Patch JWT Security
All checks were successful
CI/CD Pipeline / Build and Deploy with Docker Compose (push) Successful in 4m50s
All checks were successful
CI/CD Pipeline / Build and Deploy with Docker Compose (push) Successful in 4m50s
This commit is contained in:
parent
c80da65dac
commit
4c6c7ab548
@ -7,7 +7,7 @@
|
||||
<NuGetPackageRoot Condition=" '$(NuGetPackageRoot)' == '' ">$(UserProfile)\.nuget\packages\</NuGetPackageRoot>
|
||||
<NuGetPackageFolders Condition=" '$(NuGetPackageFolders)' == '' ">C:\Users\maski\.nuget\packages\;C:\Program Files (x86)\Microsoft Visual Studio\Shared\NuGetPackages</NuGetPackageFolders>
|
||||
<NuGetProjectStyle Condition=" '$(NuGetProjectStyle)' == '' ">PackageReference</NuGetProjectStyle>
|
||||
<NuGetToolVersion Condition=" '$(NuGetToolVersion)' == '' ">6.13.1</NuGetToolVersion>
|
||||
<NuGetToolVersion Condition=" '$(NuGetToolVersion)' == '' ">6.13.2</NuGetToolVersion>
|
||||
</PropertyGroup>
|
||||
<ItemGroup Condition=" '$(ExcludeRestorePackageImports)' != 'true' ">
|
||||
<SourceRoot Include="C:\Users\maski\.nuget\packages\" />
|
||||
|
||||
@ -7,7 +7,7 @@
|
||||
<NuGetPackageRoot Condition=" '$(NuGetPackageRoot)' == '' ">$(UserProfile)\.nuget\packages\</NuGetPackageRoot>
|
||||
<NuGetPackageFolders Condition=" '$(NuGetPackageFolders)' == '' ">C:\Users\maski\.nuget\packages\;C:\Program Files (x86)\Microsoft Visual Studio\Shared\NuGetPackages</NuGetPackageFolders>
|
||||
<NuGetProjectStyle Condition=" '$(NuGetProjectStyle)' == '' ">PackageReference</NuGetProjectStyle>
|
||||
<NuGetToolVersion Condition=" '$(NuGetToolVersion)' == '' ">6.13.1</NuGetToolVersion>
|
||||
<NuGetToolVersion Condition=" '$(NuGetToolVersion)' == '' ">6.13.2</NuGetToolVersion>
|
||||
</PropertyGroup>
|
||||
<ItemGroup Condition=" '$(ExcludeRestorePackageImports)' != 'true' ">
|
||||
<SourceRoot Include="C:\Users\maski\.nuget\packages\" />
|
||||
|
||||
@ -285,16 +285,41 @@ namespace phronCare.API.Controllers
|
||||
#region GenerateToken
|
||||
private JwtSecurityToken GetToken(List<Claim> authClaims)
|
||||
{
|
||||
var authSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(configuration["JWT:Secret"]));
|
||||
var secret = configuration["JWT:Secret"];
|
||||
|
||||
if (string.IsNullOrWhiteSpace(secret))
|
||||
throw new InvalidOperationException("El Secret no está configurado.");
|
||||
|
||||
// Convertir explícitamente a bytes
|
||||
var keyBytes = Encoding.UTF8.GetBytes(secret);
|
||||
|
||||
var authSigningKey = new SymmetricSecurityKey(keyBytes);
|
||||
|
||||
var credentials = new SigningCredentials(authSigningKey, SecurityAlgorithms.HmacSha256);
|
||||
|
||||
var token = new JwtSecurityToken(
|
||||
issuer: configuration["JWT:ValidIssuer"],
|
||||
audience: configuration["JWT:ValidAudience"],
|
||||
expires: DateTime.Now.AddHours(JWT_TOKEN_VALIDITY_HOURS),
|
||||
expires: DateTime.UtcNow.AddHours(JWT_TOKEN_VALIDITY_HOURS),
|
||||
claims: authClaims,
|
||||
signingCredentials: new SigningCredentials(authSigningKey, SecurityAlgorithms.HmacSha256Signature)
|
||||
signingCredentials: credentials
|
||||
);
|
||||
|
||||
return token;
|
||||
}
|
||||
|
||||
//private JwtSecurityToken GetToken(List<Claim> authClaims)
|
||||
//{
|
||||
// var authSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(configuration["JWT:Secret"]));
|
||||
// var token = new JwtSecurityToken(
|
||||
// issuer: configuration["JWT:ValidIssuer"],
|
||||
// audience: configuration["JWT:ValidAudience"],
|
||||
// expires: DateTime.Now.AddHours(JWT_TOKEN_VALIDITY_HOURS),
|
||||
// claims: authClaims,
|
||||
// signingCredentials: new SigningCredentials(authSigningKey, SecurityAlgorithms.HmacSha256Signature)
|
||||
// );
|
||||
// return token;
|
||||
//}
|
||||
#endregion
|
||||
}
|
||||
}
|
||||
@ -29,10 +29,12 @@
|
||||
"Password": "yulaklzwjuinkddw"
|
||||
},
|
||||
"JWT": {
|
||||
// "ValidIssuer": "https://localhost:7105",
|
||||
// "ValidAudience": "https://localhost:7034",
|
||||
"ValidIssuer": "http://phroncareAPI:8080",
|
||||
"ValidAudience": "http://phroncareAPI:8080",
|
||||
"ValidIssuer": "http://phroncare-bio-d7e9h0-api.saludlab.com.ar:9000",
|
||||
"ValidAudience": "http://phroncare-bio-d7e9h0-api.saludlab.com.ar:9000",
|
||||
"Secret": "SXkSqsKyNUyvGbnHs7ke2NCq8zQzNLW7mPmHbnZZ"
|
||||
}
|
||||
}
|
||||
}
|
||||
// "ValidIssuer": "https://localhost:7105",
|
||||
// "ValidAudience": "https://localhost:7034",
|
||||
//"ValidIssuer": "http://phroncareAPI:8080",
|
||||
//"ValidAudience": "http://phroncareAPI:8080",
|
||||
@ -325,7 +325,7 @@
|
||||
},
|
||||
"Microsoft.IdentityModel.Tokens": {
|
||||
"target": "Package",
|
||||
"version": "[7.6.2, )"
|
||||
"version": "[8.9.0, )"
|
||||
},
|
||||
"Microsoft.VisualStudio.Azure.Containers.Tools.Targets": {
|
||||
"target": "Package",
|
||||
|
||||
@ -2,10 +2,10 @@
|
||||
<Project ToolsVersion="14.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
|
||||
<ImportGroup Condition=" '$(ExcludeRestorePackageImports)' != 'true' ">
|
||||
<Import Project="$(NuGetPackageRoot)system.text.json\8.0.5\buildTransitive\net6.0\System.Text.Json.targets" Condition="Exists('$(NuGetPackageRoot)system.text.json\8.0.5\buildTransitive\net6.0\System.Text.Json.targets')" />
|
||||
<Import Project="$(NuGetPackageRoot)microsoft.extensions.logging.abstractions\8.0.2\buildTransitive\net6.0\Microsoft.Extensions.Logging.Abstractions.targets" Condition="Exists('$(NuGetPackageRoot)microsoft.extensions.logging.abstractions\8.0.2\buildTransitive\net6.0\Microsoft.Extensions.Logging.Abstractions.targets')" />
|
||||
<Import Project="$(NuGetPackageRoot)microsoft.extensions.apidescription.server\6.0.5\build\Microsoft.Extensions.ApiDescription.Server.targets" Condition="Exists('$(NuGetPackageRoot)microsoft.extensions.apidescription.server\6.0.5\build\Microsoft.Extensions.ApiDescription.Server.targets')" />
|
||||
<Import Project="$(NuGetPackageRoot)microsoft.extensions.configuration.binder\8.0.0\buildTransitive\netstandard2.0\Microsoft.Extensions.Configuration.Binder.targets" Condition="Exists('$(NuGetPackageRoot)microsoft.extensions.configuration.binder\8.0.0\buildTransitive\netstandard2.0\Microsoft.Extensions.Configuration.Binder.targets')" />
|
||||
<Import Project="$(NuGetPackageRoot)microsoft.extensions.options\8.0.2\buildTransitive\net6.0\Microsoft.Extensions.Options.targets" Condition="Exists('$(NuGetPackageRoot)microsoft.extensions.options\8.0.2\buildTransitive\net6.0\Microsoft.Extensions.Options.targets')" />
|
||||
<Import Project="$(NuGetPackageRoot)microsoft.extensions.logging.abstractions\8.0.2\buildTransitive\net6.0\Microsoft.Extensions.Logging.Abstractions.targets" Condition="Exists('$(NuGetPackageRoot)microsoft.extensions.logging.abstractions\8.0.2\buildTransitive\net6.0\Microsoft.Extensions.Logging.Abstractions.targets')" />
|
||||
<Import Project="$(NuGetPackageRoot)microsoft.visualstudio.azure.containers.tools.targets\1.21.0\build\Microsoft.VisualStudio.Azure.Containers.Tools.Targets.targets" Condition="Exists('$(NuGetPackageRoot)microsoft.visualstudio.azure.containers.tools.targets\1.21.0\build\Microsoft.VisualStudio.Azure.Containers.Tools.Targets.targets')" />
|
||||
<Import Project="$(NuGetPackageRoot)entityframework\6.5.1\buildTransitive\net6.0\EntityFramework.targets" Condition="Exists('$(NuGetPackageRoot)entityframework\6.5.1\buildTransitive\net6.0\EntityFramework.targets')" />
|
||||
</ImportGroup>
|
||||
|
||||
@ -275,6 +275,22 @@
|
||||
}
|
||||
}
|
||||
},
|
||||
"Microsoft.Bcl.Memory/9.0.0": {
|
||||
"type": "package",
|
||||
"compile": {
|
||||
"lib/net8.0/Microsoft.Bcl.Memory.dll": {
|
||||
"related": ".xml"
|
||||
}
|
||||
},
|
||||
"runtime": {
|
||||
"lib/net8.0/Microsoft.Bcl.Memory.dll": {
|
||||
"related": ".xml"
|
||||
}
|
||||
},
|
||||
"build": {
|
||||
"buildTransitive/net8.0/_._": {}
|
||||
}
|
||||
},
|
||||
"Microsoft.CodeAnalysis.Analyzers/3.3.3": {
|
||||
"type": "package",
|
||||
"build": {
|
||||
@ -1159,7 +1175,7 @@
|
||||
}
|
||||
}
|
||||
},
|
||||
"Microsoft.IdentityModel.Abstractions/7.6.2": {
|
||||
"Microsoft.IdentityModel.Abstractions/8.9.0": {
|
||||
"type": "package",
|
||||
"compile": {
|
||||
"lib/net8.0/Microsoft.IdentityModel.Abstractions.dll": {
|
||||
@ -1188,10 +1204,10 @@
|
||||
}
|
||||
}
|
||||
},
|
||||
"Microsoft.IdentityModel.Logging/7.6.2": {
|
||||
"Microsoft.IdentityModel.Logging/8.9.0": {
|
||||
"type": "package",
|
||||
"dependencies": {
|
||||
"Microsoft.IdentityModel.Abstractions": "7.6.2"
|
||||
"Microsoft.IdentityModel.Abstractions": "8.9.0"
|
||||
},
|
||||
"compile": {
|
||||
"lib/net8.0/Microsoft.IdentityModel.Logging.dll": {
|
||||
@ -1238,10 +1254,12 @@
|
||||
}
|
||||
}
|
||||
},
|
||||
"Microsoft.IdentityModel.Tokens/7.6.2": {
|
||||
"Microsoft.IdentityModel.Tokens/8.9.0": {
|
||||
"type": "package",
|
||||
"dependencies": {
|
||||
"Microsoft.IdentityModel.Logging": "7.6.2"
|
||||
"Microsoft.Bcl.Memory": "9.0.0",
|
||||
"Microsoft.Extensions.Logging.Abstractions": "8.0.0",
|
||||
"Microsoft.IdentityModel.Logging": "8.9.0"
|
||||
},
|
||||
"compile": {
|
||||
"lib/net8.0/Microsoft.IdentityModel.Tokens.dll": {
|
||||
@ -2728,6 +2746,36 @@
|
||||
"useSharedDesignerContext.txt"
|
||||
]
|
||||
},
|
||||
"Microsoft.Bcl.Memory/9.0.0": {
|
||||
"sha512": "bTUtGfpGyJnohQzjdXbtc7MqNzkv7CWUSRz54+ucNm0i32rZiIU0VdVPHDBShOl1qhVKRjW8mnEBz3d2vH93tQ==",
|
||||
"type": "package",
|
||||
"path": "microsoft.bcl.memory/9.0.0",
|
||||
"files": [
|
||||
".nupkg.metadata",
|
||||
".signature.p7s",
|
||||
"Icon.png",
|
||||
"LICENSE.TXT",
|
||||
"PACKAGE.md",
|
||||
"THIRD-PARTY-NOTICES.TXT",
|
||||
"buildTransitive/net461/Microsoft.Bcl.Memory.targets",
|
||||
"buildTransitive/net462/_._",
|
||||
"buildTransitive/net8.0/_._",
|
||||
"buildTransitive/netcoreapp2.0/Microsoft.Bcl.Memory.targets",
|
||||
"lib/net462/Microsoft.Bcl.Memory.dll",
|
||||
"lib/net462/Microsoft.Bcl.Memory.xml",
|
||||
"lib/net8.0/Microsoft.Bcl.Memory.dll",
|
||||
"lib/net8.0/Microsoft.Bcl.Memory.xml",
|
||||
"lib/net9.0/Microsoft.Bcl.Memory.dll",
|
||||
"lib/net9.0/Microsoft.Bcl.Memory.xml",
|
||||
"lib/netstandard2.0/Microsoft.Bcl.Memory.dll",
|
||||
"lib/netstandard2.0/Microsoft.Bcl.Memory.xml",
|
||||
"lib/netstandard2.1/Microsoft.Bcl.Memory.dll",
|
||||
"lib/netstandard2.1/Microsoft.Bcl.Memory.xml",
|
||||
"microsoft.bcl.memory.9.0.0.nupkg.sha512",
|
||||
"microsoft.bcl.memory.nuspec",
|
||||
"useSharedDesignerContext.txt"
|
||||
]
|
||||
},
|
||||
"Microsoft.CodeAnalysis.Analyzers/3.3.3": {
|
||||
"sha512": "j/rOZtLMVJjrfLRlAMckJLPW/1rze9MT1yfWqSIbUPGRu1m1P0fuo9PmqapwsmePfGB5PJrudQLvmUOAMF0DqQ==",
|
||||
"type": "package",
|
||||
@ -4377,15 +4425,14 @@
|
||||
"microsoft.identity.client.extensions.msal.nuspec"
|
||||
]
|
||||
},
|
||||
"Microsoft.IdentityModel.Abstractions/7.6.2": {
|
||||
"sha512": "ULeyJwfYTMHOAArrBZorjPyM/BL5PFfwRzDtxlOxawO9vB/wVmHmbzZnOyHCOLJjel7XiVNmVnAs3H0jh4/9jQ==",
|
||||
"Microsoft.IdentityModel.Abstractions/8.9.0": {
|
||||
"sha512": "b/87S+lb86U7Ns7xgTKnqql6XGNr8hBE+k0rj5sRWwXeJe6uA+3mSjvpZ9GoQo3cB9zlwzcbGBU8KM44qX0t1g==",
|
||||
"type": "package",
|
||||
"path": "microsoft.identitymodel.abstractions/7.6.2",
|
||||
"path": "microsoft.identitymodel.abstractions/8.9.0",
|
||||
"files": [
|
||||
".nupkg.metadata",
|
||||
".signature.p7s",
|
||||
"lib/net461/Microsoft.IdentityModel.Abstractions.dll",
|
||||
"lib/net461/Microsoft.IdentityModel.Abstractions.xml",
|
||||
"README.md",
|
||||
"lib/net462/Microsoft.IdentityModel.Abstractions.dll",
|
||||
"lib/net462/Microsoft.IdentityModel.Abstractions.xml",
|
||||
"lib/net472/Microsoft.IdentityModel.Abstractions.dll",
|
||||
@ -4394,9 +4441,11 @@
|
||||
"lib/net6.0/Microsoft.IdentityModel.Abstractions.xml",
|
||||
"lib/net8.0/Microsoft.IdentityModel.Abstractions.dll",
|
||||
"lib/net8.0/Microsoft.IdentityModel.Abstractions.xml",
|
||||
"lib/net9.0/Microsoft.IdentityModel.Abstractions.dll",
|
||||
"lib/net9.0/Microsoft.IdentityModel.Abstractions.xml",
|
||||
"lib/netstandard2.0/Microsoft.IdentityModel.Abstractions.dll",
|
||||
"lib/netstandard2.0/Microsoft.IdentityModel.Abstractions.xml",
|
||||
"microsoft.identitymodel.abstractions.7.6.2.nupkg.sha512",
|
||||
"microsoft.identitymodel.abstractions.8.9.0.nupkg.sha512",
|
||||
"microsoft.identitymodel.abstractions.nuspec"
|
||||
]
|
||||
},
|
||||
@ -4423,15 +4472,14 @@
|
||||
"microsoft.identitymodel.jsonwebtokens.nuspec"
|
||||
]
|
||||
},
|
||||
"Microsoft.IdentityModel.Logging/7.6.2": {
|
||||
"sha512": "0brV311MYxGz7Numa+pbVsxbz5tfe2nbAig1b5tQb3h/L1y5lkoPyOgD0qAfI0iX1njbwr8l9NdxIT1cDbzWKA==",
|
||||
"Microsoft.IdentityModel.Logging/8.9.0": {
|
||||
"sha512": "rswvH4ZANbFsJYEn+PGEOj7nkkBRjnsb7LcYGAS16VUJpSeKULLeYSy/7SK6jLO1WTT12xqdeL4mj3dYT7GdoQ==",
|
||||
"type": "package",
|
||||
"path": "microsoft.identitymodel.logging/7.6.2",
|
||||
"path": "microsoft.identitymodel.logging/8.9.0",
|
||||
"files": [
|
||||
".nupkg.metadata",
|
||||
".signature.p7s",
|
||||
"lib/net461/Microsoft.IdentityModel.Logging.dll",
|
||||
"lib/net461/Microsoft.IdentityModel.Logging.xml",
|
||||
"README.md",
|
||||
"lib/net462/Microsoft.IdentityModel.Logging.dll",
|
||||
"lib/net462/Microsoft.IdentityModel.Logging.xml",
|
||||
"lib/net472/Microsoft.IdentityModel.Logging.dll",
|
||||
@ -4440,9 +4488,11 @@
|
||||
"lib/net6.0/Microsoft.IdentityModel.Logging.xml",
|
||||
"lib/net8.0/Microsoft.IdentityModel.Logging.dll",
|
||||
"lib/net8.0/Microsoft.IdentityModel.Logging.xml",
|
||||
"lib/net9.0/Microsoft.IdentityModel.Logging.dll",
|
||||
"lib/net9.0/Microsoft.IdentityModel.Logging.xml",
|
||||
"lib/netstandard2.0/Microsoft.IdentityModel.Logging.dll",
|
||||
"lib/netstandard2.0/Microsoft.IdentityModel.Logging.xml",
|
||||
"microsoft.identitymodel.logging.7.6.2.nupkg.sha512",
|
||||
"microsoft.identitymodel.logging.8.9.0.nupkg.sha512",
|
||||
"microsoft.identitymodel.logging.nuspec"
|
||||
]
|
||||
},
|
||||
@ -4492,15 +4542,14 @@
|
||||
"microsoft.identitymodel.protocols.openidconnect.nuspec"
|
||||
]
|
||||
},
|
||||
"Microsoft.IdentityModel.Tokens/7.6.2": {
|
||||
"sha512": "pLnhCq9UNKWkn83zutkObYuzA+sOzx6VZpPI8hB8gD/vAXVt14D0SJ0sKPftwufvAbYGSNRda1vw/IFLbkjxNg==",
|
||||
"Microsoft.IdentityModel.Tokens/8.9.0": {
|
||||
"sha512": "qK6kW5qZvDj7E5RLWQ9gzJxQe5GUz7+7bXrLQQydSDF9hTf5Ip2qHuAQW3Fg9GND6jkjTr7IXAZFmBHadNQi4Q==",
|
||||
"type": "package",
|
||||
"path": "microsoft.identitymodel.tokens/7.6.2",
|
||||
"path": "microsoft.identitymodel.tokens/8.9.0",
|
||||
"files": [
|
||||
".nupkg.metadata",
|
||||
".signature.p7s",
|
||||
"lib/net461/Microsoft.IdentityModel.Tokens.dll",
|
||||
"lib/net461/Microsoft.IdentityModel.Tokens.xml",
|
||||
"README.md",
|
||||
"lib/net462/Microsoft.IdentityModel.Tokens.dll",
|
||||
"lib/net462/Microsoft.IdentityModel.Tokens.xml",
|
||||
"lib/net472/Microsoft.IdentityModel.Tokens.dll",
|
||||
@ -4509,9 +4558,11 @@
|
||||
"lib/net6.0/Microsoft.IdentityModel.Tokens.xml",
|
||||
"lib/net8.0/Microsoft.IdentityModel.Tokens.dll",
|
||||
"lib/net8.0/Microsoft.IdentityModel.Tokens.xml",
|
||||
"lib/net9.0/Microsoft.IdentityModel.Tokens.dll",
|
||||
"lib/net9.0/Microsoft.IdentityModel.Tokens.xml",
|
||||
"lib/netstandard2.0/Microsoft.IdentityModel.Tokens.dll",
|
||||
"lib/netstandard2.0/Microsoft.IdentityModel.Tokens.xml",
|
||||
"microsoft.identitymodel.tokens.7.6.2.nupkg.sha512",
|
||||
"microsoft.identitymodel.tokens.8.9.0.nupkg.sha512",
|
||||
"microsoft.identitymodel.tokens.nuspec"
|
||||
]
|
||||
},
|
||||
@ -6462,7 +6513,7 @@
|
||||
"Microsoft.EntityFrameworkCore.Tools >= 8.0.6",
|
||||
"Microsoft.Extensions.Configuration.FileExtensions >= 8.0.1",
|
||||
"Microsoft.Extensions.Configuration.Json >= 8.0.1",
|
||||
"Microsoft.IdentityModel.Tokens >= 7.6.2",
|
||||
"Microsoft.IdentityModel.Tokens >= 8.9.0",
|
||||
"Microsoft.VisualStudio.Azure.Containers.Tools.Targets >= 1.21.0",
|
||||
"Serilog.AspNetCore >= 8.0.1",
|
||||
"Services >= 1.0.0",
|
||||
@ -6575,7 +6626,7 @@
|
||||
},
|
||||
"Microsoft.IdentityModel.Tokens": {
|
||||
"target": "Package",
|
||||
"version": "[7.6.2, )"
|
||||
"version": "[8.9.0, )"
|
||||
},
|
||||
"Microsoft.VisualStudio.Azure.Containers.Tools.Targets": {
|
||||
"target": "Package",
|
||||
|
||||
@ -30,7 +30,7 @@
|
||||
</PackageReference>
|
||||
<PackageReference Include="Microsoft.Extensions.Configuration.FileExtensions" Version="8.0.1" />
|
||||
<PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="8.0.1" />
|
||||
<PackageReference Include="Microsoft.IdentityModel.Tokens" Version="7.6.2" />
|
||||
<PackageReference Include="Microsoft.IdentityModel.Tokens" Version="8.9.0" />
|
||||
<PackageReference Include="Microsoft.VisualStudio.Azure.Containers.Tools.Targets" Version="1.21.0" />
|
||||
<PackageReference Include="Serilog.AspNetCore" Version="8.0.1" />
|
||||
<PackageReference Include="Swashbuckle.AspNetCore" Version="6.6.2" />
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user