fix: change jwt tokenizer

src/Bulwark.Auth.Core/Account.cs

@@ -14,10 +14,10 @@ public class Account
  private readonly JwtTokenizer _tokenizer;
 
  public Account(IAccountRepository accountRepository,
- SigningKey signingKey)
+ JwtTokenizer tokenizer)
  {
  _accountRepository = accountRepository;
- _tokenizer = signingKey.Tokenizer;
+ _tokenizer = tokenizer;
  }
 
  /// <summary>

src/Bulwark.Auth.Core/Authentication.cs

@@ -17,13 +17,13 @@ public class Authentication
  private readonly IEncrypt _encrypt;
 
  public Authentication(
- SigningKey signingKey,
+ JwtTokenizer tokenizer,
  ITokenRepository tokenRepository,
  IEncrypt encrypt,
  IAccountRepository accountRepository,
  IAuthorizationRepository authorizationRepository)
  {
- _tokenizer = signingKey.Tokenizer;
+ _tokenizer = tokenizer;
  _accountRepository = accountRepository;
  _tokenRepository = tokenRepository;
  _authorizationRepository = authorizationRepository;
@@ -36,11 +36,10 @@ public Authentication(
  /// </summary>
  /// <param name="email"></param>
  /// <param name="password"></param>
- /// <param name="tokenizerName"></param>
  /// <returns>Authenticated</returns>
  /// <exception cref="BulwarkAuthenticationException"></exception>
  public async Task<Authenticated> Authenticate(string email,
- string password, string tokenizerName = "jwt")
+ string password)
  {
  try
  {

src/Bulwark.Auth.Core/JwtTokenizer.cs

@@ -29,8 +29,9 @@ public JwtTokenizer(string issuer, string audience,
  int accessTokenExpInMin, 
  int refreshTokenExpInHours,
  List<ISigningAlgorithm> signingAlgorithms,
- IEnumerable<Key> keys)
+ SigningKey signingKey)
  {
+ var keys = signingKey.GetKeys();
  foreach(var key in keys)
  {
  _keys.Add(key.Created, key);

src/Bulwark.Auth.Core/MagicCode.cs

@@ -22,13 +22,13 @@ public class MagicCode{
 
  public MagicCode(IMagicCodeRepository magicCodeRepository,
  IAccountRepository accountRepository, IAuthorizationRepository authorizationRepository,
- SigningKey signingKey)
+ JwtTokenizer tokenizer)
  {
  _accountRepository = accountRepository;
  _magicCodeRepository = magicCodeRepository;
  _authorizationRepository = authorizationRepository;
 
- _tokenizer = signingKey.Tokenizer;
+ _tokenizer = tokenizer;
  }
 
  /// <summary>

src/Bulwark.Auth.Core/SigningKey.cs

@@ -12,9 +12,6 @@ namespace Bulwark.Auth.Core;
 public class SigningKey
 {
  private readonly ISigningKeyRepository _signingKeyRepository;
- private const string DefaultIssuer = "bulwark";
- public JwtTokenizer Tokenizer { get; private set; }
-
  public SigningKey(ISigningKeyRepository signingKeyRepository)
  {
  _signingKeyRepository = signingKeyRepository;
@@ -52,23 +49,9 @@ public List<Key> GetKeys()
  private void Initialize()
  {
  var latestCert = _signingKeyRepository.GetLatestKey();
- if(latestCert == null)
- {
- var key = RsaKeyGenerator.MakeKey();
- _signingKeyRepository.AddKey(key.PrivateKey, key.PublicKey);
- }
-
- var signingAlgorithms = new List<ISigningAlgorithm>
- {
- new Rsa256(),
- new Rsa384(),
- new Rsa512()
- };
-
- Tokenizer = new JwtTokenizer(DefaultIssuer, DefaultIssuer, 
- 10,24,
- signingAlgorithms,
- GetKeys().ToArray());
+ if (latestCert != null) return;
+ var key = RsaKeyGenerator.MakeKey();
+ _signingKeyRepository.AddKey(key.PrivateKey, key.PublicKey);
  }
 }
 

src/Bulwark.Auth.Core/Social/SocialLogin.cs

@@ -16,12 +16,12 @@ public class SocialLogin {
 
  public SocialLogin(IValidatorStrategies validatorStrategies,
  IAccountRepository accountRepository, IAuthorizationRepository authorizationRepository,
- SigningKey signingKey)
+ JwtTokenizer tokenizer)
  {
  _socialValidators = validatorStrategies.GetAll();
  _accountRepository = accountRepository;
  _authorizationRepository = authorizationRepository;
- _tokenizer = signingKey.Tokenizer;
+ _tokenizer = tokenizer;
  }
 
  public void AddValidator(ISocialValidator validator)

src/Bulwark.Auth/Program.cs

@@ -1,9 +1,11 @@
+using System.Collections.Generic;
 using dotenv.net;
 using FluentEmail.MailKitSmtp;
 using System.IO;
 using Bulwark.Auth;
 using Bulwark.Auth.Core;
 using Bulwark.Auth.Core.PasswordPolicy;
+using Bulwark.Auth.Core.SigningAlgs;
 using Bulwark.Auth.Core.Social;
 using Bulwark.Auth.Core.Social.Validators;
 using Bulwark.Auth.Repositories;
@@ -71,7 +73,17 @@
 var passwordNumber = new PasswordNumber();
 passwordPolicy.Add(passwordNumber);
 
+var signingAlgorithms = new List<ISigningAlgorithm>
+{
+ new Rsa256(),
+ new Rsa384(),
+ new Rsa512()
+};
+
 applicationBuilder.Services.AddSingleton(passwordPolicy);
+applicationBuilder.Services.AddSingleton<JwtTokenizer>(t => new JwtTokenizer("bulwark", "bulwark",
+ appConfig.AccessTokenExpireInMinutes, appConfig.RefreshTokenExpireInHours,
+ signingAlgorithms, t.GetService<SigningKey>()));
 applicationBuilder.Services.AddSingleton(mongoClient.GetDatabase(dbName));
 applicationBuilder.Services.AddTransient<ITokenRepository, MongoDbAuthToken>();
 applicationBuilder.Services.AddTransient<ISigningKeyRepository, MongoDbSigningKey>();

tests/Bulwark.Auth.Core.Tests/AccountTests.cs

@@ -1,4 +1,6 @@
-using Bulwark.Auth.Repositories;
+using System.Collections.Generic;
+using Bulwark.Auth.Core.SigningAlgs;
+using Bulwark.Auth.Repositories;
 using Bulwark.Auth.Repositories.Util;
 using Bulwark.Auth.TestFixture;
 
@@ -15,13 +17,15 @@ public AccountTests(MongoDbRandomFixture dbFixture)
  {
  var encrypt = new BulwarkBCrypt();
  var accountRepository = new MongoDbAccount(dbFixture.Db, encrypt);
- var certRepository = new MongoDbSigningKey(dbFixture.Db);
- var certManager = new SigningKey(certRepository);
- _account = new Account(accountRepository,certManager);
+ var signingKeyRepository = new MongoDbSigningKey(dbFixture.Db);
+ var signingKey = new SigningKey(signingKeyRepository);
+ var jwtTokenizer = new JwtTokenizer("test", "test", 10, 24,
+ new List<ISigningAlgorithm> {new Rsa256()}, signingKey);
+ _account = new Account(accountRepository, jwtTokenizer);
  var tokenRepository = new MongoDbAuthToken(dbFixture.Db);
  var authorizationRepository = new MongoDbAuthorization(dbFixture.Db);
  _authentication = new Authentication(
- certManager, tokenRepository, encrypt, accountRepository, authorizationRepository);
+ jwtTokenizer, tokenRepository, encrypt, accountRepository, authorizationRepository);
  }
 
  [Fact]

tests/Bulwark.Auth.Core.Tests/AuthenticateTest.cs

@@ -1,4 +1,6 @@
-using Bulwark.Auth.Core.Exception;
+using System.Collections.Generic;
+using Bulwark.Auth.Core.Exception;
+using Bulwark.Auth.Core.SigningAlgs;
 using Bulwark.Auth.Repositories;
 using Bulwark.Auth.Repositories.Util;
 using Bulwark.Auth.TestFixture;
@@ -20,13 +22,15 @@ public AuthenticateTest(MongoDbRandomFixture dbFixture)
  var encrypt = new BulwarkBCrypt();
  var accountRepository = new MongoDbAccount(dbFixture.Db,
  encrypt);
- var certRepository = new MongoDbSigningKey(dbFixture.Db);
- var certManager = new SigningKey(certRepository);
- _account = new Account(accountRepository, certManager);
+ var signingKeyRepository = new MongoDbSigningKey(dbFixture.Db);
+ var signingKey = new SigningKey(signingKeyRepository);
+ var jwtTokenizer = new JwtTokenizer("test", "test", 10, 24,
+ new List<ISigningAlgorithm> {new Rsa256()}, signingKey);
+ _account = new Account(accountRepository, jwtTokenizer);
  var tokenRepository = new MongoDbAuthToken(dbFixture.Db);
  var authorizationRepository = new MongoDbAuthorization(dbFixture.Db);
- _authentication = new Authentication(
- certManager, tokenRepository, encrypt, accountRepository, authorizationRepository);
+ _authentication = new Authentication(jwtTokenizer, 
+ tokenRepository, encrypt, accountRepository, authorizationRepository);
  }
 
  [Fact]

tests/Bulwark.Auth.Core.Tests/JwtTokenizerTests.cs

@@ -2,15 +2,18 @@
 using Bulwark.Auth.Core.Domain;
 using Bulwark.Auth.Core.SigningAlgs;
 using Bulwark.Auth.Core.Util;
+using Bulwark.Auth.Repositories;
+using Bulwark.Auth.TestFixture;
 
 namespace Bulwark.Auth.Core.Tests;
 
-public class JwtTokenizerTests
+public class JwtTokenizerTests : IClassFixture<MongoDbRandomFixture>
 {
  private readonly JwtTokenizer _tokenizer;
 
- public JwtTokenizerTests()
+ public JwtTokenizerTests(MongoDbRandomFixture dbFixture)
  {
+ var signingKey = new SigningKey(new MongoDbSigningKey(dbFixture.Db));
  var key = RsaKeyGenerator.MakeKey();
  var keys = new Key[1];
  keys[0] = key;
@@ -19,7 +22,7 @@ public JwtTokenizerTests()
  new Rsa256()
  };
  _tokenizer = new JwtTokenizer("test", "test", 10,24,
- signingAlgorithms,keys);
+ signingAlgorithms,signingKey);
  }
 
  [Fact]

tests/Bulwark.Auth.Core.Tests/MagicCodeTests.cs

@@ -1,4 +1,6 @@
-using Bulwark.Auth.Repositories;
+using System.Collections.Generic;
+using Bulwark.Auth.Core.SigningAlgs;
+using Bulwark.Auth.Repositories;
 using Bulwark.Auth.Repositories.Util;
 using Bulwark.Auth.TestFixture;
 
@@ -21,14 +23,16 @@ public async void CreateAndAuthenticateMagicCode()
  var encrypt = new BulwarkBCrypt();
  var accountRepository = new MongoDbAccount(_dbFixture.Db,
  encrypt);
- var certRepository = new MongoDbSigningKey(_dbFixture.Db);
- var certManager = new SigningKey(certRepository);
+ var signingKeyRepository = new MongoDbSigningKey(_dbFixture.Db);
+ var signingKey = new SigningKey(signingKeyRepository);
+ var jwtTokenizer = new JwtTokenizer("test", "test", 10, 24,
+ new List<ISigningAlgorithm> {new Rsa256()}, signingKey);
  var magicCodeRepository = new MongoDbMagicCode(_dbFixture.Db);
  var authorizationRepository = new MongoDbAuthorization(_dbFixture.Db);
  var magicCodeManager = new MagicCode(magicCodeRepository,
- accountRepository, authorizationRepository, certManager);
+ accountRepository, authorizationRepository, jwtTokenizer);
  var accountManager = new Account(accountRepository,
- certManager);
+ jwtTokenizer);
  var user = TestUtils.GenerateEmail();
  var verificationToken = await accountManager.Create(user,
  "strongpassword");

tests/Bulwark.Auth.Core.Tests/SigningKeyTests.cs

@@ -27,7 +27,6 @@ public void SigningKeyManagerInitialize()
  var signingKeyManager = new SigningKey(signingRepository);
  var signingKeyModel = signingRepository.GetLatestKey();
  Assert.NotNull(signingKeyModel);
- Assert.NotNull(signingKeyManager.Tokenizer);
  signingKeyManager.GenerateKey();
  var signingKeyModel2 = signingRepository.GetLatestKey();
  Assert.NotEqual(signingKeyModel.KeyId, signingKeyModel2.KeyId);

tests/Bulwark.Auth.Core.Tests/SocialTests.cs

@@ -1,4 +1,6 @@
-using Bulwark.Auth.Core.Social;
+using System.Collections.Generic;
+using Bulwark.Auth.Core.SigningAlgs;
+using Bulwark.Auth.Core.Social;
 using Bulwark.Auth.Core.Social.Validators;
 using Bulwark.Auth.Core.Tests.Mocks;
 using Bulwark.Auth.Repositories;
@@ -20,8 +22,10 @@ public SocialTests(MongoDbRandomFixture dbFixture)
  IValidatorStrategies validators = new ValidatorStrategies();
  IAccountRepository accountRepository = new MongoDbAccount(dbFixture1.Db,
  encrypt);
- ISigningKeyRepository signingKeyRepository = new MongoDbSigningKey(dbFixture1.Db);
- SigningKey signingKey = new SigningKey(signingKeyRepository);
+ var signingKeyRepository = new MongoDbSigningKey(dbFixture.Db);
+ var signingKey = new SigningKey(signingKeyRepository);
+ var jwtTokenizer = new JwtTokenizer("test", "test", 10, 24,
+ new List<ISigningAlgorithm> {new Rsa256()}, signingKey);
  new MongoDbAuthToken(dbFixture1.Db);
  validators.Add(new MockSocialValidator("bulwark"));
  validators.Add(new GoogleValidator(
@@ -30,7 +34,7 @@ public SocialTests(MongoDbRandomFixture dbFixture)
  validators.Add(new GithubValidator("lateflip.io" ));
  var authorizationRepository = new MongoDbAuthorization(dbFixture1.Db);
  _socialLogin = new SocialLogin(validators, accountRepository, 
- authorizationRepository, signingKey); 
+ authorizationRepository, jwtTokenizer); 
  }
 
  [Fact]