setup to receive & process event postings

src/Api/Startup.cs

@@ -14,13 +14,13 @@ using Microsoft.AspNetCore.Mvc.Formatters;
 using Microsoft.Net.Http.Headers;
 using Newtonsoft.Json.Serialization;
 using AspNetCoreRateLimit;
-using Bit.Api.Middleware;
 using Serilog.Events;
 using Stripe;
 using Bit.Core.Utilities;
 using IdentityModel;
 using IdentityServer4.AccessTokenValidation;
 using jsreport.AspNetCore;
+using Bit.Core.IdentityServer;
 
 namespace Bit.Api
 {

src/Core/IdentityServer/TokenRetrieval.cs

@@ -2,7 +2,7 @@
 using System;
 using System.Linq;
 
-namespace Bit.Api.Utilities
+namespace Bit.Core.IdentityServer
 {
     public static class TokenRetrieval
     {

src/Core/Utilities/CurrentContextMiddleware.cs

@@ -1,12 +1,11 @@
-using Bit.Core;
+using Microsoft.AspNetCore.Http;
-using Microsoft.AspNetCore.Http;
 using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Security.Claims;
 using System.Threading.Tasks;
 
-namespace Bit.Api.Middleware
+namespace Bit.Core.Utilities
 {
     public class CurrentContextMiddleware
     {

src/Events/Controllers/EventsController.cs

@@ -1,13 +1,45 @@
 using System;
+using System.Threading.Tasks;
+using Bit.Core;
+using Bit.Core.Repositories;
+using Bit.Core.Services;
+using Bit.Events.Models;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 
 namespace Events.Controllers
 {
+    [Authorize("Application")]
     public class EventsController : Controller
     {
-        [HttpPost("~/")]
+        private readonly CurrentContext _currentContext;
-        public void Post([FromBody]string value)
+        private readonly IEventService _eventService;
+        private readonly ICipherRepository _cipherRepository;
+
+        public EventsController(
+            CurrentContext currentContext,
+            IEventService eventService,
+            ICipherRepository cipherRepository)
         {
+            _currentContext = currentContext;
+            _eventService = eventService;
+            _cipherRepository = cipherRepository;
+        }
+
+        [HttpPost("~/cipher/{id}")]
+        public async Task PostCipher(Guid id, [FromBody]EventModel model)
+        {
+            var cipher = await _cipherRepository.GetByIdAsync(id, _currentContext.UserId.Value);
+            if(cipher != null)
+            {
+                await _eventService.LogCipherEventAsync(cipher, model.Type);
+            }
+        }
+
+        [HttpPost("~/user")]
+        public async Task PostUser([FromBody]EventModel model)
+        {
+            await _eventService.LogUserEventAsync(_currentContext.UserId.Value, model.Type);
         }
     }
 }

src/Events/Events.csproj

@@ -9,6 +9,7 @@
   </PropertyGroup>
 
   <ItemGroup>
+    <PackageReference Include="IdentityServer4.AccessTokenValidation" Version="2.1.0" />
     <PackageReference Include="Microsoft.AspNetCore.All" Version="2.0.3" />
   </ItemGroup>
 
@@ -17,4 +18,8 @@
     <DotNetCliToolReference Include="Microsoft.Extensions.SecretManager.Tools" Version="2.0.0" />
   </ItemGroup>
 
+  <ItemGroup>
+    <ProjectReference Include="..\Core\Core.csproj" />
+  </ItemGroup>
+
 </Project>

src/Events/Models/EventModel.cs

@@ -0,0 +1,10 @@
+using System;
+using Bit.Core.Enums;
+
+namespace Bit.Events.Models
+{
+    public class EventModel
+    {
+        public EventType Type { get; set; }
+    }
+}

src/Events/Startup.cs

@@ -1,36 +1,119 @@
-using System;
+using System.Security.Claims;
+using Bit.Core;
+using Bit.Core.IdentityServer;
+using Bit.Core.Services;
+using Bit.Core.Utilities;
+using IdentityModel;
+using IdentityServer4.AccessTokenValidation;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Logging;
+using Serilog.Events;
 
 namespace Bit.Events
 {
     public class Startup
     {
-        public Startup(IConfiguration configuration)
+        public Startup(IHostingEnvironment env, IConfiguration configuration)
         {
             Configuration = configuration;
+            Environment = env;
         }
 
         public IConfiguration Configuration { get; }
+        public IHostingEnvironment Environment { get; set; }
 
         public void ConfigureServices(IServiceCollection services)
         {
             // Options
             services.AddOptions();
 
+            // Settings
+            var globalSettings = services.AddGlobalSettingsServices(Configuration);
+
+            // Repositories
+            services.AddSqlServerRepositories(globalSettings);
+
+            // Context
+            services.AddScoped<CurrentContext>();
+
+            // Identity
+            services
+                .AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
+                .AddIdentityServerAuthentication(options =>
+                {
+                    options.Authority = globalSettings.BaseServiceUri.InternalIdentity;
+                    options.RequireHttpsMetadata = !Environment.IsDevelopment() &&
+                        globalSettings.BaseServiceUri.InternalIdentity.StartsWith("https");
+                    options.NameClaimType = ClaimTypes.Email;
+                    options.TokenRetriever = TokenRetrieval.FromAuthorizationHeaderOrQueryString(
+                        new string[] { "Bearer", "Bearer3" });
+                    options.SupportedTokens = SupportedTokens.Jwt;
+                });
+
+            services.AddAuthorization(config =>
+            {
+                config.AddPolicy("Application", policy =>
+                {
+                    policy.RequireAuthenticatedUser();
+                    policy.RequireClaim(JwtClaimTypes.AuthenticationMethod, "Application");
+                });
+            });
+
+            // Services
+            services.AddScoped<IEventService, EventService>();
+            if(!globalSettings.SelfHosted && CoreHelpers.SettingHasValue(globalSettings.Storage.ConnectionString))
+            {
+                services.AddSingleton<IEventWriteService, AzureQueueEventWriteService>();
+            }
+            else
+            {
+                services.AddSingleton<IEventWriteService, RepositoryEventWriteService>();
+            }
+
             // Mvc
             services.AddMvc();
         }
 
-        public void Configure(IApplicationBuilder app, IHostingEnvironment env)
+        public void Configure(
+            IApplicationBuilder app,
+            IHostingEnvironment env,
+            ILoggerFactory loggerFactory,
+            IApplicationLifetime appLifetime,
+            GlobalSettings globalSettings)
         {
+            loggerFactory.AddSerilog(env, appLifetime, globalSettings, (e) =>
+            {
+                var context = e.Properties["SourceContext"].ToString();
+                if(context.Contains("IdentityServer4.Validation.TokenValidator") ||
+                    context.Contains("IdentityServer4.Validation.TokenRequestValidator"))
+                {
+                    return e.Level > LogEventLevel.Error;
+                }
+
+                return e.Level >= LogEventLevel.Error;
+            });
+
             if(env.IsDevelopment())
             {
                 app.UseDeveloperExceptionPage();
             }
 
+            // Default Middleware
+            app.UseDefaultMiddleware(env);
+
+            // Add Cors
+            app.UseCors("All");
+
+            // Add authentication to the request pipeline.
+            app.UseAuthentication();
+
+            // Add current context
+            app.UseMiddleware<CurrentContextMiddleware>();
+
+            // Add MVC to the request pipeline.
             app.UseMvc();
         }
     }

src/Events/appsettings.Development.json

@@ -1,10 +0,0 @@
-{
-  "Logging": {
-    "IncludeScopes": false,
-    "LogLevel": {
-      "Default": "Debug",
-      "System": "Information",
-      "Microsoft": "Information"
-    }
-  }
-}

src/Events/appsettings.Preview.json

@@ -0,0 +1,10 @@
+{
+  "globalSettings": {
+    "baseServiceUri": {
+      "vault": "https://preview-vault.bitwarden.com",
+      "api": "https://preview-api.bitwarden.com",
+      "identity": "https://preview-identity.bitwarden.com",
+      "internalIdentity": "https://preview-identity.bitwarden.com"
+    }
+  }
+}

src/Events/appsettings.Production.json

@@ -0,0 +1,10 @@
+{
+  "globalSettings": {
+    "baseServiceUri": {
+      "vault": "https://vault.bitwarden.com",
+      "api": "https://api.bitwarden.com",
+      "identity": "https://identity.bitwarden.com",
+      "internalIdentity": "https://identity.bitwarden.com"
+    }
+  }
+}

src/Events/appsettings.Staging.json

@@ -0,0 +1,10 @@
+{
+  "globalSettings": {
+    "baseServiceUri": {
+      "vault": "https://vault.bitwarden.com",
+      "api": "https://api.bitwarden.com",
+      "identity": "https://identity.bitwarden.com",
+      "internalIdentity": "https://identity.bitwarden.com"
+    }
+  }
+}

src/Events/appsettings.json

@@ -1,15 +1,25 @@
 {
-  "Logging": {
+  "globalSettings": {
-    "IncludeScopes": false,
+    "selfHosted": false,
-    "Debug": {
+    "projectName": "Events",
-      "LogLevel": {
+    "baseServiceUri": {
-        "Default": "Warning"
+      "vault": "http://localhost:4001",
-      }
+      "api": "http://localhost:4000",
+      "identity": "http://localhost:33656",
+      "internalIdentity": "http://localhost:33656"
     },
-    "Console": {
+    "sqlServer": {
-      "LogLevel": {
+      "connectionString": "SECRET"
-        "Default": "Warning"
+    },
-      }
+    "identityServer": {
+      "certificateThumbprint": "SECRET"
+    },
+    "storage": {
+      "connectionString": "SECRET"
+    },
+    "documentDb": {
+      "uri": "SECRET",
+      "key": "SECRET"
     }
   }
 }