Merge pull request #76 from marcominerva/develop

marcominerva · web-flow · commit 97a73f2fb68f · 2023-01-23T09:49:54.000+01:00
Code refactoring
diff --git a/samples/Controllers/ApiKeySample/Program.cs b/samples/Controllers/ApiKeySample/Program.cs
@@ -8,6 +8,7 @@
 // Add services to the container.
 builder.Services.AddHttpContextAccessor();
 builder.Services.AddControllers();
+builder.Services.AddProblemDetails();
 
 builder.Services.AddSimpleAuthentication(builder.Configuration);
 
@@ -40,9 +41,17 @@
 });
 
 var app = builder.Build();
-app.UseHttpsRedirection();
 
 // Configure the HTTP request pipeline.
+app.UseHttpsRedirection();
+
+app.UseStatusCodePages();
+
+if (!app.Environment.IsDevelopment())
+{
+    app.UseExceptionHandler();
+}
+
 if (app.Environment.IsDevelopment())
 {
     app.UseSwagger();
diff --git a/samples/Controllers/BasicAuthenticationSample/Program.cs b/samples/Controllers/BasicAuthenticationSample/Program.cs
@@ -9,6 +9,7 @@
 // Add services to the container.
 builder.Services.AddHttpContextAccessor();
 builder.Services.AddControllers();
+builder.Services.AddProblemDetails();
 
 builder.Services.AddSimpleAuthentication(builder.Configuration);
 
@@ -41,9 +42,17 @@
 });
 
 var app = builder.Build();
-app.UseHttpsRedirection();
 
 // Configure the HTTP request pipeline.
+app.UseHttpsRedirection();
+
+app.UseStatusCodePages();
+
+if (!app.Environment.IsDevelopment())
+{
+    app.UseExceptionHandler();
+}
+
 if (app.Environment.IsDevelopment())
 {
     app.UseSwagger();
diff --git a/samples/Controllers/JwtBearerSample/Program.cs b/samples/Controllers/JwtBearerSample/Program.cs
@@ -7,6 +7,7 @@
 // Add services to the container.
 builder.Services.AddHttpContextAccessor();
 builder.Services.AddControllers();
+builder.Services.AddProblemDetails();
 
 builder.Services.AddSimpleAuthentication(builder.Configuration);
 
@@ -37,9 +38,17 @@
 });
 
 var app = builder.Build();
-app.UseHttpsRedirection();
 
 // Configure the HTTP request pipeline.
+app.UseHttpsRedirection();
+
+app.UseStatusCodePages();
+
+if (!app.Environment.IsDevelopment())
+{
+    app.UseExceptionHandler();
+}
+
 if (app.Environment.IsDevelopment())
 {
     app.UseSwagger();
diff --git a/samples/MinimalApis/ApiKeySample/Program.cs b/samples/MinimalApis/ApiKeySample/Program.cs
@@ -8,6 +8,7 @@
 
 // Add services to the container.
 builder.Services.AddHttpContextAccessor();
+builder.Services.AddProblemDetails();
 
 builder.Services.AddSimpleAuthentication(builder.Configuration);
 
@@ -40,9 +41,17 @@
 });
 
 var app = builder.Build();
-app.UseHttpsRedirection();
 
 // Configure the HTTP request pipeline.
+app.UseHttpsRedirection();
+
+app.UseStatusCodePages();
+
+if (!app.Environment.IsDevelopment())
+{
+    app.UseExceptionHandler();
+}
+
 if (app.Environment.IsDevelopment())
 {
     app.UseSwagger();
diff --git a/samples/MinimalApis/BasicAuthenticationSample/Program.cs b/samples/MinimalApis/BasicAuthenticationSample/Program.cs
@@ -8,6 +8,7 @@
 
 // Add services to the container.
 builder.Services.AddHttpContextAccessor();
+builder.Services.AddProblemDetails();
 
 builder.Services.AddSimpleAuthentication(builder.Configuration);
 
@@ -40,9 +41,17 @@
 });
 
 var app = builder.Build();
-app.UseHttpsRedirection();
 
 // Configure the HTTP request pipeline.
+app.UseHttpsRedirection();
+
+app.UseStatusCodePages();
+
+if (!app.Environment.IsDevelopment())
+{
+    app.UseExceptionHandler();
+}
+
 if (app.Environment.IsDevelopment())
 {
     app.UseSwagger();
diff --git a/samples/MinimalApis/JwtBearerSample/Program.cs b/samples/MinimalApis/JwtBearerSample/Program.cs
@@ -10,6 +10,7 @@
 
 // Add services to the container.
 builder.Services.AddHttpContextAccessor();
+builder.Services.AddProblemDetails();
 
 builder.Services.AddSimpleAuthentication(builder.Configuration);
 
@@ -42,9 +43,17 @@
 });
 
 var app = builder.Build();
-app.UseHttpsRedirection();
 
 // Configure the HTTP request pipeline.
+app.UseHttpsRedirection();
+
+app.UseStatusCodePages();
+
+if (!app.Environment.IsDevelopment())
+{
+    app.UseExceptionHandler();
+}
+
 if (app.Environment.IsDevelopment())
 {
     app.UseSwagger();
diff --git a/src/SimpleAuthentication.Abstractions/BasicAuthentication/BasicAuthenticationSettings.cs b/src/SimpleAuthentication.Abstractions/BasicAuthentication/BasicAuthenticationSettings.cs
@@ -49,8 +49,6 @@ public ICollection<Credential> Credentials
 
         internal set => credentials = value ?? new HashSet<Credential>();
     }
-
-    internal bool IsConfigured { get; set; }
 }
 
 /// <summary>
diff --git a/src/SimpleAuthentication/SimpleAuthenticationExtensions.cs b/src/SimpleAuthentication/SimpleAuthenticationExtensions.cs
@@ -182,22 +182,14 @@ static void CheckAddBasicAuthentication(AuthenticationBuilder builder, IConfigur
                 throw new ArgumentNullException("One or more credentials contain null values");
             }
 
-            builder.Services.Configure<BasicAuthenticationSettings>(options =>
-            {
-                options.SchemeName = settings.SchemeName;
-                options.UserName = settings.UserName;
-                options.Password = settings.Password;
-                options.Credentials = settings.Credentials;
-                options.IsConfigured = true;
-            });
+            builder.Services.Configure<BasicAuthenticationSettings>(section);
 
             builder.AddScheme<BasicAuthenticationSettings, BasicAuthenticationHandler>(settings.SchemeName, options =>
             {
                 options.SchemeName = settings.SchemeName;
                 options.UserName = settings.UserName;
                 options.Password = settings.Password;
                 options.Credentials = settings.Credentials;
-                options.IsConfigured = true;
             });
         }
     }
@@ -286,35 +278,25 @@ public static void AddSimpleAuthentication(this SwaggerGenOptions options, IConf
         ArgumentNullException.ThrowIfNull(options);
         ArgumentNullException.ThrowIfNull(configuration);
         ArgumentNullException.ThrowIfNull(sectionName);
-        ArgumentNullException.ThrowIfNull(additionalSecurityRequirements);
-
-        var hasAdditionalSecurityRequirements = additionalSecurityRequirements.Any();
 
         // Adds a security definition for each authentication method that has been configured.
-        // If we have additional security requirements, a corresponding security requirement will be added for each authentication method.
-        // Otherwise, we use an operation filter that adds security requirements only to endpoints that actually require authentication
-        // based on the "Authentication" section configuration.
-        CheckAddJwtBearer(options, configuration.GetSection($"{sectionName}:JwtBearer"), hasAdditionalSecurityRequirements);
-        CheckAddApiKey(options, configuration.GetSection($"{sectionName}:ApiKey"), hasAdditionalSecurityRequirements);
-        CheckAddBasicAuthentication(options, configuration.GetSection($"{sectionName}:Basic"), hasAdditionalSecurityRequirements);
-
-        if (hasAdditionalSecurityRequirements)
+        CheckAddJwtBearer(options, configuration.GetSection($"{sectionName}:JwtBearer"));
+        CheckAddApiKey(options, configuration.GetSection($"{sectionName}:ApiKey"));
+        CheckAddBasicAuthentication(options, configuration.GetSection($"{sectionName}:Basic"));
+
+        if (additionalSecurityRequirements?.Any() ?? false)
         {
             // Adds all the other security requirements that have been specified.
             foreach (var securityRequirement in additionalSecurityRequirements)
             {
                 options.AddSecurityRequirement(securityRequirement);
             }
         }
-        else
-        {
-            // This filters automatically adds a security requirement to each endpoint that requires authentication.
-            options.OperationFilter<AuthenticationOperationFilter>();
-        }
 
+        options.OperationFilter<AuthenticationOperationFilter>();
         options.DocumentFilter<ProblemDetailsDocumentFilter>();
 
-        static void CheckAddJwtBearer(SwaggerGenOptions options, IConfigurationSection section, bool addSecurityRequirement)
+        static void CheckAddJwtBearer(SwaggerGenOptions options, IConfigurationSection section)
         {
             var settings = section.Get<JwtBearerSettings>();
             if (settings is null)
@@ -323,10 +305,10 @@ static void CheckAddJwtBearer(SwaggerGenOptions options, IConfigurationSection s
             }
 
             AddSecurityDefinition(options, settings.SchemeName, SecuritySchemeType.Http, JwtBearerDefaults.AuthenticationScheme, ParameterLocation.Header, HeaderNames.Authorization, "Insert the Bearer Token");
-            CheckAddSecurityRequirement(options, addSecurityRequirement ? settings.SchemeName : null);
+            AddSecurityRequirement(options, settings.SchemeName);
         }
 
-        static void CheckAddApiKey(SwaggerGenOptions options, IConfigurationSection section, bool addSecurityRequirement)
+        static void CheckAddApiKey(SwaggerGenOptions options, IConfigurationSection section)
         {
             var settings = section.Get<ApiKeySettings>();
             if (settings is null)
@@ -337,17 +319,17 @@ static void CheckAddApiKey(SwaggerGenOptions options, IConfigurationSection sect
             if (!string.IsNullOrWhiteSpace(settings.HeaderName))
             {
                 AddSecurityDefinition(options, $"{settings.SchemeName} in Header", SecuritySchemeType.ApiKey, null, ParameterLocation.Header, settings.HeaderName, "Insert the API Key");
-                CheckAddSecurityRequirement(options, addSecurityRequirement ? $"{settings.SchemeName} in Header" : null);
+                AddSecurityRequirement(options, $"{settings.SchemeName} in Header");
             }
 
             if (!string.IsNullOrWhiteSpace(settings.QueryStringKey))
             {
                 AddSecurityDefinition(options, $"{settings.SchemeName} in Query String", SecuritySchemeType.ApiKey, null, ParameterLocation.Query, settings.QueryStringKey, "Insert the API Key");
-                CheckAddSecurityRequirement(options, addSecurityRequirement ? $"{settings.SchemeName} in Query String" : null);
+                AddSecurityRequirement(options, $"{settings.SchemeName} in Query String");
             }
         }
 
-        static void CheckAddBasicAuthentication(SwaggerGenOptions options, IConfigurationSection section, bool addSecurityRequirement)
+        static void CheckAddBasicAuthentication(SwaggerGenOptions options, IConfigurationSection section)
         {
             var settings = section.Get<BasicAuthenticationSettings>();
             if (settings is null)
@@ -356,7 +338,7 @@ static void CheckAddBasicAuthentication(SwaggerGenOptions options, IConfiguratio
             }
 
             AddSecurityDefinition(options, settings.SchemeName, SecuritySchemeType.Http, BasicAuthenticationDefaults.AuthenticationScheme, ParameterLocation.Header, HeaderNames.Authorization, "Insert user name and password");
-            CheckAddSecurityRequirement(options, addSecurityRequirement ? settings.SchemeName : null);
+            AddSecurityRequirement(options, settings.SchemeName);
         }
 
         static void AddSecurityDefinition(SwaggerGenOptions options, string name, SecuritySchemeType securitySchemeType, string? scheme, ParameterLocation location, string parameterName, string description)
@@ -369,14 +351,7 @@ static void AddSecurityDefinition(SwaggerGenOptions options, string name, Securi
                 Scheme = scheme
             });
 
-        static void CheckAddSecurityRequirement(SwaggerGenOptions options, string? name)
-        {
-            if (string.IsNullOrWhiteSpace(name))
-            {
-                return;
-            }
-
-            options.AddSecurityRequirement(Helpers.CreateSecurityRequirement(name));
-        }
+        static void AddSecurityRequirement(SwaggerGenOptions options, string name)
+            => options.AddSecurityRequirement(Helpers.CreateSecurityRequirement(name));
     }
 }
diff --git a/src/SimpleAuthentication/Swagger/AuthenticationOperationFilter.cs b/src/SimpleAuthentication/Swagger/AuthenticationOperationFilter.cs
@@ -41,29 +41,8 @@ public void Apply(OpenApiOperation operation, OperationFilterContext context)
 
         if ((requireAuthenticatedUser || requireAuthorization) && !allowAnonymous)
         {
-            var hasJwtBearerAuthentication = !string.IsNullOrWhiteSpace(jwtBearerSettings.SecurityKey);
-            CheckAddSecurityRequirement(operation, hasJwtBearerAuthentication ? jwtBearerSettings.SchemeName : null);
-
-            var hasApiKeyHeaderAuthentication = !string.IsNullOrWhiteSpace(apiKeySettings.HeaderName);
-            var hasApiKeyQueryAuthentication = !string.IsNullOrWhiteSpace(apiKeySettings.QueryStringKey);
-            CheckAddSecurityRequirement(operation, hasApiKeyHeaderAuthentication ? $"{apiKeySettings.SchemeName} in Header" : null);
-            CheckAddSecurityRequirement(operation, hasApiKeyQueryAuthentication ? $"{apiKeySettings.SchemeName} in Query String" : null);
-
-            var hasBasicAuthentication = basicAuthenticationSettings.IsConfigured;
-            CheckAddSecurityRequirement(operation, hasBasicAuthentication ? basicAuthenticationSettings.SchemeName : null);
-
             operation.Responses.TryAdd(StatusCodes.Status401Unauthorized.ToString(), Helpers.CreateResponse(HttpStatusCode.Unauthorized.ToString()));
             operation.Responses.TryAdd(StatusCodes.Status403Forbidden.ToString(), Helpers.CreateResponse(HttpStatusCode.Forbidden.ToString()));
         }
-
-        static void CheckAddSecurityRequirement(OpenApiOperation operation, string? name)
-        {
-            if (string.IsNullOrWhiteSpace(name))
-            {
-                return;
-            }
-
-            operation.Security.Add(Helpers.CreateSecurityRequirement(name));
-        }
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -49,8 +49,6 @@ public ICollection<Credential> Credentials`
`49`	`49`
`50`	`50`	`internal set => credentials = value ?? new HashSet<Credential>();`
`51`	`51`	`}`
`52`		`-`
`53`		`- internal bool IsConfigured { get; set; }`
`54`	`52`	`}`
`55`	`53`
`56`	`54`	`/// <summary>`
Original file line number	Diff line number	Diff line change
`@@ -182,22 +182,14 @@ static void CheckAddBasicAuthentication(AuthenticationBuilder builder, IConfigur`
`182`	`182`	`throw new ArgumentNullException("One or more credentials contain null values");`
`183`	`183`	`}`
`184`	`184`
`185`		`- builder.Services.Configure<BasicAuthenticationSettings>(options =>`
`186`		`- {`
`187`		`- options.SchemeName = settings.SchemeName;`
`188`		`- options.UserName = settings.UserName;`
`189`		`- options.Password = settings.Password;`
`190`		`- options.Credentials = settings.Credentials;`
`191`		`- options.IsConfigured = true;`
`192`		`- });`
	`185`	`+ builder.Services.Configure<BasicAuthenticationSettings>(section);`
`193`	`186`
`194`	`187`	`builder.AddScheme<BasicAuthenticationSettings, BasicAuthenticationHandler>(settings.SchemeName, options =>`
`195`	`188`	`{`
`196`	`189`	`options.SchemeName = settings.SchemeName;`
`197`	`190`	`options.UserName = settings.UserName;`
`198`	`191`	`options.Password = settings.Password;`
`199`	`192`	`options.Credentials = settings.Credentials;`
`200`		`- options.IsConfigured = true;`
`201`	`193`	`});`
`202`	`194`	`}`
`203`	`195`	`}`
`@@ -286,35 +278,25 @@ public static void AddSimpleAuthentication(this SwaggerGenOptions options, IConf`
`286`	`278`	`ArgumentNullException.ThrowIfNull(options);`
`287`	`279`	`ArgumentNullException.ThrowIfNull(configuration);`
`288`	`280`	`ArgumentNullException.ThrowIfNull(sectionName);`
`289`		`- ArgumentNullException.ThrowIfNull(additionalSecurityRequirements);`
`290`		`-`
`291`		`- var hasAdditionalSecurityRequirements = additionalSecurityRequirements.Any();`
`292`	`281`
`293`	`282`	`// Adds a security definition for each authentication method that has been configured.`
`294`		`- // If we have additional security requirements, a corresponding security requirement will be added for each authentication method.`
`295`		`- // Otherwise, we use an operation filter that adds security requirements only to endpoints that actually require authentication`
`296`		`- // based on the "Authentication" section configuration.`
`297`		`- CheckAddJwtBearer(options, configuration.GetSection($"{sectionName}:JwtBearer"), hasAdditionalSecurityRequirements);`
`298`		`- CheckAddApiKey(options, configuration.GetSection($"{sectionName}:ApiKey"), hasAdditionalSecurityRequirements);`
`299`		`- CheckAddBasicAuthentication(options, configuration.GetSection($"{sectionName}:Basic"), hasAdditionalSecurityRequirements);`
`300`		`-`
`301`		`- if (hasAdditionalSecurityRequirements)`
	`283`	`+ CheckAddJwtBearer(options, configuration.GetSection($"{sectionName}:JwtBearer"));`
	`284`	`+ CheckAddApiKey(options, configuration.GetSection($"{sectionName}:ApiKey"));`
	`285`	`+ CheckAddBasicAuthentication(options, configuration.GetSection($"{sectionName}:Basic"));`
	`286`	`+`
	`287`	`+ if (additionalSecurityRequirements?.Any() ?? false)`
`302`	`288`	`{`
`303`	`289`	`// Adds all the other security requirements that have been specified.`
`304`	`290`	`foreach (var securityRequirement in additionalSecurityRequirements)`
`305`	`291`	`{`
`306`	`292`	`options.AddSecurityRequirement(securityRequirement);`
`307`	`293`	`}`
`308`	`294`	`}`
`309`		`- else`
`310`		`- {`
`311`		`- // This filters automatically adds a security requirement to each endpoint that requires authentication.`
`312`		`- options.OperationFilter<AuthenticationOperationFilter>();`
`313`		`- }`
`314`	`295`
	`296`	`+ options.OperationFilter<AuthenticationOperationFilter>();`
`315`	`297`	`options.DocumentFilter<ProblemDetailsDocumentFilter>();`
`316`	`298`
`317`		`- static void CheckAddJwtBearer(SwaggerGenOptions options, IConfigurationSection section, bool addSecurityRequirement)`
	`299`	`+ static void CheckAddJwtBearer(SwaggerGenOptions options, IConfigurationSection section)`
`318`	`300`	`{`
`319`	`301`	`var settings = section.Get<JwtBearerSettings>();`
`320`	`302`	`if (settings is null)`
`@@ -323,10 +305,10 @@ static void CheckAddJwtBearer(SwaggerGenOptions options, IConfigurationSection s`
`323`	`305`	`}`
`324`	`306`
`325`	`307`	`AddSecurityDefinition(options, settings.SchemeName, SecuritySchemeType.Http, JwtBearerDefaults.AuthenticationScheme, ParameterLocation.Header, HeaderNames.Authorization, "Insert the Bearer Token");`
`326`		`- CheckAddSecurityRequirement(options, addSecurityRequirement ? settings.SchemeName : null);`
	`308`	`+ AddSecurityRequirement(options, settings.SchemeName);`
`327`	`309`	`}`
`328`	`310`
`329`		`- static void CheckAddApiKey(SwaggerGenOptions options, IConfigurationSection section, bool addSecurityRequirement)`
	`311`	`+ static void CheckAddApiKey(SwaggerGenOptions options, IConfigurationSection section)`
`330`	`312`	`{`
`331`	`313`	`var settings = section.Get<ApiKeySettings>();`
`332`	`314`	`if (settings is null)`
`@@ -337,17 +319,17 @@ static void CheckAddApiKey(SwaggerGenOptions options, IConfigurationSection sect`
`337`	`319`	`if (!string.IsNullOrWhiteSpace(settings.HeaderName))`
`338`	`320`	`{`
`339`	`321`	`AddSecurityDefinition(options, $"{settings.SchemeName} in Header", SecuritySchemeType.ApiKey, null, ParameterLocation.Header, settings.HeaderName, "Insert the API Key");`
`340`		`- CheckAddSecurityRequirement(options, addSecurityRequirement ? $"{settings.SchemeName} in Header" : null);`
	`322`	`+ AddSecurityRequirement(options, $"{settings.SchemeName} in Header");`
`341`	`323`	`}`
`342`	`324`
`343`	`325`	`if (!string.IsNullOrWhiteSpace(settings.QueryStringKey))`
`344`	`326`	`{`
`345`	`327`	`AddSecurityDefinition(options, $"{settings.SchemeName} in Query String", SecuritySchemeType.ApiKey, null, ParameterLocation.Query, settings.QueryStringKey, "Insert the API Key");`
`346`		`- CheckAddSecurityRequirement(options, addSecurityRequirement ? $"{settings.SchemeName} in Query String" : null);`
	`328`	`+ AddSecurityRequirement(options, $"{settings.SchemeName} in Query String");`
`347`	`329`	`}`
`348`	`330`	`}`
`349`	`331`
`350`		`- static void CheckAddBasicAuthentication(SwaggerGenOptions options, IConfigurationSection section, bool addSecurityRequirement)`
	`332`	`+ static void CheckAddBasicAuthentication(SwaggerGenOptions options, IConfigurationSection section)`
`351`	`333`	`{`
`352`	`334`	`var settings = section.Get<BasicAuthenticationSettings>();`
`353`	`335`	`if (settings is null)`
`@@ -356,7 +338,7 @@ static void CheckAddBasicAuthentication(SwaggerGenOptions options, IConfiguratio`
`356`	`338`	`}`
`357`	`339`
`358`	`340`	`AddSecurityDefinition(options, settings.SchemeName, SecuritySchemeType.Http, BasicAuthenticationDefaults.AuthenticationScheme, ParameterLocation.Header, HeaderNames.Authorization, "Insert user name and password");`
`359`		`- CheckAddSecurityRequirement(options, addSecurityRequirement ? settings.SchemeName : null);`
	`341`	`+ AddSecurityRequirement(options, settings.SchemeName);`
`360`	`342`	`}`
`361`	`343`
`362`	`344`	`static void AddSecurityDefinition(SwaggerGenOptions options, string name, SecuritySchemeType securitySchemeType, string? scheme, ParameterLocation location, string parameterName, string description)`
`@@ -369,14 +351,7 @@ static void AddSecurityDefinition(SwaggerGenOptions options, string name, Securi`
`369`	`351`	`Scheme = scheme`
`370`	`352`	`});`
`371`	`353`
`372`		`- static void CheckAddSecurityRequirement(SwaggerGenOptions options, string? name)`
`373`		`- {`
`374`		`- if (string.IsNullOrWhiteSpace(name))`
`375`		`- {`
`376`		`- return;`
`377`		`- }`
`378`		`-`
`379`		`- options.AddSecurityRequirement(Helpers.CreateSecurityRequirement(name));`
`380`		`- }`
	`354`	`+ static void AddSecurityRequirement(SwaggerGenOptions options, string name)`
	`355`	`+ => options.AddSecurityRequirement(Helpers.CreateSecurityRequirement(name));`
`381`	`356`	`}`
`382`	`357`	`}`