< Summary

Information

Class:	Elsa.Identity.Features.DefaultAuthenticationFeature
Assembly:	Elsa.Identity
File(s):	/home/runner/work/elsa-core/elsa-core/src/modules/Elsa.Identity/Features/DefaultAuthenticationFeature.cs

Line coverage

94%

Covered lines:	51
Uncovered lines:	3
Coverable lines:	54
Total lines:	173
Line coverage:	94.4%

Branch coverage

80%

Covered branches:	8
Total branches:	10
Branch coverage:	80%

Method coverage

Feature is only available for sponsors

Upgrade to PRO version

Metrics

Method	Branch coverage	Crap Score	Cyclomatic complexity	Line coverage
.ctor(...)	100%	1	1	100%
get_ApiKeyProviderType()	100%	1	1	100%
get_ConfigureAuthorizationOptions()	50%	2	2	100%
set_ConfigureAuthorizationOptions(...)	100%	2	2	100%
get_EnableLocalHostPermissionGrant()	100%	1	1	100%
UseApiKeyAuthorization()	100%	2	2	100%
UseAdminApiKey()	100%	1	1	100%
UseAdminApiKey(...)	100%	1	1	100%
UseAdminApiKey(...)	100%	2	1	0%
UseDevelopmentAdminApiKey()	100%	1	1	100%
EnableLocalHostPermissionGrantForSecurityRoot()	100%	1	1	100%
DisableLocalHostPermissionGrantForSecurityRoot()	100%	1	1	100%
DisableLocalHostRequirement()	100%	2	1	0%
Apply()	50%	2	2	100%
ConfigureAuthenticatedSecurityRootPolicy(...)	100%	1	1	100%
ConfigureDefaultSecurityRootPolicy(...)	100%	2	2	100%
ConfigureLocalHostSecurityRootPolicy(...)	100%	1	1	100%

File(s)

/home/runner/work/elsa-core/elsa-core/src/modules/Elsa.Identity/Features/DefaultAuthenticationFeature.cs

#	Line	Line coverage
	`1`	`using AspNetCore.Authentication.ApiKey;`
	`2`	`using Elsa.Extensions;`
	`3`	`using Elsa.Features.Abstractions;`
	`4`	`using Elsa.Features.Attributes;`
	`5`	`using Elsa.Features.Services;`
	`6`	`using Elsa.Identity.Constants;`
	`7`	`using Elsa.Identity.Options;`
	`8`	`using Elsa.Identity.Providers;`
	`9`	`using Elsa.Options;`
	`10`	`using Elsa.Requirements;`
	`11`	`using Microsoft.AspNetCore.Authentication;`
	`12`	`using Microsoft.AspNetCore.Authentication.JwtBearer;`
	`13`	`using Microsoft.AspNetCore.Authorization;`
	`14`	`using Microsoft.Extensions.DependencyInjection;`
	`15`
	`16`	`namespace Elsa.Identity.Features;`
	`17`
	`18`	`/// <summary>`
	`19`	`/// Provides an authorization feature that configures the system with JWT bearer and API key authentication.`
	`20`	`/// </summary>`
	`21`	`[DependsOn(typeof(IdentityFeature))]`
	`22`	`public class DefaultAuthenticationFeature : FeatureBase`
	`23`	`{`
	`24`	`private const string MultiScheme = "Jwt-or-ApiKey";`
8	`25`	`private Func<AuthenticationBuilder, AuthenticationBuilder> _configureApiKeyAuthorization = builder => builder.AddApi`
	`26`	`private Action<AuthorizationOptions>? _configureAuthorizationOptions;`
	`27`
	`28`	`/// <inheritdoc />`
8	`29`	`public DefaultAuthenticationFeature(IModule module) : base(module)`
	`30`	`{`
8	`31`	`ConfigureAuthorizationOptions = ConfigureDefaultSecurityRootPolicy;`
8	`32`	`}`
	`33`
	`34`	`/// <summary>`
	`35`	`/// Gets or sets the <see cref="ApiKeyProviderType"/>.`
	`36`	`/// </summary>`
14	`37`	`public Type ApiKeyProviderType { get; set; } = typeof(DefaultApiKeyProvider);`
	`38`
	`39`	`/// <summary>`
	`40`	`/// Gets or sets the authorization options configuration.`
	`41`	`/// </summary>`
	`42`	`public Action<AuthorizationOptions> ConfigureAuthorizationOptions`
	`43`	`{`
7	`44`	`get => _configureAuthorizationOptions ?? ConfigureDefaultSecurityRootPolicy;`
10	`45`	`set => _configureAuthorizationOptions = value ?? ConfigureDefaultSecurityRootPolicy;`
	`46`	`}`
	`47`
	`48`	`/// <summary>`
	`49`	`/// Gets or sets whether localhost requests may satisfy the security-root permission requirement without other crede`
	`50`	`/// </summary>`
13	`51`	`public bool EnableLocalHostPermissionGrant { get; set; }`
	`52`
	`53`	`/// <summary>`
	`54`	`/// Configures the API key provider type.`
	`55`	`/// </summary>`
	`56`	`/// <typeparam name="T">The type of the API key provider.</typeparam>`
	`57`	`/// <returns>The current <see cref="DefaultAuthenticationFeature"/>.</returns>`
	`58`	`public DefaultAuthenticationFeature UseApiKeyAuthorization<T>() where T : class, IApiKeyProvider`
	`59`	`{`
3	`60`	`ApiKeyProviderType = typeof(T);`
6	`61`	`_configureApiKeyAuthorization = builder => builder.AddApiKeyInAuthorizationHeader<T>();`
3	`62`	`return this;`
	`63`	`}`
	`64`
	`65`	`/// <summary>`
	`66`	`/// Configures the API key provider type to <see cref="AdminApiKeyProvider"/>. The provider denies all keys unless c`
	`67`	`/// </summary>`
	`68`	`/// <returns>The current <see cref="DefaultAuthenticationFeature"/>.</returns>`
3	`69`	`public DefaultAuthenticationFeature UseAdminApiKey() => UseApiKeyAuthorization<AdminApiKeyProvider>();`
	`70`
	`71`	`/// <summary>`
	`72`	`/// Configures the admin API key provider with an explicit API key.`
	`73`	`/// </summary>`
	`74`	`/// <param name="apiKey">The API key to accept.</param>`
	`75`	`/// <returns>The current <see cref="DefaultAuthenticationFeature"/>.</returns>`
	`76`	`public DefaultAuthenticationFeature UseAdminApiKey(string apiKey)`
	`77`	`{`
4	`78`	`Services.Configure<AdminApiKeyOptions>(options => options.ApiKey = apiKey);`
3	`79`	`return UseAdminApiKey();`
	`80`	`}`
	`81`
	`82`	`/// <summary>`
	`83`	`/// Configures the admin API key provider with an explicit API key.`
	`84`	`/// </summary>`
	`85`	`/// <param name="configure">The admin API key options to configure.</param>`
	`86`	`/// <returns>The current <see cref="DefaultAuthenticationFeature"/>.</returns>`
	`87`	`public DefaultAuthenticationFeature UseAdminApiKey(Action<AdminApiKeyOptions> configure)`
	`88`	`{`
0	`89`	`Services.Configure(configure);`
0	`90`	`return UseAdminApiKey();`
	`91`	`}`
	`92`
	`93`	`/// <summary>`
	`94`	`/// Enables the all-zero development admin API key. Do not use in production.`
	`95`	`/// </summary>`
	`96`	`/// <returns>The current <see cref="DefaultAuthenticationFeature"/>.</returns>`
3	`97`	`public DefaultAuthenticationFeature UseDevelopmentAdminApiKey() => UseAdminApiKey(AdminApiKeyProvider.DevelopmentApi`
	`98`
	`99`	`/// <summary>`
	`100`	`/// Enables the legacy localhost permission grant for the security root policy.`
	`101`	`/// </summary>`
	`102`	`public DefaultAuthenticationFeature EnableLocalHostPermissionGrantForSecurityRoot()`
	`103`	`{`
3	`104`	`EnableLocalHostPermissionGrant = true;`
3	`105`	`return this;`
	`106`	`}`
	`107`
	`108`	`/// <summary>`
	`109`	`/// Disables the localhost permission grant for the security root policy.`
	`110`	`/// This is useful when privileged identity bootstrap is handled through features such as <see cref="DefaultAdminUse`
	`111`	`/// </summary>`
	`112`	`public DefaultAuthenticationFeature DisableLocalHostPermissionGrantForSecurityRoot()`
	`113`	`{`
1	`114`	`EnableLocalHostPermissionGrant = false;`
1	`115`	`return this;`
	`116`	`}`
	`117`
	`118`	`/// <summary>`
	`119`	`/// Disables the legacy localhost permission grant for the security root policy.`
	`120`	`/// This is useful when privileged identity bootstrap is handled through features such as <see cref="DefaultAdminUse`
	`121`	`/// </summary>`
	`122`	`[Obsolete("Use DisableLocalHostPermissionGrantForSecurityRoot instead.")]`
0	`123`	`public DefaultAuthenticationFeature DisableLocalHostRequirement() => DisableLocalHostPermissionGrantForSecurityRoot(`
	`124`
	`125`	`/// <inheritdoc />`
	`126`	`public override void Apply()`
	`127`	`{`
3	`128`	`Services.ConfigureOptions<ConfigureJwtBearerOptions>();`
4	`129`	`Services.Configure<AdminApiKeyOptions>(_ => { });`
3	`130`	`Services.AddIdentityTokenOptionsValidation();`
3	`131`	`Services.Configure<LocalHostPermissionRequirementOptions>(options => options.EnableLocalHostPermissionGrant = En`
	`132`
3	`133`	`var authBuilder = Services`
3	`134`	`.AddAuthentication(MultiScheme)`
3	`135`	`.AddPolicyScheme(MultiScheme, MultiScheme, options =>`
3	`136`	`{`
1	`137`	`options.ForwardDefaultSelector = context =>`
1	`138`	`{`
590	`139`	`return context.Request.Headers.Authorization.Any(x => x!.Contains(ApiKeyDefaults.AuthenticationSchem`
295	`140`	`? ApiKeyDefaults.AuthenticationScheme`
295	`141`	`: JwtBearerDefaults.AuthenticationScheme;`
1	`142`	`};`
1	`143`	`})`
3	`144`	`.AddJwtBearer()`
3	`145`	`.AddJwtBearer(IdentityAuthenticationSchemes.RefreshToken);`
	`146`
3	`147`	`_configureApiKeyAuthorization(authBuilder);`
	`148`
3	`149`	`Services.AddScoped<IAuthorizationHandler, LocalHostRequirementHandler>();`
3	`150`	`Services.AddScoped<IAuthorizationHandler, LocalHostPermissionRequirementHandler>();`
3	`151`	`Services.AddScoped(ApiKeyProviderType);`
3	`152`	`Services.AddScoped<IApiKeyProvider>(sp => (IApiKeyProvider)sp.GetRequiredService(ApiKeyProviderType));`
3	`153`	`Services.AddAuthorization(ConfigureAuthorizationOptions);`
3	`154`	`}`
	`155`
	`156`	`private static void ConfigureAuthenticatedSecurityRootPolicy(AuthorizationOptions options)`
	`157`	`{`
10	`158`	`options.AddPolicy(IdentityPolicyNames.SecurityRoot, policy => policy.RequireAuthenticatedUser());`
5	`159`	`}`
	`160`
	`161`	`private void ConfigureDefaultSecurityRootPolicy(AuthorizationOptions options)`
	`162`	`{`
6	`163`	`if (EnableLocalHostPermissionGrant)`
1	`164`	`ConfigureLocalHostSecurityRootPolicy(options);`
	`165`	`else`
5	`166`	`ConfigureAuthenticatedSecurityRootPolicy(options);`
5	`167`	`}`
	`168`
	`169`	`private static void ConfigureLocalHostSecurityRootPolicy(AuthorizationOptions options)`
	`170`	`{`
2	`171`	`options.AddPolicy(IdentityPolicyNames.SecurityRoot, policy => policy.AddRequirements(new LocalHostPermissionRequ`
1	`172`	`}`
	`173`	`}`

< Summary

Metrics

File(s)

/home/runner/work/elsa-core/elsa-core/src/modules/Elsa.Identity/Features/DefaultAuthenticationFeature.cs

Methods/Properties