dmolinari/GestionIntegralWeb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Vuelta a Key en Secret.
All checks were successful
Build and Deploy / remote-build-and-deploy (push) Successful in 15m54s
Details

Browse Source
This commit is contained in:
dmolinari
2025-06-18 13:24:46 -03:00
parent 6d6ec22258
commit 373449ba48
3 changed files with 9 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
Backend/GestionIntegral.Api/Program.cs
View File

@@ -93,62 +93,16 @@ builder.Services.AddScoped<IReportesRepository, ReportesRepository>();
// Servicios de Reportes
builder.Services.AddScoped<IReportesService, ReportesService>();
// --- INICIO DE CAMBIOS: Configuración de Autenticación JWT ---
// 1. Obtener la sección de configuración de JWT.
// Esto leerá desde appsettings.json y SOBRESCRIBIRÁ con variables de entorno si existen.
var jwtSection = builder.Configuration.GetSection("JwtSettings");
var jwtKey = jwtSection["Key"];
var jwtIssuer = jwtSection["Issuer"];
var jwtAudience = jwtSection["Audience"];
// 2. Validar que todas las configuraciones necesarias existan.
if (string.IsNullOrEmpty(jwtKey) || string.IsNullOrEmpty(jwtIssuer) || string.IsNullOrEmpty(jwtAudience))
{
throw new InvalidOperationException("La configuración de JWT (Key, Issuer, Audience) no está completa. Verifique appsettings.json o las variables de entorno.");
}
var keyBytes = Encoding.ASCII.GetBytes(jwtKey);
builder.Services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
// Es buena práctica usar HTTPS en producción. Si tu proxy inverso maneja SSL, esto puede ser false.
options.RequireHttpsMetadata = builder.Environment.IsProduction();
options.SaveToken = true;
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(keyBytes),
ValidateIssuer = true,
ValidIssuer = jwtIssuer, // Usar la variable leída de la configuración
ValidateAudience = true,
ValidAudience = jwtAudience, // Usar la variable leída de la configuración
ValidateLifetime = true,
ClockSkew = TimeSpan.Zero
};
});
// --- Configuración de Autenticación JWT ---
/*var jwtSettings = builder.Configuration.GetSection("Jwt");
var jwtSettings = builder.Configuration.GetSection("Jwt");
// Le decimos que busque la clave JWT en la raíz de la configuración (donde están las variables de entorno).
// Si no la encuentra, como respaldo, busca en la sección "Jwt" del appsettings.
//var jwtKey = builder.Configuration["JWT_KEY"] ?? jwtSettings["Key"] ?? throw new ArgumentNullException("JWT_KEY or Jwt:Key not configured");
//var jwtKey = jwtSettings["Key"] ?? throw new ArgumentNullException("Jwt:Key", "JWT Key not configured in appsettings.json");
var jwtKey = Environment.GetEnvironmentVariable("JWTSETTINGS__KEY") ?? throw new ArgumentNullException("Jwt:Key", "JWT Key not configured in appsettings.json");
//Environment.GetEnvironmentVariable("JWT_KEY");
//var keyBytes = Encoding.ASCII.GetBytes(jwtKey);
var keyBytes = Encoding.ASCII.GetBytes(jwtKey);
builder.Services.AddAuthentication(options =>
{
@@ -171,7 +125,7 @@ builder.Services.AddAuthentication(options =>
ValidateLifetime = true,
ClockSkew = TimeSpan.Zero
};
});*/
});
// --- Configuración de Autorización ---
builder.Services.AddAuthorization();
@@ -268,7 +222,7 @@ if (app.Environment.IsDevelopment())
app.UseCors(MyAllowSpecificOrigins);
app.UseAuthentication(); // SIEMPRE ANTES de UseAuthorization
app.UseAuthentication(); // Debe ir ANTES de UseAuthorization
app.UseAuthorization();
app.MapControllers();