Merge pull request #192 from marcominerva/develop

Make JwtBearerService public

Author: marcominerva

samples/Controllers/ApiKeySample/ApiKeySample.csproj

@@ -7,8 +7,8 @@
     </PropertyGroup>
 
     <ItemGroup>
-        <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="10.0.4" />
-        <PackageReference Include="Swashbuckle.AspNetCore.SwaggerUI" Version="10.1.5" />
+        <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="10.0.5" />
+        <PackageReference Include="Swashbuckle.AspNetCore.SwaggerUI" Version="10.1.7" />
     </ItemGroup>
 
     <ItemGroup>

samples/Controllers/BasicAuthenticationSample/BasicAuthenticationSample.csproj

@@ -7,8 +7,8 @@
     </PropertyGroup>
 
     <ItemGroup>
-        <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="10.0.4" />
-        <PackageReference Include="Swashbuckle.AspNetCore.SwaggerUI" Version="10.1.5" />
+        <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="10.0.5" />
+        <PackageReference Include="Swashbuckle.AspNetCore.SwaggerUI" Version="10.1.7" />
     </ItemGroup>
 
     <ItemGroup>

samples/Controllers/JwtBearerSample/JwtBearerSample.csproj

@@ -7,8 +7,8 @@
     </PropertyGroup>
 
     <ItemGroup>
-        <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="10.0.4" />
-        <PackageReference Include="Swashbuckle.AspNetCore.SwaggerUI" Version="10.1.5" />
+        <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="10.0.5" />
+        <PackageReference Include="Swashbuckle.AspNetCore.SwaggerUI" Version="10.1.7" />
     </ItemGroup>
 
     <ItemGroup>

samples/MinimalApis/ApiKeySample/ApiKeySample.csproj

@@ -7,8 +7,8 @@
     </PropertyGroup>
 
     <ItemGroup>
-        <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="10.0.4" />
-        <PackageReference Include="Swashbuckle.AspNetCore.SwaggerUI" Version="10.1.5" />
+        <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="10.0.5" />
+        <PackageReference Include="Swashbuckle.AspNetCore.SwaggerUI" Version="10.1.7" />
     </ItemGroup>
 
     <ItemGroup>

samples/MinimalApis/BasicAuthenticationSample/BasicAuthenticationSample.csproj

@@ -7,8 +7,8 @@
     </PropertyGroup>
 
     <ItemGroup>
-        <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="10.0.4" />
-        <PackageReference Include="Swashbuckle.AspNetCore.SwaggerUI" Version="10.1.5" />
+        <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="10.0.5" />
+        <PackageReference Include="Swashbuckle.AspNetCore.SwaggerUI" Version="10.1.7" />
     </ItemGroup>
 
     <ItemGroup>

samples/MinimalApis/JwtBearerSample/JwtBearerSample.csproj

@@ -7,8 +7,8 @@
     </PropertyGroup>
 
     <ItemGroup>
-        <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="10.0.4" />
-        <PackageReference Include="Swashbuckle.AspNetCore.SwaggerUI" Version="10.1.5" />
+        <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="10.0.5" />
+        <PackageReference Include="Swashbuckle.AspNetCore.SwaggerUI" Version="10.1.7" />
     </ItemGroup>
 
     <ItemGroup>

samples/MinimalApis/Net8JwtBearerSample/Net8JwtBearerSample.csproj

@@ -7,7 +7,7 @@
     </PropertyGroup>
 
     <ItemGroup>
-      <PackageReference Include="Swashbuckle.AspNetCore" Version="10.1.5" />
+      <PackageReference Include="Swashbuckle.AspNetCore" Version="10.1.7" />
     </ItemGroup>
 
     <ItemGroup>

src/SimpleAuthentication.Abstractions/SimpleAuthentication.Abstractions.csproj

@@ -36,7 +36,7 @@
     </ItemGroup>
 
     <ItemGroup Condition="'$(TargetFramework)' == 'net10.0'">
-        <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="10.0.4" />
+        <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="10.0.5" />
     </ItemGroup>
 
     <ItemGroup>

src/SimpleAuthentication.Swashbuckle/SimpleAuthentication.Swashbuckle.csproj

@@ -33,7 +33,7 @@
 
     <ItemGroup>
         <PackageReference Include="SimpleAuthenticationTools.Abstractions" Version="3.1.10" />
-        <PackageReference Include="Swashbuckle.AspNetCore.SwaggerGen" Version="10.1.5" />
+        <PackageReference Include="Swashbuckle.AspNetCore.SwaggerGen" Version="10.1.7" />
     </ItemGroup>
 
     <ItemGroup>

src/SimpleAuthentication/JwtBearer/JwtBearerService.cs

@@ -6,27 +6,40 @@
 
 namespace SimpleAuthentication.JwtBearer;
 
-internal class JwtBearerService(IOptions<JwtBearerSettings> jwtBearerSettingsOptions) : IJwtBearerService
+/// <summary>
+/// Default implementation of <see cref="IJwtBearerService"/> that provides JWT Bearer token generation and validation.
+/// </summary>
+/// <param name="jwtBearerSettingsOptions">The JWT Bearer settings.</param>
+public class JwtBearerService(IOptions<JwtBearerSettings> jwtBearerSettingsOptions) : IJwtBearerService
 {
-    private readonly JwtBearerSettings jwtBearerSettings = jwtBearerSettingsOptions.Value;
+    /// <summary>
+    /// Gets the JWT Bearer settings used by this service.
+    /// </summary>
+    protected JwtBearerSettings JwtBearerSettings { get; } = jwtBearerSettingsOptions?.Value ?? throw new ArgumentNullException(nameof(jwtBearerSettingsOptions));
 
-    public Task<string> CreateTokenAsync(string userName, IList<Claim>? claims = null, string? issuer = null, string? audience = null, DateTime? absoluteExpiration = null)
+    /// <inheritdoc />
+    public virtual Task<string> CreateTokenAsync(string userName, IList<Claim>? claims = null, string? issuer = null, string? audience = null, DateTime? absoluteExpiration = null)
     {
+        var now = DateTime.UtcNow;
+
+        if (absoluteExpiration.HasValue && absoluteExpiration.Value < now)
+        {
+            throw new ArgumentException("The expiration date must be greater than or equal to the current date and time.", nameof(absoluteExpiration));
+        }
+
         claims ??= [];
-        claims.Update(jwtBearerSettings.NameClaimType, userName);
+        claims.Update(JwtBearerSettings.NameClaimType, userName);
         claims.Update(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString());
 
-        var now = DateTime.UtcNow;
-
         var securityTokenDescriptor = new SecurityTokenDescriptor()
         {
-            Subject = new ClaimsIdentity(claims, jwtBearerSettings.SchemeName, jwtBearerSettings.NameClaimType, jwtBearerSettings.RoleClaimType),
-            Issuer = issuer ?? jwtBearerSettings.Issuers?.FirstOrDefault(),
-            Audience = audience ?? jwtBearerSettings.Audiences?.FirstOrDefault(),
+            Subject = new ClaimsIdentity(claims, JwtBearerSettings.SchemeName, JwtBearerSettings.NameClaimType, JwtBearerSettings.RoleClaimType),
+            Issuer = issuer ?? JwtBearerSettings.Issuers?.FirstOrDefault(),
+            Audience = audience ?? JwtBearerSettings.Audiences?.FirstOrDefault(),
             IssuedAt = now,
-            NotBefore = now.Add(-jwtBearerSettings.ClockSkew),
-            Expires = absoluteExpiration ?? (jwtBearerSettings.ExpirationTime.GetValueOrDefault() > TimeSpan.Zero ? now.Add(jwtBearerSettings.ExpirationTime!.Value) : DateTime.MaxValue),
-            SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtBearerSettings.SecurityKey)), jwtBearerSettings.Algorithm)
+            NotBefore = now.Add(-JwtBearerSettings.ClockSkew),
+            Expires = absoluteExpiration ?? (JwtBearerSettings.ExpirationTime.GetValueOrDefault() > TimeSpan.Zero ? now.Add(JwtBearerSettings.ExpirationTime!.Value) : DateTime.MaxValue),
+            SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(Encoding.UTF8.GetBytes(JwtBearerSettings.SecurityKey)), JwtBearerSettings.Algorithm)
         };
 
         var tokenHandler = new JsonWebTokenHandler();
@@ -35,7 +48,8 @@ public Task<string> CreateTokenAsync(string userName, IList<Claim>? claims = nul
         return Task.FromResult(token);
     }
 
-    public async Task<ClaimsPrincipal> ValidateTokenAsync(string token, bool validateLifetime = true)
+    /// <inheritdoc />
+    public virtual async Task<ClaimsPrincipal> ValidateTokenAsync(string token, bool validateLifetime = true)
     {
         var tokenHandler = new JsonWebTokenHandler();
 
@@ -46,23 +60,23 @@ public async Task<ClaimsPrincipal> ValidateTokenAsync(string token, bool validat
 
         var tokenValidationParameters = new TokenValidationParameters
         {
-            AuthenticationType = jwtBearerSettings.SchemeName,
-            NameClaimType = jwtBearerSettings.NameClaimType,
-            RoleClaimType = jwtBearerSettings.RoleClaimType,
-            ValidateIssuer = jwtBearerSettings.Issuers?.Any() ?? false,
-            ValidIssuers = jwtBearerSettings.Issuers,
-            ValidateAudience = jwtBearerSettings.Audiences?.Any() ?? false,
-            ValidAudiences = jwtBearerSettings.Audiences,
+            AuthenticationType = JwtBearerSettings.SchemeName,
+            NameClaimType = JwtBearerSettings.NameClaimType,
+            RoleClaimType = JwtBearerSettings.RoleClaimType,
+            ValidateIssuer = JwtBearerSettings.Issuers?.Any() ?? false,
+            ValidIssuers = JwtBearerSettings.Issuers,
+            ValidateAudience = JwtBearerSettings.Audiences?.Any() ?? false,
+            ValidAudiences = JwtBearerSettings.Audiences,
             ValidateIssuerSigningKey = true,
-            IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtBearerSettings.SecurityKey)),
+            IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(JwtBearerSettings.SecurityKey)),
             RequireExpirationTime = true,
             ValidateLifetime = validateLifetime,
-            ClockSkew = jwtBearerSettings.ClockSkew
+            ClockSkew = JwtBearerSettings.ClockSkew
         };
 
         var validationResult = await tokenHandler.ValidateTokenAsync(token, tokenValidationParameters);
 
-        if (!validationResult.IsValid || validationResult.SecurityToken is not JsonWebToken jsonWebToken || jsonWebToken.Alg != jwtBearerSettings.Algorithm)
+        if (!validationResult.IsValid || validationResult.SecurityToken is not JsonWebToken jsonWebToken || jsonWebToken.Alg != JwtBearerSettings.Algorithm)
         {
             throw new SecurityTokenException("Token is expired or invalid", validationResult.Exception);
         }
@@ -71,12 +85,13 @@ public async Task<ClaimsPrincipal> ValidateTokenAsync(string token, bool validat
         return principal;
     }
 
-    public async Task<string> RefreshTokenAsync(string token, bool validateLifetime, DateTime? absoluteExpiration = null)
+    /// <inheritdoc />
+    public virtual async Task<string> RefreshTokenAsync(string token, bool validateLifetime, DateTime? absoluteExpiration = null)
     {
         var principal = await ValidateTokenAsync(token, validateLifetime);
         var claims = (principal.Identity as ClaimsIdentity)!.Claims.ToList();
 
-        var userName = claims.First(c => c.Type == jwtBearerSettings.NameClaimType).Value;
+        var userName = claims.First(c => c.Type == JwtBearerSettings.NameClaimType).Value;
         var issuer = claims.FirstOrDefault(c => c.Type == JwtRegisteredClaimNames.Iss)?.Value;
         var audience = claims.FirstOrDefault(c => c.Type == JwtRegisteredClaimNames.Aud)?.Value;