From 98ef54765fe76af26522234de9a014b54a17bfea Mon Sep 17 00:00:00 2001 From: Lineker Tomazeli Date: Mon, 17 Aug 2015 14:51:08 -0400 Subject: [PATCH 1/3] Removed JwtAuthForWebAPI reference to log4net Abstracted the logger interface so different log libraries can be used. Implemented a default logger that print out using Diagnostic.Trace Implemented ILogger interface on JwtAuthForWebAPI .SampleSite --- .../App_Start/WebApiConfig.cs | 17 ++++--- .../JwtAuthForWebAPI.SampleSite.csproj | 1 + src/JwtAuthForWebAPI.SampleSite/Logger.cs | 44 +++++++++++++++++++ src/JwtAuthForWebAPI/ILogger.cs | 35 +++++++++++++++ src/JwtAuthForWebAPI/JwtAuthForWebAPI.csproj | 4 +- .../JwtAuthenticationMessageHandler.cs | 10 +++-- 6 files changed, 100 insertions(+), 11 deletions(-) create mode 100644 src/JwtAuthForWebAPI.SampleSite/Logger.cs create mode 100644 src/JwtAuthForWebAPI/ILogger.cs diff --git a/src/JwtAuthForWebAPI.SampleSite/App_Start/WebApiConfig.cs b/src/JwtAuthForWebAPI.SampleSite/App_Start/WebApiConfig.cs index 1e18ce4..b31fa77 100644 --- a/src/JwtAuthForWebAPI.SampleSite/App_Start/WebApiConfig.cs +++ b/src/JwtAuthForWebAPI.SampleSite/App_Start/WebApiConfig.cs @@ -7,6 +7,13 @@ namespace JwtAuthForWebAPI.SampleSite { public static class WebApiConfig { + static byte[] GetBytes(string str) + { + byte[] bytes = new byte[str.Length * sizeof(char)]; + System.Buffer.BlockCopy(str.ToCharArray(), 0, bytes, 0, bytes.Length); + return bytes; + } + public static void Register(HttpConfiguration config) { config.Routes.MapHttpRoute( @@ -19,16 +26,16 @@ public static void Register(HttpConfiguration config) var tokenBuilder = new SecurityTokenBuilder(); var configReader = new ConfigurationReader(); - var jwtHandlerCert = new JwtAuthenticationMessageHandler + var jwtHandlerCert = new JwtAuthenticationMessageHandler(Logger.Instance) { AllowedAudience = configReader.AllowedAudience, AllowedAudiences = configReader.AllowedAudiences, Issuer = configReader.Issuer, - SigningToken = tokenBuilder.CreateFromCertificate(configReader.SubjectCertificateName), + SigningToken = tokenBuilder.CreateFromKey(GetBytes("testkey")), PrincipalTransformer = new SamplePrincipalTransformer() - }; - - var jwtHandlerSharedKey = new JwtAuthenticationMessageHandler + }; + + var jwtHandlerSharedKey = new JwtAuthenticationMessageHandler(Logger.Instance) { AllowedAudience = configReader.AllowedAudience, Issuer = configReader.Issuer, diff --git a/src/JwtAuthForWebAPI.SampleSite/JwtAuthForWebAPI.SampleSite.csproj b/src/JwtAuthForWebAPI.SampleSite/JwtAuthForWebAPI.SampleSite.csproj index 438b3dd..6fb1247 100644 --- a/src/JwtAuthForWebAPI.SampleSite/JwtAuthForWebAPI.SampleSite.csproj +++ b/src/JwtAuthForWebAPI.SampleSite/JwtAuthForWebAPI.SampleSite.csproj @@ -155,6 +155,7 @@ Global.asax + diff --git a/src/JwtAuthForWebAPI.SampleSite/Logger.cs b/src/JwtAuthForWebAPI.SampleSite/Logger.cs new file mode 100644 index 0000000..641a584 --- /dev/null +++ b/src/JwtAuthForWebAPI.SampleSite/Logger.cs @@ -0,0 +1,44 @@ + + +using System; +using log4net; + +namespace JwtAuthForWebAPI.SampleSite +{ + public class Logger : ILogger + { + readonly ILog _logger = LogManager.GetLogger("JwtAuthForWebAPI"); + + private static Logger instance; + + private Logger() { } + + public static Logger Instance + { + get + { + if (instance == null) + { + instance = new Logger(); + } + return instance; + } + } + + public void DebugFormat(string message, params object[] paramList) + { + _logger.DebugFormat(message,paramList); + } + + public void WarnFormat(string message, Exception ex) + { + _logger.WarnFormat(message, ex); + } + + public void ErrorFormat(string message, Exception ex) + { + _logger.WarnFormat(message, ex); + } + } +} + diff --git a/src/JwtAuthForWebAPI/ILogger.cs b/src/JwtAuthForWebAPI/ILogger.cs new file mode 100644 index 0000000..17d0fbe --- /dev/null +++ b/src/JwtAuthForWebAPI/ILogger.cs @@ -0,0 +1,35 @@ + + +using System; +using System.Diagnostics; + +namespace JwtAuthForWebAPI +{ + public interface ILogger + { + void DebugFormat(string message, params object[] paramList); + + void WarnFormat(string message, Exception ex); + + void ErrorFormat(string message, Exception ex); + } + + public class DefaultLogger : ILogger + { + public void DebugFormat(string message, params object[] paramList) + { + Trace.TraceInformation(message,paramList); + } + + public void WarnFormat(string message, Exception ex) + { + Trace.TraceWarning(message, ex.Message); + } + + public void ErrorFormat(string message, Exception ex) + { + Trace.TraceError(message, ex.Message); + } + } +} + diff --git a/src/JwtAuthForWebAPI/JwtAuthForWebAPI.csproj b/src/JwtAuthForWebAPI/JwtAuthForWebAPI.csproj index e507e60..1152f5e 100644 --- a/src/JwtAuthForWebAPI/JwtAuthForWebAPI.csproj +++ b/src/JwtAuthForWebAPI/JwtAuthForWebAPI.csproj @@ -30,9 +30,6 @@ 4 - - ..\..\lib\log4net.2.0.2\lib\net40-full\log4net.dll - @@ -53,6 +50,7 @@ + diff --git a/src/JwtAuthForWebAPI/JwtAuthenticationMessageHandler.cs b/src/JwtAuthForWebAPI/JwtAuthenticationMessageHandler.cs index 69f1bdd..a44e3a6 100644 --- a/src/JwtAuthForWebAPI/JwtAuthenticationMessageHandler.cs +++ b/src/JwtAuthForWebAPI/JwtAuthenticationMessageHandler.cs @@ -10,7 +10,6 @@ using System.Threading; using System.Threading.Tasks; using System.Web; -using log4net; namespace JwtAuthForWebAPI { @@ -21,13 +20,18 @@ namespace JwtAuthForWebAPI /// public class JwtAuthenticationMessageHandler : DelegatingHandler { - private readonly ILog _logger = LogManager.GetLogger("JwtAuthForWebAPI"); + private readonly ILogger _logger = new DefaultLogger(); /// /// String representation of the Bearer scheme, used for JWTs. /// public const string BearerScheme = "Bearer"; + public JwtAuthenticationMessageHandler(ILogger logger) : base() + { + _logger = logger; + } + public JwtAuthenticationMessageHandler() { AllowedAudience = "http://www.example.com"; @@ -130,7 +134,7 @@ protected override Task SendAsync( if (string.IsNullOrEmpty(tokenString)) { - _logger.Debug("Token not found in authorization header or request cookie"); + _logger.DebugFormat("Token not found in authorization header or request cookie"); return BaseSendAsync(request, cancellationToken); } From 881158d0e1dda787452ee7fe4ba36171847e5395 Mon Sep 17 00:00:00 2001 From: Lineker Tomazeli Date: Mon, 17 Aug 2015 14:51:08 -0400 Subject: [PATCH 2/3] Removed JwtAuthForWebAPI reference to log4net Abstracted the logger interface so different log libraries can be used. Implemented a default logger that print out using Diagnostic.Trace Implemented ILogger interface on JwtAuthForWebAPI .SampleSite --- .../App_Start/WebApiConfig.cs | 15 +++++-- .../JwtAuthForWebAPI.SampleSite.csproj | 1 + src/JwtAuthForWebAPI.SampleSite/Logger.cs | 44 +++++++++++++++++++ src/JwtAuthForWebAPI/ILogger.cs | 35 +++++++++++++++ src/JwtAuthForWebAPI/JwtAuthForWebAPI.csproj | 4 +- .../JwtAuthenticationMessageHandler.cs | 10 +++-- 6 files changed, 99 insertions(+), 10 deletions(-) create mode 100644 src/JwtAuthForWebAPI.SampleSite/Logger.cs create mode 100644 src/JwtAuthForWebAPI/ILogger.cs diff --git a/src/JwtAuthForWebAPI.SampleSite/App_Start/WebApiConfig.cs b/src/JwtAuthForWebAPI.SampleSite/App_Start/WebApiConfig.cs index 1e18ce4..dc43e01 100644 --- a/src/JwtAuthForWebAPI.SampleSite/App_Start/WebApiConfig.cs +++ b/src/JwtAuthForWebAPI.SampleSite/App_Start/WebApiConfig.cs @@ -7,6 +7,13 @@ namespace JwtAuthForWebAPI.SampleSite { public static class WebApiConfig { + static byte[] GetBytes(string str) + { + byte[] bytes = new byte[str.Length * sizeof(char)]; + System.Buffer.BlockCopy(str.ToCharArray(), 0, bytes, 0, bytes.Length); + return bytes; + } + public static void Register(HttpConfiguration config) { config.Routes.MapHttpRoute( @@ -19,16 +26,16 @@ public static void Register(HttpConfiguration config) var tokenBuilder = new SecurityTokenBuilder(); var configReader = new ConfigurationReader(); - var jwtHandlerCert = new JwtAuthenticationMessageHandler + var jwtHandlerCert = new JwtAuthenticationMessageHandler(Logger.Instance) { AllowedAudience = configReader.AllowedAudience, AllowedAudiences = configReader.AllowedAudiences, Issuer = configReader.Issuer, SigningToken = tokenBuilder.CreateFromCertificate(configReader.SubjectCertificateName), PrincipalTransformer = new SamplePrincipalTransformer() - }; - - var jwtHandlerSharedKey = new JwtAuthenticationMessageHandler + }; + + var jwtHandlerSharedKey = new JwtAuthenticationMessageHandler(Logger.Instance) { AllowedAudience = configReader.AllowedAudience, Issuer = configReader.Issuer, diff --git a/src/JwtAuthForWebAPI.SampleSite/JwtAuthForWebAPI.SampleSite.csproj b/src/JwtAuthForWebAPI.SampleSite/JwtAuthForWebAPI.SampleSite.csproj index 438b3dd..6fb1247 100644 --- a/src/JwtAuthForWebAPI.SampleSite/JwtAuthForWebAPI.SampleSite.csproj +++ b/src/JwtAuthForWebAPI.SampleSite/JwtAuthForWebAPI.SampleSite.csproj @@ -155,6 +155,7 @@ Global.asax + diff --git a/src/JwtAuthForWebAPI.SampleSite/Logger.cs b/src/JwtAuthForWebAPI.SampleSite/Logger.cs new file mode 100644 index 0000000..641a584 --- /dev/null +++ b/src/JwtAuthForWebAPI.SampleSite/Logger.cs @@ -0,0 +1,44 @@ + + +using System; +using log4net; + +namespace JwtAuthForWebAPI.SampleSite +{ + public class Logger : ILogger + { + readonly ILog _logger = LogManager.GetLogger("JwtAuthForWebAPI"); + + private static Logger instance; + + private Logger() { } + + public static Logger Instance + { + get + { + if (instance == null) + { + instance = new Logger(); + } + return instance; + } + } + + public void DebugFormat(string message, params object[] paramList) + { + _logger.DebugFormat(message,paramList); + } + + public void WarnFormat(string message, Exception ex) + { + _logger.WarnFormat(message, ex); + } + + public void ErrorFormat(string message, Exception ex) + { + _logger.WarnFormat(message, ex); + } + } +} + diff --git a/src/JwtAuthForWebAPI/ILogger.cs b/src/JwtAuthForWebAPI/ILogger.cs new file mode 100644 index 0000000..17d0fbe --- /dev/null +++ b/src/JwtAuthForWebAPI/ILogger.cs @@ -0,0 +1,35 @@ + + +using System; +using System.Diagnostics; + +namespace JwtAuthForWebAPI +{ + public interface ILogger + { + void DebugFormat(string message, params object[] paramList); + + void WarnFormat(string message, Exception ex); + + void ErrorFormat(string message, Exception ex); + } + + public class DefaultLogger : ILogger + { + public void DebugFormat(string message, params object[] paramList) + { + Trace.TraceInformation(message,paramList); + } + + public void WarnFormat(string message, Exception ex) + { + Trace.TraceWarning(message, ex.Message); + } + + public void ErrorFormat(string message, Exception ex) + { + Trace.TraceError(message, ex.Message); + } + } +} + diff --git a/src/JwtAuthForWebAPI/JwtAuthForWebAPI.csproj b/src/JwtAuthForWebAPI/JwtAuthForWebAPI.csproj index e507e60..1152f5e 100644 --- a/src/JwtAuthForWebAPI/JwtAuthForWebAPI.csproj +++ b/src/JwtAuthForWebAPI/JwtAuthForWebAPI.csproj @@ -30,9 +30,6 @@ 4 - - ..\..\lib\log4net.2.0.2\lib\net40-full\log4net.dll - @@ -53,6 +50,7 @@ + diff --git a/src/JwtAuthForWebAPI/JwtAuthenticationMessageHandler.cs b/src/JwtAuthForWebAPI/JwtAuthenticationMessageHandler.cs index 69f1bdd..a44e3a6 100644 --- a/src/JwtAuthForWebAPI/JwtAuthenticationMessageHandler.cs +++ b/src/JwtAuthForWebAPI/JwtAuthenticationMessageHandler.cs @@ -10,7 +10,6 @@ using System.Threading; using System.Threading.Tasks; using System.Web; -using log4net; namespace JwtAuthForWebAPI { @@ -21,13 +20,18 @@ namespace JwtAuthForWebAPI /// public class JwtAuthenticationMessageHandler : DelegatingHandler { - private readonly ILog _logger = LogManager.GetLogger("JwtAuthForWebAPI"); + private readonly ILogger _logger = new DefaultLogger(); /// /// String representation of the Bearer scheme, used for JWTs. /// public const string BearerScheme = "Bearer"; + public JwtAuthenticationMessageHandler(ILogger logger) : base() + { + _logger = logger; + } + public JwtAuthenticationMessageHandler() { AllowedAudience = "http://www.example.com"; @@ -130,7 +134,7 @@ protected override Task SendAsync( if (string.IsNullOrEmpty(tokenString)) { - _logger.Debug("Token not found in authorization header or request cookie"); + _logger.DebugFormat("Token not found in authorization header or request cookie"); return BaseSendAsync(request, cancellationToken); } From 38cb69ad85d386f6ac99707760a3b12c25ab0c8e Mon Sep 17 00:00:00 2001 From: Lineker Tomazeli Date: Mon, 17 Aug 2015 14:57:38 -0400 Subject: [PATCH 3/3] Rollback signingtoken created from certificate. It was removed for testing --- .../App_Start/WebApiConfig.cs | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/src/JwtAuthForWebAPI.SampleSite/App_Start/WebApiConfig.cs b/src/JwtAuthForWebAPI.SampleSite/App_Start/WebApiConfig.cs index b31fa77..8c42453 100644 --- a/src/JwtAuthForWebAPI.SampleSite/App_Start/WebApiConfig.cs +++ b/src/JwtAuthForWebAPI.SampleSite/App_Start/WebApiConfig.cs @@ -7,13 +7,6 @@ namespace JwtAuthForWebAPI.SampleSite { public static class WebApiConfig { - static byte[] GetBytes(string str) - { - byte[] bytes = new byte[str.Length * sizeof(char)]; - System.Buffer.BlockCopy(str.ToCharArray(), 0, bytes, 0, bytes.Length); - return bytes; - } - public static void Register(HttpConfiguration config) { config.Routes.MapHttpRoute( @@ -31,7 +24,7 @@ public static void Register(HttpConfiguration config) AllowedAudience = configReader.AllowedAudience, AllowedAudiences = configReader.AllowedAudiences, Issuer = configReader.Issuer, - SigningToken = tokenBuilder.CreateFromKey(GetBytes("testkey")), + SigningToken = tokenBuilder.CreateFromCertificate(configReader.SubjectCertificateName), PrincipalTransformer = new SamplePrincipalTransformer() };