hack: disable authorization + add fake identity service which takes userID straight from the header

2023-02-11 13:01:23 +01:00 · 2023-02-11 13:01:23 +01:00 · 792866c8d5
commit 792866c8d5
parent eef41bbf8a
5 changed files with 74 additions and 13 deletions
--- a/src/Services/Basket/Basket.API/Controllers/BasketController.cs
+++ b/src/Services/Basket/Basket.API/Controllers/BasketController.cs
@ -1,6 +1,7 @@
 namespace Microsoft.eShopOnContainers.Services.Basket.API.Controllers;

 [Route("api/v1/[controller]")]
+// HACK: no auth 
 // [Authorize]
 [ApiController]
 public class BasketController : ControllerBase
@ -56,7 +57,10 @@ public class BasketController : ControllerBase
            return BadRequest();
        }

-        var userName = this.HttpContext.User.FindFirst(x => x.Type == ClaimTypes.Name).Value;
+        // HACK: no auth 
+        // Authorization is disabled so the Name claim will not be available 
+        // var userName = this.HttpContext.User.FindFirst(x => x.Type == ClaimTypes.Name).Value;
+        var userName = "Dummy User Name";
        
        var eventMessage = new UserCheckoutAcceptedIntegrationEvent(userId, userName, basketCheckout.City, basketCheckout.Street,
            basketCheckout.State, basketCheckout.Country, basketCheckout.ZipCode, basketCheckout.CardNumber, basketCheckout.CardHolderName,
--- a/src/Services/Basket/Basket.API/Services/IdentityService.cs
+++ b/src/Services/Basket/Basket.API/Services/IdentityService.cs
@ -1,17 +1,41 @@
 namespace Microsoft.eShopOnContainers.Services.Basket.API.Services;

-public class IdentityService : IIdentityService
+public class IdentityServiceFake : IIdentityService
 {
    private IHttpContextAccessor _context;

-    public IdentityService(IHttpContextAccessor context)
+    public IdentityServiceFake(IHttpContextAccessor context)
    {
        _context = context ?? throw new ArgumentNullException(nameof(context));
    }
    
    public string GetUserIdentity()
    {
-        return _context.HttpContext.User.FindFirst("sub").Value;
+        if (_context.HttpContext
+            .Request
+            .Headers
+            .TryGetValue("user-id", out var value))
+        {
+            return value.Single();
+        }
+
+        return null;    
    }
 }

+// HACK: no auth 
+// public class IdentityService : IIdentityService
+// {
+//     private IHttpContextAccessor _context;
+//
+//     public IdentityService(IHttpContextAccessor context)
+//     {
+//         _context = context ?? throw new ArgumentNullException(nameof(context));
+//     }
+//
+//     public string GetUserIdentity()
+//     {
+//         return _context.HttpContext.User.FindFirst("sub").Value;
+//     }
+// }
+
--- a/src/Services/Basket/Basket.API/Startup.cs
+++ b/src/Services/Basket/Basket.API/Startup.cs
@ -135,7 +135,9 @@ public class Startup
        });
        services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
        services.AddTransient<IBasketRepository, RedisBasketRepository>();
-        services.AddTransient<IIdentityService, IdentityService>();
+        // HACK: no auth 
+        // services.AddTransient<IIdentityService, IdentityService>();
+        services.AddTransient<IIdentityService, IdentityServiceFake>();

        services.AddOptions();

--- a/src/Services/Ordering/Ordering.API/Infrastructure/Services/IdentityService.cs
+++ b/src/Services/Ordering/Ordering.API/Infrastructure/Services/IdentityService.cs
@ -1,21 +1,50 @@
 namespace Microsoft.eShopOnContainers.Services.Ordering.API.Infrastructure.Services;

-public class IdentityService : IIdentityService
+public class IdentityServiceFake : IIdentityService
 {
    private IHttpContextAccessor _context;

-    public IdentityService(IHttpContextAccessor context)
+    public IdentityServiceFake(IHttpContextAccessor context)
    {
        _context = context ?? throw new ArgumentNullException(nameof(context));
    }
    
    public string GetUserIdentity()
    {
-        return _context.HttpContext.User.FindFirst("sub").Value;
+        if (_context.HttpContext
+            .Request
+            .Headers
+            .TryGetValue("user-id", out var value))
+        {
+            return value.Single();
+        }
+
+        return null;    
    }

    public string GetUserName()
    {
-        return _context.HttpContext.User.Identity.Name;
+        return "Dummy User Name";
    }
 }
+
+// HACK: no auth 
+// public class IdentityService : IIdentityService
+// {
+//     private IHttpContextAccessor _context;
+//
+//     public IdentityService(IHttpContextAccessor context)
+//     {
+//         _context = context ?? throw new ArgumentNullException(nameof(context));
+//     }
+//
+//     public string GetUserIdentity()
+//     {
+//         return _context.HttpContext.User.FindFirst("sub").Value;
+//     }
+//
+//     public string GetUserName()
+//     {
+//         return _context.HttpContext.User.Identity.Name;
+//     }
+// }
--- a/src/Services/Ordering/Ordering.API/Startup.cs
+++ b/src/Services/Ordering/Ordering.API/Startup.cs
@ -250,7 +250,9 @@ static class CustomExtensionsMethods
    public static IServiceCollection AddCustomIntegrations(this IServiceCollection services, IConfiguration configuration)
    {
        services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
-        services.AddTransient<IIdentityService, IdentityService>();
+        // HACK: no auth 
+        // services.AddTransient<IIdentityService, IdentityService>();
+        services.AddTransient<IIdentityService, IdentityServiceFake>();
        services.AddTransient<Func<DbConnection, IIntegrationEventLogService>>(
            sp => (DbConnection c) => new IntegrationEventLogService(c));