dmolinari/SIG-CM2.0
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

UDT-002: Logout + Refresh Token con rotación y chain revocation #3

Merged
dmolinari merged 36 commits from feature/UDT-002 into main 2026-04-14 17:37:47 +00:00
Conversation 0 Commits 36 Files Changed 47 +25 -2
3 changed files with 25 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit aed26e3de9 - Show all commits

8
src/api/SIGCM2.Application/DependencyInjection.cs
View File

@@ -2,6 +2,8 @@ using FluentValidation;
using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.DependencyInjection;
using SIGCM2.Application.Abstractions; using SIGCM2.Application.Abstractions;
using SIGCM2.Application.Auth.Login; using SIGCM2.Application.Auth.Login;
using SIGCM2.Application.Auth.Logout;
using SIGCM2.Application.Auth.Refresh;
namespace SIGCM2.Application; namespace SIGCM2.Application;
@@ -9,10 +11,12 @@ public static class DependencyInjection
{ {
public static IServiceCollection AddApplication(this IServiceCollection services) public static IServiceCollection AddApplication(this IServiceCollection services)
{ {
// Register command handlers // Command handlers
services.AddScoped<ICommandHandler<LoginCommand, LoginResponseDto>, LoginCommandHandler>(); services.AddScoped<ICommandHandler<LoginCommand, LoginResponseDto>, LoginCommandHandler>();
services.AddScoped<ICommandHandler<RefreshCommand, RefreshResponseDto>, RefreshCommandHandler>();
services.AddScoped<ICommandHandler<LogoutCommand, LogoutResponseDto>, LogoutCommandHandler>();
// Register FluentValidation validators from this assembly // FluentValidation validators (scans entire Application assembly)
services.AddValidatorsFromAssemblyContaining<LoginCommandValidator>(); services.AddValidatorsFromAssemblyContaining<LoginCommandValidator>();
return services; return services;

18
src/api/SIGCM2.Infrastructure/DependencyInjection.cs
View File

@@ -1,5 +1,6 @@
using System.Security.Cryptography; using System.Security.Cryptography;
using Microsoft.AspNetCore.Authentication.JwtBearer; using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.Configuration; using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Options; using Microsoft.Extensions.Options;
@@ -7,6 +8,8 @@ using Microsoft.IdentityModel.Tokens;
using SIGCM2.Application.Abstractions; using SIGCM2.Application.Abstractions;
using SIGCM2.Application.Abstractions.Persistence; using SIGCM2.Application.Abstractions.Persistence;
using SIGCM2.Application.Abstractions.Security; using SIGCM2.Application.Abstractions.Security;
using SIGCM2.Application.Auth;
using SIGCM2.Infrastructure.Http;
using SIGCM2.Infrastructure.Messaging; using SIGCM2.Infrastructure.Messaging;
using SIGCM2.Infrastructure.Persistence; using SIGCM2.Infrastructure.Persistence;
using SIGCM2.Infrastructure.Security; using SIGCM2.Infrastructure.Security;
@@ -24,12 +27,24 @@ public static class DependencyInjection
?? throw new InvalidOperationException("Missing ConnectionStrings:SqlServer"); ?? throw new InvalidOperationException("Missing ConnectionStrings:SqlServer");
services.AddSingleton(new SqlConnectionFactory(connectionString)); services.AddSingleton(new SqlConnectionFactory(connectionString));
services.AddScoped<IUsuarioRepository, UsuarioRepository>(); services.AddScoped<IUsuarioRepository, UsuarioRepository>();
services.AddScoped<IRefreshTokenRepository, RefreshTokenRepository>();
// JWT Options — bound lazily via IOptions so tests can override via ConfigureWebHost // JWT Options — bound lazily via IOptions so tests can override via ConfigureWebHost
services.Configure<JwtOptions>(configuration.GetSection("Jwt")); services.Configure<JwtOptions>(configuration.GetSection("Jwt"));
// Also expose as JwtOptions directly for convenience (resolves via IOptions<JwtOptions>) // Also expose as JwtOptions directly for convenience (resolves via IOptions<JwtOptions>)
services.AddSingleton<JwtOptions>(sp => sp.GetRequiredService<IOptions<JwtOptions>>().Value); services.AddSingleton<JwtOptions>(sp => sp.GetRequiredService<IOptions<JwtOptions>>().Value);
// AuthOptions (Application layer) — populated from the same Jwt config section
services.AddSingleton<AuthOptions>(sp =>
{
var opts = sp.GetRequiredService<JwtOptions>();
return new AuthOptions
{
AccessTokenMinutes = opts.AccessTokenMinutes,
RefreshTokenDays = opts.RefreshTokenDays,
};
});
// RSA key pair — loaded lazily as singletons from the fully-resolved JwtOptions // RSA key pair — loaded lazily as singletons from the fully-resolved JwtOptions
services.AddSingleton<RSA>(sp => services.AddSingleton<RSA>(sp =>
{ {
@@ -46,6 +61,9 @@ public static class DependencyInjection
services.AddScoped<IJwtService>(sp => services.AddScoped<IJwtService>(sp =>
new JwtService(sp.GetRequiredService<RSA>(), sp.GetRequiredService<JwtOptions>())); new JwtService(sp.GetRequiredService<RSA>(), sp.GetRequiredService<JwtOptions>()));
services.AddScoped<IPasswordHasher, BcryptPasswordHasher>(); services.AddScoped<IPasswordHasher, BcryptPasswordHasher>();
services.AddSingleton<IRefreshTokenGenerator, RefreshTokenGenerator>();
services.AddHttpContextAccessor();
services.AddScoped<IClientContext, ClientContext>();
// Dispatcher // Dispatcher
services.AddScoped<IDispatcher, Dispatcher>(); services.AddScoped<IDispatcher, Dispatcher>();

1
tests/SIGCM2.TestSupport/TestWebAppFactory.cs
View File

@@ -38,6 +38,7 @@ public sealed class TestWebAppFactory : WebApplicationFactory<Program>, IAsyncLi
["Jwt:Issuer"] = "sigcm2.api", ["Jwt:Issuer"] = "sigcm2.api",
["Jwt:Audience"] = "sigcm2.web", ["Jwt:Audience"] = "sigcm2.web",
["Jwt:AccessTokenMinutes"] = "60", ["Jwt:AccessTokenMinutes"] = "60",
["Jwt:RefreshTokenDays"] = "7",
["Jwt:PrivateKeyPath"] = PrivateKeyPath, ["Jwt:PrivateKeyPath"] = PrivateKeyPath,
["Jwt:PublicKeyPath"] = PublicKeyPath, ["Jwt:PublicKeyPath"] = PublicKeyPath,
["Jwt:PrivateKey"] = null, ["Jwt:PrivateKey"] = null,