hack: disable authorization + add fake identity service which takes userID straight from the header

2023-02-11 13:01:23 +01:00 · 2023-02-11 13:01:23 +01:00 · 792866c8d5
commit 792866c8d5
parent eef41bbf8a
5 changed files with 74 additions and 13 deletions
--- a/src/Services/Basket/Basket.API/Controllers/BasketController.cs
+++ b/src/Services/Basket/Basket.API/Controllers/BasketController.cs
@ -1,6 +1,7 @@
 namespace Microsoft.eShopOnContainers.Services.Basket.API.Controllers;
 [Route("api/v1/[controller]")]
 // HACK: no auth 
 // [Authorize]
 [ApiController]
 public class BasketController : ControllerBase
@ -56,8 +57,11 @@ public class BasketController : ControllerBase
            return BadRequest();
        }
-        var userName = this.HttpContext.User.FindFirst(x => x.Type == ClaimTypes.Name).Value;
+        // HACK: no auth 
-
+        // Authorization is disabled so the Name claim will not be available 
        // var userName = this.HttpContext.User.FindFirst(x => x.Type == ClaimTypes.Name).Value;
        var userName = "Dummy User Name";
        var eventMessage = new UserCheckoutAcceptedIntegrationEvent(userId, userName, basketCheckout.City, basketCheckout.Street,
            basketCheckout.State, basketCheckout.Country, basketCheckout.ZipCode, basketCheckout.CardNumber, basketCheckout.CardHolderName,
            basketCheckout.CardExpiration, basketCheckout.CardSecurityNumber, basketCheckout.CardTypeId, basketCheckout.Buyer, basketCheckout.RequestId, basket);
--- a/src/Services/Basket/Basket.API/Services/IdentityService.cs
+++ b/src/Services/Basket/Basket.API/Services/IdentityService.cs
@ -1,17 +1,41 @@
 namespace Microsoft.eShopOnContainers.Services.Basket.API.Services;
-public class IdentityService : IIdentityService
+public class IdentityServiceFake : IIdentityService
 {
    private IHttpContextAccessor _context;
-    public IdentityService(IHttpContextAccessor context)
+    public IdentityServiceFake(IHttpContextAccessor context)
    {
        _context = context ?? throw new ArgumentNullException(nameof(context));
    }
-
+    
    public string GetUserIdentity()
    {
-        return _context.HttpContext.User.FindFirst("sub").Value;
+        if (_context.HttpContext
            .Request
            .Headers
            .TryGetValue("user-id", out var value))
        {
            return value.Single();
        }
        return null;    
    }
 }
 // HACK: no auth 
 // public class IdentityService : IIdentityService
 // {
 //     private IHttpContextAccessor _context;
 //
 //     public IdentityService(IHttpContextAccessor context)
 //     {
 //         _context = context ?? throw new ArgumentNullException(nameof(context));
 //     }
 //
 //     public string GetUserIdentity()
 //     {
 //         return _context.HttpContext.User.FindFirst("sub").Value;
 //     }
 // }
--- a/src/Services/Basket/Basket.API/Startup.cs
+++ b/src/Services/Basket/Basket.API/Startup.cs
@ -135,7 +135,9 @@ public class Startup
        });
        services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
        services.AddTransient<IBasketRepository, RedisBasketRepository>();
-        services.AddTransient<IIdentityService, IdentityService>();
+        // HACK: no auth 
        // services.AddTransient<IIdentityService, IdentityService>();
        services.AddTransient<IIdentityService, IdentityServiceFake>();
        services.AddOptions();
--- a/src/Services/Ordering/Ordering.API/Infrastructure/Services/IdentityService.cs
+++ b/src/Services/Ordering/Ordering.API/Infrastructure/Services/IdentityService.cs
@ -1,21 +1,50 @@
 namespace Microsoft.eShopOnContainers.Services.Ordering.API.Infrastructure.Services;
-public class IdentityService : IIdentityService
+public class IdentityServiceFake : IIdentityService
 {
    private IHttpContextAccessor _context;
-    public IdentityService(IHttpContextAccessor context)
+    public IdentityServiceFake(IHttpContextAccessor context)
    {
        _context = context ?? throw new ArgumentNullException(nameof(context));
    }
-
+    
    public string GetUserIdentity()
    {
-        return _context.HttpContext.User.FindFirst("sub").Value;
+        if (_context.HttpContext
            .Request
            .Headers
            .TryGetValue("user-id", out var value))
        {
            return value.Single();
        }
        return null;    
    }
    public string GetUserName()
    {
-        return _context.HttpContext.User.Identity.Name;
+        return "Dummy User Name";
    }
 }
 // HACK: no auth 
 // public class IdentityService : IIdentityService
 // {
 //     private IHttpContextAccessor _context;
 //
 //     public IdentityService(IHttpContextAccessor context)
 //     {
 //         _context = context ?? throw new ArgumentNullException(nameof(context));
 //     }
 //
 //     public string GetUserIdentity()
 //     {
 //         return _context.HttpContext.User.FindFirst("sub").Value;
 //     }
 //
 //     public string GetUserName()
 //     {
 //         return _context.HttpContext.User.Identity.Name;
 //     }
 // }
--- a/src/Services/Ordering/Ordering.API/Startup.cs
+++ b/src/Services/Ordering/Ordering.API/Startup.cs
@ -250,7 +250,9 @@ static class CustomExtensionsMethods
    public static IServiceCollection AddCustomIntegrations(this IServiceCollection services, IConfiguration configuration)
    {
        services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
-        services.AddTransient<IIdentityService, IdentityService>();
+        // HACK: no auth 
        // services.AddTransient<IIdentityService, IdentityService>();
        services.AddTransient<IIdentityService, IdentityServiceFake>();
        services.AddTransient<Func<DbConnection, IIntegrationEventLogService>>(
            sp => (DbConnection c) => new IntegrationEventLogService(c));