feat(auth): add login and refresh mutation

BREAKING CHANGE: Older rest endpoint to login and refresh removed

Author: cyberhck

Micro.Auth.Api/Authentication/Exceptions/BadBasicAuthorizationDataException.cs

@@ -0,0 +1,11 @@
+using System;
+
+namespace Micro.Auth.Api.GraphQL.Extensions.Exceptions
+{
+    public class InvalidTokenTypeException : Exception
+    {
+        public InvalidTokenTypeException(string expectedType) : base($"{expectedType} token not found")
+        {
+        }
+    }
+}

Micro.Auth.Api/Authentication/SessionController.cs

@@ -0,0 +1,11 @@
+using System;
+
+namespace Micro.Auth.Api.GraphQL.Extensions.Exceptions
+{
+    public class MissingHeaderException : Exception
+    {
+        public MissingHeaderException(string headerName) : base($"Missing {headerName} header")
+        {
+        }
+    }
+}

Micro.Auth.Api/Authentication/ViewModels/JwtRefreshViewModels.cs

@@ -0,0 +1,22 @@
+using Micro.Auth.Api.Internal.UserData.Extensions;
+using Micro.Auth.Business.Sessions;
+using Microsoft.AspNetCore.Http;
+
+namespace Micro.Auth.Api.GraphQL.Extensions
+{
+    public static class LoginRequestExtension
+    {
+        public static LoginRequest GetLoginRequest(this IHttpContextAccessor httpContextAccessor)
+        {
+            var (login, password) = httpContextAccessor.MustGetBasicToken();
+            return new LoginRequest
+            {
+                Login = login,
+                Password = password,
+                IpAddress = httpContextAccessor.GetIpAddress(),
+                UserAgent = httpContextAccessor.GetUserAgent(),
+                Location = httpContextAccessor.GetRoughLocation()
+            };
+        }
+    }
+}

Micro.Auth.Api/GraphQL/Extensions/Exceptions/InvalidTokenTypeException.cs

@@ -0,0 +1,53 @@
+using System;
+using System.Text;
+using Micro.Auth.Api.GraphQL.Extensions.Exceptions;
+using Microsoft.AspNetCore.Http;
+using Microsoft.Extensions.Primitives;
+
+namespace Micro.Auth.Api.GraphQL.Extensions
+{
+    public static class Tokens
+    {
+        public static string MustGetBearerToken(this IHttpContextAccessor httpContextAccessor)
+        {
+            var headerValue = httpContextAccessor.MustGetAuthHeader();
+            if (!headerValue.StartsWith("Bearer "))
+            {
+                throw new InvalidTokenTypeException("Bearer");
+            }
+            return headerValue.Substring("Bearer ".Length).Trim();
+        }
+
+        private static string MustGetAuthHeader(this IHttpContextAccessor httpContextAccessor)
+        {
+            var header = StringValues.Empty;
+            var exists = httpContextAccessor.HttpContext?.Request.Headers.TryGetValue("Authorization", out header);
+            if (exists == false || header.ToString() == "")
+            {
+                throw new MissingHeaderException("Authorization");
+            }
+
+            return header.ToString();
+        }
+
+        public static (string, string) MustGetBasicToken(this IHttpContextAccessor httpContextAccessor)
+        {
+            try
+            {
+                var headerValue = httpContextAccessor.MustGetAuthHeader();
+                if (!headerValue.StartsWith("Basic "))
+                {
+                    throw new InvalidTokenTypeException("Basic");
+                }
+
+                var token = headerValue.Substring("Basic ".Length).Trim();
+                var parts = Encoding.UTF8.GetString(Convert.FromBase64String(token)).Split(":");
+                return (parts[0], parts[1]);
+            }
+            catch (Exception e)
+            {
+                throw new InvalidTokenTypeException(e.Message);
+            }
+        }
+    }
+}

Micro.Auth.Api/GraphQL/Extensions/Exceptions/MissingHeaderException.cs

@@ -1,25 +1,33 @@
 using GraphQL;
 using GraphQL.Types;
 using Micro.Auth.Api.GraphQL.Directives.Extensions;
+using Micro.Auth.Api.GraphQL.Extensions;
 using Micro.Auth.Api.GraphQL.Inputs;
 using Micro.Auth.Api.GraphQL.Types;
 using Micro.Auth.Api.Internal.UserData.Extensions;
 using Micro.Auth.Business.Common;
 using Micro.Auth.Business.EmailVerification;
 using Micro.Auth.Business.PasswordManager;
+using Micro.Auth.Business.Sessions;
 using Micro.Auth.Business.Users;
 using Microsoft.AspNetCore.Http;
 
 namespace Micro.Auth.Api.GraphQL
 {
     public class Mutation : ObjectGraphType
     {
-        public Mutation(IUserService userService, IPasswordManager passwordManager, IEmailVerificationService verification, IHttpContextAccessor contextAccessor)
+        public Mutation(IUserService userService, IPasswordManager passwordManager, IEmailVerificationService verification, ISessionService sessionService, IHttpContextAccessor contextAccessor)
         {
             FieldAsync<NonNullGraphType<UserType>, User>("register",
                 arguments: new QueryArguments(RegisterInputType.BuildArgument()),
                 resolve: x => userService.Create(x.GetArgument<RegisterInput>("input")));
 
+            FieldAsync<NonNullGraphType<StringGraphType>, string>("refreshToken",
+                resolve: x => sessionService.Refresh(contextAccessor.MustGetBearerToken()));
+
+            FieldAsync<NonNullGraphType<TokensType>, LoginSuccessResponse>("login",
+                resolve: x => sessionService.Login(contextAccessor.GetLoginRequest()));
+
             FieldAsync<NonNullGraphType<UserType>, User>("verifyEmail",
                 arguments: new QueryArguments(VerifyEmailInputType.BuildArgument()),
                 resolve: x => verification.ConfirmEmail(x.GetArgument<VerifyEmailInput>("input")));

Micro.Auth.Api/GraphQL/Extensions/LoginRequestExtension.cs

@@ -0,0 +1,15 @@
+using Micro.Auth.Business.Sessions;
+
+namespace Micro.Auth.Api.GraphQL.Types
+{
+    public sealed class TokensType : Micro.GraphQL.Federation.ObjectGraphType<LoginSuccessResponse>
+    {
+        public TokensType()
+        {
+            Name = "Token";
+            Field("jwt", x => x.Jwt).Description("JWT");
+            Field("refreshToken", x => x.RefreshToken, true)
+                .Description("Once JWT expires, use this token to create a new session");
+        }
+    }
+}

Micro.Auth.Api/GraphQL/Extensions/Tokens.cs

@@ -27,6 +27,7 @@ public static void ConfigureGraphQl(this IServiceCollection services)
             services.AddTransient<UserType>();
             services.AddTransient<AvailabilityResultType>();
             services.AddTransient<ResultType>();
+            services.AddTransient<TokensType>();
             services.AddTransient<RegisterInputType>();
             services.AddTransient<RefreshTokenType>();
             services.AddTransient<ChangePasswordInput>();