< Summary

Information
Class: Elsa.Identity.ShellFeatures.DefaultAuthenticationFeature
Assembly: Elsa.Identity
File(s): /home/runner/work/elsa-core/elsa-core/src/modules/Elsa.Identity/ShellFeatures/DefaultAuthenticationFeature.cs
Line coverage
0%
Covered lines: 0
Uncovered lines: 27
Coverable lines: 27
Total lines: 65
Line coverage: 0%
Branch coverage
0%
Covered branches: 0
Total branches: 4
Branch coverage: 0%
Method coverage

Feature is only available for sponsors

Upgrade to PRO version

Metrics

MethodBranch coverage Crap Score Cyclomatic complexity Line coverage
get_ApiKeyProviderType()100%210%
ConfigureServices(...)0%2040%

File(s)

/home/runner/work/elsa-core/elsa-core/src/modules/Elsa.Identity/ShellFeatures/DefaultAuthenticationFeature.cs

#LineLine coverage
 1using AspNetCore.Authentication.ApiKey;
 2using CShells.Features;
 3using Elsa.Extensions;
 4using Elsa.Identity.Providers;
 5using Elsa.Requirements;
 6using JetBrains.Annotations;
 7using Microsoft.AspNetCore.Authentication;
 8using Microsoft.AspNetCore.Authentication.JwtBearer;
 9using Microsoft.AspNetCore.Authorization;
 10using Microsoft.Extensions.DependencyInjection;
 11
 12namespace Elsa.Identity.ShellFeatures;
 13
 14/// <summary>
 15/// Provides an authorization feature that configures the system with JWT bearer and API key authentication.
 16/// </summary>
 17[ShellFeature(
 18    DisplayName = "Default Authentication",
 19    Description = "Provides JWT bearer and API key authentication",
 20    DependsOn = ["Identity"])]
 21[UsedImplicitly]
 22public class DefaultAuthenticationFeature : IShellFeature
 23{
 24    private const string MultiScheme = "Jwt-or-ApiKey";
 25
 26    /// <summary>
 27    /// Gets or sets the API key provider type.
 28    /// </summary>
 029    public Type ApiKeyProviderType { get; set; } = typeof(DefaultApiKeyProvider);
 30
 31    public void ConfigureServices(IServiceCollection services)
 32    {
 033        services.ConfigureOptions<ConfigureJwtBearerOptions>();
 034        services.ConfigureOptions<ValidateIdentityTokenOptions>();
 35
 036        var authBuilder = services
 037            .AddAuthentication(MultiScheme)
 038            .AddPolicyScheme(MultiScheme, MultiScheme, options =>
 039            {
 040                options.ForwardDefaultSelector = context =>
 041                {
 042                    return context.Request.Headers.Authorization.Any(x => x!.Contains(ApiKeyDefaults.AuthenticationSchem
 043                        ? ApiKeyDefaults.AuthenticationScheme
 044                        : JwtBearerDefaults.AuthenticationScheme;
 045                };
 046            })
 047            .AddJwtBearer();
 48
 49        // Configure API key authorization based on provider type
 050        if (ApiKeyProviderType == typeof(AdminApiKeyProvider))
 051            authBuilder.AddApiKeyInAuthorizationHeader<AdminApiKeyProvider>();
 52        else
 053            authBuilder.AddApiKeyInAuthorizationHeader<DefaultApiKeyProvider>();
 54
 055        services.AddScoped<IAuthorizationHandler, LocalHostRequirementHandler>();
 056        services.AddScoped<IAuthorizationHandler, LocalHostPermissionRequirementHandler>();
 057        services.AddScoped(ApiKeyProviderType);
 058        services.AddScoped<IApiKeyProvider>(sp => (IApiKeyProvider)sp.GetRequiredService(ApiKeyProviderType));
 59
 060        services.AddAuthorization(options =>
 061        {
 062            options.AddPolicy(IdentityPolicyNames.SecurityRoot, policy => policy.RequireAuthenticatedUser());
 063        });
 064    }
 65}
Generated by: ReportGenerator 5.5.3.0
03/14/2026 - 09:55:09
GitHub | reportgenerator.io

Methods/Properties

get_ApiKeyProviderType()
ConfigureServices(Microsoft.Extensions.DependencyInjection.IServiceCollection)