From 64d3919a8077c31f943fbd005ef65420cbbec16f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Ca=C3=B1izares=20Est=C3=A9vez?= Date: Mon, 12 Dec 2016 10:15:24 +0100 Subject: [PATCH] Secure orders api and add bearer token in calls from MVC application to orders api. --- docker-compose.yml | 10 +- eShopOnContainers.sln | 96 +++++++++---------- .../eShopOnContainers.TestRunner.Droid.csproj | 2 +- src/Services/Basket/Basket.API/Dockerfile | 2 +- src/Services/Basket/Basket.API/Program.cs | 3 +- src/Services/Basket/Basket.API/Startup.cs | 2 +- .../appsettings.json | 4 +- .../Controllers/OrdersController.cs | 13 ++- src/Services/Ordering/Ordering.API/Dockerfile | 2 +- src/Services/Ordering/Ordering.API/Program.cs | 4 +- .../Properties/launchSettings.json | 2 +- src/Services/Ordering/Ordering.API/Startup.cs | 20 ++++ .../Ordering/Ordering.API/project.json | 3 +- .../Ordering/Ordering.API/settings.json | 4 +- src/Web/WebMVC/Controllers/OrderController.cs | 19 ++-- src/Web/WebMVC/Properties/launchSettings.json | 2 +- src/Web/WebMVC/Services/OrderingService.cs | 23 ++++- 17 files changed, 128 insertions(+), 83 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index c9a13502c..c87e6e896 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -8,10 +8,10 @@ services: dockerfile: Dockerfile environment: - CatalogUrl=http://catalog.api - - OrderingUrl=http://ordering.api + - OrderingUrl=http://ordering.api:5102 #- IdentityUrl=http://104.40.62.65:5105 #Remote: VM Needs to have public access at 5105. - IdentityUrl=http://identity.service:5105 #Local: You need a entry in windows host file to run identity in local docker. - - BasketUrl=http://basket.api + - BasketUrl=http://basket.api:5103 ports: - "5100:5100" depends_on: @@ -28,7 +28,7 @@ services: - OrderingUrl=http://ordering.api #- IdentityUrl=http://104.40.62.65:5105 #Remote: VM Needs to have public access at 5105. - IdentityUrl=http://identity.service:5105 #Local: You need a entry in windows host file to run identity in local docker. - - BasketUrl=http://basket.api + - BasketUrl=http://basket.api:5103 ports: - "5104:80" depends_on: @@ -95,8 +95,10 @@ services: image: eshop/ordering.api environment: - ConnectionString=Server=ordering.data;Database=Microsoft.eShopOnContainers.Services.OrderingDb;User Id=sa;Password=Pass@word + - identityUrl=http://identity.service:5105 #local + #- identityUrl=http://104.40.62.65:5105 #remote ports: - - "5102:80" + - "5102:5102" depends_on: - ordering.data diff --git a/eShopOnContainers.sln b/eShopOnContainers.sln index 88575bbc3..a56a9d076 100644 --- a/eShopOnContainers.sln +++ b/eShopOnContainers.sln @@ -800,54 +800,54 @@ Global {95F1F07C-4D92-4742-BD07-E5B805AAB651}.Release|x64.Build.0 = Release|Any CPU {95F1F07C-4D92-4742-BD07-E5B805AAB651}.Release|x86.ActiveCfg = Release|Any CPU {95F1F07C-4D92-4742-BD07-E5B805AAB651}.Release|x86.Build.0 = Release|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Ad-Hoc|Any CPU.ActiveCfg = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Ad-Hoc|Any CPU.Build.0 = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Ad-Hoc|ARM.ActiveCfg = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Ad-Hoc|ARM.Build.0 = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Ad-Hoc|iPhone.ActiveCfg = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Ad-Hoc|iPhone.Build.0 = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Ad-Hoc|iPhoneSimulator.ActiveCfg = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Ad-Hoc|iPhoneSimulator.Build.0 = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Ad-Hoc|x64.ActiveCfg = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Ad-Hoc|x64.Build.0 = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Ad-Hoc|x86.ActiveCfg = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Ad-Hoc|x86.Build.0 = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.AppStore|Any CPU.ActiveCfg = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.AppStore|Any CPU.Build.0 = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.AppStore|ARM.ActiveCfg = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.AppStore|ARM.Build.0 = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.AppStore|iPhone.ActiveCfg = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.AppStore|iPhone.Build.0 = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.AppStore|iPhoneSimulator.ActiveCfg = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.AppStore|iPhoneSimulator.Build.0 = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.AppStore|x64.ActiveCfg = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.AppStore|x64.Build.0 = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.AppStore|x86.ActiveCfg = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.AppStore|x86.Build.0 = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Debug|Any CPU.Build.0 = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Debug|ARM.ActiveCfg = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Debug|ARM.Build.0 = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Debug|iPhone.ActiveCfg = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Debug|iPhone.Build.0 = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Debug|iPhoneSimulator.ActiveCfg = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Debug|iPhoneSimulator.Build.0 = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Debug|x64.ActiveCfg = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Debug|x64.Build.0 = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Debug|x86.ActiveCfg = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Debug|x86.Build.0 = Debug|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Release|Any CPU.ActiveCfg = Release|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Release|Any CPU.Build.0 = Release|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Release|ARM.ActiveCfg = Release|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Release|ARM.Build.0 = Release|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Release|iPhone.ActiveCfg = Release|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Release|iPhone.Build.0 = Release|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Release|iPhoneSimulator.ActiveCfg = Release|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Release|iPhoneSimulator.Build.0 = Release|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Release|x64.ActiveCfg = Release|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Release|x64.Build.0 = Release|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Release|x86.ActiveCfg = Release|Any CPU - {621E7211-58D0-45FD-9600-1CB490BD930E}.Release|x86.Build.0 = Release|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Ad-Hoc|Any CPU.ActiveCfg = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Ad-Hoc|Any CPU.Build.0 = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Ad-Hoc|ARM.ActiveCfg = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Ad-Hoc|ARM.Build.0 = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Ad-Hoc|iPhone.ActiveCfg = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Ad-Hoc|iPhone.Build.0 = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Ad-Hoc|iPhoneSimulator.ActiveCfg = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Ad-Hoc|iPhoneSimulator.Build.0 = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Ad-Hoc|x64.ActiveCfg = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Ad-Hoc|x64.Build.0 = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Ad-Hoc|x86.ActiveCfg = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Ad-Hoc|x86.Build.0 = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.AppStore|Any CPU.ActiveCfg = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.AppStore|Any CPU.Build.0 = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.AppStore|ARM.ActiveCfg = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.AppStore|ARM.Build.0 = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.AppStore|iPhone.ActiveCfg = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.AppStore|iPhone.Build.0 = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.AppStore|iPhoneSimulator.ActiveCfg = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.AppStore|iPhoneSimulator.Build.0 = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.AppStore|x64.ActiveCfg = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.AppStore|x64.Build.0 = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.AppStore|x86.ActiveCfg = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.AppStore|x86.Build.0 = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Debug|Any CPU.Build.0 = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Debug|ARM.ActiveCfg = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Debug|ARM.Build.0 = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Debug|iPhone.ActiveCfg = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Debug|iPhone.Build.0 = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Debug|iPhoneSimulator.ActiveCfg = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Debug|iPhoneSimulator.Build.0 = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Debug|x64.ActiveCfg = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Debug|x64.Build.0 = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Debug|x86.ActiveCfg = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Debug|x86.Build.0 = Debug|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Release|Any CPU.ActiveCfg = Release|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Release|Any CPU.Build.0 = Release|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Release|ARM.ActiveCfg = Release|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Release|ARM.Build.0 = Release|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Release|iPhone.ActiveCfg = Release|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Release|iPhone.Build.0 = Release|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Release|iPhoneSimulator.ActiveCfg = Release|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Release|iPhoneSimulator.Build.0 = Release|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Release|x64.ActiveCfg = Release|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Release|x64.Build.0 = Release|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Release|x86.ActiveCfg = Release|Any CPU + {A579E108-5445-403D-A407-339AC4D1611B}.Release|x86.Build.0 = Release|Any CPU EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE diff --git a/src/Mobile/eShopOnContainers/eShopOnContainers.TestRunner.Droid/eShopOnContainers.TestRunner.Droid.csproj b/src/Mobile/eShopOnContainers/eShopOnContainers.TestRunner.Droid/eShopOnContainers.TestRunner.Droid.csproj index bb833177e..545e3dbfb 100644 --- a/src/Mobile/eShopOnContainers/eShopOnContainers.TestRunner.Droid/eShopOnContainers.TestRunner.Droid.csproj +++ b/src/Mobile/eShopOnContainers/eShopOnContainers.TestRunner.Droid/eShopOnContainers.TestRunner.Droid.csproj @@ -16,7 +16,7 @@ Resources\Resource.Designer.cs Off True - v7.0 + v6.0 Properties\AndroidManifest.xml diff --git a/src/Services/Basket/Basket.API/Dockerfile b/src/Services/Basket/Basket.API/Dockerfile index b0801c2b0..90c726b0e 100644 --- a/src/Services/Basket/Basket.API/Dockerfile +++ b/src/Services/Basket/Basket.API/Dockerfile @@ -2,5 +2,5 @@ FROM microsoft/aspnetcore:1.0.1 ENTRYPOINT ["dotnet", "Basket.API.dll"] ARG source=. WORKDIR /app -EXPOSE 80 +ENV ASPNETCORE_URLS http://*:5103 COPY $source . diff --git a/src/Services/Basket/Basket.API/Program.cs b/src/Services/Basket/Basket.API/Program.cs index 712aafef8..81cde138f 100644 --- a/src/Services/Basket/Basket.API/Program.cs +++ b/src/Services/Basket/Basket.API/Program.cs @@ -15,7 +15,8 @@ namespace Microsoft.eShopOnContainers.Services.Basket.API var host = new WebHostBuilder() .UseKestrel() .UseContentRoot(Directory.GetCurrentDirectory()) - .UseIISIntegration() + .UseUrls("http://0.0.0.0:5103") + //.UseIISIntegration() .UseStartup() .Build(); diff --git a/src/Services/Basket/Basket.API/Startup.cs b/src/Services/Basket/Basket.API/Startup.cs index f558b2e12..ef7eeebf3 100644 --- a/src/Services/Basket/Basket.API/Startup.cs +++ b/src/Services/Basket/Basket.API/Startup.cs @@ -68,7 +68,7 @@ namespace Microsoft.eShopOnContainers.Services.Basket.API // Use frameworks app.UseCors("CorsPolicy"); - var identityUrl = Configuration.GetValue(typeof(string), "IdentityUrl"); + var identityUrl = Configuration.GetValue("IdentityUrl"); app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions { diff --git a/src/Services/Identity/eShopOnContainers.Identity/appsettings.json b/src/Services/Identity/eShopOnContainers.Identity/appsettings.json index ee6bcb9a1..9433af6c1 100644 --- a/src/Services/Identity/eShopOnContainers.Identity/appsettings.json +++ b/src/Services/Identity/eShopOnContainers.Identity/appsettings.json @@ -1,7 +1,7 @@ { "ConnectionStrings": { - "DefaultConnection": "Server=identity.data;Database=aspnet-Microsoft.eShopOnContainers;User Id=sa;Password=Pass@word" - //"DefaultConnection": "Server=127.0.0.1,5433;Database=aspnet-Microsoft.eShopOnContainers;User Id=sa;Password=Pass@word" + //"DefaultConnection": "Server=identity.data;Database=aspnet-Microsoft.eShopOnContainers;User Id=sa;Password=Pass@word" + "DefaultConnection": "Server=127.0.0.1,5433;Database=aspnet-Microsoft.eShopOnContainers;User Id=sa;Password=Pass@word" }, "MvcClient": "http://localhost:5100", "SpaClient": "http://localhost:5104", diff --git a/src/Services/Ordering/Ordering.API/Controllers/OrdersController.cs b/src/Services/Ordering/Ordering.API/Controllers/OrdersController.cs index 3cd3f5353..4ae478cbb 100644 --- a/src/Services/Ordering/Ordering.API/Controllers/OrdersController.cs +++ b/src/Services/Ordering/Ordering.API/Controllers/OrdersController.cs @@ -2,6 +2,7 @@ { using Application.Commands; using Application.Queries; + using AspNetCore.Authorization; using MediatR; using Microsoft.AspNetCore.Mvc; using Models; @@ -9,6 +10,7 @@ using System.Threading.Tasks; [Route("api/v1/[controller]")] + [Authorize] public class OrdersController : Controller { private readonly IMediator _mediator; @@ -34,9 +36,12 @@ [HttpPost] public async Task AddOrder([FromBody]NewOrderViewModel order) { + if (order.CardExpiration == DateTime.MinValue) + order.CardExpiration = DateTime.Now; + var newOrderRequest = new NewOrderRequest() { - Buyer =GetUserName(), //TODO + Buyer = GetUserName(), CardTypeId = 1, //TODO CardHolderName = order.CardHolderName, CardNumber = order.CardNumber, @@ -85,9 +90,13 @@ return Ok(cardTypes); } + /// + /// Returns the GUID corresponding to the Id of the authenticated user. + /// + /// GUID (string) string GetUserName() { - return "MOCK"; + return HttpContext.User.FindFirst("sub").Value; } } diff --git a/src/Services/Ordering/Ordering.API/Dockerfile b/src/Services/Ordering/Ordering.API/Dockerfile index 680022268..6b46cb5fd 100644 --- a/src/Services/Ordering/Ordering.API/Dockerfile +++ b/src/Services/Ordering/Ordering.API/Dockerfile @@ -4,5 +4,5 @@ FROM microsoft/aspnetcore:1.0.1 ENTRYPOINT ["dotnet", "Ordering.API.dll"] ARG source=. WORKDIR /app -EXPOSE 80 +ENV ASPNETCORE_URLS http://*:5102 COPY $source . diff --git a/src/Services/Ordering/Ordering.API/Program.cs b/src/Services/Ordering/Ordering.API/Program.cs index b009213a3..7aa3c94a4 100644 --- a/src/Services/Ordering/Ordering.API/Program.cs +++ b/src/Services/Ordering/Ordering.API/Program.cs @@ -15,9 +15,9 @@ namespace Microsoft.eShopOnContainers.Services.Ordering.API var host = new WebHostBuilder() .UseKestrel() .UseContentRoot(Directory.GetCurrentDirectory()) - .UseIISIntegration() + //.UseIISIntegration() .UseStartup() - //.UseUrls("http://localhost:5555") //Just for KESTREL + .UseUrls("http://0.0.0.0:5102") .Build(); host.Run(); diff --git a/src/Services/Ordering/Ordering.API/Properties/launchSettings.json b/src/Services/Ordering/Ordering.API/Properties/launchSettings.json index 150597acd..2e24c9099 100644 --- a/src/Services/Ordering/Ordering.API/Properties/launchSettings.json +++ b/src/Services/Ordering/Ordering.API/Properties/launchSettings.json @@ -3,7 +3,7 @@ "windowsAuthentication": false, "anonymousAuthentication": true, "iisExpress": { - "applicationUrl": "http://localhost:2446/", + "applicationUrl": "http://localhost:5102/", "sslPort": 0 } }, diff --git a/src/Services/Ordering/Ordering.API/Startup.cs b/src/Services/Ordering/Ordering.API/Startup.cs index 88123af1a..680a70f6e 100644 --- a/src/Services/Ordering/Ordering.API/Startup.cs +++ b/src/Services/Ordering/Ordering.API/Startup.cs @@ -68,6 +68,15 @@ }); }); + services.AddCors(options => + { + options.AddPolicy("CorsPolicy", + builder => builder.AllowAnyOrigin() + .AllowAnyMethod() + .AllowAnyHeader() + .AllowCredentials()); + }); + services.AddSingleton(this.Configuration); services.AddOptions(); @@ -93,6 +102,17 @@ app.UseDeveloperExceptionPage(); } + app.UseCors("CorsPolicy"); + + var identityUrl = Configuration.GetValue("IdentityUrl"); + + app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions + { + Authority = identityUrl.ToString(), + ScopeName = "orders", + RequireHttpsMetadata = false + }); + app.UseMvcWithDefaultRoute(); diff --git a/src/Services/Ordering/Ordering.API/project.json b/src/Services/Ordering/Ordering.API/project.json index 4eeb12070..017d911f4 100644 --- a/src/Services/Ordering/Ordering.API/project.json +++ b/src/Services/Ordering/Ordering.API/project.json @@ -27,7 +27,8 @@ "Ordering.Domain": "1.0.0-*", "Ordering.Application": "1.0.0-*", "Ordering.Infrastructure": "1.0.0-*", - "System.Reflection": "4.3.0" + "System.Reflection": "4.3.0", + "IdentityServer4.AccessTokenValidation": "1.0.1-rc3" }, "tools": { "Microsoft.EntityFrameworkCore.Tools": "1.0.0-preview2-final", diff --git a/src/Services/Ordering/Ordering.API/settings.json b/src/Services/Ordering/Ordering.API/settings.json index ffdec91ee..3603d2012 100644 --- a/src/Services/Ordering/Ordering.API/settings.json +++ b/src/Services/Ordering/Ordering.API/settings.json @@ -1,4 +1,4 @@ { - //"ConnectionString": "Server=ordering.data;Database=Microsoft.eShopOnContainers.Services.OrderingDb;User Id=sa;Password=Pass@word;" - "ConnectionString": "Server=tcp:127.0.0.1,5432;Database=Microsoft.eShopOnContainers.Services.OrderingDb;User Id=sa;Password=Pass@word;" + "ConnectionString": "Server=tcp:127.0.0.1,5432;Database=Microsoft.eShopOnContainers.Services.OrderingDb;User Id=sa;Password=Pass@word;", + "IdentityUrl": "http://localhost:5105" } diff --git a/src/Web/WebMVC/Controllers/OrderController.cs b/src/Web/WebMVC/Controllers/OrderController.cs index f87d97bed..606c2695d 100644 --- a/src/Web/WebMVC/Controllers/OrderController.cs +++ b/src/Web/WebMVC/Controllers/OrderController.cs @@ -47,18 +47,10 @@ namespace Microsoft.eShopOnContainers.WebMVC.Controllers if (action == "[ Place Order ]") { - try - { - await _orderSvc.CreateOrder(user, order); + await _orderSvc.CreateOrder(user, order); - //Empty basket for current user. - await _basketSvc.CleanBasket(user); - - } - catch (Exception) { - //redirect to some error page if the operation fails. - return Redirect("http://www.google.com"); - } + //Empty basket for current user. + await _basketSvc.CleanBasket(user); //Redirect to historic list. return RedirectToAction("Index"); @@ -75,10 +67,11 @@ namespace Microsoft.eShopOnContainers.WebMVC.Controllers return View(order); } - public IActionResult Index(Order item) + public async Task Index(Order item) { var user = _appUserParser.Parse(HttpContext.User); - return View(_orderSvc.GetMyOrders(user)); + var vm = await _orderSvc.GetMyOrders(user); + return View(vm); } } } \ No newline at end of file diff --git a/src/Web/WebMVC/Properties/launchSettings.json b/src/Web/WebMVC/Properties/launchSettings.json index 2cbe5bbbd..f57f286c4 100644 --- a/src/Web/WebMVC/Properties/launchSettings.json +++ b/src/Web/WebMVC/Properties/launchSettings.json @@ -3,7 +3,7 @@ "windowsAuthentication": false, "anonymousAuthentication": true, "iisExpress": { - "applicationUrl": "http://localhost:2114/", + "applicationUrl": "http://localhost:5100", "sslPort": 0 } }, diff --git a/src/Web/WebMVC/Services/OrderingService.cs b/src/Web/WebMVC/Services/OrderingService.cs index efe45db52..d79c4591c 100644 --- a/src/Web/WebMVC/Services/OrderingService.cs +++ b/src/Web/WebMVC/Services/OrderingService.cs @@ -7,6 +7,7 @@ using Microsoft.AspNetCore.Http; using Microsoft.Extensions.Options; using System.Net.Http; using Newtonsoft.Json; +using Microsoft.AspNetCore.Authentication; namespace Microsoft.eShopOnContainers.WebMVC.Services { @@ -15,11 +16,14 @@ namespace Microsoft.eShopOnContainers.WebMVC.Services private HttpClient _apiClient; private readonly string _remoteServiceBaseUrl; private readonly IOptions _settings; + private readonly IHttpContextAccessor _httpContextAccesor; - public OrderingService(IOptions settings) + public OrderingService(IOptions settings, IHttpContextAccessor httpContextAccesor) { _remoteServiceBaseUrl = $"{settings.Value.OrderingUrl}/api/v1/orders"; _settings = settings; + _httpContextAccesor = httpContextAccesor; + #region fake items //_orders = new List() //{ @@ -62,7 +66,12 @@ namespace Microsoft.eShopOnContainers.WebMVC.Services async public Task GetOrder(ApplicationUser user, string Id) { + var context = _httpContextAccesor.HttpContext; + var token = await context.Authentication.GetTokenAsync("access_token"); + _apiClient = new HttpClient(); + _apiClient.DefaultRequestHeaders.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", token); + var ordersUrl = $"{_remoteServiceBaseUrl}/{Id}"; var dataString = await _apiClient.GetStringAsync(ordersUrl); var response = JsonConvert.DeserializeObject(dataString); @@ -72,12 +81,17 @@ namespace Microsoft.eShopOnContainers.WebMVC.Services async public Task> GetMyOrders(ApplicationUser user) { + var context = _httpContextAccesor.HttpContext; + var token = await context.Authentication.GetTokenAsync("access_token"); + _apiClient = new HttpClient(); + _apiClient.DefaultRequestHeaders.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", token); + var ordersUrl = _remoteServiceBaseUrl; var dataString = await _apiClient.GetStringAsync(ordersUrl); var response = JsonConvert.DeserializeObject>(dataString); - return response; + return response; } public Order MapUserInfoIntoOrder(ApplicationUser user, Order order) @@ -113,7 +127,12 @@ namespace Microsoft.eShopOnContainers.WebMVC.Services async public Task CreateOrder(ApplicationUser user, Order order) { + var context = _httpContextAccesor.HttpContext; + var token = await context.Authentication.GetTokenAsync("access_token"); + _apiClient = new HttpClient(); + _apiClient.DefaultRequestHeaders.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", token); + var ordersUrl = $"{_remoteServiceBaseUrl}/new"; order.PaymentInfo.CardType = CardType.AMEX; OrderRequest request = MapOrderIntoOrderRequest(order);