Use configs rather than hardcode + .env example

docker-compose.yml

@@ -9,7 +9,7 @@ services:
       - ASPNETCORE_ENVIRONMENT=Development
       - ConnectionStrings__DefaultConnection=Server=${SQL_SERVER};Database=${SQL_DATABASE};User Id=${SQL_USER_ID};Password=${SQL_PASSWORD};Encrypt=false;TrustServerCertificate=true;MultipleActiveResultSets=true;
       - ASPNETCORE_URLS=http://+:8080
-      - Auth0__Domain=${AUTH0_ISSUER_BASE_URL}
+      - Auth0__Authority=${AUTH0_DOMAIN}
       - Auth0__Audience=${AUTH0_AUDIENCE}
     depends_on:
       - mssql
@@ -32,7 +32,7 @@ services:
       - AUTH0_CLIENT_ID=${AUTH0_CLIENT_ID}
       - AUTH0_CLIENT_SECRET=${AUTH0_CLIENT_SECRET}
       - AUTH0_AUDIENCE=${AUTH0_AUDIENCE}
-      - AUTH0_SCOPE=openid profile email read:shows
+      - AUTH0_SCOPE=${AUTH0_SCOPE}
       - NEXT_PUBLIC_API_URL=${NEXT_PUBLIC_API_URL}
       - NEXT_PUBLIC_AUTH0_CLIENT_ID=${NEXT_PUBLIC_AUTH0_CLIENT_ID}
       - NEXT_PUBLIC_AUTH0_DOMAIN=${NEXT_PUBLIC_AUTH0_DOMAIN}

src/Imprink.WebApi/Startup.cs

@@ -1,4 +1,3 @@
-using System.Security.Claims;
 using Imprink.Application;
 using Imprink.Application.Products.Handlers;
 using Imprink.Domain.Repositories;
@@ -7,7 +6,6 @@ using Imprink.Infrastructure.Database;
 using Imprink.Infrastructure.Repositories;
 using Microsoft.AspNetCore.Authentication.JwtBearer;
 using Microsoft.EntityFrameworkCore;
-using Microsoft.IdentityModel.Tokens;
 
 namespace Imprink.WebApi;
 
@@ -32,18 +30,17 @@ public static class Startup
             cfg.RegisterServicesFromAssembly(typeof(CreateProductHandler).Assembly);
         });
         
-        services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
+        services.AddAuthentication(options =>
-            .AddJwtBearer(options =>
+        {
-            {
+            options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
-                options.Authority = $"https://{builder.Configuration["Auth0:Domain"]}/";
+            options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
-                options.Audience = builder.Configuration["Auth0:Audience"];
+        }).AddJwtBearer(options =>
-                options.TokenValidationParameters = new TokenValidationParameters
+        {
-                {
+            options.Authority = builder.Configuration["Auth0:Authority"];
-                    NameClaimType = ClaimTypes.NameIdentifier
+            options.Audience = builder.Configuration["Auth0:Audience"];
-                };
+        });
-            });
 
-        builder.Services.AddAuthorization();
+        services.AddAuthorization();
 
         services.AddControllers();
         services.AddSwaggerGen();
@@ -66,25 +63,20 @@ public static class Startup
             }
         }
         
-        // if (env.IsDevelopment())
+        if (env.IsDevelopment())
-        // {
+        {
-        //     app.UseSwagger();
+            app.UseSwagger();
-        //     app.UseSwaggerUI();
+            app.UseSwaggerUI();
-        //     app.UseDeveloperExceptionPage();
+            app.UseDeveloperExceptionPage();
-        // }
+        }
-        // else
+        else
-        // {
+        {
-        //     app.UseExceptionHandler("/Error");
+            app.UseExceptionHandler("/Error");
-        //     app.UseHsts();
+            app.UseHsts();
-        //     app.UseHttpsRedirection();
+            app.UseHttpsRedirection();
-        // }
+        }
-        
-        app.UseSwagger();
-        app.UseSwaggerUI();
-        app.UseDeveloperExceptionPage();
 
         app.UseRouting();
-        
         app.UseAuthentication();
         app.UseAuthorization();
 

webui/src/lib/auth0.js

@@ -2,7 +2,7 @@ import { Auth0Client } from "@auth0/nextjs-auth0/server";
 
 export const auth0 = new Auth0Client({
     authorizationParameters: {
-        scope: 'openid profile email',
+        scope: process.env.AUTH0_SCOPE,
-        audience: 'imprink-front'
+        audience: process.env.AUTH0_AUDIENCE
     }
 });