diff options
Diffstat (limited to 'plugins/VNLib.Plugins.Essentials.SocialOauth/src/Endpoints/Auth0.cs')
-rw-r--r-- | plugins/VNLib.Plugins.Essentials.SocialOauth/src/Endpoints/Auth0.cs | 28 |
1 files changed, 21 insertions, 7 deletions
diff --git a/plugins/VNLib.Plugins.Essentials.SocialOauth/src/Endpoints/Auth0.cs b/plugins/VNLib.Plugins.Essentials.SocialOauth/src/Endpoints/Auth0.cs index c7512b7..586ef96 100644 --- a/plugins/VNLib.Plugins.Essentials.SocialOauth/src/Endpoints/Auth0.cs +++ b/plugins/VNLib.Plugins.Essentials.SocialOauth/src/Endpoints/Auth0.cs @@ -50,7 +50,7 @@ namespace VNLib.Plugins.Essentials.SocialOauth.Endpoints protected override OauthClientConfig Config { get; } - private readonly Task<JsonDocument> Auth0VerificationJwk; + private readonly Task<ReadOnlyJsonWebKey[]> Auth0VerificationJwk; public Auth0(PluginBase plugin, IReadOnlyDictionary<string, JsonElement> config) : base() { @@ -88,7 +88,7 @@ namespace VNLib.Plugins.Essentials.SocialOauth.Endpoints } - private async Task<JsonDocument> GetRsaCertificate(Uri certUri) + private async Task<ReadOnlyJsonWebKey[]> GetRsaCertificate(Uri certUri) { try { @@ -98,13 +98,27 @@ namespace VNLib.Plugins.Essentials.SocialOauth.Endpoints keyRequest.AddHeader("Accept", "application/json"); //rent client from pool - using ClientContract client = ClientPool.Lease(); - - RestResponse response = await client.Resource.ExecuteAsync(keyRequest); + RestResponse response; + + using (ClientContract client = ClientPool.Lease()) + { + response = await client.Resource.ExecuteAsync(keyRequest); + } response.ThrowIfError(); - return JsonDocument.Parse(response.RawBytes); + //Get response as doc + using JsonDocument doc = JsonDocument.Parse(response.RawBytes); + + //Create a new jwk from each key element in the response + ReadOnlyJsonWebKey[] keys = doc.RootElement.GetProperty("keys") + .EnumerateArray() + .Select(static k => new ReadOnlyJsonWebKey(k)) + .ToArray(); + + Log.Debug("Found {count} Auth0 signing keys", keys.Length); + + return keys; } catch (Exception e) { @@ -159,7 +173,7 @@ namespace VNLib.Plugins.Essentials.SocialOauth.Endpoints using JsonWebToken jwt = JsonWebToken.Parse(clientAccess.IdToken); //Verify the token against the first signing key - if (!jwt.VerifyFromJwk(Auth0VerificationJwk.Result.RootElement.GetProperty("keys").EnumerateArray().First())) + if (!jwt.VerifyFromJwk(Auth0VerificationJwk.Result[0])) { return EmptyLoginData; } |