#164 Added auth to WebAPI backend with Auth0

Author: SimonGeering

src/AdminAssistant.Blazor/Server/AdminAssistant.Blazor.Server.csproj

@@ -34,6 +34,7 @@
   <ItemGroup>
     <PackageReference Include="FluentValidation.AspNetCore" Version="9.5.3" />
     <PackageReference Include="MicroElements.Swashbuckle.FluentValidation" Version="4.3.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="5.0.4" />
     <PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly.Server" Version="5.0.4" />
     <PackageReference Include="Microsoft.AspNetCore.Mvc.NewtonsoftJson" Version="5.0.4" />
     <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="5.0.4">

src/AdminAssistant.Blazor/Server/Startup.cs

@@ -3,6 +3,7 @@
 using AutoMapper;
 using FluentValidation.AspNetCore;
 using MicroElements.Swashbuckle.FluentValidation;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.Mvc;
@@ -35,6 +36,18 @@ public Startup(IHostEnvironment env, IConfiguration configuration)
         // For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940
         public void ConfigureServices(IServiceCollection services)
         {
+            var configSettings = _configuration.GetSection(nameof(ConfigurationSettings)).Get<ConfigurationSettings>();
+
+            services.AddAuthentication(options =>
+            {
+                options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
+                options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
+            }).AddJwtBearer(options =>
+            {                
+                options.Authority = $"https://{configSettings.Auth0Authority}/";
+                options.Audience = configSettings.Auth0ApiIdentifier;
+            });
+
             services.AddMvc(opts =>
             {
                 // Define MediaType limits ...
@@ -75,7 +88,7 @@ public void ConfigureServices(IServiceCollection services)
 
             services.AddAdminAssistantServerSideProviders();
             services.AddAdminAssistantServerSideDomainModel();
-            services.AddAdminAssistantServerSideInfra(_configuration.GetSection(nameof(ConfigurationSettings)).Get<ConfigurationSettings>());
+            services.AddAdminAssistantServerSideInfra(configSettings);
         }
 
         // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
@@ -105,9 +118,9 @@ public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
             app.UseHttpsRedirection();
             app.UseBlazorFrameworkFiles();
             app.UseStaticFiles();
-
             app.UseRouting();
-
+            app.UseAuthentication();
+            app.UseAuthorization();
             app.UseEndpoints(endpoints =>
             {
                 endpoints.MapRazorPages();

src/AdminAssistant.Blazor/Server/WebAPI/WebAPIControllerBase.cs

@@ -1,12 +1,15 @@
 using AdminAssistant.Infra.Providers;
 using AutoMapper;
 using MediatR;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 
 namespace AdminAssistant.WebAPI
 {
+    [Authorize]
     public abstract class WebAPIControllerBase : ControllerBase
     {
+        // TODO: expand basic Authorize with policy to differentiate a user from an admin. 
         public WebAPIControllerBase(IMapper mapper, IMediator mediator, ILoggingProvider loggingProvider)
         {
             Mapper = mapper;

src/AdminAssistant/DomainModel/Shared/ConfigurationSettings.cs

@@ -4,5 +4,7 @@ public record ConfigurationSettings
     {
         public string DatabaseProvider { get; set; } = string.Empty;
         public string ConnectionString { get; set; } = string.Empty;
+        public string Auth0Authority { get; set; } = string.Empty;
+        public string Auth0ApiIdentifier { get; set; } = string.Empty;
     }
 }