< Summary

Information

Class:	Elsa.Identity.ShellFeatures.DefaultAuthenticationFeature
Assembly:	Elsa.Identity
File(s):	/home/runner/work/elsa-core/elsa-core/src/modules/Elsa.Identity/ShellFeatures/DefaultAuthenticationFeature.cs

Line coverage

73%

Covered lines:	31
Uncovered lines:	11
Coverable lines:	42
Total lines:	109
Line coverage:	73.8%

Branch coverage

60%

Covered branches:	6
Total branches:	10
Branch coverage:	60%

Method coverage

Feature is only available for sponsors

Upgrade to PRO version

Metrics

Method	Branch coverage	Crap Score	Cyclomatic complexity	Line coverage
get_ApiKeyProviderType()	100%	1	1	100%
get_AdminApiKey()	100%	1	1	100%
get_UseDevelopmentAdminApiKey()	100%	1	1	100%
get_EnableLocalHostPermissionGrant()	100%	2	1	0%
ConfigureServices(...)	60%	12	10	73.68%

File(s)

/home/runner/work/elsa-core/elsa-core/src/modules/Elsa.Identity/ShellFeatures/DefaultAuthenticationFeature.cs

#	Line	Line coverage
	`1`	`using AspNetCore.Authentication.ApiKey;`
	`2`	`using CShells.Features;`
	`3`	`using Elsa.Extensions;`
	`4`	`using Elsa.Identity.Constants;`
	`5`	`using Elsa.Identity.Options;`
	`6`	`using Elsa.Identity.Providers;`
	`7`	`using Elsa.Options;`
	`8`	`using Elsa.PackageManifest.Generator.Hints;`
	`9`	`using Elsa.Requirements;`
	`10`	`using JetBrains.Annotations;`
	`11`	`using Microsoft.AspNetCore.Authentication.JwtBearer;`
	`12`	`using Microsoft.AspNetCore.Authorization;`
	`13`	`using Microsoft.Extensions.DependencyInjection;`
	`14`
	`15`	`namespace Elsa.Identity.ShellFeatures;`
	`16`
	`17`	`/// <summary>`
	`18`	`/// Provides an authorization feature that configures the system with JWT bearer and API key authentication.`
	`19`	`/// </summary>`
	`20`	`[ShellFeature(`
	`21`	`DisplayName = "Default Authentication",`
	`22`	`Description = "Provides JWT bearer and API key authentication",`
	`23`	`DependsOn = ["Identity"])]`
	`24`	`[UsedImplicitly]`
	`25`	`public class DefaultAuthenticationFeature : IShellFeature`
	`26`	`{`
	`27`	`private const string MultiScheme = "Jwt-or-ApiKey";`
	`28`
	`29`	`/// <summary>`
	`30`	`/// Gets or sets the API key provider type.`
	`31`	`/// </summary>`
16	`32`	`public Type ApiKeyProviderType { get; set; } = typeof(DefaultApiKeyProvider);`
	`33`
	`34`	`/// <summary>`
	`35`	`/// Gets or sets an explicit API key for <see cref="AdminApiKeyProvider"/>. Leave empty to disable the provider.`
	`36`	`/// </summary>`
	`37`	`[ManifestSetting(`
	`38`	`DisplayName = "Admin API Key",`
	`39`	`Description = "Explicit API key for the admin API key provider. Leave empty to disable built-in admin API key au`
	`40`	`Category = "Security",`
	`41`	`Secret = true,`
	`42`	`Sensitive = true,`
	`43`	`RestartRequired = true)]`
7	`44`	`public string AdminApiKey { get; set; } = "";`
	`45`
	`46`	`/// <summary>`
	`47`	`/// Gets or sets whether the all-zero development admin API key should be enabled. Do not enable in production.`
	`48`	`/// </summary>`
	`49`	`[ManifestSetting(`
	`50`	`DisplayName = "Use Development Admin API Key",`
	`51`	`Description = "Enables the all-zero development admin API key. Do not enable in production.",`
	`52`	`Category = "Security",`
	`53`	`DefaultValue = "false",`
	`54`	`RestartRequired = true)]`
4	`55`	`public bool UseDevelopmentAdminApiKey { get; set; }`
	`56`
	`57`	`/// <summary>`
	`58`	`/// Gets or sets whether localhost requests may satisfy the security-root permission requirement without other crede`
	`59`	`/// </summary>`
0	`60`	`public bool EnableLocalHostPermissionGrant { get; set; }`
	`61`
	`62`	`public void ConfigureServices(IServiceCollection services)`
	`63`	`{`
3	`64`	`var resolvedAdminApiKey = UseDevelopmentAdminApiKey ? AdminApiKeyProvider.DevelopmentApiKey : AdminApiKey;`
3	`65`	`if (!string.IsNullOrWhiteSpace(resolvedAdminApiKey))`
2	`66`	`ApiKeyProviderType = typeof(AdminApiKeyProvider);`
	`67`
3	`68`	`services.ConfigureOptions<ConfigureJwtBearerOptions>();`
3	`69`	`services.AddIdentityTokenOptionsValidation();`
3	`70`	`services.Configure<LocalHostPermissionRequirementOptions>(options => options.EnableLocalHostPermissionGrant = En`
3	`71`	`services.Configure<AdminApiKeyOptions>(options =>`
3	`72`	`{`
3	`73`	`options.ApiKey = resolvedAdminApiKey;`
6	`74`	`});`
	`75`
3	`76`	`var authBuilder = services`
3	`77`	`.AddAuthentication(MultiScheme)`
3	`78`	`.AddPolicyScheme(MultiScheme, MultiScheme, options =>`
3	`79`	`{`
0	`80`	`options.ForwardDefaultSelector = context =>`
0	`81`	`{`
0	`82`	`return context.Request.Headers.Authorization.Any(x => x!.Contains(ApiKeyDefaults.AuthenticationSchem`
0	`83`	`? ApiKeyDefaults.AuthenticationScheme`
0	`84`	`: JwtBearerDefaults.AuthenticationScheme;`
0	`85`	`};`
0	`86`	`})`
3	`87`	`.AddJwtBearer()`
3	`88`	`.AddJwtBearer(IdentityAuthenticationSchemes.RefreshToken);`
	`89`
	`90`	`// Configure API key authorization based on provider type`
3	`91`	`if (ApiKeyProviderType == typeof(AdminApiKeyProvider))`
2	`92`	`authBuilder.AddApiKeyInAuthorizationHeader<AdminApiKeyProvider>();`
	`93`	`else`
1	`94`	`authBuilder.AddApiKeyInAuthorizationHeader<DefaultApiKeyProvider>();`
	`95`
3	`96`	`services.AddScoped<IAuthorizationHandler, LocalHostRequirementHandler>();`
3	`97`	`services.AddScoped<IAuthorizationHandler, LocalHostPermissionRequirementHandler>();`
3	`98`	`services.AddScoped(ApiKeyProviderType);`
5	`99`	`services.AddScoped<IApiKeyProvider>(sp => (IApiKeyProvider)sp.GetRequiredService(ApiKeyProviderType));`
	`100`
3	`101`	`services.AddAuthorization(options =>`
3	`102`	`{`
0	`103`	`if (EnableLocalHostPermissionGrant)`
0	`104`	`options.AddPolicy(IdentityPolicyNames.SecurityRoot, policy => policy.AddRequirements(new LocalHostPermis`
3	`105`	`else`
0	`106`	`options.AddPolicy(IdentityPolicyNames.SecurityRoot, policy => policy.RequireAuthenticatedUser());`
3	`107`	`});`
3	`108`	`}`
	`109`	`}`

< Summary

Metrics

File(s)

/home/runner/work/elsa-core/elsa-core/src/modules/Elsa.Identity/ShellFeatures/DefaultAuthenticationFeature.cs

Methods/Properties