From 3d4a8943de7ababf6c5ec41480d612a5e3a8efb0 Mon Sep 17 00:00:00 2001
From: Young <iamlovedit@163.com>
Date: Mon, 7 Oct 2024 21:02:57 +0800
Subject: [PATCH] added default authorize

---
 .../Extensions/AuthorizeSetup.cs              | 41 +++++++++++++++++++
 src/Infrastructure/Extensions/RedisSetup.cs   |  2 +-
 src/Infrastructure/Options/AudienceOptions.cs |  4 ++
 src/Infrastructure/Options/SqlSugarOptions.cs | 10 ++---
 src/Infrastructure/Options/VersionOptions.cs  |  1 +
 .../Security/PermissionOptions.cs             | 21 ++++++++++
 6 files changed, 73 insertions(+), 6 deletions(-)
 create mode 100644 src/Infrastructure/Extensions/AuthorizeSetup.cs
 create mode 100644 src/Infrastructure/Security/PermissionOptions.cs

diff --git a/src/Infrastructure/Extensions/AuthorizeSetup.cs b/src/Infrastructure/Extensions/AuthorizeSetup.cs
new file mode 100644
index 0000000..100b5fa
--- /dev/null
+++ b/src/Infrastructure/Extensions/AuthorizeSetup.cs
@@ -0,0 +1,41 @@
+using System.Security.Claims;
+using System.Text;
+using Infrastructure.Options;
+using Infrastructure.Security;
+using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.IdentityModel.Tokens;
+
+namespace Infrastructure.Extensions;
+
+public static class AuthorizeSetup
+{
+    public static IServiceCollection AddDefaultAuthorize(this IServiceCollection services, IConfiguration configuration)
+    {
+        ArgumentNullException.ThrowIfNull(services);
+        ArgumentNullException.ThrowIfNull(configuration);
+        var audienceOptions = configuration.GetSection(AudienceOptions.Name).Get<AudienceOptions>();
+        if (audienceOptions is null || !audienceOptions.IsEnable)
+        {
+            return services;
+        }
+
+        var key = configuration["AUDIENCE_KEY"] ?? audienceOptions.Secret;
+        ArgumentException.ThrowIfNullOrEmpty(key);
+        var buffer = Encoding.UTF8.GetBytes(key);
+        var securityKey = new SymmetricSecurityKey(buffer);
+        var signingCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
+
+        services.AddSingleton(new PermissionOptions(ClaimTypes.Role,
+            audienceOptions.Issuer,
+            audienceOptions.Audience,
+            TimeSpan.FromSeconds(audienceOptions.Expiration),
+            signingCredentials));
+
+        services.AddAuthorizationBuilder()
+            .AddPolicy(audienceOptions.Policy!, policy =>
+                policy.RequireRole(audienceOptions.Roles!)
+                    .Build());
+        return services;
+    }
+}
\ No newline at end of file
diff --git a/src/Infrastructure/Extensions/RedisSetup.cs b/src/Infrastructure/Extensions/RedisSetup.cs
index a9a5d27..2563276 100644
--- a/src/Infrastructure/Extensions/RedisSetup.cs
+++ b/src/Infrastructure/Extensions/RedisSetup.cs
@@ -7,7 +7,7 @@ namespace Infrastructure.Extensions;
 
 public static class RedisSetup
 {
-    public static IServiceCollection AddRedisSetup(this IServiceCollection services, IConfiguration configuration)
+    public static IServiceCollection AddDefaultRedis(this IServiceCollection services, IConfiguration configuration)
     {
         ArgumentNullException.ThrowIfNull(services);
         ArgumentNullException.ThrowIfNull(configuration);
diff --git a/src/Infrastructure/Options/AudienceOptions.cs b/src/Infrastructure/Options/AudienceOptions.cs
index fb6fc30..08c12f7 100644
--- a/src/Infrastructure/Options/AudienceOptions.cs
+++ b/src/Infrastructure/Options/AudienceOptions.cs
@@ -11,4 +11,8 @@ public sealed class AudienceOptions : OptionsBase
     public string Secret { get; set; }
 
     public int Expiration { get; set; }
+
+    public string? Policy { get; set; }
+
+    public string[]? Roles { get; set; }
 }
\ No newline at end of file
diff --git a/src/Infrastructure/Options/SqlSugarOptions.cs b/src/Infrastructure/Options/SqlSugarOptions.cs
index e7a3b68..04b189b 100644
--- a/src/Infrastructure/Options/SqlSugarOptions.cs
+++ b/src/Infrastructure/Options/SqlSugarOptions.cs
@@ -6,15 +6,15 @@ public sealed class SqlSugarOptions : OptionsBase
 
     public SnowFlakeOptions? SnowFlake { get; set; }
 
-    public string Server { get; set; }
+    public string? Server { get; set; }
 
-    public int? Port { get; set; }
+    public int Port { get; set; }
 
-    public string Database { get; set; }
+    public string? Database { get; set; }
 
-    public string UserId { get; set; }
+    public string? User { get; set; }
 
-    public string Password { get; set; }
+    public string? Password { get; set; }
 }
 
 public class SnowFlakeOptions : OptionsBase
diff --git a/src/Infrastructure/Options/VersionOptions.cs b/src/Infrastructure/Options/VersionOptions.cs
index 1a462c8..6e8fd68 100644
--- a/src/Infrastructure/Options/VersionOptions.cs
+++ b/src/Infrastructure/Options/VersionOptions.cs
@@ -3,6 +3,7 @@ namespace Infrastructure.Options;
 public class VersionOptions : OptionsBase
 {
     public const string Name = "Version";
+    
     public string HeaderName { get; set; }
 
     public string ParameterName { get; set; }
diff --git a/src/Infrastructure/Security/PermissionOptions.cs b/src/Infrastructure/Security/PermissionOptions.cs
new file mode 100644
index 0000000..720a237
--- /dev/null
+++ b/src/Infrastructure/Security/PermissionOptions.cs
@@ -0,0 +1,21 @@
+using Microsoft.IdentityModel.Tokens;
+
+namespace Infrastructure.Security;
+
+public class PermissionOptions(
+    string claimType,
+    string issuer,
+    string audience,
+    TimeSpan expiration,
+    SigningCredentials credentials)
+{
+    public string ClaimType { get; } = claimType;
+
+    public string Issuer { get; } = issuer;
+
+    public string Audience { get; } = audience;
+
+    public TimeSpan Expiration { get; } = expiration;
+
+    public SigningCredentials SigningCredentials { get; } = credentials;
+}
\ No newline at end of file