From f389661667a510d6accfb412482578b66527e6e4 Mon Sep 17 00:00:00 2001 From: crupest Date: Fri, 21 Feb 2020 15:10:37 +0800 Subject: Move jwt token key from configuration to database and auto generatable. --- Timeline/Services/PathProvider.cs | 41 +++++++++++++++++++++++++++++++++++ Timeline/Services/UserTokenService.cs | 19 +++++++++------- 2 files changed, 52 insertions(+), 8 deletions(-) create mode 100644 Timeline/Services/PathProvider.cs (limited to 'Timeline/Services') diff --git a/Timeline/Services/PathProvider.cs b/Timeline/Services/PathProvider.cs new file mode 100644 index 00000000..15e66972 --- /dev/null +++ b/Timeline/Services/PathProvider.cs @@ -0,0 +1,41 @@ +using Microsoft.Extensions.Configuration; +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Threading.Tasks; + +namespace Timeline.Services +{ + public interface IPathProvider + { + public string GetWorkingDirectory(); + public string GetDatabaseFilePath(); + } + + public class PathProvider : IPathProvider + { + const string DatabaseFileName = "timeline.db"; + + private readonly IConfiguration _configuration; + + private readonly string _workingDirectory; + + + public PathProvider(IConfiguration configuration) + { + _configuration = configuration; + _workingDirectory = configuration.GetValue("WorkDir"); + } + + public string GetWorkingDirectory() + { + return _workingDirectory; + } + + public string GetDatabaseFilePath() + { + return Path.Combine(_workingDirectory, DatabaseFileName); + } + } +} diff --git a/Timeline/Services/UserTokenService.cs b/Timeline/Services/UserTokenService.cs index 731eb1db..86f3a0f7 100644 --- a/Timeline/Services/UserTokenService.cs +++ b/Timeline/Services/UserTokenService.cs @@ -3,9 +3,10 @@ using Microsoft.IdentityModel.Tokens; using System; using System.Globalization; using System.IdentityModel.Tokens.Jwt; +using System.Linq; using System.Security.Claims; -using System.Text; using Timeline.Configs; +using Timeline.Entities; namespace Timeline.Services { @@ -49,16 +50,19 @@ namespace Timeline.Services private readonly JwtSecurityTokenHandler _tokenHandler = new JwtSecurityTokenHandler(); private SymmetricSecurityKey _tokenSecurityKey; - public JwtUserTokenService(IOptionsMonitor jwtConfig, IClock clock) + public JwtUserTokenService(IOptionsMonitor jwtConfig, IClock clock, DatabaseContext database) { _jwtConfig = jwtConfig; _clock = clock; - _tokenSecurityKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(jwtConfig.CurrentValue.SigningKey)); - jwtConfig.OnChange(config => + var key = database.JwtToken.Select(t => t.Key).SingleOrDefault(); + + if (key == null) { - _tokenSecurityKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(config.SigningKey)); - }); + throw new InvalidOperationException(Resources.Services.UserTokenService.JwtKeyNotExist); + } + + _tokenSecurityKey = new SymmetricSecurityKey(key); } public string GenerateToken(UserTokenInfo tokenInfo) @@ -77,8 +81,7 @@ namespace Timeline.Services Subject = identity, Issuer = config.Issuer, Audience = config.Audience, - SigningCredentials = new SigningCredentials( - new SymmetricSecurityKey(Encoding.ASCII.GetBytes(config.SigningKey)), SecurityAlgorithms.HmacSha384), + SigningCredentials = new SigningCredentials(_tokenSecurityKey, SecurityAlgorithms.HmacSha384), IssuedAt = _clock.GetCurrentTime(), Expires = tokenInfo.ExpireAt.GetValueOrDefault(_clock.GetCurrentTime().AddSeconds(config.DefaultExpireOffset)), NotBefore = _clock.GetCurrentTime() // I must explicitly set this or it will use the current time by default and mock is not work in which case test will not pass. -- cgit v1.2.3