< Summary

Information
Class: Elsa.Identity.Features.DefaultAuthenticationFeature
Assembly: Elsa.Identity
File(s): /home/runner/work/elsa-core/elsa-core/src/modules/Elsa.Identity/Features/DefaultAuthenticationFeature.cs
Line coverage
93%
Covered lines: 29
Uncovered lines: 2
Coverable lines: 31
Total lines: 89
Line coverage: 93.5%
Branch coverage
75%
Covered branches: 3
Total branches: 4
Branch coverage: 75%
Method coverage

Feature is only available for sponsors

Upgrade to PRO version

Metrics

MethodBranch coverage Crap Score Cyclomatic complexity Line coverage
.ctor(...)100%11100%
get_ApiKeyProviderType()100%11100%
get_ConfigureAuthorizationOptions()100%11100%
UseApiKeyAuthorization()100%22100%
UseAdminApiKey()100%11100%
DisableLocalHostRequirement()100%210%
Apply()50%22100%

File(s)

/home/runner/work/elsa-core/elsa-core/src/modules/Elsa.Identity/Features/DefaultAuthenticationFeature.cs

#LineLine coverage
 1using AspNetCore.Authentication.ApiKey;
 2using Elsa.Extensions;
 3using Elsa.Features.Abstractions;
 4using Elsa.Features.Attributes;
 5using Elsa.Features.Services;
 6using Elsa.Identity.Providers;
 7using Elsa.Requirements;
 8using Microsoft.AspNetCore.Authentication;
 9using Microsoft.AspNetCore.Authentication.JwtBearer;
 10using Microsoft.AspNetCore.Authorization;
 11using Microsoft.Extensions.DependencyInjection;
 12
 13namespace Elsa.Identity.Features;
 14
 15/// <summary>
 16/// Provides an authorization feature that configures the system with JWT bearer and API key authentication.
 17/// </summary>
 18[DependsOn(typeof(IdentityFeature))]
 19public class DefaultAuthenticationFeature : FeatureBase
 20{
 21    private const string MultiScheme = "Jwt-or-ApiKey";
 122    private Func<AuthenticationBuilder, AuthenticationBuilder> _configureApiKeyAuthorization = builder => builder.AddApi
 23
 24    /// <inheritdoc />
 125    public DefaultAuthenticationFeature(IModule module) : base(module)
 26    {
 127    }
 28
 29    /// <summary>
 30    /// Gets or sets the <see cref="ApiKeyProviderType"/>.
 31    /// </summary>
 232    public Type ApiKeyProviderType { get; set; } = typeof(DefaultApiKeyProvider);
 433    public Action<AuthorizationOptions> ConfigureAuthorizationOptions { get; set; } = options => options.AddPolicy(Ident
 34
 35    /// <summary>
 36    /// Configures the API key provider type.
 37    /// </summary>
 38    /// <typeparam name="T">The type of the API key provider.</typeparam>
 39    /// <returns>The current <see cref="DefaultAuthenticationFeature"/>.</returns>
 40    public DefaultAuthenticationFeature UseApiKeyAuthorization<T>() where T : class, IApiKeyProvider
 41    {
 242        _configureApiKeyAuthorization = builder => builder.AddApiKeyInAuthorizationHeader<T>();
 143        return this;
 44    }
 45
 46    /// <summary>
 47    /// Configures the API key provider type to <see cref="AdminApiKeyProvider"/>.
 48    /// </summary>
 49    /// <returns>The current <see cref="DefaultAuthenticationFeature"/>.</returns>
 150    public DefaultAuthenticationFeature UseAdminApiKey() => UseApiKeyAuthorization<AdminApiKeyProvider>();
 51
 52    /// <summary>
 53    /// Disables the local host requirement for the security root policy.
 54    /// We are considering removing this requirement by default in the future, in favor of a new "setup mode" paradigm.
 55    /// </summary>
 56    public DefaultAuthenticationFeature DisableLocalHostRequirement()
 57    {
 058        ConfigureAuthorizationOptions = options => options.AddPolicy(IdentityPolicyNames.SecurityRoot, policy => policy.
 059        return this;
 60    }
 61
 62    /// <inheritdoc />
 63    public override void Apply()
 64    {
 165        Services.ConfigureOptions<ConfigureJwtBearerOptions>();
 166        Services.ConfigureOptions<ValidateIdentityTokenOptions>();
 67
 168        var authBuilder = Services
 169            .AddAuthentication(MultiScheme)
 170            .AddPolicyScheme(MultiScheme, MultiScheme, options =>
 171            {
 172                options.ForwardDefaultSelector = context =>
 173                {
 47274                    return context.Request.Headers.Authorization.Any(x => x!.Contains(ApiKeyDefaults.AuthenticationSchem
 23675                        ? ApiKeyDefaults.AuthenticationScheme
 23676                        : JwtBearerDefaults.AuthenticationScheme;
 177                };
 178            })
 179            .AddJwtBearer();
 80
 181        _configureApiKeyAuthorization(authBuilder);
 82
 183        Services.AddScoped<IAuthorizationHandler, LocalHostRequirementHandler>();
 184        Services.AddScoped<IAuthorizationHandler, LocalHostPermissionRequirementHandler>();
 185        Services.AddScoped(ApiKeyProviderType);
 186        Services.AddScoped<IApiKeyProvider>(sp => (IApiKeyProvider)sp.GetRequiredService(ApiKeyProviderType));
 187        Services.AddAuthorization(ConfigureAuthorizationOptions);
 188    }
 89}
Generated by: ReportGenerator 5.5.0.0
11/27/2025 - 20:46:53
GitHub | reportgenerator.io

Methods/Properties

.ctor(Elsa.Features.Services.IModule)
get_ApiKeyProviderType()
get_ConfigureAuthorizationOptions()
UseApiKeyAuthorization()
UseAdminApiKey()
DisableLocalHostRequirement()
Apply()