Skip to content

Commit

Permalink
Installs JWT provider by default (#4276)
Browse files Browse the repository at this point in the history 
* Install JWT by default

* Resolves multiple stylecop warnings in JWT project.
  • Loading branch information
@valadas
valadas authored Nov 4, 2020
1 parent 51f5f8b commit 626c1f8
Show file tree
Hide file tree
Showing 15 changed files with 1,171 additions and 924 deletions.
149 changes: 80 additions & 69 deletions DNN Platform/Dnn.AuthServices.Jwt/Auth/JwtAuthMessageHandler.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,74 +2,85 @@
// The .NET Foundation licenses this file to you under the MIT license.
// See the LICENSE file in the project root for more information

namespace Dnn.AuthServices.Jwt.Auth
{
using System;
using System.Net.Http;
using System.Security.Principal;
using System.Threading;
namespace Dnn.AuthServices.Jwt.Auth
{
using System;
using System.Net.Http;
using System.Security.Principal;
using System.Threading;

using Dnn.AuthServices.Jwt.Components.Common.Controllers;
using DotNetNuke.Instrumentation;
using DotNetNuke.Web.Api.Auth;
using DotNetNuke.Web.ConfigSection;
using Dnn.AuthServices.Jwt.Components.Common.Controllers;
using DotNetNuke.Instrumentation;
using DotNetNuke.Web.Api.Auth;
using DotNetNuke.Web.ConfigSection;

/// <summary>
/// This class implements Json Web Token (JWT) authentication scheme.
/// For detailed description of JWT refer to:
/// <para>- JTW standard https://tools.ietf.org/html/rfc7519. </para>
/// <para>- Introduction to JSON Web Tokens http://jwt.io/introduction/. </para>
/// </summary>
public class JwtAuthMessageHandler : AuthMessageHandlerBase
{
private static readonly ILog Logger = LoggerSource.Instance.GetLogger(typeof(JwtAuthMessageHandler));

private readonly IJwtController _jwtController = JwtController.Instance;

public JwtAuthMessageHandler(bool includeByDefault, bool forceSsl)
: base(includeByDefault, forceSsl)
{
// Once an instance is enabled and gets registered in
// ServicesRoutingManager.RegisterAuthenticationHandlers()
// this scheme gets marked as enabled.
IsEnabled = true;
}

public override string AuthScheme => this._jwtController.SchemeType;

public override bool BypassAntiForgeryToken => true;

internal static bool IsEnabled { get; set; }

public override HttpResponseMessage OnInboundRequest(HttpRequestMessage request, CancellationToken cancellationToken)
{
if (this.NeedsAuthentication(request))
{
this.TryToAuthenticate(request);
}

return base.OnInboundRequest(request, cancellationToken);
}

private void TryToAuthenticate(HttpRequestMessage request)
{
try
{
var username = this._jwtController.ValidateToken(request);
if (!string.IsNullOrEmpty(username))
{
if (Logger.IsTraceEnabled)
{
Logger.Trace($"Authenticated user '{username}'");
}

SetCurrentPrincipal(new GenericPrincipal(new GenericIdentity(username, this.AuthScheme), null), request);
}
}
catch (Exception ex)
{
Logger.Error("Unexpected error in authenticating the user. " + ex);
}
}
}
}
/// <summary>
/// This class implements Json Web Token (JWT) authentication scheme.
/// For detailed description of JWT refer to:
/// <para>- JTW standard https://tools.ietf.org/html/rfc7519. </para>
/// <para>- Introduction to JSON Web Tokens http://jwt.io/introduction/. </para>
/// </summary>
public class JwtAuthMessageHandler : AuthMessageHandlerBase
{
private static readonly ILog Logger = LoggerSource.Instance.GetLogger(typeof(JwtAuthMessageHandler));

private readonly IJwtController jwtController = JwtController.Instance;

/// <summary>
/// Initializes a new instance of the <see cref="JwtAuthMessageHandler"/> class.
/// </summary>
/// <param name="includeByDefault">A value indicating whether this handler should be inlcuded by default on all API endpoints.</param>
/// <param name="forceSsl">A value indicating whether this handler should enforce SSL usage.</param>
public JwtAuthMessageHandler(bool includeByDefault, bool forceSsl)
: base(includeByDefault, forceSsl)
{
// Once an instance is enabled and gets registered in
// ServicesRoutingManager.RegisterAuthenticationHandlers()
// this scheme gets marked as enabled.
IsEnabled = true;
}

/// <inheritdoc/>
public override string AuthScheme => this.jwtController.SchemeType;

/// <inheritdoc/>
public override bool BypassAntiForgeryToken => true;

/// <summary>
/// Gets or sets a value indicating whether this handler is enabled.
/// </summary>
internal static bool IsEnabled { get; set; }

/// <inheritdoc/>
public override HttpResponseMessage OnInboundRequest(HttpRequestMessage request, CancellationToken cancellationToken)
{
if (this.NeedsAuthentication(request))
{
this.TryToAuthenticate(request);
}

return base.OnInboundRequest(request, cancellationToken);
}

private void TryToAuthenticate(HttpRequestMessage request)
{
try
{
var username = this.jwtController.ValidateToken(request);
if (!string.IsNullOrEmpty(username))
{
if (Logger.IsTraceEnabled)
{
Logger.Trace($"Authenticated user '{username}'");
}

SetCurrentPrincipal(new GenericPrincipal(new GenericIdentity(username, this.AuthScheme), null), request);
}
}
catch (Exception ex)
{
Logger.Error("Unexpected error in authenticating the user. " + ex);
}
}
}
}
62 changes: 45 additions & 17 deletions DNN Platform/Dnn.AuthServices.Jwt/Components/Common/Controllers/IJwtController.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,22 +2,50 @@
// The .NET Foundation licenses this file to you under the MIT license.
// See the LICENSE file in the project root for more information

namespace Dnn.AuthServices.Jwt.Components.Common.Controllers
{
using System.Net.Http;
namespace Dnn.AuthServices.Jwt.Components.Common.Controllers
{
using System.Net.Http;

using Dnn.AuthServices.Jwt.Components.Entity;
using Dnn.AuthServices.Jwt.Components.Entity;

public interface IJwtController
{
string SchemeType { get; }

string ValidateToken(HttpRequestMessage request);

bool LogoutUser(HttpRequestMessage request);

LoginResultData LoginUser(HttpRequestMessage request, LoginData loginData);

LoginResultData RenewToken(HttpRequestMessage request, string renewalToken);
}
}
/// <summary>
/// Controls JWT features.
/// </summary>
public interface IJwtController
{
/// <summary>
/// Gets the name of the authentication Scheme Type.
/// </summary>
string SchemeType { get; }

/// <summary>
/// Validates the JWT token for the request.
/// </summary>
/// <param name="request">The current HTTP request.</param>
/// <returns>Returns the UserName if the token is valid or null if not.</returns>
string ValidateToken(HttpRequestMessage request);

/// <summary>
/// Logs the user out.
/// </summary>
/// <param name="request">The current HTTP request.</param>
/// <returns>A value indicating whether the logout attempt succeeded.</returns>
bool LogoutUser(HttpRequestMessage request);

/// <summary>
/// Logs the user in.
/// </summary>
/// <param name="request">The current HTTP request.</param>
/// <param name="loginData">The login information, <see cref="LoginData"/>.</param>
/// <returns><see cref="LoginResultData"/>.</returns>
LoginResultData LoginUser(HttpRequestMessage request, LoginData loginData);

/// <summary>
/// Attempts to renew a JWT token.
/// </summary>
/// <param name="request">The current HTTP request.</param>
/// <param name="renewalToken">The JWT renewal token.</param>
/// <returns><see cref="LoginResultData"/>.</returns>
LoginResultData RenewToken(HttpRequestMessage request, string renewalToken);
}
}
Loading

0 comments on commit 626c1f8

Please sign in to comment.