InfoSA/KTUSA-PS
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Some stuff

Browse Source
This commit is contained in:
Karolis2011
2021-12-22 22:50:09 +02:00
parent 997154efa8
commit cad4268b79
11 changed files with 236 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
KTUSAPS/Auth/AdminAuthorizationHandler.cs Normal file
View File

@@ -0,0 +1,38 @@
using KTUSAPS.Data;
using Microsoft.AspNetCore.Authorization;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.DependencyInjection;
using System;
using System.Linq;
using System.Threading.Tasks;
namespace KTUSAPS.Auth
{
public class AdminAuthorizationHandler : AuthorizationHandler<AdminRequirement>
{
private readonly IServiceProvider serviceProvider;
public AdminAuthorizationHandler(IServiceProvider serviceProvider)
{
this.serviceProvider = serviceProvider;
}
protected async override Task HandleRequirementAsync(AuthorizationHandlerContext context, AdminRequirement requirement)
{
var idclaim = context.User.Claims.Where(c => c.Type == "http://schemas.microsoft.com/identity/claims/objectidentifier").FirstOrDefault();
if(idclaim == default)
{
context.Fail();
return;
}
using var scope = serviceProvider.CreateScope();
var dataContext = scope.ServiceProvider.GetRequiredService<SAPSDataContext>();
var admin = await dataContext.Admins.Where(a => a.UserId == idclaim.Value).FirstOrDefaultAsync();
if (admin != default)
{
context.Succeed(requirement);
return;
}
context.Fail();
}
}
}

8
KTUSAPS/Auth/AdminRequirement.cs Normal file
View File

@@ -0,0 +1,8 @@
using Microsoft.AspNetCore.Authorization;
namespace KTUSAPS.Auth
{
public class AdminRequirement : IAuthorizationRequirement
{
}
}

2
KTUSAPS/ClientApp/public/index.html
View File

@@ -5,7 +5,7 @@
<meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width,initial-scale=1.0"> <meta name="viewport" content="width=device-width,initial-scale=1.0">
<link rel="icon" href="<%= BASE_URL %>favicon.ico"> <link rel="icon" href="<%= BASE_URL %>favicon.ico">
<title><%= htmlWebpackPlugin.options.title %></title> <title>KTU SA Problemų sprendimo sistema</title>
</head> </head>
<body> <body>
<noscript> <noscript>

19
KTUSAPS/ClientApp/src/components/NavMenu.vue
View File

@@ -27,17 +27,24 @@
>Pagrindinis</router-link >Pagrindinis</router-link
> >
</li> </li>
<li class="nav-item" v-if="$store.state.msalAuth.isLoggedIn">
<router-link :to="{ name: 'Submit' }" class="nav-link"
>Pateikti problemą</router-link
>
</li>
<!-- <li class="nav-item"> <!-- <li class="nav-item">
<a href="/swagger" class="nav-link">Swagger UI</a> <a href="/swagger" class="nav-link">Swagger UI</a>
</li> --> </li> -->
</ul> </ul>
<div class="navbar-nav"> <div class="navbar-nav">
<span v-if="$store.state.msalAuth.isLoggedIn" class="navbar-text" <template v-if="$store.state.msalAuth.isLoggedIn">
>Prisijungta kaip {{ $store.state.msalAuth.displayName }} <span class="navbar-text"
<a href="#" @click="LogoutMsal" class="nav-link" >Prisijungta kaip {{ $store.state.msalAuth.displayName }}
>Atsijungti</a </span>
></span <div class="nav-item">
> <a href="#" @click="LogoutMsal" class="nav-link">Atsijungti</a>
</div>
</template>
<div v-else class="nav-item"> <div v-else class="nav-item">
<a href="#" @click="LoginMsal" class="nav-link">Prisijungti</a> <a href="#" @click="LoginMsal" class="nav-link">Prisijungti</a>
</div> </div>

79
KTUSAPS/ClientApp/src/pages/Home.vue
View File

@@ -10,34 +10,46 @@
el. paštas yra: <b>{{ $store.state.msalAuth.email }}</b> el. paštas yra: <b>{{ $store.state.msalAuth.email }}</b>
</span> </span>
</div> </div>
<h3>Priegos raktas (Access token)</h3> <template v-if="$store.state.msalAuth.isAdmin">
<a <div class="alert alert-warning">
href="https://docs.microsoft.com/en-us/azure/active-directory/develop/access-tokens" <span>
>Dokumentacija</a Tu esi administratorius.
> </span>
<pre>{{ $store.state.msalAuth.accessToken }}</pre> </div>
<h3>Prieigos raktas (Access token)</h3>
<a
href="https://docs.microsoft.com/en-us/azure/active-directory/develop/access-tokens"
>Dokumentacija</a
>
<pre>{{ $store.state.msalAuth.accessToken }}</pre>
<h3>Indentifikacijos raktas (ID Token)</h3> <h3>Indentifikacijos raktas (ID Token)</h3>
<a <a
href="https://docs.microsoft.com/en-us/azure/active-directory/develop/id-tokens" href="https://docs.microsoft.com/en-us/azure/active-directory/develop/id-tokens"
>Dokumentacija</a >Dokumentacija</a
> >
<pre>{{ $store.state.msalAuth.idToken }}</pre> <pre>{{ $store.state.msalAuth.idToken }}</pre>
<h4>Duomenys gaunami Indentifikacijos rakto (ID Token)</h4> <h4>Duomenys gaunami Indentifikacijos rakto (ID Token)</h4>
<pre>{{ <pre>{{
$store.state.msalAuth.debugFullTokenResponse.idTokenClaims $store.state.msalAuth.debugFullTokenResponse.idTokenClaims
}}</pre> }}</pre>
<h3>Autorizuotos sritys</h3> <h3>Autorizuotos sritys</h3>
<pre>{{ $store.state.msalAuth.debugFullTokenResponse.scopes }}</pre> <pre>{{ $store.state.msalAuth.debugFullTokenResponse.scopes }}</pre>
<h3>Serverio tokeno patikrinimas</h3> <h3>Serverio tokeno patikrinimas</h3>
<button type="button" class="btn btn-primary" @click="serverVerify"> <button type="button" class="btn btn-primary" @click="serverVerify">
Patikrinti Patikrinti
</button> </button>
<h5>Verifikacijos atsakas:</h5> <button
<pre> type="button"
{{ verificationResult }} class="btn btn-primary"
</pre> @click="serverAdminVerify"
>
Patikrinti ar admin
</button>
<h5>Verifikacijos atsakas:</h5>
<pre>{{ verificationResult }}</pre>
</template>
</template> </template>
<div v-else class="alert alert-danger" role="alert"> <div v-else class="alert alert-danger" role="alert">
<h4 class="alert-heading">Tu neprisijungęs</h4> <h4 class="alert-heading">Tu neprisijungęs</h4>
@@ -71,6 +83,21 @@ export default {
alert(error) alert(error)
}) })
}, },
serverAdminVerify() {
this.verificationResult = null
axios
.get('/api/AuthMetadata/Admin', {
headers: {
Authorization: `Bearer ${this.$store.state.msalAuth.idToken}`,
},
})
.then(response => {
this.verificationResult = response.data
})
.catch(function(error) {
alert(error)
})
},
}, },
} }
</script> </script>

86
KTUSAPS/ClientApp/src/pages/Submit.vue Normal file
View File

@@ -0,0 +1,86 @@
<template>
<div class="container mt-2">
<div class="row justify-content-center">
<div class="card col-lg-6 p-5">
<h1>Pateik savo problemą</h1>
<div class="mb-3">
<label for="emailInput" class="form-label">El. paštas</label>
<input
class="form-control"
type="email"
id="emailInput"
:value="$store.state.msalAuth.email"
disabled
readonly
/>
</div>
<div class="mb-3">
<label for="issueTypeSelect" class="form-label"
>Problemos tipas</label
>
<select
v-model="issue.issueTypeId"
id="issueTypeSelect"
class="form-select"
>
<option v-for="it in issueTypes" :key="it.id" :value="it.id">{{
it.name
}}</option>
</select>
</div>
<div class="mb-3">
<label for="descriptionTextArea" class="form-label">Aprašymas</label>
<textarea
v-model="issue.description"
class="form-control"
id="descriptionTextArea"
rows="4"
aria-describedby="descriptionHelp"
></textarea>
<div id="descriptionHelp" class="form-text">
Nepamirškite paminėti kokiame modulyje susiduriate su šią problemą.
</div>
</div>
<div class="mb-3 form-check">
<input
class="form-check-input"
type="checkbox"
id="publishableCheckbox"
v-model="issue.publishable"
/>
<label class="form-check-label" for="publishable">
Ši problema turėtų būti viešai paskelbta, kad galėtų matyti kiti
studentai.
</label>
</div>
<button class="btn btn-primary">Pateikti</button>
</div>
</div>
</div>
<pre>{{ $data }}</pre>
</template>
<script>
import axios from 'axios'
export default {
data() {
return {
issueTypes: [],
issue: {
description: '',
issueTypeId: null,
publishable: false,
},
}
},
created() {
this.fetchData()
},
methods: {
async fetchData() {
const response = await axios.get('/api/IssueTypes')
this.issueTypes = response.data
},
},
}
</script>

6
KTUSAPS/ClientApp/src/router/index.js
View File

@@ -1,5 +1,6 @@
import { createWebHistory, createRouter } from 'vue-router' import { createWebHistory, createRouter } from 'vue-router'
import Home from '@/pages/Home.vue' import Home from '@/pages/Home.vue'
import Submit from '@/pages/Submit.vue'
const routes = [ const routes = [
{ {
@@ -7,6 +8,11 @@ const routes = [
name: 'Home', name: 'Home',
component: Home, component: Home,
}, },
{
path: '/new',
name: 'Submit',
component: Submit,
},
] ]
const router = createRouter({ const router = createRouter({

19
KTUSAPS/ClientApp/src/store/modules/msalAuth.js
View File

@@ -1,8 +1,10 @@
import { WatchMsalState, GetMsalState } from '@/msal' import { WatchMsalState, GetMsalState } from '@/msal'
import axios from 'axios'
// initial state // initial state
const state = () => ({ const state = () => ({
isLoggedIn: false, isLoggedIn: false,
isAdmin: false,
accessToken: null, accessToken: null,
idToken: null, idToken: null,
email: null, email: null,
@@ -18,8 +20,20 @@ const getters = {}
// actions // actions
const actions = { const actions = {
initialize({ commit }) { initialize({ commit }) {
WatchMsalState(() => { WatchMsalState(async () => {
commit('setState', GetMsalState()) const state = GetMsalState()
let isAdmin = false
if (state.isLoggedIn && state.idToken) {
await axios
.get('/api/AuthMetadata/Admin', {
headers: {
Authorization: `Bearer ${state.idToken}`,
},
})
.then(res => (isAdmin = res.data))
.catch(error => console.error(error))
}
commit('setState', { ...state, isAdmin })
}) })
}, },
} }
@@ -28,6 +42,7 @@ const actions = {
const mutations = { const mutations = {
setState(state, msalState) { setState(state, msalState) {
state.isLoggedIn = msalState.isLoggedIn state.isLoggedIn = msalState.isLoggedIn
state.isAdmin = msalState.isAdmin
state.accessToken = msalState.accessToken state.accessToken = msalState.accessToken
state.idToken = msalState.idToken state.idToken = msalState.idToken
state.debugFullTokenResponse = msalState.debugFullTokenResponse state.debugFullTokenResponse = msalState.debugFullTokenResponse

5
KTUSAPS/Controllers/AuthMetadataController.cs
View File

@@ -44,5 +44,10 @@ namespace KTUSAPS.Controllers
[ProducesResponseType(StatusCodes.Status200OK)] [ProducesResponseType(StatusCodes.Status200OK)]
[HttpGet("Authed")] [HttpGet("Authed")]
public bool IsAuthed() => true; public bool IsAuthed() => true;
[Authorize("admin")]
[ProducesResponseType(StatusCodes.Status200OK)]
[HttpGet("Admin")]
public bool IsAdmin() => true;
} }
} }

1
KTUSAPS/Properties/launchSettings.json
View File

@@ -19,7 +19,6 @@
"KTUSAPS": { "KTUSAPS": {
"commandName": "Project", "commandName": "Project",
"launchBrowser": true, "launchBrowser": true,
"launchUrl": "weatherforecast",
"environmentVariables": { "environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development" "ASPNETCORE_ENVIRONMENT": "Development"
}, },

9
KTUSAPS/Startup.cs
View File

@@ -1,5 +1,7 @@
using KTUSAPS.Auth;
using KTUSAPS.Services; using KTUSAPS.Services;
using Microsoft.AspNetCore.Authentication.JwtBearer; using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting; using Microsoft.AspNetCore.Hosting;
using Microsoft.EntityFrameworkCore; using Microsoft.EntityFrameworkCore;
@@ -43,6 +45,11 @@ namespace KTUSAPS
services.AddAuthorization((configure) => services.AddAuthorization((configure) =>
{ {
var adminPolicy = new Microsoft.AspNetCore.Authorization.AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.AddRequirements(new AdminRequirement())
.Build();
configure.AddPolicy("admin", adminPolicy);
configure.DefaultPolicy = new Microsoft.AspNetCore.Authorization.AuthorizationPolicyBuilder() configure.DefaultPolicy = new Microsoft.AspNetCore.Authorization.AuthorizationPolicyBuilder()
.RequireAuthenticatedUser() .RequireAuthenticatedUser()
.Build(); .Build();
@@ -52,6 +59,8 @@ namespace KTUSAPS
services.AddDbContext<Data.SAPSDataContext>((options) => options.UseMySql(connectionString, ServerVersion.AutoDetect(connectionString))); services.AddDbContext<Data.SAPSDataContext>((options) => options.UseMySql(connectionString, ServerVersion.AutoDetect(connectionString)));
services.AddHostedService<DatabaseInitializationService>(); services.AddHostedService<DatabaseInitializationService>();
services.AddSingleton<IAuthorizationHandler, AdminAuthorizationHandler>();
services.AddSwaggerGen(options => services.AddSwaggerGen(options =>
{ {
options.OperationFilter<AuthorizeCheckOperationFilter>(); options.OperationFilter<AuthorizeCheckOperationFilter>();