diff --git a/ReallifeGamemode.DataService/Logic/JwtTokenGenerator.cs b/ReallifeGamemode.DataService/Logic/JwtTokenGenerator.cs index 7d5786ae..45261610 100644 --- a/ReallifeGamemode.DataService/Logic/JwtTokenGenerator.cs +++ b/ReallifeGamemode.DataService/Logic/JwtTokenGenerator.cs @@ -5,6 +5,7 @@ using System.Linq; using System.Security.Claims; using System.Text; using System.Threading.Tasks; +using Microsoft.Extensions.Logging; using Microsoft.Extensions.Options; using Microsoft.IdentityModel.Tokens; using ReallifeGamemode.Database; @@ -15,11 +16,13 @@ namespace ReallifeGamemode.DataService.Logic { public class JwtTokenGenerator : LogicBase { - private ServerConfig config; + private readonly ILogger logger; + private readonly ServerConfig config; - public JwtTokenGenerator(IOptions config, DatabaseContext dbContext) : base(dbContext) + public JwtTokenGenerator(IOptions config, DatabaseContext dbContext, ILogger logger) : base(dbContext) { this.config = config.Value; + this.logger = logger; } public string GenerateUserToken(User user) @@ -40,10 +43,9 @@ namespace ReallifeGamemode.DataService.Logic new Claim(ClaimTypes.Name, user.Id.ToString()), new Claim(ClaimTypes.Role, user.AdminLevel.ToString()) }), - Expires = DateTime.Now.AddDays(1), - IssuedAt = DateTime.Now, + Expires = DateTime.UtcNow.AddDays(1), + IssuedAt = DateTime.UtcNow, SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature), - Issuer = "LOGDATASERVICE" }; var token = tokenHandler.WriteToken(tokenHandler.CreateToken(tokenDescriptor)); @@ -62,10 +64,9 @@ namespace ReallifeGamemode.DataService.Logic new Claim(ClaimTypes.Name, 1.ToString()), new Claim(ClaimTypes.Role, (AdminLevel.PROJEKTLEITUNG).ToString()) }), - Expires = DateTime.Now.AddDays(1), - IssuedAt = DateTime.Now, - SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature), - Issuer = "LOGDATASERVICE" + Expires = DateTime.UtcNow.AddDays(1), + IssuedAt = DateTime.UtcNow, + SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.WriteToken(tokenHandler.CreateToken(tokenDescriptor)); diff --git a/ReallifeGamemode.DataService/Startup.cs b/ReallifeGamemode.DataService/Startup.cs index 83da3f58..5e30eebf 100644 --- a/ReallifeGamemode.DataService/Startup.cs +++ b/ReallifeGamemode.DataService/Startup.cs @@ -12,6 +12,7 @@ using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Logging; using Microsoft.Extensions.Options; +using Microsoft.IdentityModel.Logging; using Microsoft.IdentityModel.Tokens; using Microsoft.OpenApi.Models; using ReallifeGamemode.Database.Models; @@ -23,17 +24,21 @@ namespace ReallifeGamemode.DataService { public class Startup { - public Startup(IConfiguration configuration) - { - Configuration = configuration; - } + private readonly ILogger logger; + private readonly IConfiguration configuration; + private readonly IHostingEnvironment environment; - public IConfiguration Configuration { get; } + public Startup(IConfiguration configuration, IHostingEnvironment environment, ILogger logger) + { + this.configuration = configuration; + this.environment = environment; + this.logger = logger; + } // This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { - services.Configure(cfg => Configuration.Bind(cfg)); + services.Configure(cfg => configuration.Bind(cfg)); services.AddDbContext(); @@ -48,7 +53,7 @@ namespace ReallifeGamemode.DataService j.SerializerSettings.DateFormatHandling = Newtonsoft.Json.DateFormatHandling.IsoDateFormat; }); - var tokenKey = Encoding.UTF8.GetBytes(Configuration["TokenSecret"]); + var tokenKey = Encoding.ASCII.GetBytes(configuration["TokenSecret"]); services.AddAuthentication(o => { o.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; @@ -56,7 +61,8 @@ namespace ReallifeGamemode.DataService }) .AddJwtBearer(o => { - o.RequireHttpsMetadata = true; + o.IncludeErrorDetails = true; + o.RequireHttpsMetadata = this.environment.IsProduction(); o.SaveToken = false; o.TokenValidationParameters = new TokenValidationParameters { diff --git a/ReallifeGamemode.DataService/log4net.config b/ReallifeGamemode.DataService/log4net.config index d6d3d53e..42496a73 100644 --- a/ReallifeGamemode.DataService/log4net.config +++ b/ReallifeGamemode.DataService/log4net.config @@ -6,16 +6,16 @@ - + - + - + @@ -23,12 +23,12 @@ - + - +