Joseph Doherty
fddc69545f
- Add SecurityOptionsValidator (IValidateOptions<SecurityOptions>) enforcing RoleRefreshThresholdMinutes < IdleTimeoutMinutes; registered with ValidateOnStart in AddSecurity — startup FAILS if threshold >= idle, so the invariant cannot be silently misconfigured away. - Update SecurityOptions XML-docs: class-level summary distinguishes JWT Bearer path (JwtSigningKey/JwtExpiryMinutes) from Blazor cookie session path (IdleTimeoutMinutes/ RoleRefreshThresholdMinutes); both time fields document the ~45-min effective idle window and the new cross-field constraint. - Remove dead jwtService variable from /auth/login lambda in AuthEndpoints.cs (resolved but never used since login moved to SessionClaimBuilder). - Extract ApplyValidationResultAsync helper from OnValidatePrincipalAsync (pure decision-application step); add 3 adapter tests covering Reject → RejectPrincipal + SignOutAsync; Replace → ReplacePrincipal + ShouldRenew; Keep → no-op. - Fix inaccurate TryRefreshAsync comment (dropped "OR last-activity needs advancing" — the code only returns non-null when roleRefreshDue). - Add InternalsVisibleTo for Security.Tests in Security.csproj. - Add IsRoleRefreshDue tests: missing claim → due; unparsable claim → due; plus integration test covering the full ValidateAsync path for a principal missing zb:lastrolerefresh (triggers refresh + re-stamps anchor rather than keeping stale principal forever). - Add SecurityOptionsValidatorConfigGuardTests: default succeeds; equal fails; greater fails; boundary (idle-1) succeeds; wiring confirmed via AddSecurity container.
45 lines
2.2 KiB
XML
45 lines
2.2 KiB
XML
<Project Sdk="Microsoft.NET.Sdk">
|
|
|
|
<PropertyGroup>
|
|
<TargetFramework>net10.0</TargetFramework>
|
|
<ImplicitUsings>enable</ImplicitUsings>
|
|
<Nullable>enable</Nullable>
|
|
<TreatWarningsAsErrors>true</TreatWarningsAsErrors>
|
|
</PropertyGroup>
|
|
|
|
<ItemGroup>
|
|
<!-- HttpAuditActorAccessor (Phase 3) + AddHttpContextAccessor read the
|
|
authenticated principal off IHttpContextAccessor.HttpContext.User to
|
|
source the audit Actor. The cookie-auth wiring in AddSecurity already
|
|
lives here, so this is the natural home for the HTTP-backed
|
|
principal-to-actor seam. The shared framework supplies IHttpContextAccessor
|
|
/ HttpContext (and the AddHttpContextAccessor DI helper); it also supplies
|
|
the Extensions.* + AspNetCore.Authentication/Authorization assemblies that
|
|
were previously listed as PackageReferences (now pruned — NU1510). -->
|
|
<FrameworkReference Include="Microsoft.AspNetCore.App" />
|
|
<PackageReference Include="System.IdentityModel.Tokens.Jwt" />
|
|
<PackageReference Include="Novell.Directory.Ldap.NETStandard" />
|
|
<PackageReference Include="ZB.MOM.WW.Auth.Abstractions" />
|
|
<PackageReference Include="ZB.MOM.WW.Auth.Ldap" />
|
|
<!-- Inbound-API key re-arch (C1): LibraryInboundApiKeyAdmin implements the
|
|
Commons IInboundApiKeyAdmin management seam over the shared admin facade
|
|
(ApiKeyAdminCommands). Security is the one project referenced by BOTH the
|
|
Host (ManagementActor, via ManagementService) and CentralUI, and it already
|
|
carries the rest of the Auth family — so the impl lives here. -->
|
|
<PackageReference Include="ZB.MOM.WW.Auth.ApiKeys" />
|
|
<PackageReference Include="ZB.MOM.WW.Auth.AspNetCore" />
|
|
<PackageReference Include="ZB.MOM.WW.Configuration" />
|
|
</ItemGroup>
|
|
|
|
<ItemGroup>
|
|
<ProjectReference Include="../ZB.MOM.WW.ScadaBridge.Commons/ZB.MOM.WW.ScadaBridge.Commons.csproj" />
|
|
</ItemGroup>
|
|
|
|
<ItemGroup>
|
|
<!-- M2.19 (#15): expose internal members (OnValidatePrincipalAsync adapter) to the
|
|
Security test project so the adapter translation can be exercised in isolation. -->
|
|
<InternalsVisibleTo Include="ZB.MOM.WW.ScadaBridge.Security.Tests" />
|
|
</ItemGroup>
|
|
|
|
</Project>
|