Merge pull request 'Refactored AddSecurityEndpoints' (#88) from payments into master

Reviewed-on: #88

LiteCharms.Features.MidrandBooks.Seed/LiteCharms.Features.MidrandBooks.Seed.csproj

@@ -11,7 +11,7 @@
   <!-- Quartz Scheduler-->
   <ItemGroup>
     <PackageReference Include="Bogus" Version="35.6.5" />
-    <PackageReference Include="Meziantou.Analyzer" Version="3.0.98">
+    <PackageReference Include="Meziantou.Analyzer" Version="3.0.101">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>
@@ -116,8 +116,8 @@
 
   <!-- Amazon S3 SDK -->
   <ItemGroup>
-    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.3" />
-    <PackageReference Include="AWSSDK.S3" Version="4.0.24" />
+    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.4" />
+    <PackageReference Include="AWSSDK.S3" Version="4.0.24.1" />
     <ProjectReference Include="..\LiteCharms.Features\LiteCharms.Features.csproj" />
 
     <!-- global Usings -->

LiteCharms.Features.MidrandBooks/LiteCharms.Features.MidrandBooks.csproj

@@ -32,7 +32,7 @@
   <!-- Quartz Scheduler-->
   <ItemGroup>
     <PackageReference Include="Humanizer" Version="3.0.10" />
-    <PackageReference Include="Meziantou.Analyzer" Version="3.0.98">
+    <PackageReference Include="Meziantou.Analyzer" Version="3.0.101">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>
@@ -136,8 +136,8 @@
 
   <!-- Amazon S3 SDK -->
   <ItemGroup>
-    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.3" />
-    <PackageReference Include="AWSSDK.S3" Version="4.0.24" />
+    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.4" />
+    <PackageReference Include="AWSSDK.S3" Version="4.0.24.1" />
     <ProjectReference Include="..\LiteCharms.Features\LiteCharms.Features.csproj" />
 
     <!-- global Usings -->

LiteCharms.Features.TechShop/LiteCharms.Features.TechShop.csproj

@@ -136,8 +136,8 @@
 
   <!-- Amazon S3 SDK -->
   <ItemGroup>
-    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.3" />
-    <PackageReference Include="AWSSDK.S3" Version="4.0.24" />
+    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.4" />
+    <PackageReference Include="AWSSDK.S3" Version="4.0.24.1" />
     <ProjectReference Include="..\LiteCharms.Features\LiteCharms.Features.csproj" />
 
     <!-- global Usings -->

LiteCharms.Features.Tests/http/litecharms/http-client.env.json

@@ -2,8 +2,8 @@
   "uat": {
     "authority": "https://sts.security.khongisa.co.za",
     "grantType": "client_credentials",
-    "clientId": "midrandbooks-api-uat",
-    "clientSecret": "secret_5a36d0024980544c875447a4b052938becc3fbbb10b8b2c097310c1a53ba3c0a",
+    "clientId": "midrandbooks-api-scaler-uat",
+    "clientSecret": "secret_0a8dc1f99061590a52b1272db3a1871d2761c79fbd058b2a968911029e4b208a",
     "scope": "midrandbooks-api"
   }
 }

LiteCharms.Features/Api/Configuration/LiteCharmsSettings.cs

@@ -9,8 +9,4 @@ public sealed class LiteCharmsSettings
     public string? ClientSecret { get; set; }
 
     public string? Audience { get; set; }
-
-    public string? RequiredClaimName { get; set; }
-
-    public string? RequiredClaimNameValue { get; set; }
 }

LiteCharms.Features/Extensions/Api.cs

@@ -31,9 +31,8 @@ public static class Api
 
             options.ClientId = authOptions.ClientId;
             options.ClientSecret = authOptions.ClientSecret;
-            options.SignedOutCallbackPath = "/signout-callback-oidc";
-
             options.ResponseType = "code";
+
             options.SaveTokens = true;
             options.GetClaimsFromUserInfoEndpoint = true;
 
@@ -41,16 +40,10 @@ public static class Api
             options.Scope.Add("openid");
             options.Scope.Add("profile");
             options.Scope.Add("email");
-
-            options.CorrelationCookie.SecurePolicy = CookieSecurePolicy.Always;
-            options.CorrelationCookie.SameSite = SameSiteMode.None;
-            options.CorrelationCookie.HttpOnly = true;
-
-            options.NonceCookie.SecurePolicy = CookieSecurePolicy.Always;
-            options.NonceCookie.SameSite = SameSiteMode.None;
-            options.NonceCookie.HttpOnly = true;
         });
 
+        services.AddCascadingAuthenticationState();
+
         return services;
     }
 
@@ -76,28 +69,13 @@ public static class Api
                 };
             });
 
-        if (!string.IsNullOrWhiteSpace(authOptions.RequiredClaimName) && !string.IsNullOrWhiteSpace(authOptions.RequiredClaimNameValue))
-        {
-            services.AddAuthorizationBuilder()
-                .AddPolicy("RequiredScope", policy =>
-                    policy.RequireClaim(authOptions.RequiredClaimName, authOptions.RequiredClaimNameValue));
-        }
-        else
-            services.AddAuthorization();
+        services.AddAuthorization();
 
         return services;
     }
 
     public static WebApplication AddSecurityEndpoints(this WebApplication app)
     {
-        app.MapGet("/login", async (HttpContext context, string redirectUri = "/") =>
-        {
-            await context.ChallengeAsync(OpenIdConnectDefaults.AuthenticationScheme, new AuthenticationProperties
-            {
-                RedirectUri = redirectUri,                
-            });
-        });
-
         app.MapGet("/logout", async (HttpContext context, IHttpClientFactory httpClientFactory, IOptions<LiteCharmsSettings> settings) =>
         {
             await context.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
@@ -106,7 +84,7 @@ public static class Api
 
             await context.SignOutAsync(OpenIdConnectDefaults.AuthenticationScheme, new AuthenticationProperties
             {
-                RedirectUri = currentBaseUrl
+                RedirectUri = currentBaseUrl,
             });
         });
 

LiteCharms.Features/LiteCharms.Features.csproj

@@ -38,10 +38,10 @@
     <PackageReference Include="Microsoft.AspNetCore.Authentication.Certificate" Version="10.0.8" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="10.0.8" />
 
-    <Using Include="Microsoft.AspNetCore.Authentication"/>
-    <Using Include="Microsoft.AspNetCore.Authentication.OpenIdConnect"/>
-    <Using Include="Microsoft.AspNetCore.Authentication.Cookies"/>
-    <Using Include="IdentityModel.AspNetCore.OAuth2Introspection"/>
+    <Using Include="Microsoft.AspNetCore.Authentication" />
+    <Using Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" />
+    <Using Include="Microsoft.AspNetCore.Authentication.Cookies" />
+    <Using Include="IdentityModel.AspNetCore.OAuth2Introspection" />
   </ItemGroup>
 
   <!-- API Versioning -->
@@ -67,7 +67,7 @@
   <!-- Quartz Scheduler-->
   <ItemGroup>    
     <PackageReference Include="Hashids.net" Version="1.7.0" />    
-    <PackageReference Include="Meziantou.Analyzer" Version="3.0.98">
+    <PackageReference Include="Meziantou.Analyzer" Version="3.0.101">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>    
@@ -171,8 +171,8 @@
   
   <!-- Amazon S3 SDK -->
   <ItemGroup>
-    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.3" />
-    <PackageReference Include="AWSSDK.S3" Version="4.0.24" />
+    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.4" />
+    <PackageReference Include="AWSSDK.S3" Version="4.0.24.1" />
     
     <!-- global Usings -->
     <Using Include="Amazon.S3" />