Merge pull request 'Added CartService and LocalStorageService (browser)' (#93) from payments into master

Reviewed-on: #93

LiteCharms.Features.MidrandBooks.Seed/LiteCharms.Features.MidrandBooks.Seed.csproj

@@ -11,7 +11,7 @@
   <!-- Quartz Scheduler-->
   <ItemGroup>
     <PackageReference Include="Bogus" Version="35.6.5" />
-    <PackageReference Include="Meziantou.Analyzer" Version="3.0.98">
+    <PackageReference Include="Meziantou.Analyzer" Version="3.0.102">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>
@@ -116,8 +116,8 @@
 
   <!-- Amazon S3 SDK -->
   <ItemGroup>
-    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.3" />
-    <PackageReference Include="AWSSDK.S3" Version="4.0.24" />
+    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.5" />
+    <PackageReference Include="AWSSDK.S3" Version="4.0.24.2" />
     <ProjectReference Include="..\LiteCharms.Features\LiteCharms.Features.csproj" />
 
     <!-- global Usings -->

LiteCharms.Features.MidrandBooks/LiteCharms.Features.MidrandBooks.csproj

@@ -32,7 +32,7 @@
   <!-- Quartz Scheduler-->
   <ItemGroup>
     <PackageReference Include="Humanizer" Version="3.0.10" />
-    <PackageReference Include="Meziantou.Analyzer" Version="3.0.98">
+    <PackageReference Include="Meziantou.Analyzer" Version="3.0.102">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>
@@ -136,8 +136,8 @@
 
   <!-- Amazon S3 SDK -->
   <ItemGroup>
-    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.3" />
-    <PackageReference Include="AWSSDK.S3" Version="4.0.24" />
+    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.5" />
+    <PackageReference Include="AWSSDK.S3" Version="4.0.24.2" />
     <ProjectReference Include="..\LiteCharms.Features\LiteCharms.Features.csproj" />
 
     <!-- global Usings -->

LiteCharms.Features.MidrandBooks/Orders/CartService.cs

@@ -0,0 +1,128 @@
+using LiteCharms.Features.Abstractions;
+using LiteCharms.Features.MidrandBooks.Orders.Models;
+using LiteCharms.Features.MidrandBooks.Products.Models;
+
+namespace LiteCharms.Features.MidrandBooks.Orders;
+
+public sealed class CartService : IService
+{
+    private Cart cart = new();
+
+    public Cart GetCart() => cart;
+
+    public void LoadCart(Cart savedCart) => cart = savedCart;
+
+    public void AddItem(ProductPrice productPrice)
+    {
+        var itemExists = false;
+
+        for (var i = 0; i < cart.Items.Count; i++)
+        {
+            if (cart.Items[i].Price!.Id == productPrice.Id)
+            {
+                cart.Items[i].Quantity++;
+                cart.Items[i].Amount += productPrice.Amount;
+
+                itemExists = true;
+
+                break;
+            }
+        }
+
+        if (!itemExists)
+            cart.Items.Add(new CartItem
+            {
+                Price = productPrice,
+                Amount = productPrice.Amount,
+                Quantity = 1,
+            });
+
+        CalculateTotalPrice();
+    }
+
+    public void UpdateQuantity(long productPriceId, int newQuantity)
+    {
+        if (newQuantity <= 0)
+        {
+            RemoveAllSameItem(productPriceId);
+
+            return;
+        }
+
+        for (var i = 0; i < cart.Items.Count; i++)
+        {
+            if (cart.Items[i].Price!.Id == productPriceId)
+            {
+                var oldQuantity = cart.Items[i].Quantity;
+                var pricePerUnit = cart.Items[i].Price!.Amount;
+
+                cart.Items[i].Quantity = newQuantity;
+                cart.Items[i].Amount = pricePerUnit * newQuantity;
+                break;
+            }
+        }
+
+        CalculateTotalPrice();
+    }
+
+    public void RemoveOneItem(long productPriceId)
+    {
+        for (var i = 0; i < cart.Items.Count; i++)
+        {
+            if (cart.Items[i].Price!.Id == productPriceId)
+            {
+                if (cart.Items[i].Quantity <= 1)
+                {
+                    cart.Items.RemoveAt(i);
+                }
+                else
+                {
+                    cart.Items[i].Quantity--;
+                    cart.Items[i].Amount -= cart.Items[i].Price!.Amount;
+                }
+
+                break;
+            }
+        }
+
+        CalculateTotalPrice();
+    }
+
+    public void RemoveAllSameItem(long productPriceId)
+    {
+        if (cart.Items.Count == 0) return;
+
+        var item = cart.Items.FirstOrDefault(i => i.Price?.Id == productPriceId);
+
+        if (item is not null) cart.Items.Remove(item);
+
+        CalculateTotalPrice();
+    }
+
+    public void Clear()
+    {
+        if(cart.CustomerId is not null || cart.OrderId is not null)
+        {
+            cart.TotalPrice = 0;
+            cart.TotalVat = 0;
+            cart.Items.Clear();
+
+            return;
+        }
+
+        cart = new Cart();
+    }
+
+    public decimal CalculateTotalPrice()
+    {
+        if (cart.Items.Count == 0) return 0;
+
+        var gross = cart.Items.Sum(i => i.Amount);
+
+        if (!cart.IsVatInclusive) cart.TotalVat = gross * cart.VatRate;
+
+        cart.TotalPrice = gross + cart.TotalVat;
+
+        return cart.TotalPrice;
+    }
+}

LiteCharms.Features.MidrandBooks/Orders/Models/Cart.cs

@@ -0,0 +1,18 @@
+namespace LiteCharms.Features.MidrandBooks.Orders.Models;
+
+public sealed class Cart
+{
+    public long? CustomerId { get; set; }
+
+    public long? OrderId { get; set; }
+
+    public decimal TotalPrice { get; set; }
+
+    public decimal TotalVat { get; set; }
+
+    public decimal VatRate { get; set; } = 0.15m;
+
+    public bool IsVatInclusive { get; set; } = true;
+
+    public IList<CartItem> Items { get; set; } = [];
+}

LiteCharms.Features.MidrandBooks/Orders/Models/CartItem.cs

@@ -0,0 +1,12 @@
+using LiteCharms.Features.MidrandBooks.Products.Models;
+
+namespace LiteCharms.Features.MidrandBooks.Orders.Models;
+
+public sealed class CartItem
+{
+    public ProductPrice? Price { get; set; }
+
+    public long Quantity { get; set; }
+
+    public decimal Amount { get; set; }
+}

LiteCharms.Features.TechShop/LiteCharms.Features.TechShop.csproj

@@ -136,8 +136,8 @@
 
   <!-- Amazon S3 SDK -->
   <ItemGroup>
-    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.3" />
-    <PackageReference Include="AWSSDK.S3" Version="4.0.24" />
+    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.5" />
+    <PackageReference Include="AWSSDK.S3" Version="4.0.24.2" />
     <ProjectReference Include="..\LiteCharms.Features\LiteCharms.Features.csproj" />
 
     <!-- global Usings -->

LiteCharms.Features.Tests/http/litecharms/app.http

@@ -1,6 +1,6 @@
 ### Authentik Token Request (Service Account Explicit)
-POST {{authority}}
+POST {{authority}}/connect/token
 Content-Type: application/x-www-form-urlencoded
 Accept-Encoding: identity
 
-grant_type={{grantType}}&client_id={{clientId}}&username={{username}}&password={{password}}&scope={{scope}}
+grant_type={{grantType}}&client_id={{clientId}}&client_secret={{clientSecret}}&scope={{scope}}

LiteCharms.Features.Tests/http/litecharms/http-client.env.json

@@ -0,0 +1,9 @@
+{
+  "uat": {
+    "authority": "https://sts.security.khongisa.co.za",
+    "grantType": "client_credentials",
+    "clientId": "midrandbooks-api-scaler-uat",
+    "clientSecret": "secret_0a8dc1f99061590a52b1272db3a1871d2761c79fbd058b2a968911029e4b208a",
+    "scope": "midrandbooks-api"
+  }
+}

LiteCharms.Features/Api/Configuration/AuthentikSettings.cs

@@ -1,18 +0,0 @@
-namespace LiteCharms.Features.Api.Configuration;
-
-public sealed class AuthentikSettings
-{
-    public string? Authority { get; set; }
-
-    public string? IntrospectionUrl { get; set; }
-
-    public string? ApiResourceName { get; set; }
-
-    public string? ApiResourceSecret { get; set; }
-
-    public string? RequiredClaimName { get; set; }
-
-    public string? RequiredClaimNameValue { get; set; }
-
-    public bool RequireHttpsMetadata { get; set; }
-}

LiteCharms.Features/Api/Configuration/LiteCharmsSettings.cs

@@ -0,0 +1,12 @@
+namespace LiteCharms.Features.Api.Configuration;
+
+public sealed class LiteCharmsSettings
+{
+    public string? Authority { get; set; }
+
+    public string? ClientId { get; set; }
+
+    public string? ClientSecret { get; set; }
+
+    public string? Audience { get; set; }
+}

LiteCharms.Features/Browser/LocalStorageService.cs

@@ -0,0 +1,80 @@
+using LiteCharms.Features.Abstractions;
+
+namespace LiteCharms.Features.Browser;
+
+public sealed class LocalStorageService(ProtectedLocalStorage storage) : IService
+{
+    public async ValueTask<Result> DeleteAsync(string key)
+    {
+        try
+        {
+            await storage.DeleteAsync(key);
+
+            return Result.Ok();
+        }
+        catch (Exception ex)
+        {
+            return Result.Fail(new Error(ex.Message).CausedBy(ex));
+        }
+    }
+
+    public async ValueTask<Result> SaveAsync(string key, string value)
+    {
+        try
+        {
+            await storage.SetAsync(key, value);
+
+            return Result.Ok();
+        }
+        catch (Exception ex)
+        {
+            return Result.Fail(new Error(ex.Message).CausedBy(ex));
+        }
+    }
+
+    public async ValueTask<Result> SaveAsync<TValue>(string key, TValue value) where TValue : class
+    {
+        try
+        {
+            await storage.SetAsync(key, value);
+
+            return Result.Ok();
+        }
+        catch (Exception ex)
+        {
+            return Result.Fail(new Error(ex.Message).CausedBy(ex));
+        }
+    }
+
+    public async ValueTask<Result<string>> GetAsync(string key)
+    {
+        try
+        {
+            var retrieval = await storage.GetAsync<string>(key);
+
+            return retrieval.Success && !string.IsNullOrWhiteSpace(retrieval.Value)
+                ? Result.Ok(retrieval.Value)
+                : Result.Fail($"Could not find object by key {key}");
+        }
+        catch (Exception ex)
+        {
+            return Result.Fail(new Error(ex.Message).CausedBy(ex));
+        }
+    }
+
+    public async ValueTask<Result<TValue>> GetAsync<TValue>(string key) where TValue : class
+    {
+        try
+        {
+            var retrieval = await storage.GetAsync<TValue>(key);
+
+            return retrieval.Success && retrieval.Value is not null
+                ? Result.Ok(retrieval.Value)
+                : Result.Fail($"Could not find object by key {key}");
+        }
+        catch (Exception ex)
+        {
+            return Result.Fail(new Error(ex.Message).CausedBy(ex));
+        }
+    }
+}

LiteCharms.Features/Extensions/Api.cs

@@ -1,6 +1,7 @@
 using LiteCharms.Features.Abstractions;
 using LiteCharms.Features.Api;
 using LiteCharms.Features.Api.Configuration;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
 
 namespace LiteCharms.Features.Extensions;
 
@@ -9,27 +10,81 @@ public static class Api
     public const string Books = nameof(Books);
     public const string Payments = nameof(Payments);
 
-    public static IServiceCollection AddAuthentic(this IServiceCollection services, IConfiguration configuration)
+    public static IServiceCollection AddLiteCharmsWebSecurity(this IServiceCollection services, IConfiguration configuration)
     {
-        var configSection = configuration.GetSection(nameof(AuthentikSettings));
+        var configSection = configuration.GetSection(nameof(LiteCharmsSettings));
 
-        var authOptions = new AuthentikSettings();
+        var authOptions = new LiteCharmsSettings();
         configSection.Bind(authOptions);
 
-        services.Configure<AuthentikSettings>(configSection);
+        services.Configure<LiteCharmsSettings>(configSection);
 
-        services.AddAuthentication(OAuth2IntrospectionDefaults.AuthenticationScheme)
-            .AddOAuth2Introspection(OAuth2IntrospectionDefaults.AuthenticationScheme, options =>
+        services.AddAuthentication(options =>
+        {
+            options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
+            options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
+        })
+        .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme)
+        .AddOpenIdConnect(OpenIdConnectDefaults.AuthenticationScheme, options =>
+        {
+            options.Authority = authOptions.Authority;
+
+            options.ClientId = authOptions.ClientId;
+            options.ClientSecret = authOptions.ClientSecret;
+            options.ResponseType = "code";
+
+            options.SaveTokens = true;
+            options.GetClaimsFromUserInfoEndpoint = true;
+
+            options.Scope.Clear();
+            options.Scope.Add("openid");
+            options.Scope.Add("profile");
+            options.Scope.Add("email");
+
+            options.Events = new OpenIdConnectEvents
+            {
+                OnRedirectToIdentityProviderForSignOut = context =>
+                {
+                    var idToken = context.ProtocolMessage.IdTokenHint;
+
+                    if (string.IsNullOrEmpty(idToken))
+                    {
+                        var tokens = context.Properties.GetTokens();
+                        var idTokenItem = tokens.FirstOrDefault(t => string.Equals(t.Name, "id_token", StringComparison.Ordinal));
+
+                        if (idTokenItem != null) context.ProtocolMessage.IdTokenHint = idTokenItem.Value;
+                    }
+
+                    return Task.CompletedTask;
+                },
+            };
+        });
+
+        services.AddCascadingAuthenticationState();
+
+        return services;
+    }
+
+    public static IServiceCollection AddLiteCharmsApiSecurity(this IServiceCollection services, IConfiguration configuration)
+    {
+        var configSection = configuration.GetSection(nameof(LiteCharmsSettings));
+
+        var authOptions = new LiteCharmsSettings();
+        configSection.Bind(authOptions);
+
+        services.Configure<LiteCharmsSettings>(configSection);
+
+        services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
+            .AddJwtBearer(options =>
             {
                 options.Authority = authOptions.Authority;
-                options.IntrospectionEndpoint = authOptions.IntrospectionUrl;
-                options.ClientId = authOptions.ApiResourceName;
-                options.ClientSecret = authOptions.ApiResourceSecret;
-
-                options.NameClaimType = "sub";
-                options.DiscoveryPolicy.RequireHttps = authOptions.RequireHttpsMetadata;
-                options.DiscoveryPolicy.ValidateEndpoints = false;
-                options.EnableCaching = false;                
+                options.Audience = authOptions.Audience;
+                options.TokenValidationParameters = new TokenValidationParameters
+                {
+                    ValidIssuer = authOptions.Authority,
+                    ValidateAudience = true,
+                    ValidateIssuer = true,
+                };
             });
 
         services.AddAuthorization();
@@ -37,6 +92,32 @@ public static class Api
         return services;
     }
 
+    public static WebApplication AddSecurityEndpoints(this WebApplication app)
+    {
+        app.MapGet("/login", async (HttpContext context, string redirectUri = "/") =>
+        {
+            await context.ChallengeAsync(OpenIdConnectDefaults.AuthenticationScheme, new AuthenticationProperties
+            {
+                RedirectUri = redirectUri,
+            });
+        });
+
+        app.MapGet("/logout", async (HttpContext context) =>
+        {
+            var idToken = await context.GetTokenAsync("id_token");
+
+            var authProperties = new AuthenticationProperties { RedirectUri = "/", };
+
+            if (!string.IsNullOrEmpty(idToken)) 
+                authProperties.Parameters.Add("id_token_hint", idToken);
+
+            await context.SignOutAsync(OpenIdConnectDefaults.AuthenticationScheme, authProperties);
+            await context.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
+        });
+
+        return app;
+    }
+
     public static IServiceCollection AddApiServices(this IServiceCollection services, IConfiguration configuration)
     {
         services.AddHttpClient();
@@ -124,5 +205,4 @@ public static class Api
 
     public static string ToEndpointName(this Type target, string? annotation = "") =>
         $"{target.Name.Replace("Endpoint", string.Empty)}{annotation}".ToLower(CultureInfo.CurrentCulture);
-
 }

LiteCharms.Features/LiteCharms.Features.csproj

@@ -38,7 +38,10 @@
     <PackageReference Include="Microsoft.AspNetCore.Authentication.Certificate" Version="10.0.8" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="10.0.8" />
 
-    <Using Include="IdentityModel.AspNetCore.OAuth2Introspection"/>
+    <Using Include="Microsoft.AspNetCore.Authentication" />
+    <Using Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" />
+    <Using Include="Microsoft.AspNetCore.Authentication.Cookies" />
+    <Using Include="IdentityModel.AspNetCore.OAuth2Introspection" />
   </ItemGroup>
 
   <!-- API Versioning -->
@@ -64,7 +67,7 @@
   <!-- Quartz Scheduler-->
   <ItemGroup>    
     <PackageReference Include="Hashids.net" Version="1.7.0" />    
-    <PackageReference Include="Meziantou.Analyzer" Version="3.0.98">
+    <PackageReference Include="Meziantou.Analyzer" Version="3.0.102">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>    
@@ -168,8 +171,8 @@
   
   <!-- Amazon S3 SDK -->
   <ItemGroup>
-    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.3" />
-    <PackageReference Include="AWSSDK.S3" Version="4.0.24" />
+    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.5" />
+    <PackageReference Include="AWSSDK.S3" Version="4.0.24.2" />
     
     <!-- global Usings -->
     <Using Include="Amazon.S3" />
@@ -179,6 +182,7 @@
 
   <!-- Shared Usings -->
   <ItemGroup>
+    <Using Include="Microsoft.AspNetCore.Components.Server.ProtectedBrowserStorage" />
     <Using Include="System.Reflection" />
     <Using Include="Microsoft.Extensions.DependencyInjection.Extensions" />
     <Using Include="Microsoft.AspNetCore.Routing" />