.cs → src/Api/Controllers/NativeConfidentialController.cs
View File

0
src/Yavsc/ApiControllers/PostRateApiController.cs → src/Api/Controllers/PostRateApiController.cs
View File

0
src/Yavsc/ApiControllers/ProfileApiController.cs → src/Api/Controllers/ProfileApiController.cs
View File

0
src/Yavsc/ApiControllers/Relationship/BlackListApiController.cs → src/Api/Controllers/Relationship/BlackListApiController.cs
View File

0
src/Yavsc/ApiControllers/Relationship/BlogAclApiController.cs → src/Api/Controllers/Relationship/BlogAclApiController.cs
View File

0
src/Yavsc/ApiControllers/Relationship/ChatApiController.cs → src/Api/Controllers/Relationship/ChatApiController.cs
View File

0
src/Yavsc/ApiControllers/Relationship/ChatRoomAccessApiController.cs → src/Api/Controllers/Relationship/ChatRoomAccessApiController.cs
View File

0
src/Yavsc/ApiControllers/Relationship/ChatRoomApiController.cs → src/Api/Controllers/Relationship/ChatRoomApiController.cs
View File

0
src/Yavsc/ApiControllers/Relationship/CircleApiController.cs → src/Api/Controllers/Relationship/CircleApiController.cs
View File

0
src/Yavsc/ApiControllers/Relationship/ContactsApiController.cs → src/Api/Controllers/Relationship/ContactsApiController.cs
View File

0
src/Yavsc/ApiControllers/ServiceApiController.cs → src/Api/Controllers/ServiceApiController.cs
View File

0
src/Yavsc/ApiControllers/Survey/BugApiController.cs → src/Api/Controllers/Survey/BugApiController.cs
View File

6
src/Yavsc/ApiControllers/accounting/AccountController.cs → src/Api/Controllers/accounting/AccountController.cs
View File

@ -30,7 +30,7 @@ namespace Yavsc.WebApi.Controllers
UserManager = userManager; UserManager = userManager;
this.roleManager = roleManager; this.roleManager = roleManager;
_signInManager = signInManager; _signInManager = signInManager;
_logger = loggerFactory.CreateLogger("ApiAuth"); _logger = loggerFactory.CreateLogger(nameof(ApiAccountController));
_dbContext = dbContext; _dbContext = dbContext;
} }
@ -154,7 +154,7 @@ namespace Yavsc.WebApi.Controllers
return Ok(user); return Ok(user);
} }
[HttpGet("~/api/myhost")] [HttpGet("myhost")]
public IActionResult MyHost () public IActionResult MyHost ()
{ {
return Ok(new { host = Request.ForHost() }); return Ok(new { host = Request.ForHost() });
@ -165,7 +165,7 @@ namespace Yavsc.WebApi.Controllers
/// </summary> /// </summary>
/// <param name="me">MyUpdate containing the new user name </param> /// <param name="me">MyUpdate containing the new user name </param>
/// <returns>Ok when all is ok.</returns> /// <returns>Ok when all is ok.</returns>
[HttpPut("~/api/me")] [HttpPut("me")]
public async Task<IActionResult> UpdateMe(UserInfo me) public async Task<IActionResult> UpdateMe(UserInfo me)
{ {
if (!ModelState.IsValid) return new BadRequestObjectResult( if (!ModelState.IsValid) return new BadRequestObjectResult(

0
src/Yavsc/ApiControllers/accounting/ApplicationUserApiController.cs → src/Api/Controllers/accounting/ApplicationUserApiController.cs
View File

0
src/Yavsc/ApiControllers/accounting/ProfileApiController.cs → src/Api/Controllers/accounting/ProfileApiController.cs
View File

16
src/Api/Program.cs
View File

@ -44,7 +44,7 @@ internal class Program
.AllowAnyMethod(); .AllowAnyMethod();
}); });
}) })
.AddControllers(); .AddControllersWithViews();
// accepts any access token issued by identity server // accepts any access token issued by identity server
var authenticationBuilder = services.AddAuthentication() var authenticationBuilder = services.AddAuthentication()
@ -64,14 +64,22 @@ internal class Program
app app
.UseRouting() .UseRouting()
.UseAuthentication() .UseAuthentication()
.UseAuthorization() .UseAuthorization().UseCors("default")
.UseCors("default"); .UseEndpoints(endpoints =>
{
endpoints.MapDefaultControllerRoute()
.RequireAuthorization();
});
app.MapGet("/identity", (HttpContext context) => app.MapGet("/identity", (HttpContext context) =>
new JsonResult(context?.User?.Claims.Select(c => new { c.Type, c.Value })) new JsonResult(context?.User?.Claims.Select(c => new { c.Type, c.Value }))
).RequireAuthorization("ApiScope"); ).RequireAuthorization("ApiScope");
await app.RunAsync(); await app.RunAsync();
} };
} }
} }

9
src/Yavsc/Extensions/HostingExtensions.cs
View File

@ -341,19 +341,13 @@ internal static class HostingExtensions
}) })
.AddCors(options => .AddCors(options =>
{ {
options.AddPolicy("CorsPolicy", builder => options.AddPolicy("default", builder =>
{ {
_ = builder.WithOrigins("*") _ = builder.WithOrigins("*")
.AllowAnyHeader() .AllowAnyHeader()
.AllowAnyMethod(); .AllowAnyMethod();
}); });
options.AddPolicy("default", policy =>
{
policy.WithOrigins("https://localhost:5003")
.AllowAnyHeader()
.AllowAnyMethod();
});
}); });
services.AddSingleton<IAuthorizationHandler, PermissionHandler>(); services.AddSingleton<IAuthorizationHandler, PermissionHandler>();
@ -379,6 +373,7 @@ internal static class HostingExtensions
app.UseRouting(); app.UseRouting();
app.UseIdentityServer(); app.UseIdentityServer();
app.UseAuthorization(); app.UseAuthorization();
app.UseCors("default");
app.MapControllerRoute( app.MapControllerRoute(
name: "default", name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}"); pattern: "{controller=Home}/{action=Index}/{id?}");

16
src/Yavsc/Yavsc.csproj
View File

@ -17,20 +17,20 @@
<PackageReference Include="Serilog.AspNetCore" Version="8.0.3" /> <PackageReference Include="Serilog.AspNetCore" Version="8.0.3" />
<PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL" Version="8.0.11" /> <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL" Version="8.0.11" />
<PackageReference Include="Microsoft.AspNetCore.Authentication.Google" Version="8.0.12" /> <PackageReference Include="Microsoft.AspNetCore.Authentication.Google" Version="8.0.13" />
<PackageReference Include="Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" Version="8.0.12" /> <PackageReference Include="Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" Version="8.0.13" />
<PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="8.0.12" /> <PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="8.0.13" />
<PackageReference Include="Microsoft.AspNetCore.Identity.UI" Version="8.0.12" /> <PackageReference Include="Microsoft.AspNetCore.Identity.UI" Version="8.0.13" />
<PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="8.0.12"> <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="8.0.13">
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets> <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
<PrivateAssets>all</PrivateAssets> <PrivateAssets>all</PrivateAssets>
</PackageReference> </PackageReference>
<PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="8.0.12"> <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="8.0.13">
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets> <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
<PrivateAssets>all</PrivateAssets> <PrivateAssets>all</PrivateAssets>
</PackageReference> </PackageReference>
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.12" /> <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.13" />
<PackageReference Include="Microsoft.AspNetCore.Mvc.NewtonsoftJson" Version="8.0.12" IncludeAssets="All" /> <PackageReference Include="Microsoft.AspNetCore.Mvc.NewtonsoftJson" Version="8.0.13" />
<PackageReference Include="Google.Apis.Compute.v1" Version="1.54.0" /> <PackageReference Include="Google.Apis.Compute.v1" Version="1.54.0" />
<PackageReference Include="Microsoft.AspNetCore.SignalR" Version="1.1.0" /> <PackageReference Include="Microsoft.AspNetCore.SignalR" Version="1.1.0" />
<PackageReference Include="Microsoft.AspNetCore.Razor" Version="2.2.0" /> <PackageReference Include="Microsoft.AspNetCore.Razor" Version="2.2.0" />

4
src/sampleWebAsWebApiClient/Controllers/AuthenticationController.cs
View File

@ -12,13 +12,13 @@ using Microsoft.AspNetCore.Mvc;
// But, this redirect URI doesn't need to match the OAuth parameter, it's serialized in the query state, // But, this redirect URI doesn't need to match the OAuth parameter, it's serialized in the query state,
// to be used once the identification ends. // to be used once the identification ends.
var properties = new AuthenticationProperties { RedirectUri = returnUrl }; var properties = new AuthenticationProperties { RedirectUri = returnUrl };
return new ChallengeResult("Yavsc", properties); return new ChallengeResult("oidc", properties);
} }
[HttpGet("~/signout")] [HttpGet("~/signout")]
public async Task<IActionResult> SignOut(string returnUrl="/") { public async Task<IActionResult> SignOut(string returnUrl="/") {
return SignOut("Cookies", "Yavsc"); return SignOut("Cookies", "oidc");
} }
} }

2
src/sampleWebAsWebApiClient/Controllers/HomeController.cs
View File

@ -57,7 +57,7 @@ namespace testOauthClient.Controllers
var client = new HttpClient(new HttpClientHandler(){ AllowAutoRedirect=false }); var client = new HttpClient(new HttpClientHandler(){ AllowAutoRedirect=false });
client.DefaultRequestHeaders.Add("Accept", "application/json"); client.DefaultRequestHeaders.Add("Accept", "application/json");
client.SetBearerToken(accessToken); client.SetBearerToken(accessToken);
var content = await client.GetAsync("https://localhost:5001/api/account/me"); var content = await client.GetAsync("https://localhost:6001/api/account/me");
content.EnsureSuccessStatusCode(); content.EnsureSuccessStatusCode();
var json = await content.Content.ReadAsStreamAsync(); var json = await content.Content.ReadAsStreamAsync();
var obj = JsonSerializer.Deserialize<JsonElement>(json); var obj = JsonSerializer.Deserialize<JsonElement>(json);

14
src/sampleWebAsWebApiClient/Properties/launchSettings.json
View File

@ -4,25 +4,17 @@
"windowsAuthentication": false, "windowsAuthentication": false,
"anonymousAuthentication": true, "anonymousAuthentication": true,
"iisExpress": { "iisExpress": {
"applicationUrl": "http://localhost:5002", "applicationUrl": "https://localhost:5003",
"sslPort": 5003 "sslPort": 5003
} }
}, },
"profiles": { "profiles": {
"http": {
"commandName": "Project",
"dotnetRunMessages": true,
"launchBrowser": true,
"applicationUrl": "http://localhost:5002",
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
}
},
"https": { "https": {
"commandName": "Project", "commandName": "Project",
"dotnetRunMessages": true, "dotnetRunMessages": true,
"launchBrowser": true, "launchBrowser": true,
"applicationUrl": "https://localhost:5003;http://localhost:5002", "applicationUrl": "https://localhost:5003;",
"environmentVariables": { "environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development" "ASPNETCORE_ENVIRONMENT": "Development"
} }

68
src/sampleWebAsWebApiClient/Startup.cs
View File

@ -10,43 +10,43 @@ public class Startup
{ {
public void ConfigureServices(IServiceCollection services) public void ConfigureServices(IServiceCollection services)
{ {
services.AddControllersWithViews(); services.AddControllersWithViews();
services
JwtSecurityTokenHandler.DefaultMapInboundClaims = false; .AddAuthentication(options =>
services.AddAuthentication(options =>
{
options.DefaultScheme = "Cookies";
options.DefaultChallengeScheme = "Yavsc";
})
.AddCookie("Cookies")
.AddOpenIdConnect("Yavsc", options =>
{
options.Authority = "https://localhost:5001";
options.ClientId = "mvc";
options.ClientSecret = "49C1A7E1-0C79-4A89-A3D6-A37998FB86B0";
options.ResponseType = "code";
options.UsePkce = true;
options.Scope.Clear();
options.Scope.Add("openid");
options.Scope.Add("profile");
options.Scope.Add("email");
options.Scope.Add("offline_access");
options.Scope.Add("scope2");
options.GetClaimsFromUserInfoEndpoint = true;
options.SaveTokens = true;
options.ClaimActions.MapUniqueJsonKey("http://schemas.microsoft.com/ws/2008/06/identity/claims/role", "http://schemas.microsoft.com/ws/2008/06/identity/claims/role");
options.ClaimActions.MapUniqueJsonKey("role", "http://schemas.microsoft.com/ws/2008/06/identity/claims/role");
options.ClaimActions.MapUniqueJsonKey("roles", "http://schemas.microsoft.com/ws/2008/06/identity/claims/role");
options.TokenValidationParameters = new TokenValidationParameters
{ {
NameClaimType = "name", options.DefaultScheme = "Cookies";
RoleClaimType = "http://schemas.microsoft.com/ws/2008/06/identity/claims/role" options.DefaultChallengeScheme = "oidc";
}; })
.AddCookie("Cookies")
.AddOpenIdConnect("oidc", options =>
{
options.Authority = "https://localhost:5001";
options.ClientId = "mvc";
options.ClientSecret = "49C1A7E1-0C79-4A89-A3D6-A37998FB86B0";
options.ResponseType = "code";
options.Scope.Add("scope2");
options.SaveTokens = true;
options.GetClaimsFromUserInfoEndpoint = true;
options.SaveTokens = true;
options.ClaimActions.MapUniqueJsonKey(
"http://schemas.microsoft.com/ws/2008/06/identity/claims/role",
"http://schemas.microsoft.com/ws/2008/06/identity/claims/role");
options.ClaimActions.MapUniqueJsonKey("role",
"http://schemas.microsoft.com/ws/2008/06/identity/claims/role");
options.ClaimActions.MapUniqueJsonKey("roles",
"http://schemas.microsoft.com/ws/2008/06/identity/claims/role");
options.TokenValidationParameters = new TokenValidationParameters
{
NameClaimType = "name",
RoleClaimType = "http://schemas.microsoft.com/ws/2008/06/identity/claims/role"
};
});
});
} }
public void Configure(IApplicationBuilder app, IWebHostEnvironment env) public void Configure(IApplicationBuilder app, IWebHostEnvironment env)

3
src/sampleWebAsWebApiClient/appsettings.json
View File

@ -9,9 +9,6 @@
"Kestrel": { "Kestrel": {
"Endpoints": "Endpoints":
{ {
"Http": {
"Url": "http://localhost:5002"
},
"Https": { "Https": {
"Url": "https://localhost:5003" "Url": "https://localhost:5003"
} }

2
src/sampleWebAsWebApiClient/sampleWebAsWebApiClient.csproj
View File

@ -2,7 +2,7 @@
<ItemGroup> <ItemGroup>
<ProjectReference Include="..\Yavsc.Abstract\Yavsc.Abstract.csproj" /> <ProjectReference Include="..\Yavsc.Abstract\Yavsc.Abstract.csproj" />
<PackageReference Include="IdentityModel.AspNetCore" Version="4.3.0" /> <PackageReference Include="IdentityModel.AspNetCore" Version="4.3.0" />
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.12" /> <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.13" />
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>

20
test/yavscTests/Mandatory/Remoting.cs
View File

@ -79,25 +79,5 @@ namespace yavscTests
} }
} }
public static IEnumerable<object[]> GetLoginIntentData(int numTests)
{
var allData = new List<object[]>();
allData.Add(new object[] { "blouh", "profile",
"http://localhost:5000/authorize", "http://localhost:5000/oauth/success",
"http://localhost:5000/token", "http://localhost:5000/authorize"});
allData.Add(new object[] { "blouh", "profile",
"http://localhost:5000/authorize", "http://localhost:5000/oauth/success",
"http://localhost:5000/token", "http://localhost:5000/authorize"});
return allData.Take(numTests);;
}
} }
} }