!minor removed the encryption for now while I investigate #865

pull/1514/head
Jamie.Rees 7 years ago
parent e0c2492987
commit 25d8f9b40d

@ -1,7 +1,9 @@
using System.Diagnostics.CodeAnalysis;
using System.Security.Principal;
using Hangfire;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.EntityFrameworkCore.Infrastructure;
using Microsoft.Extensions.DependencyInjection;
@ -49,13 +51,14 @@ namespace Ombi.DependencyInjection
[SuppressMessage("ReSharper", "MemberCanBePrivate.Global")]
public static class IocExtensions
{
public static void RegisterDependencies(this IServiceCollection services)
public static void RegisterApplicationDependencies(this IServiceCollection services)
{
services.RegisterEngines();
services.RegisterApi();
services.RegisterServices();
services.RegisterStore();
services.RegisterJobs();
services.RegisterHttp();
}
public static void RegisterEngines(this IServiceCollection services)
@ -68,6 +71,11 @@ namespace Ombi.DependencyInjection
services.AddTransient<IMovieSender, MovieSender>();
services.AddTransient<ITvSender, TvSender>();
}
public static void RegisterHttp(this IServiceCollection services)
{
services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
services.AddScoped<IPrincipal>(sp => sp.GetService<IHttpContextAccessor>().HttpContext.User);
}
public static void RegisterApi(this IServiceCollection services)
{

@ -9,7 +9,7 @@ using Microsoft.AspNetCore.DataProtection;
namespace Ombi.Settings.Settings
{
public class SettingsService<T> : ISettingsService<T>
where T : Ombi.Settings.Settings.Models.Settings, new()
where T : Models.Settings, new()
{
public SettingsService(ISettingsRepository repo, IDataProtectionProvider provider)
@ -127,12 +127,14 @@ namespace Ombi.Settings.Settings
private string EncryptSettings(GlobalSettings settings)
{
return _protector.Protect(settings.Content);
return settings.Content;
//return _protector.Protect(settings.Content);
}
private string DecryptSettings(GlobalSettings settings)
{
return _protector.Unprotect(settings.Content);
return settings.Content;
//return _protector.Unprotect(settings.Content);
}
}
}

@ -96,31 +96,10 @@ namespace Ombi
options.Password.RequireUppercase = false;
});
services.AddDataProtection();
services.AddMemoryCache();
var tokenOptions = Configuration.GetSection("TokenAuthentication");
var tokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(tokenOptions.GetValue("SecretKey", string.Empty))),
RequireExpirationTime = true,
ValidateLifetime = true,
ValidAudience = "Ombi",
ValidIssuer = "Ombi",
ClockSkew = TimeSpan.Zero,
};
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(x =>
{
x.Audience = "Ombi";
x.TokenValidationParameters = tokenValidationParameters;
});
services.AddJwtAuthentication(Configuration);
services.AddMvc()
.AddJsonOptions(x => x.SerializerSettings.ReferenceLoopHandling = Newtonsoft.Json.ReferenceLoopHandling.Ignore);
@ -130,54 +109,10 @@ namespace Ombi
{
expression.AddCollectionMappers();
});
services.RegisterDependencies(); // Ioc and EF
services.AddSwaggerGen(c =>
{
c.DescribeAllEnumsAsStrings();
c.SwaggerDoc("v1", new Info
{
Version = "v1",
Title = "Ombi Api",
Description = "The API for Ombi, most of these calls require an auth token that you can get from calling POST:\"/connect/token/\" with the body of: \n {\n\"username\":\"YOURUSERNAME\",\n\"password\":\"YOURPASSWORD\"\n} \n" +
"You can then use the returned token in the JWT Token field e.g. \"Bearer Token123xxff\"",
Contact = new Contact
{
Email = "tidusjar@gmail.com",
Name = "Jamie Rees",
Url = "https://www.ombi.io/"
}
});
c.CustomSchemaIds(x => x.FullName);
var basePath = PlatformServices.Default.Application.ApplicationBasePath;
var xmlPath = Path.Combine(basePath, "Swagger.xml");
try
{
c.IncludeXmlComments(xmlPath);
}
catch (Exception e)
{
Console.WriteLine(e);
}
c.AddSecurityDefinition("Bearer", new ApiKeyScheme()
{
Description = "JWT Authorization header using the Bearer scheme. Example: \"Authorization: Bearer {token}\"",
Name = "Authorization",
In = "header",
Type = "apiKey"
});
c.AddSecurityDefinition("Authentication", new ApiKeyScheme());
c.OperationFilter<SwaggerOperationFilter>();
c.DescribeAllParametersInCamelCase();
});
services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
services.AddScoped<IPrincipal>(sp => sp.GetService<IHttpContextAccessor>().HttpContext.User);
services.Configure<ApplicationSettings>(Configuration.GetSection("ApplicationSettings"));
services.Configure<UserSettings>(Configuration.GetSection("UserSettings"));
services.Configure<TokenAuthentication>(Configuration.GetSection("TokenAuthentication"));
services.Configure<LandingPageBackground>(Configuration.GetSection("LandingPageBackground"));
services.RegisterApplicationDependencies(); // Ioc and EF
services.AddSwagger();
services.AddAppSettingsValues(Configuration);
services.AddHangfire(x =>
{
@ -188,10 +123,7 @@ namespace Ombi
});
// Build the intermediate service provider
var serviceProvider = services.BuildServiceProvider();
//return the provider
return serviceProvider;
return services.BuildServiceProvider();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
@ -218,17 +150,15 @@ namespace Ombi
app.UseHangfireServer();
app.UseHangfireDashboard("/hangfire", new DashboardOptions
{
Authorization = new [] { new HangfireAuthorizationFilter() }
Authorization = new[] { new HangfireAuthorizationFilter() }
});
// Setup the scheduler
var jobSetup = (IJobSetup)app.ApplicationServices.GetService(typeof(IJobSetup));
jobSetup.Setup();
ctx.Seed();
var provider = new FileExtensionContentTypeProvider {Mappings = {[".map"] = "application/octet-stream"}};
var provider = new FileExtensionContentTypeProvider { Mappings = { [".map"] = "application/octet-stream" } };
app.UseStaticFiles(new StaticFileOptions()
{
@ -251,7 +181,6 @@ namespace Ombi
});
app.UseSwaggerUI(c =>
{
c.SwaggerEndpoint("/swagger/v1/swagger.json", "My API V1");
c.ShowJsonEditor();
});
@ -274,7 +203,7 @@ namespace Ombi
var valid = ombiSettings.ApiKey.Equals(headerKey, StringComparison.CurrentCultureIgnoreCase);
if (!valid)
{
context.Response.StatusCode = (int) HttpStatusCode.Unauthorized;
context.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
await context.Response.WriteAsync("Invalid API Key");
}
else
@ -283,7 +212,7 @@ namespace Ombi
identity.AddClaim(new System.Security.Claims.Claim("Origin", "Api"));
identity.AddClaim(new System.Security.Claims.Claim("role", "Admin"));
var principal = new GenericPrincipal(identity, new[] {"ApiUser"});
var principal = new GenericPrincipal(identity, new[] { "ApiUser" });
// TODO need to think about if I require a JWT Token here.
context.User = principal;
await next();

@ -0,0 +1,96 @@
using System;
using System.IO;
using System.Text;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.PlatformAbstractions;
using Microsoft.IdentityModel.Tokens;
using Ombi.Config;
using Ombi.Helpers;
using Ombi.Models.Identity;
using Swashbuckle.AspNetCore.Swagger;
namespace Ombi
{
public static class StartupExtensions
{
public static void AddSwagger(this IServiceCollection services)
{
services.AddSwaggerGen(c =>
{
c.DescribeAllEnumsAsStrings();
c.SwaggerDoc("v1", new Info
{
Version = "v1",
Title = "Ombi Api",
Description = "The API for Ombi, most of these calls require an auth token that you can get from calling POST:\"/connect/token/\" with the body of: \n {\n\"username\":\"YOURUSERNAME\",\n\"password\":\"YOURPASSWORD\"\n} \n" +
"You can then use the returned token in the JWT Token field e.g. \"Bearer Token123xxff\"",
Contact = new Contact
{
Email = "tidusjar@gmail.com",
Name = "Jamie Rees",
Url = "https://www.ombi.io/"
}
});
c.CustomSchemaIds(x => x.FullName);
var basePath = PlatformServices.Default.Application.ApplicationBasePath;
var xmlPath = Path.Combine(basePath, "Swagger.xml");
try
{
c.IncludeXmlComments(xmlPath);
}
catch (Exception e)
{
Console.WriteLine(e);
}
c.AddSecurityDefinition("Bearer", new ApiKeyScheme()
{
Description = "JWT Authorization header using the Bearer scheme. Example: \"Authorization: Bearer {token}\"",
Name = "Authorization",
In = "header",
Type = "apiKey"
});
c.AddSecurityDefinition("Authentication", new ApiKeyScheme());
c.OperationFilter<SwaggerOperationFilter>();
c.DescribeAllParametersInCamelCase();
});
}
public static void AddAppSettingsValues(this IServiceCollection services, IConfigurationRoot configuration)
{
services.Configure<ApplicationSettings>(configuration.GetSection("ApplicationSettings"));
services.Configure<UserSettings>(configuration.GetSection("UserSettings"));
services.Configure<TokenAuthentication>(configuration.GetSection("TokenAuthentication"));
services.Configure<LandingPageBackground>(configuration.GetSection("LandingPageBackground"));
}
public static void AddJwtAuthentication(this IServiceCollection services, IConfigurationRoot configuration)
{
var tokenOptions = configuration.GetSection("TokenAuthentication");
var tokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(tokenOptions.GetValue("SecretKey", string.Empty))),
RequireExpirationTime = true,
ValidateLifetime = true,
ValidAudience = "Ombi",
ValidIssuer = "Ombi",
ClockSkew = TimeSpan.Zero,
};
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(x =>
{
x.Audience = "Ombi";
x.TokenValidationParameters = tokenValidationParameters;
});
}
}
}
Loading…
Cancel
Save