Refactored startup. Removed unused usings. Improved nuget package building. Switched to yaml for configuration. Moved asset files. Set correct context type for oauth2 pages. Updated versions

2025-07-14 21:06:54 +02:00
parent 2b62fc141d
commit 14993b9fe7
48 changed files with 763 additions and 1214 deletions
--- a/Moonlight.ApiServer/Startup/Startup.Auth.cs
+++ b/Moonlight.ApiServer/Startup/Startup.Auth.cs
@@ -1,6 +1,61 @@
+using System.Text;
+using Microsoft.AspNetCore.Builder;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.IdentityModel.Tokens;
+using MoonCore.Extended.JwtInvalidation;
+using MoonCore.Permissions;
+using Moonlight.ApiServer.Implementations;
+using Moonlight.ApiServer.Interfaces;
+
 namespace Moonlight.ApiServer.Startup;

-public partial class CleanStartup
+public partial class Startup
 {
-    
+    private Task RegisterAuth()
+    {
+        WebApplicationBuilder.Services
+            .AddAuthentication("coreAuthentication")
+            .AddJwtBearer("coreAuthentication", options =>
+            {
+                options.TokenValidationParameters = new()
+                {
+                    IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(
+                        Configuration.Authentication.Secret
+                    )),
+                    ValidateIssuerSigningKey = true,
+                    ValidateLifetime = true,
+                    ClockSkew = TimeSpan.Zero,
+                    ValidateAudience = true,
+                    ValidAudience = Configuration.PublicUrl,
+                    ValidateIssuer = true,
+                    ValidIssuer = Configuration.PublicUrl
+                };
+            });
+        
+        WebApplicationBuilder.Services.AddJwtBearerInvalidation("coreAuthentication");
+        WebApplicationBuilder.Services.AddScoped<IJwtInvalidateHandler, UserAuthInvalidation>();
+
+        WebApplicationBuilder.Services.AddAuthorization();
+        
+        WebApplicationBuilder.Services.AddAuthorizationPermissions(options =>
+        {
+            options.ClaimName = "permissions";
+            options.Prefix = "permissions:";
+        });
+
+        // Add local oauth2 provider if enabled
+        if (Configuration.Authentication.EnableLocalOAuth2)
+            WebApplicationBuilder.Services.AddScoped<IOAuth2Provider, LocalOAuth2Provider>();
+
+        return Task.CompletedTask;
+    }
+
+    private Task UseAuth()
+    {
+        WebApplication.UseAuthentication();
+
+        WebApplication.UseAuthorization();
+
+        return Task.CompletedTask;
+    }
 }