refactor: audition check as async allowing non-static checks

lsipii · lsipii · commit 0b57efb71392 · 2023-09-14T19:15:47.000+03:00
diff --git a/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Activities/Productizer/ProductizerController.cs b/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Activities/Productizer/ProductizerController.cs
@@ -159,7 +159,7 @@ public async Task<IActionResult> SaveOrUpdatePersonJobApplicantProfile(UpdateJob
                 e.Message);
             try
             {
-                var jwkToken = _authenticationService.ParseAuthenticationHeader(Request);
+                var jwkToken = await _authenticationService.ParseAuthenticationHeader(Request);
                 var query = new VerifyIdentityUser.Query(jwkToken.UserId, jwkToken.Issuer);
                 var createdUser = await _mediator.Send(query);
                 userId = createdUser.Id;
diff --git a/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Helpers/Services/AuthenticationService.cs b/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Helpers/Services/AuthenticationService.cs
@@ -18,7 +18,7 @@ public AuthenticationService(UserSecurityService userSecurityService)
         return person.Id;
     }
 
-    public JwtTokenResult ParseAuthenticationHeader(HttpRequest httpRequest)
+    public Task<JwtTokenResult> ParseAuthenticationHeader(HttpRequest httpRequest)
     {
         var token = httpRequest.Headers.Authorization.ToString().Replace("Bearer ", string.Empty);
         return _userSecurityService.ParseJwtToken(token);
diff --git a/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Helpers/Services/UserSecurityService.cs b/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Helpers/Services/UserSecurityService.cs
@@ -27,7 +27,7 @@ public UserSecurityService(UsersDbContext usersDbContext, ILogger<UserSecuritySe
     /// <exception cref="NotAuthorizedException">If user id and the issuer are not found in the DB for any given user, this is not a valid user within the users database.</exception>
     public async Task<Person> VerifyAndGetAuthenticatedUser(string token)
     {
-        var jwtTokenResult = ParseJwtToken(token);
+        var jwtTokenResult = await ParseJwtToken(token);
 
         try
         {
@@ -44,7 +44,7 @@ public async Task<Person> VerifyAndGetAuthenticatedUser(string token)
     /// <summary>
     /// Parses the JWT token and returns the issuer and the user id
     /// </summary>
-    public JwtTokenResult ParseJwtToken(string token)
+    public Task<JwtTokenResult> ParseJwtToken(string token)
     {
         return _applicationSecurity.ParseJwtToken(token);
     }
diff --git a/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Security/ApplicationSecurity.cs b/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Security/ApplicationSecurity.cs
@@ -17,7 +17,7 @@ public ApplicationSecurity(List<ISecurityFeature> features)
     /// <summary>
     /// Parses the JWT token and returns the issuer and the user id
     /// </summary>
-    public JwtTokenResult ParseJwtToken(string token)
+    public async Task<JwtTokenResult> ParseJwtToken(string token)
     {
         if (string.IsNullOrEmpty(token)) throw new NotAuthorizedException("No token provided");
 
@@ -32,7 +32,7 @@ public JwtTokenResult ParseJwtToken(string token)
 
         // Resolve and validate the token audience
         var tokenAudience = parsedToken.Audiences.FirstOrDefault() ?? throw new NotAuthorizedException("The given token audience is not valid");
-        securityFeature.ValidateSecurityTokenAudience(tokenAudience);
+        await securityFeature.ValidateSecurityTokenAudience(tokenAudience);
 
         // Resolve user id
         var userId = securityFeature.ResolveTokenUserId(parsedToken) ?? throw new NotAuthorizedException("The given token claim is not valid");
diff --git a/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Security/Features/ISecurityFeature.cs b/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Security/Features/ISecurityFeature.cs
@@ -10,7 +10,7 @@ public interface ISecurityFeature
     void BuildAuthorization(AuthorizationOptions options);
     string GetSecurityPolicySchemeName();
     string? ResolveTokenUserId(JwtSecurityToken jwtSecurityToken);
-    void ValidateSecurityTokenAudience(string audience);
+    Task ValidateSecurityTokenAudience(string audience);
 
     public string Issuer { get; }
 }
diff --git a/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Security/IApplicationSecurity.cs b/VirtualFinland.UserAPI/src/VirtualFinland.UsersAPI/Security/IApplicationSecurity.cs
@@ -2,5 +2,5 @@ namespace VirtualFinland.UserAPI.Security.Models;
 
 public interface IApplicationSecurity
 {
-    JwtTokenResult ParseJwtToken(string token);
+    Task<JwtTokenResult> ParseJwtToken(string token);
 }

Original file line number	Diff line number	Diff line change
`@@ -159,7 +159,7 @@ public async Task<IActionResult> SaveOrUpdatePersonJobApplicantProfile(UpdateJob`
`159`	`159`	`e.Message);`
`160`	`160`	`try`
`161`	`161`	`{`
`162`		`- var jwkToken = _authenticationService.ParseAuthenticationHeader(Request);`
	`162`	`+ var jwkToken = await _authenticationService.ParseAuthenticationHeader(Request);`
`163`	`163`	`var query = new VerifyIdentityUser.Query(jwkToken.UserId, jwkToken.Issuer);`
`164`	`164`	`var createdUser = await _mediator.Send(query);`
`165`	`165`	`userId = createdUser.Id;`
Original file line number	Diff line number	Diff line change
`@@ -18,7 +18,7 @@ public AuthenticationService(UserSecurityService userSecurityService)`
`18`	`18`	`return person.Id;`
`19`	`19`	`}`
`20`	`20`
`21`		`- public JwtTokenResult ParseAuthenticationHeader(HttpRequest httpRequest)`
	`21`	`+ public Task<JwtTokenResult> ParseAuthenticationHeader(HttpRequest httpRequest)`
`22`	`22`	`{`
`23`	`23`	`var token = httpRequest.Headers.Authorization.ToString().Replace("Bearer ", string.Empty);`
`24`	`24`	`return _userSecurityService.ParseJwtToken(token);`
Original file line number	Diff line number	Diff line change
`@@ -27,7 +27,7 @@ public UserSecurityService(UsersDbContext usersDbContext, ILogger<UserSecuritySe`
`27`	`27`	`/// <exception cref="NotAuthorizedException">If user id and the issuer are not found in the DB for any given user, this is not a valid user within the users database.</exception>`
`28`	`28`	`public async Task<Person> VerifyAndGetAuthenticatedUser(string token)`
`29`	`29`	`{`
`30`		`- var jwtTokenResult = ParseJwtToken(token);`
	`30`	`+ var jwtTokenResult = await ParseJwtToken(token);`
`31`	`31`
`32`	`32`	`try`
`33`	`33`	`{`
`@@ -44,7 +44,7 @@ public async Task<Person> VerifyAndGetAuthenticatedUser(string token)`
`44`	`44`	`/// <summary>`
`45`	`45`	`/// Parses the JWT token and returns the issuer and the user id`
`46`	`46`	`/// </summary>`
`47`		`- public JwtTokenResult ParseJwtToken(string token)`
	`47`	`+ public Task<JwtTokenResult> ParseJwtToken(string token)`
`48`	`48`	`{`
`49`	`49`	`return _applicationSecurity.ParseJwtToken(token);`
`50`	`50`	`}`
Original file line number	Diff line number	Diff line change
`@@ -10,7 +10,7 @@ public interface ISecurityFeature`
`10`	`10`	`void BuildAuthorization(AuthorizationOptions options);`
`11`	`11`	`string GetSecurityPolicySchemeName();`
`12`	`12`	`string? ResolveTokenUserId(JwtSecurityToken jwtSecurityToken);`
`13`		`- void ValidateSecurityTokenAudience(string audience);`
	`13`	`+ Task ValidateSecurityTokenAudience(string audience);`
`14`	`14`
`15`	`15`	`public string Issuer { get; }`
`16`	`16`	`}`
Original file line number	Diff line number	Diff line change
`@@ -2,5 +2,5 @@ namespace VirtualFinland.UserAPI.Security.Models;`
`2`	`2`
`3`	`3`	`public interface IApplicationSecurity`
`4`	`4`	`{`
`5`		`- JwtTokenResult ParseJwtToken(string token);`
	`5`	`+ Task<JwtTokenResult> ParseJwtToken(string token);`
`6`	`6`	`}`