From 8d31cd534bed29fe07d8317a557ee736bb79fb2e Mon Sep 17 00:00:00 2001
From: Andrew <atrybushnyi@kse.org.ua>
Date: Thu, 14 Dec 2023 09:42:08 +0200
Subject: [PATCH 1/3] init

---
 Identity/Identity.Core/UsersService.cs |  6 ++++--
 Identity/Identity/EndpointHandlers.cs  |  3 +++
 Identity/Identity/Identity.csproj      |  2 ++
 Identity/Identity/Program.cs           | 30 ++++++++++++++++++++++++--
 Identity/Identity/appsettings.json     |  7 ++++++
 5 files changed, 44 insertions(+), 4 deletions(-)

diff --git a/Identity/Identity.Core/UsersService.cs b/Identity/Identity.Core/UsersService.cs
index 8ac4f8b..f8e8c63 100644
--- a/Identity/Identity.Core/UsersService.cs
+++ b/Identity/Identity.Core/UsersService.cs
@@ -70,9 +70,11 @@ public async Task MakeAdminAsync(string email, string password)
         await _repository.ChangeUserRoleToAdminAsync(email);
     }
 
-    public async Task<Roles> GetUserRole(string email)
+    public async Task<IEnumerable<string>> GetUserRolesAsync(string email)
     {
         var role = await _repository.GetUserRole(email);
-        return role;
+        
+        return new List<string> { role.ToString() };
     }
+
 }
\ No newline at end of file
diff --git a/Identity/Identity/EndpointHandlers.cs b/Identity/Identity/EndpointHandlers.cs
index db3f6fa..5f1884a 100644
--- a/Identity/Identity/EndpointHandlers.cs
+++ b/Identity/Identity/EndpointHandlers.cs
@@ -2,6 +2,7 @@
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authentication.Cookies;
 using Microsoft.AspNetCore.Authentication.Google;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 
 namespace Identity;
@@ -35,6 +36,8 @@ public static async Task<object> AddUser([FromServices] UsersService service, Us
         return new {Message = "User added successfully."};
     }
 
+    
+    [Authorize(Roles = "Admin")]
     public static async Task<object> MakeAdmin([FromServices] UsersService service, string email, string password)
     {
         if (string.IsNullOrEmpty(email))
diff --git a/Identity/Identity/Identity.csproj b/Identity/Identity/Identity.csproj
index 8adf93b..62581f9 100644
--- a/Identity/Identity/Identity.csproj
+++ b/Identity/Identity/Identity.csproj
@@ -11,7 +11,9 @@
     <ItemGroup>
         <PackageReference Include="Microsoft.AspNetCore.Authentication.Google" Version="7.0.13" />
         <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="7.0.*-*" />
+        <PackageReference Include="Microsoft.IdentityModel.Tokens" Version="7.0.3" />
         <PackageReference Include="Swashbuckle.AspNetCore" Version="6.4.0" />
+        <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="7.0.3" />
         <ProjectReference Include="..\..\AcademicHub.Common\CustomExceptions\CustomExceptions.csproj" />
         <ProjectReference Include="..\Identity.Core\Identity.Core.csproj" />
     </ItemGroup>
diff --git a/Identity/Identity/Program.cs b/Identity/Identity/Program.cs
index fc98d10..3d6792e 100644
--- a/Identity/Identity/Program.cs
+++ b/Identity/Identity/Program.cs
@@ -1,9 +1,11 @@
+using System.Security.Claims;
 using CustomExceptions;
 using Identity;
 using Microsoft.AspNetCore.Authentication.Google;
 using Identity.Core;
 using Identity.Data;
 using Microsoft.AspNetCore.Authentication.Cookies;
+using Microsoft.AspNetCore.Authentication.OAuth;
 using Microsoft.EntityFrameworkCore;
 
 var builder = WebApplication.CreateBuilder(args);
@@ -49,11 +51,35 @@
     })
     .AddGoogle(googleOptions =>
     {
-        googleOptions.ClientId = builder.Configuration["Auth:Google:ClientID"]!;
-        googleOptions.ClientSecret = builder.Configuration["Auth:Google:ClientSecret"]!;
+        googleOptions.ClientId = builder.Configuration["Auth:Google:ClientID"];
+        googleOptions.ClientSecret = builder.Configuration["Auth:Google:ClientSecret"];
         googleOptions.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
+        googleOptions.Events = new OAuthEvents
+        {
+            OnCreatingTicket = async context =>
+            {
+                // Extract the email from the Principal
+                var emailClaim = context.Principal.FindFirst(ClaimTypes.Email);
+                if (emailClaim == null)
+                {
+                    throw new Exception("Email claim not found");
+                }
+                var email = emailClaim.Value;
+
+                // Rest of your code
+                var userService = context.HttpContext.RequestServices.GetRequiredService<UsersService>();
+                var roles = await userService.GetUserRolesAsync(email);
+
+                var claimsIdentity = context.Principal.Identity as ClaimsIdentity;
+                foreach (var role in roles)
+                {
+                    claimsIdentity?.AddClaim(new Claim(ClaimTypes.Role, role));
+                }
+            }
+        };
     });
 
+
 // Register authorization services
 builder.Services.AddAuthorization();
 
diff --git a/Identity/Identity/appsettings.json b/Identity/Identity/appsettings.json
index 5471115..31f483d 100644
--- a/Identity/Identity/appsettings.json
+++ b/Identity/Identity/appsettings.json
@@ -15,5 +15,12 @@
   },
   "ConnectionStrings": {
     "DefaultConnection": "Host=postgres; Database=Identity; User Id=identityuser; Password=identityuser; Port=5432"
+  },
+  "Jwt": {
+    "Key": "acc18f10afc99687f31e959c35858b059f484a1be5e1c5e37ed1c47ee2664724",
+    "Issuer": "Your-Issuer",
+    "Audience": "Your-Audience"
   }
+
+
 }

From 25146a97e53073856010b0302aa8a937e45fa6cc Mon Sep 17 00:00:00 2001
From: YaroslavKSE <ikhomych@kse.org.ua>
Date: Thu, 14 Dec 2023 10:31:08 +0200
Subject: [PATCH 2/3] Added migrations

---
 ...31214082608_AddedRolesForUsers.Designer.cs | 53 +++++++++++++++++++
 .../20231214082608_AddedRolesForUsers.cs      | 40 ++++++++++++++
 .../IdentityDbContextModelSnapshot.cs         |  6 +--
 3 files changed, 96 insertions(+), 3 deletions(-)
 create mode 100644 Identity/Identity.Data/Migrations/20231214082608_AddedRolesForUsers.Designer.cs
 create mode 100644 Identity/Identity.Data/Migrations/20231214082608_AddedRolesForUsers.cs

diff --git a/Identity/Identity.Data/Migrations/20231214082608_AddedRolesForUsers.Designer.cs b/Identity/Identity.Data/Migrations/20231214082608_AddedRolesForUsers.Designer.cs
new file mode 100644
index 0000000..595d0fb
--- /dev/null
+++ b/Identity/Identity.Data/Migrations/20231214082608_AddedRolesForUsers.Designer.cs
@@ -0,0 +1,53 @@
+// <auto-generated />
+using Identity.Data;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore.Infrastructure;
+using Microsoft.EntityFrameworkCore.Migrations;
+using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
+using Npgsql.EntityFrameworkCore.PostgreSQL.Metadata;
+
+#nullable disable
+
+namespace Identity.Data.Migrations
+{
+    [DbContext(typeof(IdentityDbContext))]
+    [Migration("20231214082608_AddedRolesForUsers")]
+    partial class AddedRolesForUsers
+    {
+        /// <inheritdoc />
+        protected override void BuildTargetModel(ModelBuilder modelBuilder)
+        {
+#pragma warning disable 612, 618
+            modelBuilder
+                .HasAnnotation("ProductVersion", "7.0.13")
+                .HasAnnotation("Relational:MaxIdentifierLength", 63);
+
+            NpgsqlModelBuilderExtensions.UseIdentityByDefaultColumns(modelBuilder);
+
+            modelBuilder.Entity("Identity.Data.User", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd()
+                        .HasColumnType("integer");
+
+                    NpgsqlPropertyBuilderExtensions.UseIdentityByDefaultColumn(b.Property<int>("Id"));
+
+                    b.Property<string>("Email")
+                        .IsRequired()
+                        .HasColumnType("text");
+
+                    b.Property<string>("Name")
+                        .IsRequired()
+                        .HasColumnType("text");
+
+                    b.Property<int>("Role")
+                        .HasColumnType("integer");
+
+                    b.HasKey("Id");
+
+                    b.ToTable("Users");
+                });
+#pragma warning restore 612, 618
+        }
+    }
+}
diff --git a/Identity/Identity.Data/Migrations/20231214082608_AddedRolesForUsers.cs b/Identity/Identity.Data/Migrations/20231214082608_AddedRolesForUsers.cs
new file mode 100644
index 0000000..3c662d1
--- /dev/null
+++ b/Identity/Identity.Data/Migrations/20231214082608_AddedRolesForUsers.cs
@@ -0,0 +1,40 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+#nullable disable
+
+namespace Identity.Data.Migrations
+{
+    /// <inheritdoc />
+    public partial class AddedRolesForUsers : Migration
+    {
+        /// <inheritdoc />
+        protected override void Up(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.DropColumn(
+                name: "IsAdmin",
+                table: "Users");
+
+            migrationBuilder.AddColumn<int>(
+                name: "Role",
+                table: "Users",
+                type: "integer",
+                nullable: false,
+                defaultValue: 0);
+        }
+
+        /// <inheritdoc />
+        protected override void Down(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.DropColumn(
+                name: "Role",
+                table: "Users");
+
+            migrationBuilder.AddColumn<bool>(
+                name: "IsAdmin",
+                table: "Users",
+                type: "boolean",
+                nullable: false,
+                defaultValue: false);
+        }
+    }
+}
diff --git a/Identity/Identity.Data/Migrations/IdentityDbContextModelSnapshot.cs b/Identity/Identity.Data/Migrations/IdentityDbContextModelSnapshot.cs
index f83b93e..7393fbc 100644
--- a/Identity/Identity.Data/Migrations/IdentityDbContextModelSnapshot.cs
+++ b/Identity/Identity.Data/Migrations/IdentityDbContextModelSnapshot.cs
@@ -33,13 +33,13 @@ protected override void BuildModel(ModelBuilder modelBuilder)
                         .IsRequired()
                         .HasColumnType("text");
 
-                    b.Property<bool>("IsAdmin")
-                        .HasColumnType("boolean");
-
                     b.Property<string>("Name")
                         .IsRequired()
                         .HasColumnType("text");
 
+                    b.Property<int>("Role")
+                        .HasColumnType("integer");
+
                     b.HasKey("Id");
 
                     b.ToTable("Users");

From 52fa99102e5c13f328c22e835b8b83aa551f5605 Mon Sep 17 00:00:00 2001
From: Andrii Trybushnyi <94055869+roflmyrlok@users.noreply.github.com>
Date: Thu, 14 Dec 2023 16:38:33 +0200
Subject: [PATCH 3/3] Update appsettings.json

---
 Identity/Identity/appsettings.json | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/Identity/Identity/appsettings.json b/Identity/Identity/appsettings.json
index 31f483d..6cd59e7 100644
--- a/Identity/Identity/appsettings.json
+++ b/Identity/Identity/appsettings.json
@@ -15,11 +15,6 @@
   },
   "ConnectionStrings": {
     "DefaultConnection": "Host=postgres; Database=Identity; User Id=identityuser; Password=identityuser; Port=5432"
-  },
-  "Jwt": {
-    "Key": "acc18f10afc99687f31e959c35858b059f484a1be5e1c5e37ed1c47ee2664724",
-    "Issuer": "Your-Issuer",
-    "Audience": "Your-Audience"
   }