├── .gitignore
├── APIContagem
├── .vscode
│ ├── launch.json
│ └── tasks.json
├── APIContagem.csproj
├── Contador.cs
├── Controllers
│ ├── ContadorController.cs
│ └── LoginController.cs
├── Models
│ └── ResultadoContador.cs
├── Program.cs
├── Properties
│ └── launchSettings.json
├── appsettings.Development.json
└── appsettings.json
└── APIs.Security.JWT
├── APIs.Security.JWT.csproj
├── AccessManager.cs
├── ApiSecurityDbContext.cs
├── ApplicationUser.cs
├── Classes.cs
├── IdentityInitializer.cs
├── JwtSecurityExtension.cs
└── SigningConfigurations.cs
/.gitignore:
--------------------------------------------------------------------------------
1 | ## Ignore Visual Studio temporary files, build results, and
2 | ## files generated by popular Visual Studio add-ons.
3 | ##
4 | ## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore
5 |
6 | # User-specific files
7 | *.rsuser
8 | *.suo
9 | *.user
10 | *.userosscache
11 | *.sln.docstates
12 |
13 | # User-specific files (MonoDevelop/Xamarin Studio)
14 | *.userprefs
15 |
16 | # Mono auto generated files
17 | mono_crash.*
18 |
19 | # Build results
20 | [Dd]ebug/
21 | [Dd]ebugPublic/
22 | [Rr]elease/
23 | [Rr]eleases/
24 | x64/
25 | x86/
26 | [Aa][Rr][Mm]/
27 | [Aa][Rr][Mm]64/
28 | bld/
29 | [Bb]in/
30 | [Oo]bj/
31 | [Ll]og/
32 | [Ll]ogs/
33 |
34 | # Visual Studio 2015/2017 cache/options directory
35 | .vs/
36 | # Uncomment if you have tasks that create the project's static files in wwwroot
37 | #wwwroot/
38 |
39 | # Visual Studio 2017 auto generated files
40 | Generated\ Files/
41 |
42 | # MSTest test Results
43 | [Tt]est[Rr]esult*/
44 | [Bb]uild[Ll]og.*
45 |
46 | # NUnit
47 | *.VisualState.xml
48 | TestResult.xml
49 | nunit-*.xml
50 |
51 | # Build Results of an ATL Project
52 | [Dd]ebugPS/
53 | [Rr]eleasePS/
54 | dlldata.c
55 |
56 | # Benchmark Results
57 | BenchmarkDotNet.Artifacts/
58 |
59 | # .NET Core
60 | project.lock.json
61 | project.fragment.lock.json
62 | artifacts/
63 |
64 | # StyleCop
65 | StyleCopReport.xml
66 |
67 | # Files built by Visual Studio
68 | *_i.c
69 | *_p.c
70 | *_h.h
71 | *.ilk
72 | *.meta
73 | *.obj
74 | *.iobj
75 | *.pch
76 | *.pdb
77 | *.ipdb
78 | *.pgc
79 | *.pgd
80 | *.rsp
81 | *.sbr
82 | *.tlb
83 | *.tli
84 | *.tlh
85 | *.tmp
86 | *.tmp_proj
87 | *_wpftmp.csproj
88 | *.log
89 | *.vspscc
90 | *.vssscc
91 | .builds
92 | *.pidb
93 | *.svclog
94 | *.scc
95 |
96 | # Chutzpah Test files
97 | _Chutzpah*
98 |
99 | # Visual C++ cache files
100 | ipch/
101 | *.aps
102 | *.ncb
103 | *.opendb
104 | *.opensdf
105 | *.sdf
106 | *.cachefile
107 | *.VC.db
108 | *.VC.VC.opendb
109 |
110 | # Visual Studio profiler
111 | *.psess
112 | *.vsp
113 | *.vspx
114 | *.sap
115 |
116 | # Visual Studio Trace Files
117 | *.e2e
118 |
119 | # TFS 2012 Local Workspace
120 | $tf/
121 |
122 | # Guidance Automation Toolkit
123 | *.gpState
124 |
125 | # ReSharper is a .NET coding add-in
126 | _ReSharper*/
127 | *.[Rr]e[Ss]harper
128 | *.DotSettings.user
129 |
130 | # TeamCity is a build add-in
131 | _TeamCity*
132 |
133 | # DotCover is a Code Coverage Tool
134 | *.dotCover
135 |
136 | # AxoCover is a Code Coverage Tool
137 | .axoCover/*
138 | !.axoCover/settings.json
139 |
140 | # Visual Studio code coverage results
141 | *.coverage
142 | *.coveragexml
143 |
144 | # NCrunch
145 | _NCrunch_*
146 | .*crunch*.local.xml
147 | nCrunchTemp_*
148 |
149 | # MightyMoose
150 | *.mm.*
151 | AutoTest.Net/
152 |
153 | # Web workbench (sass)
154 | .sass-cache/
155 |
156 | # Installshield output folder
157 | [Ee]xpress/
158 |
159 | # DocProject is a documentation generator add-in
160 | DocProject/buildhelp/
161 | DocProject/Help/*.HxT
162 | DocProject/Help/*.HxC
163 | DocProject/Help/*.hhc
164 | DocProject/Help/*.hhk
165 | DocProject/Help/*.hhp
166 | DocProject/Help/Html2
167 | DocProject/Help/html
168 |
169 | # Click-Once directory
170 | publish/
171 |
172 | # Publish Web Output
173 | *.[Pp]ublish.xml
174 | *.azurePubxml
175 | # Note: Comment the next line if you want to checkin your web deploy settings,
176 | # but database connection strings (with potential passwords) will be unencrypted
177 | *.pubxml
178 | *.publishproj
179 |
180 | # Microsoft Azure Web App publish settings. Comment the next line if you want to
181 | # checkin your Azure Web App publish settings, but sensitive information contained
182 | # in these scripts will be unencrypted
183 | PublishScripts/
184 |
185 | # NuGet Packages
186 | *.nupkg
187 | # NuGet Symbol Packages
188 | *.snupkg
189 | # The packages folder can be ignored because of Package Restore
190 | **/[Pp]ackages/*
191 | # except build/, which is used as an MSBuild target.
192 | !**/[Pp]ackages/build/
193 | # Uncomment if necessary however generally it will be regenerated when needed
194 | #!**/[Pp]ackages/repositories.config
195 | # NuGet v3's project.json files produces more ignorable files
196 | *.nuget.props
197 | *.nuget.targets
198 |
199 | # Microsoft Azure Build Output
200 | csx/
201 | *.build.csdef
202 |
203 | # Microsoft Azure Emulator
204 | ecf/
205 | rcf/
206 |
207 | # Windows Store app package directories and files
208 | AppPackages/
209 | BundleArtifacts/
210 | Package.StoreAssociation.xml
211 | _pkginfo.txt
212 | *.appx
213 | *.appxbundle
214 | *.appxupload
215 |
216 | # Visual Studio cache files
217 | # files ending in .cache can be ignored
218 | *.[Cc]ache
219 | # but keep track of directories ending in .cache
220 | !?*.[Cc]ache/
221 |
222 | # Others
223 | ClientBin/
224 | ~$*
225 | *~
226 | *.dbmdl
227 | *.dbproj.schemaview
228 | *.jfm
229 | *.pfx
230 | *.publishsettings
231 | orleans.codegen.cs
232 |
233 | # Including strong name files can present a security risk
234 | # (https://github.com/github/gitignore/pull/2483#issue-259490424)
235 | #*.snk
236 |
237 | # Since there are multiple workflows, uncomment next line to ignore bower_components
238 | # (https://github.com/github/gitignore/pull/1529#issuecomment-104372622)
239 | #bower_components/
240 |
241 | # RIA/Silverlight projects
242 | Generated_Code/
243 |
244 | # Backup & report files from converting an old project file
245 | # to a newer Visual Studio version. Backup files are not needed,
246 | # because we have git ;-)
247 | _UpgradeReport_Files/
248 | Backup*/
249 | UpgradeLog*.XML
250 | UpgradeLog*.htm
251 | ServiceFabricBackup/
252 | *.rptproj.bak
253 |
254 | # SQL Server files
255 | *.mdf
256 | *.ldf
257 | *.ndf
258 |
259 | # Business Intelligence projects
260 | *.rdl.data
261 | *.bim.layout
262 | *.bim_*.settings
263 | *.rptproj.rsuser
264 | *- [Bb]ackup.rdl
265 | *- [Bb]ackup ([0-9]).rdl
266 | *- [Bb]ackup ([0-9][0-9]).rdl
267 |
268 | # Microsoft Fakes
269 | FakesAssemblies/
270 |
271 | # GhostDoc plugin setting file
272 | *.GhostDoc.xml
273 |
274 | # Node.js Tools for Visual Studio
275 | .ntvs_analysis.dat
276 | node_modules/
277 |
278 | # Visual Studio 6 build log
279 | *.plg
280 |
281 | # Visual Studio 6 workspace options file
282 | *.opt
283 |
284 | # Visual Studio 6 auto-generated workspace file (contains which files were open etc.)
285 | *.vbw
286 |
287 | # Visual Studio LightSwitch build output
288 | **/*.HTMLClient/GeneratedArtifacts
289 | **/*.DesktopClient/GeneratedArtifacts
290 | **/*.DesktopClient/ModelManifest.xml
291 | **/*.Server/GeneratedArtifacts
292 | **/*.Server/ModelManifest.xml
293 | _Pvt_Extensions
294 |
295 | # Paket dependency manager
296 | .paket/paket.exe
297 | paket-files/
298 |
299 | # FAKE - F# Make
300 | .fake/
301 |
302 | # CodeRush personal settings
303 | .cr/personal
304 |
305 | # Python Tools for Visual Studio (PTVS)
306 | __pycache__/
307 | *.pyc
308 |
309 | # Cake - Uncomment if you are using it
310 | # tools/**
311 | # !tools/packages.config
312 |
313 | # Tabs Studio
314 | *.tss
315 |
316 | # Telerik's JustMock configuration file
317 | *.jmconfig
318 |
319 | # BizTalk build output
320 | *.btp.cs
321 | *.btm.cs
322 | *.odx.cs
323 | *.xsd.cs
324 |
325 | # OpenCover UI analysis results
326 | OpenCover/
327 |
328 | # Azure Stream Analytics local run output
329 | ASALocalRun/
330 |
331 | # MSBuild Binary and Structured Log
332 | *.binlog
333 |
334 | # NVidia Nsight GPU debugger configuration file
335 | *.nvuser
336 |
337 | # MFractors (Xamarin productivity tool) working folder
338 | .mfractor/
339 |
340 | # Local History for Visual Studio
341 | .localhistory/
342 |
343 | # BeatPulse healthcheck temp database
344 | healthchecksdb
345 |
346 | # Backup folder for Package Reference Convert tool in Visual Studio 2017
347 | MigrationBackup/
348 |
349 | # Ionide (cross platform F# VS Code tools) working folder
350 | .ionide/
351 |
--------------------------------------------------------------------------------
/APIContagem/.vscode/launch.json:
--------------------------------------------------------------------------------
1 | {
2 | "version": "0.2.0",
3 | "configurations": [
4 | {
5 | // Use IntelliSense to find out which attributes exist for C# debugging
6 | // Use hover for the description of the existing attributes
7 | // For further information visit https://github.com/OmniSharp/omnisharp-vscode/blob/master/debugger-launchjson.md
8 | "name": ".NET Core Launch (web)",
9 | "type": "coreclr",
10 | "request": "launch",
11 | "preLaunchTask": "build",
12 | // If you have changed target frameworks, make sure to update the program path.
13 | "program": "${workspaceFolder}/bin/Debug/net6.0/APIContagem.dll",
14 | "args": [],
15 | "cwd": "${workspaceFolder}",
16 | "stopAtEntry": false,
17 | // Enable launching a web browser when ASP.NET Core starts. For more information: https://aka.ms/VSCode-CS-LaunchJson-WebBrowser
18 | "serverReadyAction": {
19 | "action": "openExternally",
20 | "pattern": "\\bNow listening on:\\s+(https?://\\S+)"
21 | },
22 | "env": {
23 | "ASPNETCORE_ENVIRONMENT": "Development"
24 | },
25 | "sourceFileMap": {
26 | "/Views": "${workspaceFolder}/Views"
27 | }
28 | },
29 | {
30 | "name": ".NET Core Attach",
31 | "type": "coreclr",
32 | "request": "attach"
33 | }
34 | ]
35 | }
--------------------------------------------------------------------------------
/APIContagem/.vscode/tasks.json:
--------------------------------------------------------------------------------
1 | {
2 | "version": "2.0.0",
3 | "tasks": [
4 | {
5 | "label": "build",
6 | "command": "dotnet",
7 | "type": "process",
8 | "args": [
9 | "build",
10 | "${workspaceFolder}/APIContagem.csproj",
11 | "/property:GenerateFullPaths=true",
12 | "/consoleloggerparameters:NoSummary"
13 | ],
14 | "problemMatcher": "$msCompile"
15 | },
16 | {
17 | "label": "publish",
18 | "command": "dotnet",
19 | "type": "process",
20 | "args": [
21 | "publish",
22 | "${workspaceFolder}/APIContagem.csproj",
23 | "/property:GenerateFullPaths=true",
24 | "/consoleloggerparameters:NoSummary"
25 | ],
26 | "problemMatcher": "$msCompile"
27 | },
28 | {
29 | "label": "watch",
30 | "command": "dotnet",
31 | "type": "process",
32 | "args": [
33 | "watch",
34 | "run",
35 | "${workspaceFolder}/APIContagem.csproj",
36 | "/property:GenerateFullPaths=true",
37 | "/consoleloggerparameters:NoSummary"
38 | ],
39 | "problemMatcher": "$msCompile"
40 | }
41 | ]
42 | }
--------------------------------------------------------------------------------
/APIContagem/APIContagem.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | net6.0
5 | enable
6 | enable
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
--------------------------------------------------------------------------------
/APIContagem/Contador.cs:
--------------------------------------------------------------------------------
1 | using System.Runtime.InteropServices;
2 |
3 | namespace APIContagem;
4 |
5 | public class Contador
6 | {
7 | private static readonly string _LOCAL;
8 | private static readonly string _KERNEL;
9 | private static readonly string _FRAMEWORK;
10 |
11 | static Contador()
12 | {
13 | _LOCAL = Environment.MachineName;
14 | _KERNEL = Environment.OSVersion.VersionString;
15 | _FRAMEWORK = RuntimeInformation.FrameworkDescription;
16 | }
17 |
18 | private int _valorAtual = 0;
19 |
20 | public int ValorAtual { get => _valorAtual; }
21 | public string Local { get => _LOCAL; }
22 | public string Kernel { get => _KERNEL; }
23 | public string Framework { get => _FRAMEWORK; }
24 |
25 | public void Incrementar()
26 | {
27 | _valorAtual++;
28 | }
29 | }
--------------------------------------------------------------------------------
/APIContagem/Controllers/ContadorController.cs:
--------------------------------------------------------------------------------
1 | using System.Net;
2 | using Microsoft.AspNetCore.Mvc;
3 | using Microsoft.AspNetCore.Authorization;
4 | using APIContagem.Models;
5 |
6 | namespace APIContagem.Controllers;
7 |
8 | [ApiController]
9 | [Route("[controller]")]
10 | [Authorize("Bearer")]
11 | public class ContadorController : ControllerBase
12 | {
13 | private static Contador _CONTADOR = new Contador();
14 |
15 | [HttpGet]
16 | [ProducesResponseType(typeof(ResultadoContador), (int)HttpStatusCode.OK)]
17 | [ProducesResponseType((int)HttpStatusCode.Unauthorized)]
18 | public ResultadoContador Get(
19 | [FromServices] ILogger logger,
20 | [FromServices] IConfiguration configuration)
21 | {
22 | int valorAtualContador;
23 | lock (_CONTADOR)
24 | {
25 | _CONTADOR.Incrementar();
26 | valorAtualContador = _CONTADOR.ValorAtual;
27 | }
28 | logger.LogInformation($"Contador - Valor atual: {valorAtualContador}");
29 |
30 | lock (_CONTADOR)
31 | {
32 | return new()
33 | {
34 | ValorAtual = _CONTADOR.ValorAtual,
35 | Local = _CONTADOR.Local,
36 | Kernel = _CONTADOR.Kernel,
37 | Saudacao = configuration["Saudacao"],
38 | Framework = _CONTADOR.Framework
39 | };
40 | }
41 | }
42 | }
--------------------------------------------------------------------------------
/APIContagem/Controllers/LoginController.cs:
--------------------------------------------------------------------------------
1 | using System.Net;
2 | using Microsoft.AspNetCore.Mvc;
3 | using Microsoft.AspNetCore.Authorization;
4 | using APIs.Security.JWT;
5 |
6 | namespace APIContagem.Controllers;
7 |
8 | [ApiController]
9 | [Route("[controller]")]
10 | public class LoginController : ControllerBase
11 | {
12 | [AllowAnonymous]
13 | [HttpPost]
14 | [ProducesResponseType(typeof(Token), (int)HttpStatusCode.OK)]
15 | [ProducesResponseType((int)HttpStatusCode.Unauthorized)]
16 | public ActionResult Post(
17 | [FromBody] User usuario,
18 | [FromServices] ILogger logger,
19 | [FromServices] AccessManager accessManager)
20 | {
21 | logger.LogInformation($"Recebida solicitação para o usuário: {usuario?.UserID}");
22 |
23 | if (usuario is not null && accessManager.ValidateCredentials(usuario))
24 | {
25 | logger.LogInformation($"Sucesso na autenticação do usuário: {usuario.UserID}");
26 | return accessManager.GenerateToken(usuario);
27 | }
28 | else
29 | {
30 | logger.LogError($"Falha na autenticação do usuário: {usuario?.UserID}");
31 | return new UnauthorizedResult();
32 | }
33 | }
34 | }
--------------------------------------------------------------------------------
/APIContagem/Models/ResultadoContador.cs:
--------------------------------------------------------------------------------
1 | namespace APIContagem.Models;
2 |
3 | public class ResultadoContador
4 | {
5 | public int ValorAtual { get; set; }
6 | public string? Local { get; set; }
7 | public string? Kernel { get; set; }
8 | public string? Saudacao { get; set; }
9 | public string? Framework { get; set; }
10 | }
--------------------------------------------------------------------------------
/APIContagem/Program.cs:
--------------------------------------------------------------------------------
1 | using System.Text.Json.Serialization;
2 | using Microsoft.Extensions.Options;
3 | using Microsoft.EntityFrameworkCore;
4 | using Microsoft.OpenApi.Models;
5 | using APIs.Security.JWT;
6 |
7 |
8 | var builder = WebApplication.CreateBuilder(args);
9 |
10 | builder.Services.AddControllers().AddJsonOptions(options =>
11 | {
12 | options.JsonSerializerOptions.DefaultIgnoreCondition = JsonIgnoreCondition.WhenWritingNull;
13 | });
14 |
15 | builder.Services.AddEndpointsApiExplorer();
16 | builder.Services.AddSwaggerGen(c =>
17 | {
18 | c.SwaggerDoc("v1", new OpenApiInfo { Title = "APIContagem", Version = "v1" });
19 |
20 | c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
21 | {
22 | Description =
23 | "JWT Authorization Header - utilizado com Bearer Authentication.\r\n\r\n" +
24 | "Digite 'Bearer' [espaço] e então seu token no campo abaixo.\r\n\r\n" +
25 | "Exemplo (informar sem as aspas): 'Bearer 12345abcdef'",
26 | Name = "Authorization",
27 | In = ParameterLocation.Header,
28 | Type = SecuritySchemeType.ApiKey,
29 | Scheme = "Bearer",
30 | BearerFormat = "JWT",
31 | });
32 |
33 | c.AddSecurityRequirement(new OpenApiSecurityRequirement
34 | {
35 | {
36 | new OpenApiSecurityScheme
37 | {
38 | Reference = new OpenApiReference
39 | {
40 | Type = ReferenceType.SecurityScheme,
41 | Id = "Bearer"
42 | }
43 | },
44 | Array.Empty()
45 | }
46 | });
47 | });
48 |
49 | // Configurando o uso da classe de contexto para
50 | // acesso às tabelas do ASP.NET Identity Core
51 | builder.Services.AddDbContext(options =>
52 | options.UseInMemoryDatabase("InMemoryDatabase"));
53 |
54 | var tokenConfigurations = new TokenConfigurations();
55 | new ConfigureFromConfigurationOptions(
56 | builder.Configuration.GetSection("TokenConfigurations"))
57 | .Configure(tokenConfigurations);
58 |
59 | // Aciona a extensão que irá configurar o uso de
60 | // autenticação e autorização via tokens
61 | builder.Services.AddJwtSecurity(tokenConfigurations);
62 |
63 | // Acionar caso seja necessário criar usuários para testes
64 | builder.Services.AddScoped();
65 |
66 |
67 | var app = builder.Build();
68 |
69 | app.UseSwagger();
70 | app.UseSwaggerUI();
71 |
72 | app.UseHttpsRedirection();
73 |
74 | // Criação de estruturas, usuários e permissões
75 | // na base do ASP.NET Identity Core (caso ainda não
76 | // existam)
77 | //var identityInitializer = app.Services.GetRequiredService();
78 | using var scope = app.Services.CreateScope();
79 | scope.ServiceProvider.GetRequiredService().Initialize();
80 |
81 | app.UseAuthorization();
82 |
83 | app.MapControllers();
84 |
85 | app.Run();
--------------------------------------------------------------------------------
/APIContagem/Properties/launchSettings.json:
--------------------------------------------------------------------------------
1 | {
2 | "$schema": "https://json.schemastore.org/launchsettings.json",
3 | "iisSettings": {
4 | "windowsAuthentication": false,
5 | "anonymousAuthentication": true,
6 | "iisExpress": {
7 | "applicationUrl": "http://localhost:47124",
8 | "sslPort": 44321
9 | }
10 | },
11 | "profiles": {
12 | "APIContagem": {
13 | "commandName": "Project",
14 | "dotnetRunMessages": true,
15 | "launchBrowser": true,
16 | "launchUrl": "swagger",
17 | "applicationUrl": "https://localhost:7009;http://localhost:5108",
18 | "environmentVariables": {
19 | "ASPNETCORE_ENVIRONMENT": "Development"
20 | }
21 | },
22 | "IIS Express": {
23 | "commandName": "IISExpress",
24 | "launchBrowser": true,
25 | "launchUrl": "swagger",
26 | "environmentVariables": {
27 | "ASPNETCORE_ENVIRONMENT": "Development"
28 | }
29 | }
30 | }
31 | }
32 |
--------------------------------------------------------------------------------
/APIContagem/appsettings.Development.json:
--------------------------------------------------------------------------------
1 | {
2 | "Logging": {
3 | "LogLevel": {
4 | "Default": "Information",
5 | "Microsoft.AspNetCore": "Warning"
6 | }
7 | }
8 | }
9 |
--------------------------------------------------------------------------------
/APIContagem/appsettings.json:
--------------------------------------------------------------------------------
1 | {
2 | "Saudacao": "Oi!!!",
3 | "TokenConfigurations": {
4 | "Audience": "ExemploAudience",
5 | "Issuer": "ExemploIssuer",
6 | "Seconds": 60,
7 | "SecretJwtKey": "VGVzdGVzIGNvbSAuTkVUIDYsIEFTUC5ORVQgQ29yZSBlIEpXVA=="
8 | },
9 | "Logging": {
10 | "LogLevel": {
11 | "Default": "Information",
12 | "Microsoft.AspNetCore": "Warning"
13 | }
14 | },
15 | "AllowedHosts": "*"
16 | }
--------------------------------------------------------------------------------
/APIs.Security.JWT/APIs.Security.JWT.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | net6.0
5 | enable
6 | enable
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
--------------------------------------------------------------------------------
/APIs.Security.JWT/AccessManager.cs:
--------------------------------------------------------------------------------
1 | using System.IdentityModel.Tokens.Jwt;
2 | using System.Security.Claims;
3 | using System.Security.Principal;
4 | using Microsoft.AspNetCore.Identity;
5 | using Microsoft.IdentityModel.Tokens;
6 |
7 | namespace APIs.Security.JWT;
8 |
9 | public class AccessManager
10 | {
11 | private UserManager _userManager;
12 | private SignInManager _signInManager;
13 | private SigningConfigurations _signingConfigurations;
14 | private TokenConfigurations _tokenConfigurations;
15 |
16 | public AccessManager(
17 | UserManager userManager,
18 | SignInManager signInManager,
19 | SigningConfigurations signingConfigurations,
20 | TokenConfigurations tokenConfigurations)
21 | {
22 | _userManager = userManager;
23 | _signInManager = signInManager;
24 | _signingConfigurations = signingConfigurations;
25 | _tokenConfigurations = tokenConfigurations;
26 | }
27 |
28 | public bool ValidateCredentials(User user)
29 | {
30 | bool credenciaisValidas = false;
31 | if (user is not null && !String.IsNullOrWhiteSpace(user.UserID))
32 | {
33 | // Verifica a existência do usuário nas tabelas do
34 | // ASP.NET Core Identity
35 | var userIdentity = _userManager
36 | .FindByNameAsync(user.UserID).Result;
37 | if (userIdentity is not null)
38 | {
39 | // Efetua o login com base no Id do usuário e sua senha
40 | var resultadoLogin = _signInManager
41 | .CheckPasswordSignInAsync(userIdentity, user.Password, false)
42 | .Result;
43 | if (resultadoLogin.Succeeded)
44 | {
45 | // Verifica se o usuário em questão possui
46 | // a role Acesso-APIs
47 | credenciaisValidas = _userManager.IsInRoleAsync(
48 | userIdentity, Roles.ROLE_ACESSO_APIS).Result;
49 | }
50 | }
51 | }
52 |
53 | return credenciaisValidas;
54 | }
55 |
56 | public Token GenerateToken(User user)
57 | {
58 | ClaimsIdentity identity = new(
59 | new GenericIdentity(user.UserID!, "Login"),
60 | new[] {
61 | new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString("N")),
62 | new Claim(JwtRegisteredClaimNames.UniqueName, user.UserID!)
63 | }
64 | );
65 |
66 | DateTime dataCriacao = DateTime.Now;
67 | DateTime dataExpiracao = dataCriacao +
68 | TimeSpan.FromSeconds(_tokenConfigurations.Seconds);
69 |
70 | var handler = new JwtSecurityTokenHandler();
71 | var securityToken = handler.CreateToken(new SecurityTokenDescriptor
72 | {
73 | Issuer = _tokenConfigurations.Issuer,
74 | Audience = _tokenConfigurations.Audience,
75 | SigningCredentials = _signingConfigurations.SigningCredentials,
76 | Subject = identity,
77 | NotBefore = dataCriacao,
78 | Expires = dataExpiracao
79 | });
80 | var token = handler.WriteToken(securityToken);
81 |
82 | return new()
83 | {
84 | Authenticated = true,
85 | Created = dataCriacao.ToString("yyyy-MM-dd HH:mm:ss"),
86 | Expiration = dataExpiracao.ToString("yyyy-MM-dd HH:mm:ss"),
87 | AccessToken = token,
88 | Message = "OK"
89 | };
90 | }
91 | }
--------------------------------------------------------------------------------
/APIs.Security.JWT/ApiSecurityDbContext.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.AspNetCore.Identity.EntityFrameworkCore;
2 | using Microsoft.EntityFrameworkCore;
3 |
4 | namespace APIs.Security.JWT;
5 |
6 | public class ApiSecurityDbContext : IdentityDbContext
7 | {
8 | public ApiSecurityDbContext(DbContextOptions options)
9 | : base(options)
10 | {
11 | }
12 |
13 | protected override void OnModelCreating(ModelBuilder builder)
14 | {
15 | base.OnModelCreating(builder);
16 | }
17 | }
--------------------------------------------------------------------------------
/APIs.Security.JWT/ApplicationUser.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.AspNetCore.Identity;
2 |
3 | namespace APIs.Security.JWT;
4 |
5 | public class ApplicationUser : IdentityUser
6 | {
7 | }
--------------------------------------------------------------------------------
/APIs.Security.JWT/Classes.cs:
--------------------------------------------------------------------------------
1 | namespace APIs.Security.JWT;
2 |
3 | public class User
4 | {
5 | public string? UserID { get; set; }
6 | public string? Password { get; set; }
7 | }
8 |
9 | public static class Roles
10 | {
11 | public const string? ROLE_ACESSO_APIS = "Acesso-APIs";
12 | }
13 |
14 | public class TokenConfigurations
15 | {
16 | public string? Audience { get; set; }
17 | public string? Issuer { get; set; }
18 | public int Seconds { get; set; }
19 | public string? SecretJwtKey { get; set; }
20 | }
21 |
22 | public class Token
23 | {
24 | public bool Authenticated { get; set; }
25 | public string? Created { get; set; }
26 | public string? Expiration { get; set; }
27 | public string? AccessToken { get; set; }
28 | public string? Message { get; set; }
29 | }
--------------------------------------------------------------------------------
/APIs.Security.JWT/IdentityInitializer.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.AspNetCore.Identity;
2 |
3 | namespace APIs.Security.JWT;
4 |
5 | public class IdentityInitializer
6 | {
7 | private readonly ApiSecurityDbContext _context;
8 | private readonly UserManager _userManager;
9 | private readonly RoleManager _roleManager;
10 |
11 | public IdentityInitializer(
12 | ApiSecurityDbContext context,
13 | UserManager userManager,
14 | RoleManager roleManager)
15 | {
16 | _context = context;
17 | _userManager = userManager;
18 | _roleManager = roleManager;
19 | }
20 |
21 | public void Initialize()
22 | {
23 | if (_context.Database.EnsureCreated())
24 | {
25 | if (!_roleManager.RoleExistsAsync(Roles.ROLE_ACESSO_APIS).Result)
26 | {
27 | var resultado = _roleManager.CreateAsync(
28 | new IdentityRole(Roles.ROLE_ACESSO_APIS)).Result;
29 | if (!resultado.Succeeded)
30 | {
31 | throw new Exception(
32 | $"Erro durante a criação da role {Roles.ROLE_ACESSO_APIS}.");
33 | }
34 | }
35 |
36 | CreateUser(
37 | new ApplicationUser()
38 | {
39 | UserName = "usr01_apis",
40 | Email = "usr01_apis@teste.com.br",
41 | EmailConfirmed = true
42 | }, "Usr01ApiValido01!", Roles.ROLE_ACESSO_APIS);
43 |
44 | CreateUser(
45 | new()
46 | {
47 | UserName = "usr02_apis",
48 | Email = "usr02_apis@teste.com.br",
49 | EmailConfirmed = true
50 | }, "Usr02ApiInvalido02!");
51 | }
52 | }
53 |
54 | private void CreateUser(
55 | ApplicationUser user,
56 | string password,
57 | string? initialRole = null)
58 | {
59 | if (_userManager.FindByNameAsync(user.UserName).Result == null)
60 | {
61 | var resultado = _userManager
62 | .CreateAsync(user, password).Result;
63 |
64 | if (resultado.Succeeded &&
65 | !String.IsNullOrWhiteSpace(initialRole))
66 | {
67 | _userManager.AddToRoleAsync(user, initialRole).Wait();
68 | }
69 | }
70 | }
71 | }
--------------------------------------------------------------------------------
/APIs.Security.JWT/JwtSecurityExtension.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.AspNetCore.Authentication.JwtBearer;
2 | using Microsoft.AspNetCore.Authorization;
3 | using Microsoft.AspNetCore.Identity;
4 | using Microsoft.Extensions.DependencyInjection;
5 |
6 | namespace APIs.Security.JWT;
7 |
8 | public static class JwtSecurityExtension
9 | {
10 | public static IServiceCollection AddJwtSecurity(
11 | this IServiceCollection services,
12 | TokenConfigurations tokenConfigurations)
13 | {
14 | // Ativando a utilização do ASP.NET Identity, a fim de
15 | // permitir a recuperação de seus objetos via injeção de
16 | // dependências
17 | services.AddIdentity()
18 | .AddEntityFrameworkStores()
19 | .AddDefaultTokenProviders();
20 |
21 | // Configurando a dependência para a classe de validação
22 | // de credenciais e geração de tokens
23 | services.AddScoped();
24 |
25 | var signingConfigurations = new SigningConfigurations(
26 | tokenConfigurations.SecretJwtKey!);
27 | services.AddSingleton(signingConfigurations);
28 |
29 | services.AddSingleton(tokenConfigurations);
30 |
31 | services.AddAuthentication(authOptions =>
32 | {
33 | authOptions.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
34 | authOptions.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
35 | }).AddJwtBearer(bearerOptions =>
36 | {
37 | var paramsValidation = bearerOptions.TokenValidationParameters;
38 | paramsValidation.IssuerSigningKey = signingConfigurations.Key;
39 | paramsValidation.ValidAudience = tokenConfigurations.Audience;
40 | paramsValidation.ValidIssuer = tokenConfigurations.Issuer;
41 |
42 | // Valida a assinatura de um token recebido
43 | paramsValidation.ValidateIssuerSigningKey = true;
44 |
45 | // Verifica se um token recebido ainda é válido
46 | paramsValidation.ValidateLifetime = true;
47 |
48 | // Tempo de tolerância para a expiração de um token (utilizado
49 | // caso haja problemas de sincronismo de horário entre diferentes
50 | // computadores envolvidos no processo de comunicação)
51 | paramsValidation.ClockSkew = TimeSpan.Zero;
52 | });
53 |
54 | // Ativa o uso do token como forma de autorizar o acesso
55 | // a recursos deste projeto
56 | services.AddAuthorization(auth =>
57 | {
58 | auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder()
59 | .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme)
60 | .RequireAuthenticatedUser().Build());
61 | });
62 |
63 | return services;
64 | }
65 | }
--------------------------------------------------------------------------------
/APIs.Security.JWT/SigningConfigurations.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.IdentityModel.Tokens;
2 | using System.Text;
3 |
4 | namespace APIs.Security.JWT;
5 |
6 | public class SigningConfigurations
7 | {
8 | public Guid Id { get; } = Guid.NewGuid();
9 | public SecurityKey Key { get; }
10 | public SigningCredentials SigningCredentials { get; }
11 |
12 | public SigningConfigurations(string secretJwtKey)
13 | {
14 | Key = new SymmetricSecurityKey(
15 | Encoding.UTF8.GetBytes(secretJwtKey));
16 |
17 | SigningCredentials = new(
18 | Key, SecurityAlgorithms.HmacSha256Signature);
19 | }
20 | }
--------------------------------------------------------------------------------