Merge pull request #24 from thefringeninja/auth

Support Bearer Tokens in User Credentials
EventStore · May 26, 2020 · a00d2c3 · a00d2c3
2 parents e58d968 + c7630e2
commit a00d2c3
Show file tree

Hide file tree

Showing 9 changed files with 52 additions and 30 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -9,7 +9,7 @@ on:
     - oss-v*
 
 env:
-  DOTNET_SDK_VERSION: 3.1.201
+  DOTNET_SDK_VERSION: 3.1.300
 jobs:
   vulnerability-scan:
     runs-on: ubuntu-latest
@@ -49,8 +49,6 @@ jobs:
       shell: bash
       run: |
         docker pull docker.pkg.github.com/eventstore/eventstore/eventstore:${{ matrix.docker-tag }}
-        docker tag docker.pkg.github.com/eventstore/eventstore/eventstore:${{ matrix.docker-tag }} \
-          eventstore/eventstore:${{ matrix.docker-tag }}
     - name: Install Dotnet
       uses: actions/[email protected]
       with:
@@ -102,8 +100,7 @@ jobs:
     - name: Dotnet Pack
       shell: bash
       run: |
-        dotnet tool restore
-        dotnet pack --configuration=Release --output=./packages /p:Version=$(dotnet tool run minver) \
+        dotnet pack --configuration=Release --output=./packages \
           /p:NoWarn=NU5105 \
           /p:RepositoryUrl=https://github.com/EventStore/EventStore-Client-Dotnet \
           /p:RepositoryType=git

diff --git a/src/Directory.Build.props b/src/Directory.Build.props
@@ -36,6 +36,7 @@
 			<PrivateAssets>all</PrivateAssets>
 			<IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
 		</PackageReference>
+		<PackageReference Include="MinVer" Version="2.2.0" PrivateAssets="All" />
 	</ItemGroup>
 	<ItemGroup>
 		<Compile Include="../EventStore.Client.Common/**/*.cs"/>

diff --git a/src/EventStore.Client.Common/Constants.cs b/src/EventStore.Client.Common/Constants.cs
@@ -53,6 +53,7 @@ public static class ContentTypes {
 		public static class Headers {
 			public const string Authorization = "authorization";
 			public const string BasicScheme = "Basic";
+			public const string BearerScheme = "Bearer";
 
 			public const string ConnectionName = "connection-name";
 			public const string RequiresLeader = "requires-leader";

diff --git a/src/EventStore.Client.Common/RequestMetadata.cs b/src/EventStore.Client.Common/RequestMetadata.cs
@@ -1,6 +1,3 @@
-using System;
-using System.Net.Http.Headers;
-using System.Text;
 using Grpc.Core;
 
 #nullable enable
@@ -10,11 +7,7 @@ public static Metadata Create(UserCredentials? userCredentials) =>
 			userCredentials == null
 				? new Metadata()
 				: new Metadata {
-					new Metadata.Entry(Constants.Headers.Authorization, new AuthenticationHeaderValue(
-							Constants.Headers.BasicScheme,
-							Convert.ToBase64String(
-								Encoding.ASCII.GetBytes($"{userCredentials.Username}:{userCredentials.Password}")))
-						.ToString())
+					new Metadata.Entry(Constants.Headers.Authorization, userCredentials.ToString())
 				};
 	}
 }
diff --git a/src/EventStore.Client.UserManagement/EventStoreUserManagerClientExtensions.cs b/src/EventStore.Client.UserManagement/EventStoreUserManagerClientExtensions.cs
@@ -6,6 +6,6 @@ namespace EventStore.Client {
 	public static class EventStoreUserManagerClientExtensions {
 		public static Task<UserDetails> GetCurrentUserAsync(this EventStoreUserManagementClient users,
 			UserCredentials userCredentials, CancellationToken cancellationToken = default)
-			=> users.GetUserAsync(userCredentials.Username, userCredentials, cancellationToken);
+			=> users.GetUserAsync(userCredentials.Username!, userCredentials, cancellationToken);
 	}
 }
diff --git a/src/EventStore.Client/UserCredentials.cs b/src/EventStore.Client/UserCredentials.cs
@@ -1,14 +1,42 @@
 using System;
+using System.Net.Http.Headers;
+using System.Text;
 
 #nullable enable
 namespace EventStore.Client {
 	public class UserCredentials {
-		public readonly string Username;
-		public readonly string Password;
+		public string? Username => TryGetBasicAuth(0, out var value) ? value : null;
+		public string? Password => TryGetBasicAuth(1, out var value) ? value : null;
 
-		public UserCredentials(string username, string password) {
-			Username = username;
-			Password = password;
+		private readonly AuthenticationHeaderValue _authorization;
+
+		public UserCredentials(string username, string password) : this(new AuthenticationHeaderValue(
+			Constants.Headers.BasicScheme,
+			Convert.ToBase64String(Encoding.ASCII.GetBytes($"{username}:{password}")))) {
+		}
+
+		public UserCredentials(string authToken) : this(new AuthenticationHeaderValue(Constants.Headers.BearerScheme,
+			authToken)) {
+		}
+
+		private UserCredentials(AuthenticationHeaderValue authorization) => _authorization = authorization;
+
+		private bool TryGetBasicAuth(int index, out string? value) {
+			value = null;
+
+			if (_authorization.Scheme != Constants.Headers.BasicScheme) {
+				return false;
+			}
+
+			var parts = Encoding.ASCII.GetString(Convert.FromBase64String(_authorization.Parameter)).Split(':');
+			if (parts.Length <= index) {
+				return false;
+			}
+
+			value = parts[index];
+			return true;
 		}
+
+		public override string ToString() => _authorization.ToString();
 	}
 }
diff --git a/test/EventStore.Client.PersistentSubscriptions.Tests/EventStoreClientFixture.cs b/test/EventStore.Client.PersistentSubscriptions.Tests/EventStoreClientFixture.cs
@@ -16,8 +16,8 @@ protected EventStoreClientFixture(EventStoreClientSettings? settings = null) : b
 
 		public override async Task InitializeAsync() {
 			await TestServer.Start().WithTimeout(TimeSpan.FromMinutes(5));
-			await UserManagementClient.CreateUserAsync(TestCredentials.TestUser1.Username,
-				TestCredentials.TestUser1.Username, Array.Empty<string>(), TestCredentials.TestUser1.Password,
+			await UserManagementClient.CreateUserAsync(TestCredentials.TestUser1.Username!,
+				TestCredentials.TestUser1.Username!, Array.Empty<string>(), TestCredentials.TestUser1.Password!,
 				TestCredentials.Root);
 			await Given().WithTimeout(TimeSpan.FromMinutes(5));
 			await When().WithTimeout(TimeSpan.FromMinutes(5));

diff --git a/test/EventStore.Client.ProjectionManagement.Tests/EventStoreClientFixture.cs b/test/EventStore.Client.ProjectionManagement.Tests/EventStoreClientFixture.cs
@@ -24,8 +24,9 @@ protected EventStoreClientFixture(EventStoreClientSettings? settings = null) : b
 
 		public override async Task InitializeAsync() {
 			await TestServer.Start();
-			await UserManagementClient.CreateUserAsync(TestCredentials.TestUser1.Username, TestCredentials.TestUser1.Username,
-				Array.Empty<string>(), TestCredentials.TestUser1.Password, TestCredentials.Root).WithTimeout();
+			await UserManagementClient.CreateUserAsync(TestCredentials.TestUser1.Username!,
+				TestCredentials.TestUser1.Username!, Array.Empty<string>(), TestCredentials.TestUser1.Password!,
+				TestCredentials.Root).WithTimeout();
 			await StandardProjections.Created(Client).WithTimeout(TimeSpan.FromMinutes(5));
 
 			if (RunStandardProjections) {

diff --git a/test/EventStore.Client.Tests.Common/EventStoreClientFixtureBase.cs b/test/EventStore.Client.Tests.Common/EventStoreClientFixtureBase.cs
@@ -138,13 +138,14 @@ public EventStoreTestServer(IDictionary<string, string>? env) {
 						Port = 2113
 					}.Uri
 				};
-				var tag = Environment.GetEnvironmentVariable("ES_DOCKER_TAG") ?? "6.0.0-preview3-bionic";
-				_container = new DockerContainer("eventstore/eventstore", tag, async ct => {
-					try {
-						using var response = await _httpClient.GetAsync("/web/index.html", ct);
-						return (int)response.StatusCode < 400;
-					} catch {
-					}
+				var tag = Environment.GetEnvironmentVariable("ES_DOCKER_TAG") ?? "ci";
+				_container = new DockerContainer("docker.pkg.github.com/eventstore/eventstore/eventstore", tag,
+					async ct => {
+						try {
+							using var response = await _httpClient.GetAsync("/web/index.html", ct);
+							return (int)response.StatusCode < 400;
+						} catch {
+						}
 
 					return false;
 				}, new Dictionary<int, int> {