refactor: code restructuring

2024-10-07 02:13:35 +03:00
parent de5dc274d7
commit 1c981fb7bf
29 changed files with 57 additions and 56 deletions
--- a/Endpoint/Configuration/Core/Startup/JwtConfiguration.cs
+++ b/Endpoint/Configuration/Core/Startup/JwtConfiguration.cs
@ -0,0 +1,66 @@
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.IdentityModel.Tokens;
+using Mirea.Api.Endpoint.Common.Services.Security;
+using Mirea.Api.Security.Common.Interfaces;
+using System;
+using System.Text;
+
+namespace Mirea.Api.Endpoint.Configuration.Core.Startup;
+
+public static class JwtConfiguration
+{
+    public static IServiceCollection AddJwtToken(this IServiceCollection services, IConfiguration configuration)
+    {
+        var lifeTimeJwt = TimeSpan.FromMinutes(int.Parse(configuration["SECURITY_LIFE_TIME_JWT"]!));
+
+        var jwtDecrypt = Encoding.UTF8.GetBytes(configuration["SECURITY_ENCRYPTION_TOKEN"] ?? string.Empty);
+
+        if (jwtDecrypt.Length != 32)
+            throw new InvalidOperationException("The secret token \"SECURITY_ENCRYPTION_TOKEN\" cannot be less than 32 characters long. Now the size is equal is " + jwtDecrypt.Length);
+
+        var jwtKey = Encoding.UTF8.GetBytes(configuration["SECURITY_SIGNING_TOKEN"] ?? string.Empty);
+
+        if (jwtKey.Length != 64)
+            throw new InvalidOperationException("The signature token \"SECURITY_SIGNING_TOKEN\" cannot be less than 64 characters. Now the size is " + jwtKey.Length);
+
+        var jwtIssuer = configuration["SECURITY_JWT_ISSUER"];
+        var jwtAudience = configuration["SECURITY_JWT_AUDIENCE"];
+
+        if (string.IsNullOrEmpty(jwtAudience) || string.IsNullOrEmpty(jwtIssuer))
+            throw new InvalidOperationException("The \"SECURITY_JWT_ISSUER\" and \"SECURITY_JWT_AUDIENCE\" are not specified");
+
+        services.AddSingleton<IAccessToken, JwtTokenService>(_ => new JwtTokenService
+        {
+            Audience = jwtAudience,
+            Issuer = jwtIssuer,
+            Lifetime = lifeTimeJwt,
+            EncryptionKey = jwtDecrypt,
+            SigningKey = jwtKey
+        });
+
+        services.AddAuthentication(options =>
+        {
+            options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
+            options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
+        }).AddJwtBearer(options =>
+        {
+            options.TokenValidationParameters = new TokenValidationParameters
+            {
+                ValidateIssuer = true,
+                ValidIssuer = jwtIssuer,
+
+                ValidateAudience = true,
+                ValidAudience = jwtAudience,
+
+                ValidateLifetime = true,
+                ValidateIssuerSigningKey = true,
+                IssuerSigningKey = new SymmetricSecurityKey(jwtKey),
+                TokenDecryptionKey = new SymmetricSecurityKey(jwtDecrypt)
+            };
+        });
+
+        return services;
+    }
+}