Doxy, -Wall -Werror, other cleanup and organization first round

2023-08-19 20:46:31 -04:00
parent 1fedd4d016
commit 49de8aa8d7
43 changed files with 728 additions and 354 deletions
--- a/src/IO.Swagger/Security/BearerAuthenticationHandler.cs
+++ b/src/IO.Swagger/Security/BearerAuthenticationHandler.cs
@ -1,16 +1,14 @@
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
+using Microsoft.IdentityModel.Tokens;
 using System;
 using System.IdentityModel.Tokens.Jwt;
-using System.Linq;
 using System.Net.Http.Headers;
 using System.Security.Claims;
 using System.Text;
 using System.Text.Encodings.Web;
 using System.Threading.Tasks;
-using Microsoft.AspNetCore.Authentication;
-using Microsoft.Extensions.Logging;
-using Microsoft.Extensions.Options;
-using Microsoft.IdentityModel.Tokens;
-using Newtonsoft.Json.Linq;

 namespace IO.Swagger.Security
 {
@ -19,6 +17,7 @@ namespace IO.Swagger.Security
    /// </summary>
    public class BearerAuthenticationHandler : AuthenticationHandler<AuthenticationSchemeOptions>
    {
+        //TODO: Clean this up and use the service for it
        private readonly string secretKey;
        private readonly byte[] secretBytes;

@ -27,6 +26,7 @@ namespace IO.Swagger.Security
        /// </summary>
        public const string SchemeName = "Bearer";

+        /// <inheritdoc/>
        public BearerAuthenticationHandler(IOptionsMonitor<AuthenticationSchemeOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock) : base(options, logger, encoder, clock)
        {
            secretKey = Environment.GetEnvironmentVariable("JWT_SECRET_KEY");
@ -36,54 +36,54 @@ namespace IO.Swagger.Security
        /// <summary>
        /// verify that require authorization header exists.
        /// </summary>
-        protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
+        protected override Task<AuthenticateResult> HandleAuthenticateAsync()
        {
-            if (!Request.Headers.ContainsKey("Authorization"))
+            return Task.Run(() =>
            {
-                return AuthenticateResult.Fail("Missing Authorization Header");
-            }
-            try
-            {
-                var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
-
-                var tokenHandler = new JwtSecurityTokenHandler();
-                var validationParameters = new TokenValidationParameters
+                if (!Request.Headers.ContainsKey("Authorization"))
                {
-                    ValidateIssuerSigningKey = true,
-                    IssuerSigningKey = new SymmetricSecurityKey(secretBytes),
-                    ValidateIssuer = false,
-                    ValidateAudience = false
-                };
-
+                    return AuthenticateResult.Fail("Missing Authorization Header");
+                }
                try
                {
-                    var claimsPrincipal = tokenHandler.ValidateToken(authHeader.Parameter, validationParameters, out _);
-                    var userIdClaim = claimsPrincipal.FindFirst(ClaimTypes.NameIdentifier);
+                    var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);

-                    if (userIdClaim != null && int.TryParse(userIdClaim.Value, out int userId))
+                    var tokenHandler = new JwtSecurityTokenHandler();
+                    var validationParameters = new TokenValidationParameters
                    {
-                        var claims = new[]{ new Claim(ClaimTypes.NameIdentifier, userId.ToString()) };
-                        var identity = new ClaimsIdentity(claims, SchemeName);
-                        var principal = new ClaimsPrincipal(identity);
-                        var ticket = new AuthenticationTicket(principal, Scheme.Name);
+                        ValidateIssuerSigningKey = true,
+                        IssuerSigningKey = new SymmetricSecurityKey(secretBytes),
+                        ValidateIssuer = false,
+                        ValidateAudience = false
+                    };

-                        return AuthenticateResult.Success(ticket);
+                    try
+                    {
+                        var claimsPrincipal = tokenHandler.ValidateToken(authHeader.Parameter, validationParameters, out _);
+                        var userIdClaim = claimsPrincipal.FindFirst(ClaimTypes.NameIdentifier);
+
+                        if (userIdClaim != null && int.TryParse(userIdClaim.Value, out int userId))
+                        {
+                            var claims = new[] { new Claim(ClaimTypes.NameIdentifier, userId.ToString()) };
+                            var identity = new ClaimsIdentity(claims, SchemeName);
+                            var principal = new ClaimsPrincipal(identity);
+                            var ticket = new AuthenticationTicket(principal, Scheme.Name);
+
+                            return AuthenticateResult.Success(ticket);
+                        }
+                    }
+                    catch (Exception)
+                    {
+                        return AuthenticateResult.Fail("Invalid Auth Token");
                    }
                }
-                catch (Exception)
+                catch
                {
-                    return AuthenticateResult.Fail("Invalid Auth Token");
+                    return AuthenticateResult.Fail("Invalid Authorization Header");
                }

-
-               
-            }
-            catch
-            {
-                return AuthenticateResult.Fail("Invalid Authorization Header");
-            }
-
-            return AuthenticateResult.Fail("Missing Authorization Header");
+                return AuthenticateResult.Fail("Missing Authorization Header");
+            });
        }
    }
 }