From 4877f4747c7957a8efcae040618f99cfee27aa5b Mon Sep 17 00:00:00 2001 From: Tom Sverre Hageland <60652478+tomshag@users.noreply.github.com> Date: Mon, 6 May 2024 13:57:07 +0200 Subject: [PATCH] this seems to fix the legacy part of authentication, at least. (#422) Co-authored-by: tsh --- .vscode/launch.json | 4 ++-- .vscode/tasks.json | 6 +++--- src/Altinn.Broker.API/Program.cs | 12 ++++++------ 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.vscode/launch.json b/.vscode/launch.json index f2d7960a..905f289d 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -9,9 +9,9 @@ "type": "coreclr", "request": "launch", "preLaunchTask": "build", - "program": "${workspaceFolder}/src/Altinn.Broker/bin/Debug/net8.0/Altinn.Broker.dll", + "program": "${workspaceFolder}/src/Altinn.Broker.API/bin/Debug/net8.0/Altinn.Broker.API.dll", "args": [], - "cwd": "${workspaceFolder}/src/Altinn.Broker", + "cwd": "${workspaceFolder}/src/Altinn.Broker.API", "stopAtEntry": false, "serverReadyAction": { "action": "openExternally", diff --git a/.vscode/tasks.json b/.vscode/tasks.json index 2757563a..47226191 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -7,7 +7,7 @@ "type": "process", "args": [ "build", - "${workspaceFolder}/src/Altinn.Broker/Altinn.Broker.csproj", + "${workspaceFolder}/src/Altinn.Broker.API/Altinn.Broker.API.csproj", "/property:GenerateFullPaths=true", "/consoleloggerparameters:NoSummary" ], @@ -19,7 +19,7 @@ "type": "process", "args": [ "publish", - "${workspaceFolder}/src/Altinn.Broker/Altinn.Broker.csproj", + "${workspaceFolder}/src/Altinn.Broker.API/Altinn.Broker.API.csproj", "/property:GenerateFullPaths=true", "/consoleloggerparameters:NoSummary" ], @@ -33,7 +33,7 @@ "watch", "run", "--project", - "${workspaceFolder}/src/Altinn.Broker/Altinn.Broker.csproj" + "${workspaceFolder}/src/Altinn.Broker.API/Altinn.Broker.API.csproj" ], "problemMatcher": "$msCompile" } diff --git a/src/Altinn.Broker.API/Program.cs b/src/Altinn.Broker.API/Program.cs index 9d62c6d4..59be2792 100644 --- a/src/Altinn.Broker.API/Program.cs +++ b/src/Altinn.Broker.API/Program.cs @@ -109,7 +109,7 @@ static void ConfigureServices(IServiceCollection services, IConfiguration config services.ConfigureHangfire(); - services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) + services.AddAuthentication() .AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, options => { var altinnOptions = new AltinnOptions(); @@ -162,11 +162,11 @@ static void ConfigureServices(IServiceCollection services, IConfiguration config services.AddTransient(); services.AddAuthorization(options => { - options.AddPolicy(AuthorizationConstants.Sender, policy => policy.AddRequirements(new ScopeAccessRequirement(AuthorizationConstants.SenderScope))); - options.AddPolicy(AuthorizationConstants.Recipient, policy => policy.AddRequirements(new ScopeAccessRequirement(AuthorizationConstants.RecipientScope))); - options.AddPolicy(AuthorizationConstants.SenderOrRecipient, policy => policy.AddRequirements(new ScopeAccessRequirement([AuthorizationConstants.SenderScope, AuthorizationConstants.RecipientScope]))); - options.AddPolicy(AuthorizationConstants.Legacy, policy => policy.AddRequirements(new ScopeAccessRequirement(AuthorizationConstants.LegacyScope))); - options.AddPolicy(AuthorizationConstants.ServiceOwner, policy => policy.AddRequirements(new ScopeAccessRequirement(AuthorizationConstants.ServiceOwnerScope))); + options.AddPolicy(AuthorizationConstants.Sender, policy => policy.AddRequirements(new ScopeAccessRequirement(AuthorizationConstants.SenderScope)).AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme)); + options.AddPolicy(AuthorizationConstants.Recipient, policy => policy.AddRequirements(new ScopeAccessRequirement(AuthorizationConstants.RecipientScope)).AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme)); + options.AddPolicy(AuthorizationConstants.SenderOrRecipient, policy => policy.AddRequirements(new ScopeAccessRequirement([AuthorizationConstants.SenderScope, AuthorizationConstants.RecipientScope])).AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme)); + options.AddPolicy(AuthorizationConstants.Legacy, policy => policy.AddRequirements(new ScopeAccessRequirement(AuthorizationConstants.LegacyScope)).AddAuthenticationSchemes(AuthorizationConstants.Legacy)); + options.AddPolicy(AuthorizationConstants.ServiceOwner, policy => policy.AddRequirements(new ScopeAccessRequirement(AuthorizationConstants.ServiceOwnerScope)).AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme)); }); services.Configure(options =>