feat(infrastructure): add data access and authentication services

2024-12-18 12:00:00 -05:00
parent 7a09f8e2f6
commit 370408af95
13 changed files with 577 additions and 0 deletions
--- a/src/IncidentOps.Infrastructure/Auth/ITokenService.cs
+++ b/src/IncidentOps.Infrastructure/Auth/ITokenService.cs
@@ -0,0 +1,63 @@
+using System.IdentityModel.Tokens.Jwt;
+using System.Security.Claims;
+using System.Security.Cryptography;
+using System.Text;
+using IncidentOps.Domain.Enums;
+using Microsoft.IdentityModel.Tokens;
+
+namespace IncidentOps.Infrastructure.Auth;
+
+public interface ITokenService
+{
+    string GenerateAccessToken(Guid userId, Guid orgId, OrgRole orgRole);
+    string GenerateRefreshToken();
+    string HashToken(string token);
+}
+
+public class TokenService : ITokenService
+{
+    private readonly JwtSettings _settings;
+
+    public TokenService(JwtSettings settings)
+    {
+        _settings = settings;
+    }
+
+    public string GenerateAccessToken(Guid userId, Guid orgId, OrgRole orgRole)
+    {
+        var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_settings.SigningKey));
+        var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
+
+        var claims = new[]
+        {
+            new Claim(JwtRegisteredClaimNames.Sub, userId.ToString()),
+            new Claim("org_id", orgId.ToString()),
+            new Claim("org_role", orgRole.ToString().ToLowerInvariant()),
+            new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
+        };
+
+        var token = new JwtSecurityToken(
+            issuer: _settings.Issuer,
+            audience: _settings.Audience,
+            claims: claims,
+            expires: DateTime.UtcNow.AddMinutes(_settings.AccessTokenExpirationMinutes),
+            signingCredentials: credentials
+        );
+
+        return new JwtSecurityTokenHandler().WriteToken(token);
+    }
+
+    public string GenerateRefreshToken()
+    {
+        var randomBytes = new byte[64];
+        using var rng = RandomNumberGenerator.Create();
+        rng.GetBytes(randomBytes);
+        return Convert.ToBase64String(randomBytes);
+    }
+
+    public string HashToken(string token)
+    {
+        var bytes = SHA256.HashData(Encoding.UTF8.GetBytes(token));
+        return Convert.ToBase64String(bytes);
+    }
+}