Merge pull request #2092 from sbwalker/dev

remote service support via Jwt
oqtane · Mar 30, 2022 · 4f1ead1 · 4f1ead1
2 parents 717f1a9 + 3194c5b
commit 4f1ead1
Show file tree

Hide file tree

Showing 20 changed files with 272 additions and 80 deletions.
diff --git a/Oqtane.Client/App.razor b/Oqtane.Client/App.razor
@@ -45,6 +45,9 @@
 	[Parameter]
 	public string RemoteIPAddress { get; set; }
 
+	[Parameter]
+	public string AuthorizationToken { get; set; }
+
 	private bool _initialized = false;
 	private string _display = "display: none;";
 	private Installation _installation = new Installation { Success = false, Message = "" };
@@ -55,7 +58,7 @@
 	{
 		SiteState.RemoteIPAddress = RemoteIPAddress;
 		SiteState.AntiForgeryToken = AntiForgeryToken;
-		InstallationService.SetAntiForgeryTokenHeader(AntiForgeryToken);
+		SiteState.AuthorizationToken = AuthorizationToken;
 
         _installation = await InstallationService.IsInstalled();
         if (_installation.Alias != null)

diff --git a/Oqtane.Client/Modules/Admin/Users/Index.razor b/Oqtane.Client/Modules/Admin/Users/Index.razor
@@ -131,7 +131,7 @@ else
 				</Section>
 				<Section Name="Cookie" Heading="Cookie Settings" ResourceKey="CookieSettings">
 					<div class="row mb-1 align-items-center">
-						<Label Class="col-sm-3" For="cookietype" HelpText="Cookies are managed per domain by default. However you can also choose to have distinct cookies for each site." ResourceKey="CookieType">Cookie Type:</Label>
+						<Label Class="col-sm-3" For="cookietype" HelpText="Cookies are usually managed per domain. However you can also choose to have distinct cookies for each site." ResourceKey="CookieType">Cookie Type:</Label>
 						<div class="col-sm-9">
 							<select id="cookietype" class="form-select" @bind="@_cookietype">
 								<option value="domain">@Localizer["Domain"]</option>
@@ -274,25 +274,25 @@ else
 						</div>
 					</div>					
 					<div class="row mb-1 align-items-center">
-						<Label Class="col-sm-3" For="issuer" HelpText="Optionally provide the issuer of the token" ResourceKey="Secret">Issuer:</Label>
+						<Label Class="col-sm-3" For="issuer" HelpText="Optionally provide the issuer of the token" ResourceKey="Issuer">Issuer:</Label>
 						<div class="col-sm-9">
 							<input id="issuer" class="form-control" @bind="@_issuer" />
 						</div>
 					</div>					
 					<div class="row mb-1 align-items-center">
-						<Label Class="col-sm-3" For="audience" HelpText="Optionally provide the audience for the token" ResourceKey="Secret">Audience:</Label>
+						<Label Class="col-sm-3" For="audience" HelpText="Optionally provide the audience for the token" ResourceKey="Audience">Audience:</Label>
 						<div class="col-sm-9">
 							<input id="audience" class="form-control" @bind="@_audience" />
 						</div>
 					</div>					
 					<div class="row mb-1 align-items-center">
-						<Label Class="col-sm-3" For="lifetime" HelpText="The number of minutes for which a token should be valid" ResourceKey="Secret">Lifetime:</Label>
+						<Label Class="col-sm-3" For="lifetime" HelpText="The number of minutes for which a token should be valid" ResourceKey="Lifetime">Lifetime:</Label>
 						<div class="col-sm-9">
 							<input id="lifetime" class="form-control" @bind="@_lifetime" />
 						</div>
 					</div>					
 					<div class="row mb-1 align-items-center">
-						<Label Class="col-sm-3" For="token" HelpText="Select the Create Token button to generate an access token. Be sure to save this token in a safe place as you will not be able to view it in the future." ResourceKey="Token">Access Token:</Label>
+						<Label Class="col-sm-3" For="token" HelpText="Select the Create Token button to generate a long-lived access token (valid for 1 year). Be sure to store this token in a safe location as you will not be able to access it in the future." ResourceKey="Token">Access Token:</Label>
 						<div class="col-sm-9">
 							<div class="input-group">
 								<input id="token" class="form-control" @bind="@_token" />

diff --git a/Oqtane.Client/Oqtane.Client.csproj b/Oqtane.Client/Oqtane.Client.csproj
@@ -26,6 +26,7 @@
     <PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly.DevServer" Version="6.0.3" PrivateAssets="all" />
     <PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly.Authentication" Version="6.0.3" />
     <PackageReference Include="Microsoft.AspNetCore.Localization" Version="2.2.0" />
+    <PackageReference Include="Microsoft.Extensions.Http" Version="6.0.0" />
     <PackageReference Include="Microsoft.Extensions.Localization" Version="6.0.3" />
     <PackageReference Include="System.Net.Http.Json" Version="6.0.0" />
   </ItemGroup>

diff --git a/Oqtane.Client/Program.cs b/Oqtane.Client/Program.cs
@@ -30,6 +30,7 @@ public static async Task Main(string[] args)
             var httpClient = new HttpClient {BaseAddress = new Uri(builder.HostEnvironment.BaseAddress)};
 
             builder.Services.AddSingleton(httpClient);
+            builder.Services.AddHttpClient("Remote");
             builder.Services.AddOptions();
 
             // Register localization services

diff --git a/Oqtane.Client/Resources/Modules/Admin/Users/Index.resx b/Oqtane.Client/Resources/Modules/Admin/Users/Index.resx
@@ -127,10 +127,10 @@
     <value>Delete User</value>
   </data>
   <data name="AllowRegistration.HelpText" xml:space="preserve">
-    <value>Do you want the users to be able to register for an account on the site</value>
+    <value>Do you want anonymous visitors to be able to register for an account on the site</value>
   </data>
   <data name="AllowRegistration.Text" xml:space="preserve">
-    <value>Allow User Registration? </value>
+    <value>Allow Registration? </value>
   </data>
   <data name="Error.SaveSiteSettings" xml:space="preserve">
     <value>Error Saving Settings</value>
@@ -309,4 +309,49 @@
   <data name="UserInfoUrl.Text" xml:space="preserve">
     <value>User Info Url:</value>
   </data>
+  <data name="Audience.HelpText" xml:space="preserve">
+    <value>Optionally provide the audience for the token</value>
+  </data>
+  <data name="Audience.Text" xml:space="preserve">
+    <value>Audience:</value>
+  </data>
+  <data name="CookieSettings.Heading" xml:space="preserve">
+    <value>Cookie Settings</value>
+  </data>
+  <data name="CookieType.HelpText" xml:space="preserve">
+    <value>Cookies are usually managed per domain. However you can also choose to have distinct cookies for each site.</value>
+  </data>
+  <data name="CookieType.Text" xml:space="preserve">
+    <value>Cookie Type:</value>
+  </data>
+  <data name="CreateToken" xml:space="preserve">
+    <value>Create Token</value>
+  </data>
+  <data name="Issuer.HelpText" xml:space="preserve">
+    <value>Optionally provide the issuer of the token</value>
+  </data>
+  <data name="Issuer.Text" xml:space="preserve">
+    <value>Issuer:</value>
+  </data>
+  <data name="Lifetime.HelpText" xml:space="preserve">
+    <value>The number of minutes for which a token should be valid</value>
+  </data>
+  <data name="Lifetime.Text" xml:space="preserve">
+    <value>Lifetime:</value>
+  </data>
+  <data name="Secret.HelpText" xml:space="preserve">
+    <value>If you want to want to provide API access, please specify a secret which will be used to encrypt your tokens. The secret should be 16 characters or more to ensure optimal security. Please note that if you change this secret, all existing tokens will become invalid and will need to be regenerated.</value>
+  </data>
+  <data name="Secret.Text" xml:space="preserve">
+    <value>Site Secret:</value>
+  </data>
+  <data name="Token.HelpText" xml:space="preserve">
+    <value>Select the Create Token button to generate a long-lived access token (valid for 1 year). Be sure to store this token in a safe location as you will not be able to access it in the future.</value>
+  </data>
+  <data name="Token.Text" xml:space="preserve">
+    <value>Token:</value>
+  </data>
+  <data name="TokenSettings.Heading" xml:space="preserve">
+    <value>Token Settings</value>
+  </data>
 </root>
diff --git a/Oqtane.Client/Services/InstallationService.cs b/Oqtane.Client/Services/InstallationService.cs
@@ -50,14 +50,5 @@ public async Task RegisterAsync(string email)
         {
             await PostJsonAsync($"{ApiUrl}/register?email={WebUtility.UrlEncode(email)}", true);
         }
-
-        public void SetAntiForgeryTokenHeader(string antiforgerytokenvalue)
-        {
-            if (!string.IsNullOrEmpty(antiforgerytokenvalue))
-            {
-                AddRequestHeader(Constants.AntiForgeryTokenHeaderName, antiforgerytokenvalue);
-            }
-        }
-
     }
 }
diff --git a/Oqtane.Client/Services/Interfaces/IInstallationService.cs b/Oqtane.Client/Services/Interfaces/IInstallationService.cs
@@ -42,10 +42,5 @@ public interface IInstallationService
         /// <returns></returns>
         Task RegisterAsync(string email);
 
-        /// <summary>
-        /// Sets the antiforgerytoken header so that it is included on all HttpClient calls for the lifetime of the app 
-        /// </summary>
-        /// <returns></returns>
-        void SetAntiForgeryTokenHeader(string antiforgerytokenvalue);
     }
 }
diff --git a/Oqtane.Client/Services/RemoteServiceBase.cs b/Oqtane.Client/Services/RemoteServiceBase.cs
@@ -0,0 +1,147 @@
+using System;
+using System.Net;
+using System.Net.Http;
+using System.Net.Http.Json;
+using System.Threading;
+using System.Threading.Tasks;
+using Microsoft.Net.Http.Headers;
+using Oqtane.Shared;
+
+namespace Oqtane.Services
+{
+    public class RemoteServiceBase
+    {
+        private readonly SiteState _siteState;
+        private readonly IHttpClientFactory _httpClientFactory;
+
+        protected RemoteServiceBase(IHttpClientFactory httpClientFactory, SiteState siteState)
+        {
+            _siteState = siteState;
+            _httpClientFactory = httpClientFactory;
+        }
+
+        private HttpClient GetHttpClient()
+        {
+            var httpClient = _httpClientFactory.CreateClient("Remote");
+            if (!httpClient.DefaultRequestHeaders.Contains(HeaderNames.Authorization) && _siteState != null && !string.IsNullOrEmpty(_siteState.AuthorizationToken))
+            {
+                httpClient.DefaultRequestHeaders.Add(HeaderNames.Authorization, "Bearer " + _siteState.AuthorizationToken);
+            }
+            return httpClient;
+        }
+
+        protected async Task GetAsync(string uri)
+        {
+            var response = await GetHttpClient().GetAsync(uri);
+            CheckResponse(response);
+        }
+
+        protected async Task<string> GetStringAsync(string uri)
+        {
+            try
+            {
+                return await GetHttpClient().GetStringAsync(uri);
+            }
+            catch (Exception e)
+            {
+                Console.WriteLine(e);
+            }
+
+            return default;
+        }
+
+        protected async Task<byte[]> GetByteArrayAsync(string uri)
+        {
+            try
+            {
+                return await GetHttpClient().GetByteArrayAsync(uri);
+            }
+            catch (Exception e)
+            {
+                Console.WriteLine(e);
+            }
+
+            return default;
+        }
+
+        protected async Task<T> GetJsonAsync<T>(string uri)
+        {
+            var response = await GetHttpClient().GetAsync(uri, HttpCompletionOption.ResponseHeadersRead, CancellationToken.None);
+            if (CheckResponse(response) && ValidateJsonContent(response.Content))
+            {
+                return await response.Content.ReadFromJsonAsync<T>();
+            }
+
+            return default;
+        }
+
+        protected async Task PutAsync(string uri)
+        {
+            var response = await GetHttpClient().PutAsync(uri, null);
+            CheckResponse(response);
+        }
+
+        protected async Task<T> PutJsonAsync<T>(string uri, T value)
+        {
+            return await PutJsonAsync<T, T>(uri, value);
+        }
+
+        protected async Task<TResult> PutJsonAsync<TValue, TResult>(string uri, TValue value)
+        {
+            var response = await GetHttpClient().PutAsJsonAsync(uri, value);
+            if (CheckResponse(response) && ValidateJsonContent(response.Content))
+            {
+                var result = await response.Content.ReadFromJsonAsync<TResult>();
+                return result;
+            }
+            return default;
+        }
+
+        protected async Task PostAsync(string uri)
+        {
+            var response = await GetHttpClient().PostAsync(uri, null);
+            CheckResponse(response);
+        }
+
+        protected async Task<T> PostJsonAsync<T>(string uri, T value)
+        {
+            return await PostJsonAsync<T, T>(uri, value);
+        }
+
+        protected async Task<TResult> PostJsonAsync<TValue, TResult>(string uri, TValue value)
+        {
+            var response = await GetHttpClient().PostAsJsonAsync(uri, value);
+            if (CheckResponse(response) && ValidateJsonContent(response.Content))
+            {
+                var result = await response.Content.ReadFromJsonAsync<TResult>();
+                return result;
+            }
+
+            return default;
+        }
+
+        protected async Task DeleteAsync(string uri)
+        {
+            var response = await GetHttpClient().DeleteAsync(uri);
+            CheckResponse(response);
+        }
+
+        private bool CheckResponse(HttpResponseMessage response)
+        {
+            if (response.IsSuccessStatusCode) return true;
+            if (response.StatusCode != HttpStatusCode.NoContent && response.StatusCode != HttpStatusCode.NotFound)
+            {
+                Console.WriteLine($"Request: {response.RequestMessage.RequestUri}");
+                Console.WriteLine($"Response status: {response.StatusCode} {response.ReasonPhrase}");
+            }
+
+            return false;
+        }
+
+        private static bool ValidateJsonContent(HttpContent content)
+        {
+            var mediaType = content?.Headers.ContentType?.MediaType;
+            return mediaType != null && mediaType.Equals("application/json", StringComparison.OrdinalIgnoreCase);
+        }
+    }
+}