diff options
author | vnugent <public@vaughnnugent.com> | 2023-10-18 21:51:34 -0400 |
---|---|---|
committer | vnugent <public@vaughnnugent.com> | 2023-10-18 21:51:34 -0400 |
commit | f44cdf8f2685c37e5a1d77018a5227942b578863 (patch) | |
tree | 70820eef3328c4269c46dcc4f129f1b798f56666 /lib/Plugins.Essentials/src/Accounts | |
parent | 44a05ac3854d6cd0fa65d8ffc0f6efe7abfc87ad (diff) |
account and endpoint security updates
Diffstat (limited to 'lib/Plugins.Essentials/src/Accounts')
3 files changed, 10 insertions, 47 deletions
diff --git a/lib/Plugins.Essentials/src/Accounts/AccountUtils.cs b/lib/Plugins.Essentials/src/Accounts/AccountUtils.cs index 259f52a..a5fb074 100644 --- a/lib/Plugins.Essentials/src/Accounts/AccountUtils.cs +++ b/lib/Plugins.Essentials/src/Accounts/AccountUtils.cs @@ -387,7 +387,7 @@ namespace VNLib.Plugins.Essentials.Accounts IClientAuthorization auth = GenerateAuthorization(entity, secInfo, user); //Set client token - response.Token = auth.SecurityToken.ClientToken; + response.Token = auth.GetClientAuthDataString(); } /// <summary> @@ -421,7 +421,7 @@ namespace VNLib.Plugins.Essentials.Accounts IClientAuthorization auth = prov.ReAuthorizeClient(entity); //Store the client token in response message - response.Token = auth.SecurityToken.ClientToken; + response.Token = auth.GetClientAuthDataString(); //Regen session id also entity.Session.RegenID(); diff --git a/lib/Plugins.Essentials/src/Accounts/ClientSecurityToken.cs b/lib/Plugins.Essentials/src/Accounts/ClientSecurityToken.cs deleted file mode 100644 index 0d81344..0000000 --- a/lib/Plugins.Essentials/src/Accounts/ClientSecurityToken.cs +++ /dev/null @@ -1,41 +0,0 @@ -/* -* Copyright (c) 2023 Vaughn Nugent -* -* Library: VNLib -* Package: VNLib.Plugins.Essentials -* File: ClientSecurityToken.cs -* -* ClientSecurityToken.cs is part of VNLib.Plugins.Essentials which is part -* of the larger VNLib collection of libraries and utilities. -* -* VNLib.Plugins.Essentials is free software: you can redistribute it and/or modify -* it under the terms of the GNU Affero General Public License as -* published by the Free Software Foundation, either version 3 of the -* License, or (at your option) any later version. -* -* VNLib.Plugins.Essentials is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -* GNU Affero General Public License for more details. -* -* You should have received a copy of the GNU Affero General Public License -* along with this program. If not, see https://www.gnu.org/licenses/. -*/ - - -namespace VNLib.Plugins.Essentials.Accounts -{ - /// <summary> - /// A structure that contains the client/server information - /// for client/server authorization - /// </summary> - /// <param name="ClientToken"> - /// The public portion of the token to send to the client - /// </param> - /// <param name="ServerToken"> - /// The secret portion of the token that is to be - /// stored on the server (usually in the client's session) - /// </param> - public readonly record struct ClientSecurityToken(string ClientToken, string ServerToken) - { } -}
\ No newline at end of file diff --git a/lib/Plugins.Essentials/src/Accounts/IClientAuthorization.cs b/lib/Plugins.Essentials/src/Accounts/IClientAuthorization.cs index 73f97c0..608c639 100644 --- a/lib/Plugins.Essentials/src/Accounts/IClientAuthorization.cs +++ b/lib/Plugins.Essentials/src/Accounts/IClientAuthorization.cs @@ -31,13 +31,17 @@ namespace VNLib.Plugins.Essentials.Accounts public interface IClientAuthorization { /// <summary> - /// A security token that may be set as a cookie or used + /// Gets the client specific authorization data as a string, may be serialized + /// and will be sent to the client. /// </summary> - string? LoginSecurityString { get; } + /// <returns>A string representation of the client's authorization data</returns> + string GetClientAuthDataString(); /// <summary> - /// The clients security token information + /// Gets the client specific authorization data raw object and may be serialized + /// as needed. /// </summary> - ClientSecurityToken SecurityToken { get; } + /// <returns>The authorization object to send to the client</returns> + object GetClientAuthData(); } }
\ No newline at end of file |