Skip to content

Commit 8856508

Browse files
author
vp
committed
Enhance authentication and update HTTP requests
Added new HTTP file to solution and introduced environment-based variables for authentication in `http-client.env.json`. Updated `CoreModule-Customers-API.http` to include Resource Owner Password Flow and authorization headers. Replaced hardcoded credentials in `Authentication-API.http` with environment variables, improving security and configuration management.
1 parent 824b465 commit 8856508

4 files changed

Lines changed: 45 additions & 14 deletions

File tree

BridgingIT.DevKit.Examples.GettingStarted.sln

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Modules", "Modules", "{EDA3
2828
EndProject
2929
Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "CoreModule", "CoreModule", "{C8C69834-9EA3-41C0-8FD2-C3B682A8491D}"
3030
ProjectSection(SolutionItems) = preProject
31-
src\Modules\CoreModule\CoreModule-API.http = src\Modules\CoreModule\CoreModule-API.http
31+
src\Modules\CoreModule\CoreModule-Customers-API.http = src\Modules\CoreModule\CoreModule-Customers-API.http
3232
src\Modules\CoreModule\CoreModule-README.md = src\Modules\CoreModule\CoreModule-README.md
3333
EndProjectSection
3434
EndProject

http-client.env.json

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,10 @@
11
{
22
"$shared": {
33
"customerId": "e4f672fe-82d8-7cb3-444f-4486bf6fb163",
4-
"concurrencyVersion": "31810000-a4f4-f875-030c-08de04d8b018"
4+
"concurrencyVersion": "31810000-a4f4-f875-030c-08de04d8b018",
5+
"auth_client_id": "test-client",
6+
"auth_username": "clever.dragon@example.com",
7+
"auth_password": "fantasy"
58
},
69
"local": {
710
"baseUrl": "https://localhost:5001"

src/Modules/CoreModule/CoreModule-Customers-API.http

Lines changed: 34 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -19,21 +19,40 @@
1919
## Use in Visual Studio: https://learn.microsoft.com/en-us/aspnet/core/test/http-files ##
2020
###############################################################################################
2121

22+
#############################################
23+
### Resource Owner Password Flow
24+
# @name login
25+
POST {{baseUrl}}/api/_system/identity/connect/token
26+
Content-Type: application/x-www-form-urlencoded
27+
28+
grant_type=password
29+
&client_id={{auth_client_id}}
30+
&username={{auth_username}}
31+
&password={{auth_password}}
32+
&scope=openid profile email roles
33+
2234
###############################################################################################
2335
### [GET] Customers - Find One ###
2436
GET {{baseUrl}}/api/coremodule/customers/{{customerId}} HTTP/1.1
37+
Authorization: Bearer {{login.response.body.$.access_token}}
38+
Content-Type: application/json
2539

2640
###############################################################################################
2741
### [GET] Customers - Find All ###
2842
GET {{baseUrl}}/api/coremodule/customers HTTP/1.1
43+
Authorization: Bearer {{login.response.body.$.access_token}}
44+
Content-Type: application/json
2945

3046
###############################################################################################
3147
### [GET] Customers - Find All filter ###
3248
GET {{baseUrl}}/api/coremodule/customers?filter={"page":1,"pageSize":10,"filters":[{"field":"firstName","operator":"isnotnull"},{"field":"firstName","operator":"eq","value":"John"}]} HTTP/1.1
49+
Authorization: Bearer {{login.response.body.$.access_token}}
50+
Content-Type: application/json
3351

3452
###############################################################################################
3553
### [POST] Customers - Search All filter ###
3654
POST {{baseUrl}}/api/coremodule/customers/search HTTP/1.1
55+
Authorization: Bearer {{login.response.body.$.access_token}}
3756
Content-Type: application/json
3857

3958
{
@@ -46,6 +65,7 @@ Content-Type: application/json
4665
###############################################################################################
4766
### [POST] Customers - Create ###
4867
POST {{baseUrl}}/api/coremodule/customers HTTP/1.1
68+
Authorization: Bearer {{login.response.body.$.access_token}}
4969
Content-Type: application/json
5070

5171
{
@@ -58,6 +78,7 @@ Content-Type: application/json
5878
###############################################################################################
5979
### [PUT] Customers - Update ###
6080
PUT {{baseUrl}}/api/coremodule/customers/{{customerId}} HTTP/1.1
81+
Authorization: Bearer {{login.response.body.$.access_token}}
6182
Content-Type: application/json
6283

6384
{
@@ -72,6 +93,7 @@ Content-Type: application/json
7293
###############################################################################################
7394
### [PUT] Customers - Change Status -> Active ###
7495
PUT {{baseUrl}}/api/coremodule/customers/{{customerId}}/status HTTP/1.1
96+
Authorization: Bearer {{login.response.body.$.access_token}}
7597
Content-Type: application/json
7698

7799
{
@@ -82,14 +104,16 @@ Content-Type: application/json
82104
### [DELETE] Customers - Delete (Created) ###
83105
### (Idempotent test - expect 204 first time, 404 if repeated) ###
84106
DELETE {{baseUrl}}/api/coremodule/customers/{{customerId}} HTTP/1.1
85-
107+
Authorization: Bearer {{login.response.body.$.access_token}}
108+
Content-Type: application/json
86109

87110

88111
###############################################################################################
89112
### [POST] Customers - Create ###
90113
### [NEGATIVE] Customers - Invalid first/lastname (empty) ###
91114
### (Should return 400) ###
92115
POST {{baseUrl}}/api/coremodule/customers HTTP/1.1
116+
Authorization: Bearer {{login.response.body.$.access_token}}
93117
Content-Type: application/json
94118

95119
{
@@ -104,6 +128,7 @@ Content-Type: application/json
104128
### [NEGATIVE] Customers - Update invalid concurrencyVersion (Random GUID) ###
105129
### (Should return 409) ###
106130
PUT {{baseUrl}}/api/coremodule/customers/{{customerId}} HTTP/1.1
131+
Authorization: Bearer {{login.response.body.$.access_token}}
107132
Content-Type: application/json
108133

109134
{
@@ -120,12 +145,15 @@ Content-Type: application/json
120145
### [NEGATIVE] Customers - Get Not Found (Random GUID) ###
121146
### (Should return 404) ###
122147
GET {{baseUrl}}/api/coremodule/customers/00000000-0000-0000-0000-000000000001 HTTP/1.1
148+
Authorization: Bearer {{login.response.body.$.access_token}}
149+
Content-Type: application/json
123150

124151
###############################################################################################
125152
### [PUT] Customers - Update ###
126153
### [NEGATIVE] Customers - Change invalid status ###
127154
### (Should return 400) ###
128155
PUT {{baseUrl}}/api/coremodule/customers/{{customerId}}/status HTTP/1.1
156+
Authorization: Bearer {{login.response.body.$.access_token}}
129157
Content-Type: application/json
130158

131159
{
@@ -137,9 +165,13 @@ Content-Type: application/json
137165
### [NEGATIVE] Customers - Not Found (Random GUID) ###
138166
### (Should return 404) ###
139167
DELETE {{baseUrl}}/api/coremodule/customers/00000000-0000-0000-0000-000000000001 HTTP/1.1
168+
Authorization: Bearer {{login.response.body.$.access_token}}
169+
Content-Type: application/json
140170

141171
###############################################################################################
142172
### [DELETE] Customers - Delete ###
143173
### [NEGATIVE] Customers - Not Found (Random GUID) ###
144174
### (Should return 404) ###
145-
DELETE {{baseUrl}}/api/coremodule/customers/exception HTTP/1.1
175+
DELETE {{baseUrl}}/api/coremodule/customers/exception HTTP/1.1
176+
Authorization: Bearer {{login.response.body.$.access_token}}
177+
Content-Type: application/json

src/Presentation.Web.Server/Authentication-API.http

Lines changed: 6 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,3 @@
1-
@client_id = test-client
2-
@username = clever.dragon@example.com
3-
@password = fantasy
4-
51
###############################################################################################
62
## Authentication API Integration Tests ##
73
## ##
@@ -38,9 +34,9 @@ POST {{baseUrl}}/api/_system/identity/connect/token
3834
Content-Type: application/x-www-form-urlencoded
3935

4036
grant_type=password
41-
&client_id={{client_id}}
42-
&username={{username}}
43-
&password={{password}}
37+
&client_id={{auth_client_id}}
38+
&username={{auth_username}}
39+
&password={{auth_password}}
4440
&scope=openid profile email roles
4541

4642
#############################################
@@ -56,7 +52,7 @@ POST {{baseUrl}}/api/_system/identity/connect/token
5652
Content-Type: application/x-www-form-urlencoded
5753

5854
grant_type=refresh_token
59-
&client_id={{client_id}}
55+
&client_id={{auth_client_id}}
6056
&refresh_token={{login.response.body.$.refresh_token}}
6157

6258
#############################################
@@ -66,7 +62,7 @@ grant_type=refresh_token
6662
### https://localhost:5001/api/_system/identity/connect/authorize?response_type=code&client_id=blazor-wasm&scope=openid%20profile%20email%20roles&redirect_uri=https%3A%2F%2Flocalhost%3A5001%2Fauthentication%2Flogin-callback&state=random123
6763
GET {{baseUrl}}/api/_system/identity/connect/authorize
6864
?response_type=code
69-
&client_id={{client_id}}
65+
&client_id={{auth_client_id}}
7066
&scope=openid profile email roles
7167
&redirect_uri={{baseUrl}}/authenticatio/login-callback
7268
&state=random123
@@ -76,6 +72,6 @@ POST {{baseUrl}}/api/_system/identity/connect/token
7672
Content-Type: application/x-www-form-urlencoded
7773

7874
grant_type=authorization_code
79-
&client_id={{client_id}}
75+
&client_id={{auth_client_id}}
8076
&code=[AUTH_CODE] # Copy from browser redirect URL (5.1 step)
8177
&redirect_uri={{baseUrl}}

0 commit comments

Comments
 (0)