ASP.NET Core 3.1

Author: brunobritodev

build/build.bat

@@ -1,6 +1,11 @@
 
 echo Restore nuget dep's
-dotnet build "../src/Backend/JPProject.Admin.Api"
+dotnet build "../src/Backend/Jp.UserManagement"
+dotnet build "../src/Frontend/Jp.UI.SSO"
+
+CLS
+echo Build UserManagement
+start /d "../src/Frontend/Jp.UserManagement" npm install 
 
 echo Build AdminUi
 start /d "../src/Frontend/Jp.AdminUI" npm install

build/docker-compose.yml

@@ -0,0 +1,92 @@
+version: "3"
+
+services:
+
+    #############################
+    # Database
+    #############################
+    jpdatabase:
+      image: mysql
+      container_name: jp-internal-db
+      command: --default-authentication-plugin=mysql_native_password
+      restart: always
+      environment:
+          MYSQL_ROOT_PASSWORD: root
+          MYSQL_USER: jp
+          MYSQL_DATABASE: jpproject
+          MYSQL_PASSWORD: 10203040
+    
+    #############################
+    # Server SSO
+    #############################
+    jpproject-sso:
+        image: bhdebrito/jpproject-sso:3.1.0
+        container_name: jpproject-sso
+        depends_on:
+            - jpdatabase
+        environment: 
+            ASPNETCORE_ENVIRONMENT: Development
+            ASPNETCORE_URLS: http://+:5001
+            CUSTOMCONNSTR_SSOConnection: "server=jpdatabase,port=3306;database=jpproject;user=jp;password=10203040"
+            ApplicationSettings:EnableExternalProviders: "false" # Because Auth url is http://jpproject (modified by host to point to 127.0.0.1), then Google and Facebook reject it.
+            ApplicationSettings:DatabaseType: MySql
+            ApplicationSettings:DefaultUser: bruno
+            ApplicationSettings:DefaultPass: Pa$$word123
+            ApplicationSettings:DefaultEmail: bhdebrito@gmail.com
+            ApplicationSettings:UserManagementURL: http://localhost:4200
+            ApplicationSettings:IS4AdminUi: http://localhost:4300
+            ApplicationSettings:ResourceServerURL: http://localhost:5002
+            CertificateOptions:Type: Temporary
+
+    #############################
+    # Management API
+    #############################
+    jpproject-api:
+        image: bhdebrito/jpproject-api:3.1.0
+        container_name: jpproject-api
+        depends_on:
+            - jpdatabase
+        environment: 
+            ASPNETCORE_ENVIRONMENT: "Development"
+            ASPNETCORE_URLS: http://+
+            CUSTOMCONNSTR_SSOConnection: "server=jpdatabase,port=3306;database=jpproject;user=jp;password=10203040"
+            ApplicationSettings:Authority: "http://jpproject-sso:5001"
+            ApplicationSettings:DatabaseType: MySql
+
+    #############################
+    # User management UI
+    #############################
+    jpproject-users:
+        image: bhdebrito/jpproject-user-management-ui:3.0.2
+        container_name: jpproject-users
+        depends_on:
+            - jpproject-api
+            - jpproject-sso
+
+    #############################
+    # Admin Ui
+    #############################
+    jpproject-admin-ui:
+        image: bhdebrito/jpproject-admin-ui:3.0.2
+        container_name: jpproject-admin-ui
+        depends_on:
+            - jpproject-api
+            - jpproject-sso
+
+    
+    #############################
+    # Reverse proxy
+    #############################
+    reverse-proxy:
+        image: bhdebrito/jpproject-reverse-proxy:3.1.0
+        container_name: jpproject-reverse-proxy
+        ports:
+            - '5001:5001'
+            - '5002:5002'
+            - '4200:4200'
+            - '4300:4300'
+        depends_on:
+            - 'jpproject-api'
+            - 'jpproject-users'
+            - 'jpproject-sso'
+            - 'jpproject-admin-ui'

build/jpproject-docker-windows.zip

@@ -5,9 +5,9 @@ ECHO.
 
 SET NEWLINE=^& echo.
 ECHO Carrying out requested modifications to your HOSTS file
-FIND /C /I "jpproject" %WINDIR%\system32\drivers\etc\hosts
+FIND /C /I "jpproject-sso" %WINDIR%\system32\drivers\etc\hosts
 IF %ERRORLEVEL% NEQ 0 ECHO %NEWLINE%>>%WINDIR%\system32\drivers\etc\hosts
-IF %ERRORLEVEL% NEQ 0 ECHO 127.0.0.1    jpproject>>%WINDIR%\system32\drivers\etc\hosts
+IF %ERRORLEVEL% NEQ 0 ECHO 127.0.0.1    jpproject-sso>>%WINDIR%\system32\drivers\etc\hosts
 ECHO Finished
 ECHO.
 EXIT

build/jpproject-docker.zip

@@ -0,0 +1,8 @@
+using Microsoft.AspNetCore.Authorization;
+
+namespace JPProject.Admin.Api.Configuration.Authorization
+{
+    public class AccountRequirement : IAuthorizationRequirement
+    {
+    }
+}

build/update-host.bat

@@ -0,0 +1,44 @@
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Http;
+using System;
+using System.Threading.Tasks;
+
+namespace JPProject.Admin.Api.Configuration.Authorization
+{
+    public class AccountRequirementHandler : AuthorizationHandler<AccountRequirement>
+    {
+        private readonly IHttpContextAccessor _httpContextAccessor;
+
+        public AccountRequirementHandler(IHttpContextAccessor httpContextAccessor)
+        {
+            _httpContextAccessor = httpContextAccessor ?? throw new ArgumentNullException(nameof(httpContextAccessor));
+        }
+        protected override Task HandleRequirementAsync(
+            AuthorizationHandlerContext context,
+            AccountRequirement requirement)
+        {
+
+            var httpMethod = _httpContextAccessor.HttpContext.Request.Method;
+
+            if (HttpMethods.IsGet(httpMethod) || HttpMethods.IsHead(httpMethod))
+            {
+                if (context.User.Identity.IsAuthenticated)
+                {
+                    context.Succeed(requirement);
+                    return Task.CompletedTask;
+                }
+            }
+            else
+            {
+                if (context.User.HasClaim("is4-rights", "manager") ||
+                    context.User.IsInRole("Administrator"))
+                {
+                    context.Succeed(requirement);
+                    return Task.CompletedTask;
+                }
+            }
+            context.Fail();
+            return Task.CompletedTask;
+        }
+    }
+}

src/Backend/JPProject.Admin.Api/Configuration/Authorization/AccountRequirement.cs

@@ -0,0 +1,18 @@
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.Extensions.DependencyInjection;
+
+namespace JPProject.Admin.Api.Configuration.Authorization
+{
+    public static class ConfigurePolicy
+    {
+        public static void AddPolicies(this IServiceCollection services)
+        {
+            services.AddAuthorization(options =>
+            {
+                options.AddPolicy("Default",
+                    policy => policy.Requirements.Add(new AccountRequirement()));
+            });
+            services.AddSingleton<IAuthorizationHandler, AccountRequirementHandler>();
+        }
+    }
+}

src/Backend/JPProject.Admin.Api/Configuration/Authorization/AccountRequirementHandler.cs

@@ -13,7 +13,7 @@
 
 namespace JPProject.Admin.Api.Controllers
 {
-    [Route("api-resources"), Authorize(Policy = "ReadOnly")]
+    [Route("api-resources"), Authorize(Policy = "Default")]
     public class ApiResourcesController : ApiController
     {
         private readonly IApiResourceAppService _apiResourceAppService;
@@ -40,7 +40,7 @@ public async Task<ActionResult<ApiResource>> Details(string resource)
             return ResponseGet(irs);
         }
 
-        [HttpPost(""), Authorize(Policy = "Admin")]
+        [HttpPost("")]
         public async Task<ActionResult<ApiResource>> Save([FromBody] ApiResource model)
         {
             if (!ModelState.IsValid)
@@ -54,7 +54,7 @@ public async Task<ActionResult<ApiResource>> Save([FromBody] ApiResource model)
             return ResponsePost(nameof(Details), new { resource = model.Name }, apires);
         }
 
-        [HttpPut("{resource}"), Authorize(Policy = "Admin")]
+        [HttpPut("{resource}")]
         public async Task<ActionResult<bool>> Update(string resource, [FromBody] ApiResource model)
         {
             if (!ModelState.IsValid)
@@ -67,7 +67,7 @@ public async Task<ActionResult<bool>> Update(string resource, [FromBody] ApiReso
             return ResponsePutPatch();
         }
 
-        [HttpPatch("{resource}"), Authorize(Policy = "Admin")]
+        [HttpPatch("{resource}")]
         public async Task<ActionResult<bool>> PartialUpdate(string resource, [FromBody] JsonPatchDocument<ApiResource> model)
         {
             if (!ModelState.IsValid)
@@ -87,7 +87,7 @@ public async Task<ActionResult<bool>> PartialUpdate(string resource, [FromBody]
             return ResponsePutPatch();
         }
 
-        [HttpDelete("{resource}"), Authorize(Policy = "Admin")]
+        [HttpDelete("{resource}")]
         public async Task<ActionResult<bool>> Remove(string resource)
         {
             var model = new RemoveApiResourceViewModel(resource);
@@ -102,7 +102,7 @@ public async Task<ActionResult<IEnumerable<SecretViewModel>>> Secrets(string res
             return ResponseGet(clients);
         }
 
-        [HttpDelete("{resource}/secrets/{secretId:int}"), Authorize(Policy = "Admin")]
+        [HttpDelete("{resource}/secrets/{secretId:int}")]
         public async Task<ActionResult<bool>> RemoveSecret(string resource, int secretId)
         {
             var model = new RemoveApiSecretViewModel(resource, secretId);
@@ -111,7 +111,7 @@ public async Task<ActionResult<bool>> RemoveSecret(string resource, int secretId
         }
 
 
-        [HttpPost("{resource}/secrets"), Authorize(Policy = "Admin")]
+        [HttpPost("{resource}/secrets")]
         public async Task<ActionResult<IEnumerable<SecretViewModel>>> SaveSecret(string resource, [FromBody] SaveApiSecretViewModel model)
         {
             if (!ModelState.IsValid)
@@ -133,7 +133,7 @@ public async Task<ActionResult<IEnumerable<ScopeViewModel>>> Scopes(string resou
             return ResponseGet(clients);
         }
 
-        [HttpDelete("{resource}/scopes/{scopeId:int}"), Authorize(Policy = "Admin")]
+        [HttpDelete("{resource}/scopes/{scopeId:int}")]
         public async Task<ActionResult> RemoveScope(string resource, int scopeId)
         {
             var model = new RemoveApiScopeViewModel(resource, scopeId);
@@ -142,7 +142,7 @@ public async Task<ActionResult> RemoveScope(string resource, int scopeId)
         }
 
 
-        [HttpPost("{resource}/scopes"), Authorize(Policy = "Admin")]
+        [HttpPost("{resource}/scopes")]
         public async Task<ActionResult<IEnumerable<ScopeViewModel>>> SaveScope(string resource, [FromBody] SaveApiScopeViewModel model)
         {
             if (!ModelState.IsValid)