DiunaBI/WebAPI/Program.cs

using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.EntityFrameworkCore;
using Microsoft.IdentityModel.Tokens;
using System.IdentityModel.Tokens.Jwt;
using System.Text;
using WebAPI;

var builder = WebApplication.CreateBuilder(args);

var connectionString = builder.Configuration.GetConnectionString("SQLDatabase");
builder.Services.AddDbContext<AppDbContext>(x => {
    x.UseSqlServer(connectionString);
    x.EnableSensitiveDataLogging();
    });

builder.Services.AddCors(options =>
{
    options.AddPolicy("CORSPolicy", corsPolicyBuilder =>
    {
        corsPolicyBuilder.WithOrigins("http://localhost:4200")
        .AllowAnyMethod()
        .AllowAnyHeader()
        .AllowCredentials();

        corsPolicyBuilder.WithOrigins("https://diuna.bim-it.pl")
        .AllowAnyMethod()
        .AllowAnyHeader()
        .AllowCredentials();
    });
});

builder.Services.AddControllers();


builder.Services.AddAuthentication(options =>
{
    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
    options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
    options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(options =>
{
    options.TokenValidationParameters = new TokenValidationParameters
    {
        ValidateIssuer = false,
        ValidateAudience = false,
        ValidateLifetime = true,
        ValidateIssuerSigningKey = true,
        IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(builder.Configuration["Secret"]!))
    };

});
builder.Services.AddAuthentication();

builder.Services.AddSingleton(typeof(GoogleSheetsHelper));
builder.Services.AddSingleton(typeof(GoogleDriveHelper));

var app = builder.Build();


app.Use(async (context, next) =>
{
    var token = context.Request.Headers.Authorization.ToString();
    if (token.Length > 0 
        && !context.Request.Path.ToString().Contains("getForPowerBI")
        && !context.Request.Path.ToString().Contains("DataInbox/Add")) {
        var handler = new JwtSecurityTokenHandler();
        var data = handler.ReadJwtToken(token.Split(' ')[1]);
        context.Request.Headers.Append("UserId", new Microsoft.Extensions.Primitives.StringValues(data.Subject));
    }
    await next(context);
});

app.UseCors("CORSPolicy");

app.UseAuthentication();
app.UseAuthorization();

app.MapControllers();

app.Run();
?? 2023-02-22 12:12:38 +01:00			`using Microsoft.AspNetCore.Authentication.JwtBearer;`
			`using Microsoft.EntityFrameworkCore;`
			`using Microsoft.IdentityModel.Tokens;`
			`using System.IdentityModel.Tokens.Jwt;`
			`using System.Text;`
			`using WebAPI;`

			`var builder = WebApplication.CreateBuilder(args);`

			`var connectionString = builder.Configuration.GetConnectionString("SQLDatabase");`
Deagregation processor 2023-09-18 19:41:39 +02:00			`builder.Services.AddDbContext<AppDbContext>(x => {`
			`x.UseSqlServer(connectionString);`
			`x.EnableSensitiveDataLogging();`
			`});`
?? 2023-02-22 12:12:38 +01:00
			`builder.Services.AddCors(options =>`
			`{`
WIP: Resolve all code issues 2024-06-18 18:39:02 +02:00			`options.AddPolicy("CORSPolicy", corsPolicyBuilder =>`
?? 2023-02-22 12:12:38 +01:00			`{`
WIP: Resolve all code issues 2024-06-18 18:39:02 +02:00			`corsPolicyBuilder.WithOrigins("http://localhost:4200")`
?? 2023-02-22 12:12:38 +01:00			`.AllowAnyMethod()`
			`.AllowAnyHeader()`
			`.AllowCredentials();`

WIP: Resolve all code issues 2024-06-18 18:39:02 +02:00			`corsPolicyBuilder.WithOrigins("https://diuna.bim-it.pl")`
?? 2023-02-22 12:12:38 +01:00			`.AllowAnyMethod()`
			`.AllowAnyHeader()`
			`.AllowCredentials();`
			`});`
			`});`

			`builder.Services.AddControllers();`

WIP: duplicate administration layer 2023-11-12 17:54:15 +01:00
?? 2023-02-22 12:12:38 +01:00			`builder.Services.AddAuthentication(options =>`
			`{`
			`options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;`
			`options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;`
			`options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;`
			`}).AddJwtBearer(options =>`
			`{`
			`options.TokenValidationParameters = new TokenValidationParameters`
			`{`
			`ValidateIssuer = false,`
			`ValidateAudience = false,`
			`ValidateLifetime = true,`
			`ValidateIssuerSigningKey = true,`
AUTH FIX 2023-11-12 14:41:44 +01:00			`IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(builder.Configuration["Secret"]!))`
?? 2023-02-22 12:12:38 +01:00			`};`

			`});`
AUTH FIX 2023-11-12 14:41:44 +01:00			`builder.Services.AddAuthentication();`
?? 2023-02-22 12:12:38 +01:00
			`builder.Services.AddSingleton(typeof(GoogleSheetsHelper));`
			`builder.Services.AddSingleton(typeof(GoogleDriveHelper));`

			`var app = builder.Build();`

WIP: duplicate administration layer 2023-11-12 17:54:15 +01:00
?? 2023-02-22 12:12:38 +01:00			`app.Use(async (context, next) =>`
			`{`
Refactor code to .NET8 2024-06-18 22:24:04 +02:00			`var token = context.Request.Headers.Authorization.ToString();`
DataInbox - some security fixes 2024-07-15 19:46:02 +02:00			`if (token.Length > 0`
			`&& !context.Request.Path.ToString().Contains("getForPowerBI")`
			`&& !context.Request.Path.ToString().Contains("DataInbox/Add")) {`
?? 2023-02-22 12:12:38 +01:00			`var handler = new JwtSecurityTokenHandler();`
			`var data = handler.ReadJwtToken(token.Split(' ')[1]);`
Refactor code to .NET8 2024-06-18 22:24:04 +02:00			`context.Request.Headers.Append("UserId", new Microsoft.Extensions.Primitives.StringValues(data.Subject));`
?? 2023-02-22 12:12:38 +01:00			`}`
			`await next(context);`
			`});`

			`app.UseCors("CORSPolicy");`

AUTH FIX 2023-11-12 14:41:44 +01:00			`app.UseAuthentication();`
?? 2023-02-22 12:12:38 +01:00			`app.UseAuthorization();`

			`app.MapControllers();`

			`app.Run();`