Fix project setup. Fix package tagging.

jjrdk · jjrdk · commit d78334d8b052 · 2022-06-07T11:54:23.000+02:00
diff --git a/shared.proj b/shared.proj
@@ -1,6 +1,6 @@
 <Project>
     <PropertyGroup>
-        <Version>2.0.0</Version>
+        <Version>2.1.1</Version>
         <Authors>Jacob Reimers</Authors>
         <Company>Reimers.dk</Company>
         <Product>OpenCertServer</Product>
@@ -9,7 +9,7 @@
         <RepositoryType>git</RepositoryType>
         <PackageProjectUrl>https://github.com/jjrdk/opencertserver</PackageProjectUrl>
         <RepositoryUrl>https://github.com/jjrdk/opencertserver</RepositoryUrl>
-        <Tags>X509 Certificate EST RFC7030 RFC8555</Tags>
+        <PackageTags>X509 Certificate SSL TLS EST ACME RFC7030 RFC8555</PackageTags>
         <Description>ASP.NET Core implementation of RFC 7030 certificate authority and issuer and RFC8555 client and server.</Description>
         <GeneratePackageOnBuild>False</GeneratePackageOnBuild>
         <langVersion>latest</langVersion>
diff --git a/src/opencertserver.acme.abstractions/opencertserver.acme.abstractions.csproj b/src/opencertserver.acme.abstractions/opencertserver.acme.abstractions.csproj
@@ -1,12 +1,12 @@
-<Project Sdk="Microsoft.NET.Sdk">
+﻿<Project Sdk="Microsoft.NET.Sdk">
 
 	<PropertyGroup>
 		<RootNamespace>OpenCertServer.Acme.Abstractions</RootNamespace>
 		<TargetFramework>net6.0</TargetFramework>
 		<ImplicitUsings>enable</ImplicitUsings>
 		<AssemblyName>opencertserver.acme.abstractions</AssemblyName>
 	</PropertyGroup>
-	<Import Project="../../shared.proj"/>
+	<Import Project="../../shared.proj" />
 
 	<ItemGroup>
 	  <PackageReference Include="Microsoft.IdentityModel.Tokens" Version="6.18.0" />
diff --git a/src/opencertserver.acme.server/Controllers/AccountController.cs b/src/opencertserver.acme.server/Controllers/AccountController.cs
@@ -5,9 +5,11 @@
     using Abstractions.Model.Exceptions;
     using Abstractions.Services;
     using Filters;
+    using Microsoft.AspNetCore.Authorization;
     using Microsoft.AspNetCore.Mvc;
     using Account = Abstractions.HttpModel.Account;
 
+    //[AllowAnonymous]
     [AddNextNonce]
     public class AccountController : ControllerBase
     {
diff --git a/src/opencertserver.acme.server/Extensions/ServiceCollectionExtensions.cs b/src/opencertserver.acme.server/Extensions/ServiceCollectionExtensions.cs
@@ -8,6 +8,7 @@ namespace OpenCertServer.Acme.Server.Extensions
     using Configuration;
     using DnsClient;
     using Filters;
+    using Microsoft.AspNetCore.Authorization.Infrastructure;
     using Microsoft.AspNetCore.Mvc;
     using Microsoft.Extensions.Configuration;
     using Microsoft.Extensions.DependencyInjection;
@@ -28,7 +29,7 @@ public static IServiceCollection AddAcmeServer(
         {
             services.AddControllers().AddApplicationPart(typeof(ServiceCollectionExtensions).Assembly);
 
-            services.AddScoped<IAcmeRequestProvider, DefaultRequestProvider>();
+            services.AddScoped<IAcmeRequestProvider, DefaultRequestProvider>();//.AddAuthorization();
 
             services.AddScoped<IRequestValidationService, DefaultRequestValidationService>();
             services.AddScoped<INonceService, DefaultNonceService>();
diff --git a/src/opencertserver.acme.server/Middleware/AcmeMiddlewareExtensions.cs b/src/opencertserver.acme.server/Middleware/AcmeMiddlewareExtensions.cs
@@ -6,7 +6,7 @@ public static class AcmeMiddlewareExtensions
     {
         public static IApplicationBuilder UseAcmeServer(this IApplicationBuilder builder)
         {
-            return builder.UseMiddleware<AcmeMiddleware>();
+            return builder.UseMiddleware<AcmeMiddleware>().UseRouting().UseEndpoints(e=>e.MapControllers());
         }
     }
 }
diff --git a/src/opencertserver.ca/CertificateAuthority.cs b/src/opencertserver.ca/CertificateAuthority.cs
@@ -5,6 +5,7 @@
     using System.Linq;
     using System.Security.Cryptography;
     using System.Security.Cryptography.X509Certificates;
+    using System.Text.RegularExpressions;
     using Microsoft.Extensions.Logging;
     using Org.BouncyCastle.Asn1;
     using Org.BouncyCastle.Asn1.Pkcs;
@@ -305,7 +306,13 @@ public void Dispose()
         /// <returns></returns>
         private static byte[] Base64DecodeBytes(string base64EncodedData)
         {
-            var s = base64EncodedData.Trim().Replace(" ", "+").Replace('-', '+').Replace('_', '/');
+            var s = base64EncodedData
+                .Replace(" ", "+")
+                .Replace('-', '+')
+                .Replace('_', '/')
+                .Replace("\n", "")
+                .Replace("\r", "")
+                .Trim();
             switch (s.Length % 4)
             {
                 case 0:
diff --git a/src/opencertserver.est.server/CertificateServerExtensions.cs b/src/opencertserver.est.server/CertificateServerExtensions.cs
@@ -66,26 +66,28 @@ public static IServiceCollection AddEstServer(
 
         private static IServiceCollection InnerAddEstServer(this IServiceCollection services)
         {
-            return services.AddTransient<CaCertHandler>()
+            return services
+                .AddTransient<CaCertHandler>()
                 .AddTransient<SimpleEnrollHandler>()
                 .AddTransient<SimpleReEnrollHandler>()
                 .AddCertificateForwarding(
                     o => { o.HeaderConverter = x => new X509Certificate2(Convert.FromBase64String(x)); })
-                .AddRouting();
+                .AddRouting()
+                .AddAuthorization()
+                .AddAuthentication().Services;
         }
 
         public static IApplicationBuilder UseEstServer(this IApplicationBuilder app, IAuthorizeData? enrollPolicy = null, IAuthorizeData? reEnrollPolicy = null)
         {
             const string? wellKnownEst = "/.well-known/est";
             return app
-                //.UseCertificateForwarding()
-                //.UseAuthentication()
-                //.UseAuthorization()
+                .UseCertificateForwarding()
+                .UseAuthentication()
                 .UseRouting()
+                .UseAuthorization()
                 .UseEndpoints(
                     e =>
                     {
-                        e.MapControllers();
                         e.MapGet(
                             wellKnownEst + "/cacert",
                             async ctx =>
diff --git a/tests/opencertserver.est.server.tests/WebServerTests.cs b/tests/opencertserver.est.server.tests/WebServerTests.cs
@@ -51,9 +51,11 @@ private static IWebHostBuilder CreateHostBuilder(
             webBuilder.ConfigureServices(
                     sc =>
                     {
-                        sc.AddAuthentication(CertificateAuthenticationDefaults.AuthenticationScheme).AddCertificate();
-                        sc.AddAuthorization().AddEstServer(rsaPrivate, ecdsaPrivate);
-                        sc.ConfigureOptions<ConfigureCertificateAuthenticationOptions>();
+                        sc.AddAuthorization()
+                            .AddEstServer(rsaPrivate, ecdsaPrivate)
+                            .ConfigureOptions<ConfigureCertificateAuthenticationOptions>()
+                            .AddAuthentication(CertificateAuthenticationDefaults.AuthenticationScheme)
+                            .AddCertificate();
                     })
                 .Configure(app => app.UseEstServer());
             webBuilder.ConfigureKestrel(

Original file line number	Diff line number	Diff line change
`@@ -6,7 +6,7 @@ public static class AcmeMiddlewareExtensions`
`6`	`6`	`{`
`7`	`7`	`public static IApplicationBuilder UseAcmeServer(this IApplicationBuilder builder)`
`8`	`8`	`{`
`9`		`- return builder.UseMiddleware<AcmeMiddleware>();`
	`9`	`+ return builder.UseMiddleware<AcmeMiddleware>().UseRouting().UseEndpoints(e=>e.MapControllers());`
`10`	`10`	`}`
`11`	`11`	`}`
`12`	`12`	`}`