Merge pull request #7745 from microting/feature/grpc-auth-service

Add shared gRPC auth service for mobile clients

Author: renemadsen

eFormAPI/eFormAPI.Web.Tests/GrpcServices/EformAuthGrpcServiceTests.cs

@@ -0,0 +1,115 @@
+using System.Threading.Tasks;
+using eFormAPI.Web.Abstractions;
+using eFormAPI.Web.Grpc;
+using eFormAPI.Web.Infrastructure.Models.Auth;
+using eFormAPI.Web.Services.GrpcServices;
+using eFormAPI.Web.Tests.Helpers;
+using Microting.eFormApi.BasePn.Infrastructure.Models.API;
+using Microting.eFormApi.BasePn.Infrastructure.Models.Auth;
+using NSubstitute;
+using NUnit.Framework;
+
+namespace eFormAPI.Web.Tests.GrpcServices;
+
+[TestFixture]
+public class EformAuthGrpcServiceTests
+{
+    private IAuthService _authService;
+    private EformAuthGrpcService _grpcService;
+
+    [SetUp]
+    public void SetUp()
+    {
+        _authService = Substitute.For<IAuthService>();
+        _grpcService = new EformAuthGrpcService(_authService);
+    }
+
+    [Test]
+    public async Task AuthenticateUser_Success_ReturnsTokenAndUser()
+    {
+        _authService.AuthenticateUser(Arg.Any<LoginModel>())
+            .Returns(new OperationDataResult<EformAuthorizeResult>(
+                true, "OK", new EformAuthorizeResult
+                {
+                    AccessToken = "jwt-token-abc",
+                    FirstName = "John",
+                    LastName = "Doe"
+                }));
+
+        var request = new AuthenticateUserRequest
+        {
+            Username = "user@test.com",
+            Password = "password123"
+        };
+
+        var response = await _grpcService.AuthenticateUser(
+            request, TestServerCallContextFactory.Create());
+
+        Assert.That(response.Success, Is.True);
+        Assert.That(response.Model, Is.Not.Null);
+        Assert.That(response.Model.AccessToken, Is.EqualTo("jwt-token-abc"));
+        Assert.That(response.Model.FirstName, Is.EqualTo("John"));
+        Assert.That(response.Model.LastName, Is.EqualTo("Doe"));
+
+        await _authService.Received(1).AuthenticateUser(
+            Arg.Is<LoginModel>(m => m.Username == "user@test.com" && m.Password == "password123"));
+    }
+
+    [Test]
+    public async Task AuthenticateUser_Failure_ReturnsError()
+    {
+        _authService.AuthenticateUser(Arg.Any<LoginModel>())
+            .Returns(new OperationDataResult<EformAuthorizeResult>(
+                false, "Invalid credentials"));
+
+        var request = new AuthenticateUserRequest
+        {
+            Username = "user@test.com",
+            Password = "wrong"
+        };
+
+        var response = await _grpcService.AuthenticateUser(
+            request, TestServerCallContextFactory.Create());
+
+        Assert.That(response.Success, Is.False);
+        Assert.That(response.Message, Is.EqualTo("Invalid credentials"));
+        Assert.That(response.Model, Is.Null);
+    }
+
+    [Test]
+    public async Task RefreshToken_Success_ReturnsNewToken()
+    {
+        _authService.RefreshToken()
+            .Returns(new OperationDataResult<EformAuthorizeResult>(
+                true, "OK", new EformAuthorizeResult
+                {
+                    AccessToken = "refreshed-token-xyz",
+                    FirstName = "Jane",
+                    LastName = "Smith"
+                }));
+
+        var response = await _grpcService.RefreshToken(
+            new RefreshTokenRequest(), TestServerCallContextFactory.Create());
+
+        Assert.That(response.Success, Is.True);
+        Assert.That(response.Model, Is.Not.Null);
+        Assert.That(response.Model.AccessToken, Is.EqualTo("refreshed-token-xyz"));
+        Assert.That(response.Model.FirstName, Is.EqualTo("Jane"));
+        Assert.That(response.Model.LastName, Is.EqualTo("Smith"));
+    }
+
+    [Test]
+    public async Task RefreshToken_Failure_ReturnsError()
+    {
+        _authService.RefreshToken()
+            .Returns(new OperationDataResult<EformAuthorizeResult>(
+                false, "Token expired"));
+
+        var response = await _grpcService.RefreshToken(
+            new RefreshTokenRequest(), TestServerCallContextFactory.Create());
+
+        Assert.That(response.Success, Is.False);
+        Assert.That(response.Message, Is.EqualTo("Token expired"));
+        Assert.That(response.Model, Is.Null);
+    }
+}

eFormAPI/eFormAPI.Web.Tests/Helpers/TestServerCallContext.cs

@@ -0,0 +1,46 @@
+using System;
+using System.Collections.Generic;
+using System.Threading;
+using System.Threading.Tasks;
+using Grpc.Core;
+
+namespace eFormAPI.Web.Tests.Helpers;
+
+public static class TestServerCallContextFactory
+{
+    public static ServerCallContext Create(
+        Metadata requestHeaders = null,
+        CancellationToken cancellationToken = default)
+    {
+        return new TestCallContext(requestHeaders ?? new Metadata(), cancellationToken);
+    }
+
+    private class TestCallContext : ServerCallContext
+    {
+        public TestCallContext(Metadata requestHeaders, CancellationToken ct)
+        {
+            RequestHeadersCore = requestHeaders;
+            CancellationTokenCore = ct;
+            DeadlineCore = DateTime.UtcNow.AddHours(1);
+        }
+
+        protected override string MethodCore => "TestMethod";
+        protected override string HostCore => "localhost";
+        protected override string PeerCore => "ipv4:127.0.0.1:0";
+        protected override DateTime DeadlineCore { get; }
+        protected override Metadata RequestHeadersCore { get; }
+        protected override CancellationToken CancellationTokenCore { get; }
+        protected override Metadata ResponseTrailersCore => new();
+        protected override Status StatusCore { get; set; }
+        protected override WriteOptions WriteOptionsCore { get; set; }
+
+        protected override AuthContext AuthContextCore =>
+            new(string.Empty, new Dictionary<string, List<AuthProperty>>());
+
+        protected override ContextPropagationToken CreatePropagationTokenCore(
+            ContextPropagationOptions options) => throw new NotImplementedException();
+
+        protected override Task WriteResponseHeadersAsyncCore(Metadata responseHeaders) =>
+            Task.CompletedTask;
+    }
+}

eFormAPI/eFormAPI.Web.Tests/eFormAPI.Web.Tests.csproj

@@ -13,6 +13,7 @@
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
       <PrivateAssets>all</PrivateAssets>
     </PackageReference>
+    <PackageReference Include="NSubstitute" Version="5.3.0" />
     <PackageReference Include="NUnit3TestAdapter" Version="6.2.0" />
   </ItemGroup>
 

eFormAPI/eFormAPI.Web/Protos/auth.proto

@@ -0,0 +1,36 @@
+syntax = "proto3";
+
+package eform;
+
+option csharp_namespace = "eFormAPI.Web.Grpc";
+
+message AuthenticateUserRequest {
+  string username = 1;
+  string password = 2;
+  string grant_type = 3;
+}
+
+message AuthenticateUserResponse {
+  bool success = 1;
+  string message = 2;
+  AuthUserModel model = 3;
+}
+
+message AuthUserModel {
+  string access_token = 1;
+  string first_name = 2;
+  string last_name = 3;
+}
+
+message RefreshTokenRequest {}
+
+message RefreshTokenResponse {
+  bool success = 1;
+  string message = 2;
+  AuthUserModel model = 3;
+}
+
+service EformAuthService {
+  rpc AuthenticateUser(AuthenticateUserRequest) returns (AuthenticateUserResponse);
+  rpc RefreshToken(RefreshTokenRequest) returns (RefreshTokenResponse);
+}

eFormAPI/eFormAPI.Web/Services/GrpcServices/EformAuthGrpcService.cs

@@ -0,0 +1,94 @@
+using System;
+using System.Threading.Tasks;
+using eFormAPI.Web.Abstractions;
+using eFormAPI.Web.Grpc;
+using Grpc.Core;
+using Microting.eFormApi.BasePn.Infrastructure.Models.Auth;
+
+namespace eFormAPI.Web.Services.GrpcServices;
+
+public class EformAuthGrpcService : Grpc.EformAuthService.EformAuthServiceBase
+{
+    private readonly IAuthService _authService;
+
+    public EformAuthGrpcService(IAuthService authService)
+    {
+        _authService = authService;
+    }
+
+    public override async Task<AuthenticateUserResponse> AuthenticateUser(
+        AuthenticateUserRequest request, ServerCallContext context)
+    {
+        try
+        {
+            var loginModel = new LoginModel
+            {
+                Username = request.Username,
+                Password = request.Password
+            };
+
+            var result = await _authService.AuthenticateUser(loginModel);
+
+            var response = new AuthenticateUserResponse
+            {
+                Success = result.Success,
+                Message = result.Message ?? ""
+            };
+
+            if (result.Success && result.Model != null)
+            {
+                response.Model = new AuthUserModel
+                {
+                    AccessToken = result.Model.AccessToken ?? "",
+                    FirstName = result.Model.FirstName ?? "",
+                    LastName = result.Model.LastName ?? ""
+                };
+            }
+
+            return response;
+        }
+        catch (Exception ex)
+        {
+            return new AuthenticateUserResponse
+            {
+                Success = false,
+                Message = ex.Message
+            };
+        }
+    }
+
+    public override async Task<RefreshTokenResponse> RefreshToken(
+        RefreshTokenRequest request, ServerCallContext context)
+    {
+        try
+        {
+            var result = await _authService.RefreshToken();
+
+            var response = new RefreshTokenResponse
+            {
+                Success = result.Success,
+                Message = result.Message ?? ""
+            };
+
+            if (result.Success && result.Model != null)
+            {
+                response.Model = new AuthUserModel
+                {
+                    AccessToken = result.Model.AccessToken ?? "",
+                    FirstName = result.Model.FirstName ?? "",
+                    LastName = result.Model.LastName ?? ""
+                };
+            }
+
+            return response;
+        }
+        catch (Exception ex)
+        {
+            return new RefreshTokenResponse
+            {
+                Success = false,
+                Message = ex.Message
+            };
+        }
+    }
+}

eFormAPI/eFormAPI.Web/Startup.cs

@@ -318,6 +318,9 @@ public void ConfigureServices(IServiceCollection services)
         }
         ConnectServices(services);
 
+        // gRPC
+        services.AddGrpc();
+
         // plugins
         services.AddEFormPlugins(Program.EnabledPlugins);
     }
@@ -381,6 +384,14 @@ public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
 
         // Plugins
         app.UseEFormPlugins(Program.EnabledPlugins);
+
+        // gRPC
+        app.UseRouting();
+        app.UseEndpoints(endpoints =>
+        {
+            endpoints.MapGrpcService<Services.GrpcServices.EformAuthGrpcService>();
+        });
+
         // Route all unknown requests to app root
         app.UseAngularMiddleware(env);
         FixUserToWorkerLinks();

eFormAPI/eFormAPI.Web/eFormAPI.Web.csproj

@@ -62,6 +62,7 @@
     <PackageReference Include="Sentry" Version="6.3.0" />
     <PackageReference Include="Swashbuckle.AspNetCore" Version="10.1.7" />
     <PackageReference Include="McMaster.NETCore.Plugins" Version="2.0.0" />
+    <PackageReference Include="Grpc.AspNetCore" Version="2.71.0" />
     <PackageReference Include="sendgrid" Version="9.29.3" />
     <PackageReference Include="System.Configuration.ConfigurationManager" Version="10.0.5" />
     <PackageReference Include="System.Threading.AccessControl" Version="10.0.5" />
@@ -71,4 +72,8 @@
     <Folder Include="Plugins" />
   </ItemGroup>
 
+  <ItemGroup>
+    <Protobuf Include="Protos\auth.proto" GrpcServices="Server" />
+  </ItemGroup>
+
 </Project>