use roles instead of claims

CleanAspCore.Api.Tests/Features/Employees/CreateEmployeeTests.cs

@@ -17,7 +17,7 @@ public async Task CreateEmployee_IsAdded()
         });
 
         //Act
-        var response = await Sut.CreateClientFor<IEmployeeApiClient>(ClaimConstants.WriteEmployeesClaim).CreateEmployee(createEmployeeRequest);
+        var response = await Sut.CreateClientFor<IEmployeeApiClient>(ClaimConstants.WriteEmployeesRole).CreateEmployee(createEmployeeRequest);
 
         //Assert
         await response.AssertStatusCode(HttpStatusCode.Created);
@@ -64,7 +64,7 @@ public async Task CreateEmployee_InvalidRequest_ReturnsBadRequest(TestScenario<(
         });
 
         //Act
-        var response = await Sut.CreateClientFor<IEmployeeApiClient>(ClaimConstants.WriteEmployeesClaim).CreateEmployee(createEmployeeRequest);
+        var response = await Sut.CreateClientFor<IEmployeeApiClient>(ClaimConstants.WriteEmployeesRole).CreateEmployee(createEmployeeRequest);
 
         //Assert
         await response.AssertBadRequest(scenario.Input.expectedErrors);

CleanAspCore.Api.Tests/Features/Employees/DeleteEmployeeByIdTests.cs

@@ -15,7 +15,7 @@ public async Task DeleteEmployeeById_IsDeleted()
         });
 
         //Act
-        var response = await Sut.CreateClientFor<IEmployeeApiClient>(ClaimConstants.WriteEmployeesClaim).DeleteEmployeeById(employee.Id);
+        var response = await Sut.CreateClientFor<IEmployeeApiClient>(ClaimConstants.WriteEmployeesRole).DeleteEmployeeById(employee.Id);
 
         //Assert
         await response.AssertStatusCode(HttpStatusCode.NoContent);
@@ -29,7 +29,7 @@ public async Task DeleteEmployeeById_DoesNotExist_ReturnsNotFound()
         var id = Guid.NewGuid();
 
         //Act
-        var response = await Sut.CreateClientFor<IEmployeeApiClient>(ClaimConstants.WriteEmployeesClaim).DeleteEmployeeById(id);
+        var response = await Sut.CreateClientFor<IEmployeeApiClient>(ClaimConstants.WriteEmployeesRole).DeleteEmployeeById(id);
 
         //Assert
         await response.AssertStatusCode(HttpStatusCode.NotFound);

CleanAspCore.Api.Tests/Features/Employees/GetEmployeeByIdTests.cs

@@ -15,7 +15,7 @@ public async Task GetEmployeeById_ReturnsExpectedEmployee()
         });
 
         //Act
-        var response = await Sut.CreateClientFor<IEmployeeApiClient>(ClaimConstants.ReadEmployeesClaim).GetEmployeeById(employee.Id);
+        var response = await Sut.CreateClientFor<IEmployeeApiClient>(ClaimConstants.ReadEmployeesRole).GetEmployeeById(employee.Id);
 
         //Assert
         await response.AssertStatusCode(HttpStatusCode.OK);

CleanAspCore.Api.Tests/Features/Employees/IEmployeeApiClient.cs

@@ -8,6 +8,9 @@ public interface IEmployeeApiClient
     [Get("/employees/{id}")]
     Task<HttpResponseMessage> GetEmployeeById(Guid id);
 
+    [Get("/employees")]
+    Task<HttpResponseMessage> GetEmployees();
+
     [Post("/employees")]
     Task<HttpResponseMessage> CreateEmployee(CreateEmployeeRequest createEmployeeRequest);
 

CleanAspCore.Api.Tests/Features/Employees/UpdateEmployeeByIdTests.cs

@@ -18,7 +18,7 @@ public async Task UpdateEmployeeById_IsUpdated()
         };
 
         //Act
-        var response = await Sut.CreateClientFor<IEmployeeApiClient>(ClaimConstants.WriteEmployeesClaim).UpdateEmployeeById(employee.Id, updateEmployeeRequest);
+        var response = await Sut.CreateClientFor<IEmployeeApiClient>(ClaimConstants.WriteEmployeesRole).UpdateEmployeeById(employee.Id, updateEmployeeRequest);
 
         //Assert
         await response.AssertStatusCode(HttpStatusCode.NoContent);
@@ -47,7 +47,7 @@ public async Task UpdateEmployeeById_DoesNotExist_ReturnsNotFound()
         };
 
         //Act
-        var response = await Sut.CreateClientFor<IEmployeeApiClient>(ClaimConstants.WriteEmployeesClaim).UpdateEmployeeById(employee.Id, updateEmployeeRequest);
+        var response = await Sut.CreateClientFor<IEmployeeApiClient>(ClaimConstants.WriteEmployeesRole).UpdateEmployeeById(employee.Id, updateEmployeeRequest);
 
         //Assert
         await response.AssertStatusCode(HttpStatusCode.NotFound);

CleanAspCore.Api.Tests/TestSetup/ClaimConstants.cs

@@ -4,6 +4,6 @@ namespace CleanAspCore.Api.Tests.TestSetup;
 
 public static class ClaimConstants
 {
-    public static readonly Claim ReadEmployeesClaim = new("reademployees", string.Empty);
-    public static readonly Claim WriteEmployeesClaim = new("writeemployees", string.Empty);
+    public static readonly Claim ReadEmployeesRole = new(ClaimTypes.Role, "reademployees");
+    public static readonly Claim WriteEmployeesRole = new(ClaimTypes.Role, "writeemployees");
 }

CleanAspCore/Endpoints/Employees/EmployeeEndpointConfig.cs

@@ -10,8 +10,8 @@ internal static class EmployeeEndpointConfig
     internal static void AddEmployeeServices(this WebApplicationBuilder builder)
     {
         builder.Services.AddAuthorizationBuilder()
-            .AddPolicy(ReadEmployeesPolicy, policy => policy.RequireClaim("reademployees"))
-            .AddPolicy(WriteEmployeesPolicy, policy => policy.RequireClaim("writeemployees"));
+            .AddPolicy(ReadEmployeesPolicy, policy => policy.RequireRole("reademployees"))
+            .AddPolicy(WriteEmployeesPolicy, policy => policy.RequireRole("writeemployees"));
     }
 
     internal static void AddEmployeesRoutes(this IEndpointRouteBuilder host)

CleanAspCore/appsettings.Development.json

@@ -13,11 +13,10 @@
     "Schemes": {
       "Bearer": {
         "ValidAudiences": [
-          "https://localhost:7162",
-          "http://localhost:5015"
+          "https://localhost:7162"
         ],
         "ValidIssuer": "dotnet-user-jwts"
       }
     }
   }
-}
+}

Readme.md

@@ -1,7 +1,9 @@
 # Clean ASP.NET api template
+
 This is a template repository showing how one can implement a clean api with ASP.NET using minimal apis.
 
 Some 'features' in this template:
+
 - Vertical Slice architecture (grouping based on features instead of technical layers)
 - An easy to use and fast to run integration tests setup with the only dependency being docker with the use of [TestExamplesDotnet](https://github.com/Barsonax/TestExamplesDotnet)
 - Authentication and authorization using jwt tokens (also in the tests)
@@ -20,8 +22,9 @@ dotnet test
 1. First generate a jwt that you can use for local testing:
 
 ```cmd
-dotnet user-jwts create --claim "reademployees=" --claim "writeemployees="
+dotnet user-jwts create --role "reademployees" --role "writeemployees"
 ```
+
 NOTE: The jobs and department endpoints only require authentication but the employee endpoints require that you have the correct claims in the jwt token.
 
 2. Run the database using the provided docker-compose.yaml.