Adding Endpoints with Authorization in separate PublicApi project (#413)

* Adding tests for GetById endpoint * Updating tests and messages * Adding paged endpoint and also AutoMapper * Authenticate endpoint works as bool with tests * Got JWT token security working with Create and Delete endpoints and Swashbuckle. * Working on getting cookie and jwt token auth working in the same app All tests are passing * Creating new project and moving APIs Build succeeds; tests need updated. * all tests passing after moving services to PublicApi project * Fix authorize attributes * Uncomment and update ApiCatalogControllerLists tests Co-authored-by: Eric Fleming <eric-fleming18@hotmail.com>
2020-06-30 11:36:28 -04:00
parent e5e9868003
commit dd5a435cb4
49 changed files with 1024 additions and 75 deletions
--- a/tests/FunctionalTests/PublicApi/ApiTokenHelper.cs
+++ b/tests/FunctionalTests/PublicApi/ApiTokenHelper.cs
@@ -0,0 +1,51 @@
+using Microsoft.eShopWeb.ApplicationCore.Constants;
+using Microsoft.eShopWeb.Infrastructure.Identity;
+using Microsoft.IdentityModel.Tokens;
+using System;
+using System.Collections.Generic;
+using System.IdentityModel.Tokens.Jwt;
+using System.Security.Claims;
+using System.Text;
+
+namespace Microsoft.eShopWeb.FunctionalTests.Web.Api
+{
+    public class ApiTokenHelper
+    {
+        public static string GetAdminUserToken()
+        {
+            string userName = "admin@microsoft.com";
+            string[] roles = { "Administrators" };
+
+            return CreateToken(userName, roles);
+        }
+
+        public static string GetNormalUserToken()
+        {
+            string userName = "demouser@microsoft.com";
+            string[] roles = { };
+
+            return CreateToken(userName, roles);
+        }
+
+        private static string CreateToken(string userName, string[] roles)
+        {
+            var claims = new List<Claim> { new Claim(ClaimTypes.Name, userName) };
+
+            foreach (var role in roles)
+            {
+                claims.Add(new Claim(ClaimTypes.Role, role));
+            }
+
+            var key = Encoding.ASCII.GetBytes(AuthorizationConstants.JWT_SECRET_KEY);
+            var tokenDescriptor = new SecurityTokenDescriptor
+            {
+                Subject = new ClaimsIdentity(claims.ToArray()),
+                Expires = DateTime.UtcNow.AddHours(1),
+                SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
+            };
+            var tokenHandler = new JwtSecurityTokenHandler();
+            var token = tokenHandler.CreateToken(tokenDescriptor);
+            return tokenHandler.WriteToken(token);
+        }
+    }
+}