diff options
Diffstat (limited to 'plugins/VNLib.Plugins.Essentials.Auth.Social/src/OauthClientConfig.cs')
| -rw-r--r-- | plugins/VNLib.Plugins.Essentials.Auth.Social/src/OauthClientConfig.cs | 148 |
1 files changed, 148 insertions, 0 deletions
diff --git a/plugins/VNLib.Plugins.Essentials.Auth.Social/src/OauthClientConfig.cs b/plugins/VNLib.Plugins.Essentials.Auth.Social/src/OauthClientConfig.cs new file mode 100644 index 0000000..a3b43ad --- /dev/null +++ b/plugins/VNLib.Plugins.Essentials.Auth.Social/src/OauthClientConfig.cs @@ -0,0 +1,148 @@ +/* +* Copyright (c) 2024 Vaughn Nugent +* +* Library: VNLib +* Package: VNLib.Plugins.Essentials.Auth.Social +* File: OauthClientConfig.cs +* +* OauthClientConfig.cs is part of VNLib.Plugins.Essentials.Auth.Social which is part of the larger +* VNLib collection of libraries and utilities. +* +* VNLib.Plugins.Essentials.Auth.Social is free software: you can redistribute it and/or modify +* it under the terms of the GNU Affero General Public License as +* published by the Free Software Foundation, either version 3 of the +* License, or (at your option) any later version. +* +* VNLib.Plugins.Essentials.Auth.Social is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU Affero General Public License for more details. +* +* You should have received a copy of the GNU Affero General Public License +* along with this program. If not, see https://www.gnu.org/licenses/. +*/ + +using System; +using System.Net; +using System.Collections.Generic; + +using VNLib.Utils.Logging; +using VNLib.Utils.Extensions; +using VNLib.Plugins.Extensions.Loading; + +namespace VNLib.Plugins.Essentials.Auth.Social +{ + + /// <summary> + /// Contains the standard configuration data for an OAuth2 endpoint + /// defined by plugin configuration + /// </summary> + public sealed class OauthClientConfig + { + + public OauthClientConfig(PluginBase plugin, IConfigScope config) + { + EndpointPath = config["path"].GetString() ?? throw new KeyNotFoundException($"Missing required key 'path' in config {config.ScopeName}"); + + //Set discord account origin + AccountOrigin = config["account_origin"].GetString() ?? throw new KeyNotFoundException($"Missing required key 'account_origin' in config {config.ScopeName}"); + + //Get the auth and token urls + string authUrl = config["authorization_url"].GetString() ?? throw new KeyNotFoundException($"Missing required key 'authorization_url' in config {config.ScopeName}"); + string tokenUrl = config["token_url"].GetString() ?? throw new KeyNotFoundException($"Missing required key 'token_url' in config {config.ScopeName}"); + string userUrl = config["user_data_url"].GetString() ?? throw new KeyNotFoundException($"Missing required key 'user_data_url' in config {config.ScopeName}"); + //Create the uris + AccessCodeUrl = new(authUrl); + AccessTokenUrl = new(tokenUrl); + UserDataUrl = new(userUrl); + + AllowForLocalAccounts = config["allow_for_local"].GetBoolean(); + AllowRegistration = config["allow_registration"].GetBoolean(); + NonceByteSize = config["nonce_size"].GetUInt32(); + RandomPasswordSize = config["password_size"].GetInt32(); + InitClaimValidFor = config["claim_valid_for_sec"].GetTimeSpan(TimeParseType.Seconds); + + //Setup async lazy loaders for secrets + ClientID = plugin.GetSecretAsync($"{config.ScopeName}_client_id") + .ToLazy(static r => r.Result.ToString()); + + ClientSecret = plugin.GetSecretAsync($"{config.ScopeName}_client_secret") + .ToLazy(static r => r.Result.ToString()); + + //Log the token server ip address for the user to verify + if (plugin.Log.IsEnabled(LogLevel.Verbose)) + { + _ = plugin.ObserveWork(async () => + { + IPAddress[] addresses = await Dns.GetHostAddressesAsync(AccessTokenUrl.DnsSafeHost); + plugin.Log.Verbose("Token server {host} resolves to {ip}", AccessTokenUrl.DnsSafeHost, addresses); + }); + } + } + + /// <summary> + /// The client ID for the OAuth2 service + /// </summary> + public IAsyncLazy<string> ClientID { get; } + + /// <summary> + /// The client secret for the OAuth2 service + /// </summary> + public IAsyncLazy<string> ClientSecret { get; } + + + /// <summary> + /// The user-account origin value. Specifies that the user account + /// was created outside of the local account system + /// </summary> + public string AccountOrigin { get; } + + /// <summary> + /// The URL to redirect the user to the OAuth2 service + /// to begin the authentication process + /// </summary> + public Uri AccessCodeUrl { get; } + + /// <summary> + /// The remote endoint to exchange codes for access tokens + /// </summary> + public Uri AccessTokenUrl { get; } + + /// <summary> + /// The endpoint to get user-data object from + /// </summary> + public Uri UserDataUrl { get; } + + /// <summary> + /// The endpoint route/path + /// </summary> + public string EndpointPath { get; } + + /// <summary> + /// The size (in bytes) of the random generated nonce + /// </summary> + public uint NonceByteSize { get; } + + /// <summary> + /// A value that specifies if locally created accounts are allowed + /// to be logged in from an OAuth2 source + /// </summary> + public bool AllowForLocalAccounts { get; } + + /// <summary> + /// A value that indicates if accounts that do not exist will be created + /// and logged in immediatly, on successfull OAuth2 flow + /// </summary> + public bool AllowRegistration { get; } + + /// <summary> + /// The size (in bytes) of the random password generated for new users + /// </summary> + public int RandomPasswordSize { get; } + + /// <summary> + /// The initial time the login claim is valid for + /// </summary> + public TimeSpan InitClaimValidFor { get; } + } +} |