feat: implement RedisTokenService for JWT token storage and validation

Author: osm-Jatin

OsmoDoc.API/Program.cs

@@ -1,4 +1,3 @@
-using OsmoDoc.API.Models;
 using Microsoft.AspNetCore.Mvc;
 using Serilog.Events;
 using Serilog;
@@ -10,6 +9,10 @@
 using System.Text;
 using Swashbuckle.AspNetCore.Filters;
 using OsmoDoc.Pdf;
+using StackExchange.Redis;
+using OsmoDoc.API.Models;
+using OsmoDoc.Services;
+using System.IdentityModel.Tokens.Jwt;
 
 WebApplicationBuilder builder = WebApplication.CreateBuilder(args);
 
@@ -32,6 +35,12 @@
     builder.Configuration.GetSection("STATIC_FILE_PATHS:HTML_TO_PDF_TOOL").Value!
 );
 
+// Register REDIS service
+builder.Services.AddSingleton<IConnectionMultiplexer>(
+    ConnectionMultiplexer.Connect(Environment.GetEnvironmentVariable("REDIS_URL") ?? throw new Exception("No REDIS URL specified"))
+);
+builder.Services.AddScoped<IRedisTokenStoreService, RedisTokenStoreService>();
+
 // Configure request size limit
 long requestBodySizeLimitBytes = Convert.ToInt64(builder.Configuration.GetSection("CONFIG:REQUEST_BODY_SIZE_LIMIT_BYTES").Value);
 
@@ -101,6 +110,21 @@
             return true;
         }
     };
+
+    options.Events = new JwtBearerEvents
+    {
+        OnTokenValidated = async context =>
+        {
+            IRedisTokenStoreService tokenStore = context.HttpContext.RequestServices.GetRequiredService<IRedisTokenStoreService>();
+            JwtSecurityToken? token = context.SecurityToken as JwtSecurityToken;
+            string tokenString = context.Request.Headers["Authorization"].ToString().Replace("bearer ", "");
+
+            if (!await tokenStore.IsTokenValidAsync(tokenString))
+            {
+                context.Fail("Token has been revoked.");
+            }
+        }
+    };
 });
 
 // Configure Error Response from Model Validations

OsmoDoc/Services/Interfaces/IRedisTokenStoreService.cs

@@ -0,0 +1,10 @@
+using System.Threading.Tasks;
+
+namespace OsmoDoc.Services;
+
+public interface IRedisTokenStoreService
+{
+    Task StoreTokenAsync(string token, string email);
+    Task<bool> IsTokenValidAsync(string token);
+    Task RevokeTokenAsync(string token);
+}

OsmoDoc/Services/RedisTokenStoreService.cs

@@ -0,0 +1,35 @@
+using System;
+using System.Threading.Tasks;
+using Newtonsoft.Json;
+using StackExchange.Redis;
+
+namespace OsmoDoc.Services;
+
+public class RedisTokenStoreService : IRedisTokenStoreService
+{
+    private readonly IDatabase _db;
+    private const string KeyPrefix = "valid_token:";
+
+    public RedisTokenStoreService(IConnectionMultiplexer redis)
+    {
+        this._db = redis.GetDatabase();
+    }
+
+    public Task StoreTokenAsync(string token, string email)
+    {
+        return this._db.StringSetAsync($"{KeyPrefix}{token}", JsonConvert.SerializeObject(new {
+            issuedTo = email,
+            issuedAt = DateTime.UtcNow
+        }));
+    }
+
+    public Task<bool> IsTokenValidAsync(string token)
+    {
+        return this._db.KeyExistsAsync($"{KeyPrefix}{token}");
+    }
+
+    public Task RevokeTokenAsync(string token)
+    {
+        return this._db.KeyDeleteAsync($"{KeyPrefix}{token}");
+    }
+}