add spa proxy project

UseProxyToSpaDevelopmentServer /Server/Api/Api.csproj

@@ -0,0 +1,15 @@
+<Project Sdk="Microsoft.NET.Sdk.Web">
+
+    <PropertyGroup>
+        <TargetFramework>net8.0</TargetFramework>
+        <Nullable>enable</Nullable>
+        <ImplicitUsings>enable</ImplicitUsings>
+    </PropertyGroup>
+
+    <ItemGroup>
+        <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.8" />
+        <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="8.0.8"/>
+        <PackageReference Include="Swashbuckle.AspNetCore" Version="6.4.0"/>
+    </ItemGroup>
+
+</Project>

UseProxyToSpaDevelopmentServer /Server/Api/Api.http

@@ -0,0 +1,6 @@
+@Api_HostAddress = http://localhost:5008
+
+GET {{Api_HostAddress}}/weatherforecast/
+Accept: application/json
+
+###

UseProxyToSpaDevelopmentServer /Server/Api/Authorization/AuthorizationPolicyBuilderExtensions.cs

@@ -0,0 +1,12 @@
+using Microsoft.AspNetCore.Authorization;
+
+namespace Api.Authorization
+{
+    public static class AuthorizationPolicyBuilderExtensions
+    {
+        public static AuthorizationPolicyBuilder RequireScope(this AuthorizationPolicyBuilder builder, string scope)
+        {
+            return builder.AddRequirements(new ScopeRequirement(scope));
+        }
+    }
+}

UseProxyToSpaDevelopmentServer /Server/Api/Authorization/ScopeHandler.cs

@@ -0,0 +1,26 @@
+using Microsoft.AspNetCore.Authorization;
+
+namespace Api.Authorization
+{
+    public class ScopeHandler :
+             AuthorizationHandler<ScopeRequirement>
+    {
+        protected override Task HandleRequirementAsync(
+          AuthorizationHandlerContext context,
+          ScopeRequirement requirement)
+        {
+            if (context is null)
+            {
+                throw new ArgumentNullException(nameof(context));
+            }
+
+            var success = context.User.Claims.Any(c => c.Type == "scope" && 
+                c.Value.Contains(requirement.Scope));
+
+            if (success)
+                context.Succeed(requirement);
+
+            return Task.CompletedTask;
+        }
+    }
+}

UseProxyToSpaDevelopmentServer /Server/Api/Authorization/ScopeRequirement.cs

@@ -0,0 +1,18 @@
+using Microsoft.AspNetCore.Authorization;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace Api.Authorization
+{
+    public class ScopeRequirement : IAuthorizationRequirement
+    {
+        public string Scope { get; private set; }
+
+        public ScopeRequirement(string scope)
+        {
+            Scope = scope;
+        }
+    }
+}

UseProxyToSpaDevelopmentServer /Server/Api/Controllers/WeatherForecastController.cs

@@ -0,0 +1,36 @@
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+
+namespace Api.Controllers
+{
+    [ApiController]
+    [Route("api/[controller]")]
+    public class WeatherForecastController : ControllerBase
+    {
+        private static readonly string[] Summaries = new[]
+        {
+            "Freezing", "Bracing", "Chilly", "Cool", "Mild", "Warm", "Balmy", "Hot", "Sweltering", "Scorching"
+        };
+
+        private readonly ILogger<WeatherForecastController> _logger;
+
+        public WeatherForecastController(ILogger<WeatherForecastController> logger)
+        {
+            _logger = logger;
+        }
+
+        [HttpGet]
+        [Authorize("read:weather")]
+        public IEnumerable<WeatherForecast> Get()
+        {
+            var rng = new Random();
+            return Enumerable.Range(1, 5).Select(index => new WeatherForecast
+            {
+                Date = DateTime.Now.AddDays(index),
+                TemperatureC = rng.Next(-20, 55),
+                Summary = Summaries[rng.Next(Summaries.Length)]
+            })
+            .ToArray();
+        }
+    }
+}

UseProxyToSpaDevelopmentServer /Server/Api/Program.cs

@@ -0,0 +1,94 @@
+using Api.Authorization;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.OpenApi.Models;
+
+var builder = WebApplication.CreateBuilder(args);
+
+// Add services to the container.
+// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
+builder.Services.AddEndpointsApiExplorer();
+builder.Services.AddSwaggerGen();
+
+var authentication = builder.Services
+    .AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
+    .AddJwtBearer("Bearer", c =>
+    {
+        c.Authority = $"https://{builder.Configuration.GetSection("Auth0:Domain").Value}";
+        c.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
+        {
+            ValidateAudience = true,
+            ValidAudiences = builder.Configuration.GetSection("Auth0:Audience").Value.Split(";"),
+            ValidateIssuer = true,
+            ValidIssuer = $"https://{builder.Configuration.GetSection("Auth0:Domain").Value}",
+            ClockSkew = TimeSpan.Zero
+        };
+    });
+
+builder.Services.AddControllers();
+builder.Services.AddSwaggerGen(c =>
+{
+    c.SwaggerDoc("v1", new OpenApiInfo { Title = "Api", Version = "v1" });
+});
+
+builder.Services.AddSingleton<IAuthorizationHandler, ScopeHandler>();
+
+builder.Services.AddAuthorization(o =>
+{
+    o.AddPolicy("read:weather", p => p.
+        RequireAuthenticatedUser().
+        RequireScope("read:weather"));
+});
+
+var app = builder.Build();
+
+// Configure the HTTP request pipeline.
+if (app.Environment.IsDevelopment())
+{
+    app.UseSwagger();
+    app.UseSwaggerUI();
+}
+
+app.UseHttpsRedirection();
+
+var summaries = new[]
+{
+    "Freezing", "Bracing", "Chilly", "Cool", "Mild", "Warm", "Balmy", "Hot", "Sweltering", "Scorching"
+};
+
+// app.MapGet("/weatherforecast", () =>
+//     {
+//         var forecast = Enumerable.Range(1, 5).Select(index =>
+//                 new WeatherForecast
+//                 (
+//                     DateOnly.FromDateTime(DateTime.Now.AddDays(index)),
+//                     Random.Shared.Next(-20, 55),
+//                     summaries[Random.Shared.Next(summaries.Length)]
+//                 ))
+//             .ToArray();
+//         return forecast;
+//     })
+//     .WithName("GetWeatherForecast")
+//     .WithOpenApi();
+
+
+app.UseHttpsRedirection();
+
+app.UseRouting();
+
+app.UseAuthentication();
+
+app.UseAuthorization();
+
+app.UseEndpoints(endpoints =>
+{
+    endpoints.MapControllers();
+});
+
+
+await app.RunAsync();
+
+record WeatherForecast(DateOnly Date, int TemperatureC, string? Summary)
+{
+    public int TemperatureF => 32 + (int)(TemperatureC / 0.5556);
+}

UseProxyToSpaDevelopmentServer /Server/Api/Properties/launchSettings.json

@@ -0,0 +1,41 @@
+{
+  "$schema": "http://json.schemastore.org/launchsettings.json",
+  "iisSettings": {
+    "windowsAuthentication": false,
+    "anonymousAuthentication": true,
+    "iisExpress": {
+      "applicationUrl": "http://localhost:33387",
+      "sslPort": 44308
+    }
+  },
+  "profiles": {
+    "http": {
+      "commandName": "Project",
+      "dotnetRunMessages": true,
+      "launchBrowser": true,
+      "launchUrl": "swagger",
+      "applicationUrl": "http://localhost:5008",
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      }
+    },
+    "https": {
+      "commandName": "Project",
+      "dotnetRunMessages": true,
+      "launchBrowser": true,
+      "launchUrl": "swagger",
+      "applicationUrl": "https://localhost:7009;http://localhost:5008",
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      }
+    },
+    "IIS Express": {
+      "commandName": "IISExpress",
+      "launchBrowser": true,
+      "launchUrl": "swagger",
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      }
+    }
+  }
+}

UseProxyToSpaDevelopmentServer /Server/Api/WeatherForecast.cs

@@ -0,0 +1,15 @@
+using System;
+
+namespace Api
+{
+    public class WeatherForecast
+    {
+        public DateTime Date { get; set; }
+
+        public int TemperatureC { get; set; }
+
+        public int TemperatureF => 32 + (int)(TemperatureC / 0.5556);
+
+        public string Summary { get; set; }
+    }
+}

UseProxyToSpaDevelopmentServer /Server/Api/appsettings.Development.json

@@ -0,0 +1,8 @@
+{
+  "Logging": {
+    "LogLevel": {
+      "Default": "Information",
+      "Microsoft.AspNetCore": "Warning"
+    }
+  }
+}

UseProxyToSpaDevelopmentServer /Server/Api/appsettings.json

@@ -0,0 +1,13 @@
+{
+  "Logging": {
+    "LogLevel": {
+      "Default": "Information",
+      "Microsoft.AspNetCore": "Warning"
+    }
+  },
+  "AllowedHosts": "*",
+  "Auth0": {
+    "Domain": "",
+    "Audience": "https://weatherforecast"
+  }
+}