Merge pull request #298 from jeffreysSharp/develop

#278 - Implementando o JWK nas demais API's - feature/sp8/#278

Author: jeffreysSharp

README.md

@@ -35,6 +35,7 @@
 - NetDevPack
 - Facade
 - Elastic Search
+- JWK e JWKS
 
 # Ferramentas
 - Visual Studio 2022 - Version 17.11.4 ++
@@ -51,4 +52,4 @@
 - [x] API Gateway / BFF - Compras 
 - [X] Aplicação de Voucher
 - [X] Pedidos
-- [ ] Pagamentos
+- [x] Pagamentos

src/api gateways/JSE.Bff.Compras/appsettings.Development.json

@@ -19,9 +19,7 @@
   },
 
   "AppSettings": {
-    "Secret": "F9F52344-59C3-4EAC-90E6-CB47935038BE",
-    "ExpirationHours": 2,
-    "Issuer": "MeuSistema",
-    "ValidOn": "https://localhost"
+    "AutenticacaoJwksUrl": "https://localhost:44396/jwks"
   }
+
 }

src/building blocks/JSE.WebAPI.Core/IdentityConfiguration/AppSettings.cs

@@ -2,9 +2,6 @@
 {
     public class AppSettings
     {
-        public string Secret { get; set; }
-        public int ExpirationHours { get; set; }
-        public string Issuer { get; set; }
-        public string ValidOn { get; set; }
+        public string AutenticacaoJwksUrl{ get; set; }
     }
 }

src/building blocks/JSE.WebAPI.Core/IdentityConfiguration/JwtConfiguration.cs

@@ -2,8 +2,7 @@
 using Microsoft.AspNetCore.Builder;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
-using Microsoft.IdentityModel.Tokens;
-using System.Text;
+using NetDevPack.Security.JwtExtensions;
 
 namespace JSE.WebAPI.Core.IdentityConfiguration
 {
@@ -16,7 +15,6 @@ public static void AddJwtConfiguration(this IServiceCollection services,
             services.Configure<AppSettings>(appSettingsSection);
 
             var appSettings = appSettingsSection.Get<AppSettings>();
-            var key = Encoding.ASCII.GetBytes(appSettings.Secret);
 
             services.AddAuthentication(x =>
             {
@@ -26,15 +24,7 @@ public static void AddJwtConfiguration(this IServiceCollection services,
             {
                 x.RequireHttpsMetadata = true;
                 x.SaveToken = true;
-                x.TokenValidationParameters = new TokenValidationParameters
-                {
-                    ValidateIssuerSigningKey = true,
-                    IssuerSigningKey = new SymmetricSecurityKey(key),
-                    ValidateIssuer = true,
-                    ValidateAudience = true,
-                    ValidAudience = appSettings.ValidOn,
-                    ValidIssuer = appSettings.Issuer
-                };
+                x.SetJwksOptions(new JwkOptions(appSettings.AutenticacaoJwksUrl));
             });
         }
 

src/building blocks/JSE.WebAPI.Core/JSE.WebAPI.Core.csproj

@@ -12,6 +12,7 @@
     <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.10" />
     <PackageReference Include="Microsoft.Extensions.Configuration.UserSecrets" Version="6.0.1" />
     <PackageReference Include="Microsoft.Extensions.Http.Polly" Version="8.0.10" />
+    <PackageReference Include="NetDevPack.Security.JwtExtensions" Version="8.0.0" />
   </ItemGroup>
 
   <ItemGroup>

src/services/JSE.Carrinho.API/appsettings.Development.json

@@ -2,19 +2,19 @@
   "ConnectionStrings": {
     "DefaultConnection": "Server=.\\SQLEXPRESS;Database=JeffStoreEnterprise;User Id=sa;Password=Asd123!!;Trusted_Connection=true;MultipleActiveResultSets=true;TrustServerCertificate=True;"
   },
+
   "MessageQueueConnection": {
     "MessageBus": "host=localhost:5672;publisherConfirms=true;timeout=10"
   },
+
   "Logging": {
     "LogLevel": {
       "Default": "Information",
       "Microsoft.AspNetCore": "Warning"
     }
   },
+
   "AppSettings": {
-    "Secret": "F9F52344-59C3-4EAC-90E6-CB47935038BE",
-    "ExpirationHours": 2,
-    "Issuer": "MeuSistema",
-    "ValidOn": "https://localhost"
+    "AutenticacaoJwksUrl": "https://localhost:44396/jwks"
   }
 }

src/services/JSE.Catalogo.API/appsettings.Development.json

@@ -15,9 +15,7 @@
   },
 
   "AppSettings": {
-    "Secret": "F9F52344-59C3-4EAC-90E6-CB47935038BE",
-    "ExpirationHours": 2,
-    "Issuer": "MeuSistema",
-    "ValidOn": "https://localhost"
+    "AutenticacaoJwksUrl": "https://localhost:44396/jwks"
   }
+
 }

src/services/JSE.Clientes.API/appsettings.Development.json

@@ -1,20 +1,20 @@
 {
-  "ConnectionStrings": {
-    "DefaultConnection": "Server=.\\SQLEXPRESS;Database=JeffStoreEnterprise;User Id=sa;Password=Asd123!!;Trusted_Connection=true;MultipleActiveResultSets=true;TrustServerCertificate=True;"
-  },
-  "MessageQueueConnection": {
-    "MessageBus": "host=localhost:5672;publisherConfirms=true;timeout=10"
-  },
   "Logging": {
     "LogLevel": {
       "Default": "Information",
       "Microsoft.AspNetCore": "Warning"
     }
   },
+
+  "ConnectionStrings": {
+    "DefaultConnection": "Server=.\\SQLEXPRESS;Database=JeffStoreEnterprise;User Id=sa;Password=Asd123!!;Trusted_Connection=true;MultipleActiveResultSets=true;TrustServerCertificate=True;"
+  },
+
+  "MessageQueueConnection": {
+    "MessageBus": "host=localhost:5672;publisherConfirms=true;timeout=10"
+  },
+
   "AppSettings": {
-    "Secret": "F9F52344-59C3-4EAC-90E6-CB47935038BE",
-    "ExpirationHours": 2,
-    "Issuer": "MeuSistema",
-    "ValidOn": "https://localhost"
+    "AutenticacaoJwksUrl": "https://localhost:44396/jwks"
   }
 }

src/services/JSE.Identidade.API/Configuration/IdentityConfig.cs

@@ -1,6 +1,5 @@
 using JSE.Identidade.API.Data;
 using JSE.Identidade.API.Extensions;
-using JSE.WebAPI.Core.IdentityConfiguration;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.EntityFrameworkCore;
 using NetDevPack.Security.JwtSigningCredentials;
@@ -25,8 +24,6 @@ public static IServiceCollection AddIdentityConfiguration(this IServiceCollectio
                 .AddEntityFrameworkStores<ApplicationDbContext>()
                 .AddDefaultTokenProviders();
 
-            services.AddJwtConfiguration(configuration);
-
             return services;
         }
     }

src/services/JSE.Identidade.API/Controllers/AuthController.cs

@@ -155,7 +155,7 @@ private UsuarioRespostaLoginViewModel ObterRespostaToken(string encodedToken, Id
             return new UsuarioRespostaLoginViewModel
             {
                 AccessToken = encodedToken,
-                ExpiresIn = TimeSpan.FromHours(_appSettings.ExpirationHours).TotalSeconds,
+                ExpiresIn = TimeSpan.FromHours(1).TotalSeconds,
                 UsuarioToken = new UsuarioTokenViewModel
                 {
                     Id = user.Id,