Adding authentication and authorization flow

MainProject/Utils/CryptoUtils.cs

@@ -0,0 +1,59 @@
+using System;
+using System.Security.Cryptography;
+using System.Text;
+using BasicDotnetTemplate.MainProject.Models.Settings;
+
+namespace BasicDotnetTemplate.MainProject.Utils;
+public class CryptUtils
+{
+    private readonly string secretKey;
+    private const int M = 16;
+    private const int N = 32;
+    private readonly NLog.Logger Logger = NLog.LogManager.GetCurrentClassLogger();
+    public CryptUtils(AppSettings appSettings)
+    {
+        secretKey = appSettings.EncryptionSettings?.Salt ?? String.Empty;
+    }
+
+    public string Decrypt(string encryptedData)
+    {
+        var decrypted = String.Empty;
+
+        if (String.IsNullOrEmpty(this.secretKey) || this.secretKey.Length < M)
+        {
+            throw new ArgumentException("Unable to proceed with decryption due to invalid settings");
+        }
+
+        if (!String.IsNullOrEmpty(encryptedData) && encryptedData.Length > N)
+        {
+            var iv = encryptedData.Substring(0, M);
+
+            var cipherText = encryptedData.Substring(N);
+            var fullCipher = Convert.FromBase64String(cipherText);
+
+            using (var aes = Aes.Create())
+            {
+                aes.Key = Encoding.UTF8.GetBytes(this.secretKey);
+                aes.IV = Encoding.UTF8.GetBytes(iv);
+
+                using (var decryptor = aes.CreateDecryptor(aes.Key, aes.IV))
+                {
+                    using (var msDecrypt = new MemoryStream(fullCipher))
+                    {
+                        using (var cryptoStream = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
+                        {
+                            using (var srDecrypt = new StreamReader(cryptoStream))
+                            {
+                                decrypted = srDecrypt.ReadToEnd();
+                            }
+                        }
+                    }
+                }
+            }
+        }
+
+        return decrypted;
+    }
+
+}
+

MainProject/Utils/ProgramUtils.cs

@@ -4,6 +4,7 @@ using MongoDB.Driver;
 using NLog;
 using BasicDotnetTemplate.MainProject.Core.Database;
 using BasicDotnetTemplate.MainProject.Models.Settings;
+using BasicDotnetTemplate.MainProject.Services;
 
 
 
@@ -41,7 +42,6 @@ public static class ProgramUtils
 
         return appSettings;
     }
-
     public static OpenApiInfo CreateOpenApiInfo(AppSettings appSettings)
     {
         OpenApiInfo openApiInfo = new OpenApiInfo
@@ -83,11 +83,53 @@ public static class ProgramUtils
         builder.Services.AddSwaggerGen(options =>
         {
             options.SwaggerDoc("v1", CreateOpenApiInfo(appSettings));
+
+            options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
+            {
+                Description = "Inserisci il Bearer Token nel formato **'Bearer {token}'**",
+                Name = "Authorization",
+                In = ParameterLocation.Header,
+                Type = SecuritySchemeType.Http,
+                Scheme = "Bearer"
+            });
+
+            options.AddSecurityDefinition("ApiKey", new OpenApiSecurityScheme
+            {
+                Description = "Inserisci la tua API Key nel campo appropriato.",
+                Name = "ApiKey",
+                In = ParameterLocation.Header,
+                Type = SecuritySchemeType.ApiKey
+            });
+
+            options.AddSecurityRequirement(new OpenApiSecurityRequirement
+            {
+                {
+                    new OpenApiSecurityScheme
+                    {
+                        Reference = new OpenApiReference
+                        {
+                            Type = ReferenceType.SecurityScheme,
+                            Id = "Bearer"
+                        }
+                    },
+                    new string[] {}
+                },
+                {
+                    new OpenApiSecurityScheme
+                    {
+                        Reference = new OpenApiReference
+                        {
+                            Type = ReferenceType.SecurityScheme,
+                            Id = "ApiKey"
+                        }
+                    },
+                    new string[] {}
+                }
+            });
         });
 
         Logger.Info("[ProgramUtils][AddOpenApi] Ended swagger doc");
     }
-
     public static void AddServices(ref WebApplicationBuilder builder)
     {
         Logger.Info("[ProgramUtils][AddServices] Adding services");
@@ -99,7 +141,6 @@ public static class ProgramUtils
 
         Logger.Info("[ProgramUtils][AddServices] Done services");
     }
-
     public static void AddMiddlewares(ref WebApplication app)
     {
         Logger.Info("[ProgramUtils][AddMiddlewares] Adding middlewares");
@@ -126,7 +167,6 @@ public static class ProgramUtils
 
         Logger.Info("[ProgramUtils][AddMiddlewares] Done middlewares");
     }
-
     public static void AddDbContext(ref WebApplicationBuilder builder, AppSettings appSettings)
     {
         Logger.Info("[ProgramUtils][AddDbContext] Adding DbContext");
@@ -168,10 +208,11 @@ public static class ProgramUtils
         messages = String.IsNullOrEmpty(messages) ? "No context" : messages;
         Logger.Info($"[ProgramUtils][AddDbContext] {messages} added");
     }
-
     public static void AddScopes(ref WebApplicationBuilder builder)
     {
         Logger.Info("[ProgramUtils][AddScopes] Adding scopes");
+        builder.Services.AddScoped<IAuthService, AuthService>();
+        builder.Services.AddScoped<IJwtService, JwtService>();
         Logger.Info("[ProgramUtils][AddScopes] Done scopes");
     }