diff options
author | vnugent <public@vaughnnugent.com> | 2024-03-01 17:58:48 -0500 |
---|---|---|
committer | vnugent <public@vaughnnugent.com> | 2024-03-01 17:58:48 -0500 |
commit | 3883de080e263d2f076f65b4600a5021d3d64a21 (patch) | |
tree | e1eb27642da786fc562790b43ae47469f5dc368b /back-end/src/Endpoints/BmAccountEndpoint.cs | |
parent | e7dfedc8b67593b377f4a1c3b2cc213df5de2530 (diff) |
fix: merge latest package updates to fix registation
Diffstat (limited to 'back-end/src/Endpoints/BmAccountEndpoint.cs')
-rw-r--r-- | back-end/src/Endpoints/BmAccountEndpoint.cs | 35 |
1 files changed, 11 insertions, 24 deletions
diff --git a/back-end/src/Endpoints/BmAccountEndpoint.cs b/back-end/src/Endpoints/BmAccountEndpoint.cs index 9b57d39..e9401fa 100644 --- a/back-end/src/Endpoints/BmAccountEndpoint.cs +++ b/back-end/src/Endpoints/BmAccountEndpoint.cs @@ -79,7 +79,7 @@ namespace SimpleBookmark.Endpoints * long term exposure of a signing key. * */ - AuthMan = new JwtAuthManager(); + AuthMan = new JwtAuthManager(64); if(config.TryGetProperty("key_regen_interval_mins", p => p.GetTimeSpan(TimeParseType.Minutes), out TimeSpan regen)) { @@ -333,52 +333,39 @@ namespace SimpleBookmark.Endpoints return base.DeleteAsync(entity); } - private sealed class JwtAuthManager() : IIntervalScheduleable + private sealed class JwtAuthManager(int keySize) : IIntervalScheduleable { /* * Random signing keys are rotated on the configured expiration * interval. */ - private byte[] secretKey = RandomHash.GetRandomBytes(64); + private byte[] secretKey = RandomHash.GetRandomBytes(keySize); Task IIntervalScheduleable.OnIntervalAsync(ILogProvider log, CancellationToken cancellationToken) { - secretKey = RandomHash.GetRandomBytes(64); + secretKey = RandomHash.GetRandomBytes(keySize); return Task.CompletedTask; } - public void SignJwt(JsonWebToken jwt) - { - if (ManagedHash.IsAlgSupported(HashAlg.BlAKE2B)) - { - jwt.Sign(secretKey, HashAlg.BlAKE2B); - } - else if (ManagedHash.IsAlgSupported(HashAlg.SHA3_256)) - { - jwt.Sign(secretKey, HashAlg.SHA3_256); - } - else - { - //fallback to sha256 - jwt.Sign(secretKey, HashAlg.SHA256); - } - } + public void SignJwt(JsonWebToken jwt) => jwt.Sign(secretKey, GetHashAlg()); + + public bool VerifyJwt(JsonWebToken jwt) => jwt.Verify(secretKey, GetHashAlg()); - public bool VerifyJwt(JsonWebToken jwt) + private static HashAlg GetHashAlg() { if (ManagedHash.IsAlgSupported(HashAlg.BlAKE2B)) { - return jwt.Verify(secretKey, HashAlg.BlAKE2B); + return HashAlg.BlAKE2B; } else if (ManagedHash.IsAlgSupported(HashAlg.SHA3_256)) { - return jwt.Verify(secretKey, HashAlg.SHA3_256); + return HashAlg.SHA3_256; } else { //fallback to sha256 - return jwt.Verify(secretKey, HashAlg.SHA256); + return HashAlg.SHA256; } } } |