-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
13bd4f2
commit d7fa9e3
Showing
20 changed files
with
221 additions
and
241 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,47 @@ | ||
| # https://docs.microsoft.com/en-us/azure/azure-functions/functions-how-to-github-actions?tabs=dotnet#deploy-the-function-app | ||
|
|
||
| name: Deploy Api to Function App | ||
|
|
||
| on: | ||
| [push] | ||
|
|
||
| env: | ||
| AZURE_FUNCTIONAPP_NAME: couple-api | ||
| AZURE_FUNCTIONAPP_PROJ_PATH: 'Api' | ||
| DOTNET_VERSION: '6.0.x' | ||
|
|
||
| jobs: | ||
| build-and-deploy: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: 'Checkout' | ||
| uses: actions/checkout@v2 | ||
|
|
||
| - name: Setup DotNet ${{ env.DOTNET_VERSION }} Environment | ||
| uses: actions/setup-dotnet@v1 | ||
| with: | ||
| dotnet-version: ${{ env.DOTNET_VERSION }} | ||
|
|
||
| - name: 'Build' | ||
| shell: bash | ||
| run: | | ||
| pushd './${{ env.AZURE_FUNCTIONAPP_PROJ_PATH }}' | ||
| dotnet build --configuration Release --output ./output | ||
| popd | ||
| - name: 'Install Azure Functions Core Tools' | ||
| run: npm i -g azure-functions-core-tools@4 --unsafe-perm true | ||
|
|
||
| - name: 'Login to Azure' | ||
| uses: azure/login@v1 | ||
| with: | ||
| creds: ${{ secrets.AZURE_CREDENTIALS }} | ||
|
|
||
| - name: 'Publish' | ||
| run: func azure functionapp publish ${{ env.AZURE_FUNCTIONAPP_NAME }} | ||
| working-directory: ${{ env.AZURE_FUNCTIONAPP_PROJ_PATH }} | ||
|
|
||
| - name: 'Logout of Azure' | ||
| run: | | ||
| az logout | ||
| if: always() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,48 @@ | ||
| # https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blobs-static-site-github-actions | ||
|
|
||
| name: Deploy Client to Azure Storage | ||
|
|
||
| on: | ||
| [push] | ||
|
|
||
| env: | ||
| AZURE_CLIENT_PATH: 'Client' | ||
| DOTNET_VERSION: '6.0.x' | ||
|
|
||
| jobs: | ||
| build-and-deploy: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: 'Checkout' | ||
| uses: actions/checkout@v2 | ||
|
|
||
| - name: Setup DotNet ${{ env.DOTNET_VERSION }} Environment | ||
| uses: actions/setup-dotnet@v1 | ||
| with: | ||
| dotnet-version: ${{ env.DOTNET_VERSION }} | ||
|
|
||
| - name: 'Build' | ||
| shell: bash | ||
| run: | | ||
| pushd './${{ env.AZURE_CLIENT_PATH }}' | ||
| dotnet workload install wasm-tools | ||
| dotnet publish --configuration Release --output ./output | ||
| mv ./output/wwwroot/* ./output/ | ||
| popd | ||
| - name: 'Login to Azure' | ||
| uses: azure/login@v1 | ||
| with: | ||
| creds: ${{ secrets.AZURE_CREDENTIALS }} | ||
|
|
||
| - name: 'Deploy' | ||
| uses: azure/CLI@v1 | ||
| with: | ||
| inlineScript: | | ||
| az storage blob delete-batch --account-name couple --auth-mode key --source '$web' | ||
| az storage blob upload-batch --account-name couple --auth-mode key --destination '$web' --source ./Client/output | ||
| - name: 'Logout of Azure' | ||
| run: | | ||
| az logout | ||
| if: always() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
45 changes: 0 additions & 45 deletions
45
.github/workflows/azure-static-web-apps-orange-island-0901fe000.yml
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,77 +1,15 @@ | ||
| using System.IdentityModel.Tokens.Jwt; | ||
| using System.Net.Http.Headers; | ||
| using System.Security.Claims; | ||
| using System.Text; | ||
| using System.Text.Json; | ||
|
|
||
| namespace Couple.Api.Infrastructure; | ||
|
|
||
| public class CurrentUserService : ICurrentUserService | ||
| { | ||
| private const string ClaimTypePartnerId = "PartnerId"; | ||
|
|
||
| public Claims GetClaims(HttpHeaders headers) | ||
| { | ||
| var clientPrincipal = StaticWebAppsAuth.Parse(headers); | ||
|
|
||
| var id = clientPrincipal.FindFirstValue(ClaimTypes.NameIdentifier)!; | ||
| var partnerId = clientPrincipal.FindFirstValue(ClaimTypePartnerId)!; | ||
|
|
||
| return new(id, partnerId); | ||
| } | ||
|
|
||
| // from https://docs.microsoft.com/en-us/azure/static-web-apps/user-information?tabs=csharp#api-functions | ||
| private static class StaticWebAppsAuth | ||
| { | ||
| public static ClaimsPrincipal Parse(HttpHeaders headers) | ||
| { | ||
| var data = headers.GetValues("x-ms-client-principal").First(); | ||
| var decoded = Convert.FromBase64String(data); | ||
| var json = Encoding.ASCII.GetString(decoded); | ||
| var principal = JsonSerializer.Deserialize<ClientPrincipal>(json, | ||
| new JsonSerializerOptions { PropertyNameCaseInsensitive = true })!; | ||
|
|
||
| #pragma warning disable CS8604 | ||
| var roles = principal.UserRoles | ||
| #pragma warning restore CS8604 | ||
| .Where(role => role != "anonymous" | ||
| && role != "authenticated" | ||
| && !role.StartsWith("id_") | ||
| && !role.StartsWith("partnerid_")) | ||
| .Select(r => new Claim(ClaimTypes.Role, r)) | ||
| .ToList(); | ||
|
|
||
| if (!roles.Any()) | ||
| { | ||
| return new(); | ||
| } | ||
|
|
||
| var adminAssignedId = principal.UserRoles | ||
| .Single(role => role.StartsWith("id_")); | ||
| var partnerId = principal.UserRoles | ||
| .Single(role => role.StartsWith("partnerid_")); | ||
|
|
||
| var identity = new ClaimsIdentity(principal.IdentityProvider); | ||
|
|
||
| // Azure Static Web App does not allow us to add custom properties. Therefore, | ||
| // PartnerId needs to be stored as a role instead. However, the default Id generated by Azure SWA | ||
| // is longer than 25 characters, and Azure SWA disallows roles from having more than 25 characters. | ||
| // Therefore, this is the temporary workaround in order to store partnerId. | ||
| // By right we should be using principal.UserId, which is pending AAD B2C implementation: | ||
| // See https://github.com/Azure/static-web-apps/issues/3 | ||
| // An alternative implementation is to return a custom Cookie / JWT, but that requires more effort | ||
| // with little gains, given the current state of the project. | ||
| identity.AddClaim(new(ClaimTypes.NameIdentifier, adminAssignedId[3..])); | ||
| identity.AddClaim(new(ClaimTypePartnerId, partnerId[10..])); | ||
| identity.AddClaims(roles); | ||
| return new(identity); | ||
| } | ||
|
|
||
| private class ClientPrincipal | ||
| { | ||
| public string? IdentityProvider { get; set; } | ||
| public string? UserId { get; set; } | ||
| public string? UserDetails { get; set; } | ||
| public IEnumerable<string>? UserRoles { get; set; } | ||
| } | ||
| var authValues = headers.GetValues("authorization"); | ||
| var authHeader = AuthenticationHeaderValue.Parse(authValues.ToArray().First()); | ||
| var jwt = new JwtSecurityTokenHandler().ReadJwtToken(authHeader.Parameter); | ||
| return new(jwt.Subject, jwt.Claims.First(c => c.Type == "name").Value); | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,14 +1,17 @@ | ||
| @inject NavigationManager _navigationManager | ||
|
|
||
| <Router AppAssembly="@typeof(Program).Assembly"> | ||
| <Found Context="routeData"> | ||
| <RouteView DefaultLayout="@typeof(MainLayout)" RouteData="@routeData"/> | ||
| </Found> | ||
| <NotFound> | ||
| <LayoutView Layout="@typeof(MainLayout)"> | ||
| @{ | ||
| _navigationManager.NavigateTo(""); | ||
| } | ||
| </LayoutView> | ||
| </NotFound> | ||
| </Router> | ||
| <CascadingAuthenticationState> | ||
| <Router AppAssembly="@typeof(Program).Assembly"> | ||
| <Found Context="routeData"> | ||
| <AuthorizeRouteView RouteData="@routeData" DefaultLayout="@typeof(MainLayout)"> | ||
| </AuthorizeRouteView> | ||
| </Found> | ||
| <NotFound> | ||
| <LayoutView Layout="@typeof(MainLayout)"> | ||
| @{ | ||
| _navigationManager.NavigateTo(""); | ||
| } | ||
| </LayoutView> | ||
| </NotFound> | ||
| </Router> | ||
| </CascadingAuthenticationState> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| using Couple.Client.Utility; | ||
| using Microsoft.AspNetCore.Components; | ||
| using Microsoft.AspNetCore.Components.WebAssembly.Authentication; | ||
|
|
||
| namespace Couple.Client.Infrastructure; | ||
|
|
||
| public class ApiAuthorizationMessageHandler : AuthorizationMessageHandler | ||
| { | ||
| public const string Scope = @"https://couplesg.onmicrosoft.com/api/all"; | ||
|
|
||
| public ApiAuthorizationMessageHandler(IAccessTokenProvider provider, | ||
| NavigationManager navigationManager, | ||
| IConfiguration configuration) | ||
| : base(provider, navigationManager) => | ||
| ConfigureHandler( | ||
| new[] { configuration[Constants.ApiPrefix]! }, | ||
| new[] { Scope }); | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| @page "/authentication/{action}" | ||
| <RemoteAuthenticatorView Action="@Action"/> | ||
|
|
||
| @code{ | ||
|
|
||
| [Parameter] | ||
| public string? Action { get; set; } | ||
|
|
||
| } |
Oops, something went wrong.