feat: jwt application

Jwt.Server/Program.cs

@@ -1,3 +1,19 @@
+using System.IdentityModel.Tokens.Jwt;
+using System.Security.Claims;
+using System.Security.Cryptography;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.IdentityModel.Protocols.OpenIdConnect;
+using Microsoft.IdentityModel.Tokens;
+using RsaKeyLoader;
+
+var _users = new List<(string Name, string Id)>()
+{
+    new ValueTuple<string, string>("Danil", Guid.NewGuid().ToString())
+};
+
+var _rsaKey = KeyLoader.GetGeneratedKey();
+
 var builder = WebApplication.CreateBuilder(args);
 
 // Add services to the container.
@@ -5,6 +21,42 @@ var builder = WebApplication.CreateBuilder(args);
 builder.Services.AddEndpointsApiExplorer();
 builder.Services.AddSwaggerGen();
 
+// todo: package Microsoft.AspNetCore.Authentication.JwtBearer;
+builder.Services.AddAuthentication()
+    .AddJwtBearer(b =>
+    {
+        b.TokenValidationParameters = new TokenValidationParameters()
+        {
+            // для облегчения дебага
+            ValidateAudience = false,
+            ValidateIssuer = false,
+        };
+        
+        // important
+        b.Configuration = new OpenIdConnectConfiguration()
+        {
+            SigningKeys =
+            {
+                new RsaSecurityKey(_rsaKey)
+            }
+        };
+
+        // b.Events = new JwtBearerEvents()
+        // {
+        //     OnMessageReceived = (ctx) =>
+        //     {
+        //         if (ctx.Request.Query.ContainsKey("token"))
+        //         {
+        //             ctx.Token = ctx.Request.Query["token"];
+        //         }
+        //
+        //         return Task.CompletedTask;
+        //     }
+        // };
+    });
+builder.Services.AddAuthorization();
+
+
 var app = builder.Build();
 
 // Configure the HTTP request pipeline.
@@ -15,6 +67,8 @@ if (app.Environment.IsDevelopment())
 }
 
 app.UseHttpsRedirection();
+app.UseAuthentication();
+app.UseAuthorization();
 
 var summaries = new[]
 {
@@ -33,12 +87,55 @@ app.MapGet("/weatherforecast", () =>
             .ToArray();
         return forecast;
     })
+    .RequireAuthorization()
     .WithName("GetWeatherForecast")
     .WithOpenApi();
 
+app.MapGet("/login", (string userName) =>
+{
+    var user = _users.First(x => x.Name == userName);
+    var handler = new JwtSecurityTokenHandler();
+    var key = new RsaSecurityKey(_rsaKey);
+    var token = handler.CreateToken(new SecurityTokenDescriptor()
+    {
+        Issuer = "https://localhost:5000",
+        Subject = new ClaimsIdentity(new List<Claim>()
+        {
+            new Claim("sub", user.Id),
+            new Claim("name", user.Name)
+        }),
+        // important
+        SigningCredentials = new SigningCredentials(key, SecurityAlgorithms.RsaSha256)
+    });
+    return handler.WriteToken(token);
+});
+
+app.MapGet("/jwk", () =>
+{
+    var publicKey = RSA.Create();
+    publicKey.ImportRSAPublicKey(_rsaKey.ExportRSAPublicKey(), out _);
+    var key = new RsaSecurityKey(publicKey);
+    return JsonWebKeyConverter.ConvertFromRSASecurityKey(key);
+});
+
 app.Run();
 
 record WeatherForecast(DateOnly Date, int TemperatureC, string? Summary)
 {
     public int TemperatureF => 32 + (int)(TemperatureC / 0.5556);
-}
+}
+
+
+/* script:
+
+const token = '';
+
+fetch("/weatherforecast", {
+       method: "GET",
+       headers: {
+           "Accept": "application/json",
+           "Authorization": "Bearer " + token
+       }
+   }).then(r => r.json()).then(r => console.log(r));
+
+*/