diff options
author | vnugent <public@vaughnnugent.com> | 2024-02-14 14:29:25 -0500 |
---|---|---|
committer | vnugent <public@vaughnnugent.com> | 2024-02-14 14:29:25 -0500 |
commit | 3e2adf39ac884af8e2bd3c94e0a1ce3e08dd113a (patch) | |
tree | 055939564167e0f3c008409e68392cab4aa9c91f | |
parent | e59b62516b4b9fce054b2d5833b27c85f3617974 (diff) |
Squashed commit of the following:
commit 71d6fb8c038adafa4a3a943cb0218cd234ef01ae
Author: vnugent <public@vaughnnugent.com>
Date: Mon Feb 12 20:12:28 2024 -0500
refactor: update to latest sql changes and remove untested oauth feature
commit 6941b12b44ccb1c184d9b6e33fbe19c72a0b3428
Author: vnugent <public@vaughnnugent.com>
Date: Sun Feb 4 01:30:26 2024 -0500
submit pending changes
3 files changed, 18 insertions, 67 deletions
diff --git a/libs/VNLib.Plugins.Sessions.OAuth/src/Endpoints/AccessTokenEndpoint.cs b/libs/VNLib.Plugins.Sessions.OAuth/src/Endpoints/AccessTokenEndpoint.cs index dc0530f..b73a7eb 100644 --- a/libs/VNLib.Plugins.Sessions.OAuth/src/Endpoints/AccessTokenEndpoint.cs +++ b/libs/VNLib.Plugins.Sessions.OAuth/src/Endpoints/AccessTokenEndpoint.cs @@ -1,5 +1,5 @@ /* -* Copyright (c) 2023 Vaughn Nugent +* Copyright (c) 2024 Vaughn Nugent * * Library: VNLib * Package: VNLib.Plugins.Essentials.Sessions.OAuth @@ -24,11 +24,9 @@ using System; using System.Net; -using System.Text.Json; using System.Threading.Tasks; using VNLib.Utils.Memory; -using VNLib.Hashing.IdentityUtility; using VNLib.Plugins.Essentials; using VNLib.Plugins.Essentials.Oauth; using VNLib.Plugins.Essentials.Endpoints; @@ -50,7 +48,6 @@ namespace VNLib.Plugins.Sessions.OAuth.Endpoints { private readonly IApplicationTokenFactory TokenFactory; private readonly ApplicationStore Applications; - private readonly IAsyncLazy<ReadOnlyJsonWebKey?> JWTVerificationKey; //override protection settings to allow most connections to authenticate ///<inheritdoc/> @@ -68,9 +65,6 @@ namespace VNLib.Plugins.Sessions.OAuth.Endpoints TokenFactory = tokenFactory; Applications = new(pbase.GetContextOptions(), pbase.GetOrCreateSingleton<ManagedPasswordHashing>()); - - //Try to get the application token key for verifying signed application JWTs - JWTVerificationKey = pbase.TryGetSecretAsync("application_token_key").ToJsonWebKey().AsLazy(); } @@ -82,19 +76,6 @@ namespace VNLib.Plugins.Sessions.OAuth.Endpoints //process a refresh token } - //See if we have an application authorized with JWT - else if (entity.RequestArgs.IsArgumentSet("grant_type", "application")) - { - if(entity.RequestArgs.TryGetNonEmptyValue("token", out string? appJwt)) - { - //Try to get and verify the app - UserApplication? app = GetApplicationFromJwt(appJwt); - - //generate token - return await GenerateTokenAsync(entity, app); - } - } - //Check for grant_type parameter from the request body else if (entity.RequestArgs.IsArgumentSet("grant_type", "client_credentials")) { @@ -121,10 +102,10 @@ namespace VNLib.Plugins.Sessions.OAuth.Endpoints secret = secret.ToLower(null); //Convert secret to private string that is unreferrenced - using PrivateString secretPv = new(secret, false); + using PrivateString secretPv = PrivateString.ToPrivateString(secret, false)!; //Get the application from apps store - UserApplication? app = await Applications.VerifyAppAsync(clientId, secretPv); + UserApplication? app = await Applications.VerifyAppAsync(clientId, secretPv, entity.EventCancellation); return await GenerateTokenAsync(entity, app); } @@ -135,35 +116,6 @@ namespace VNLib.Plugins.Sessions.OAuth.Endpoints return VfReturnType.VirtualSkip; } - private UserApplication? GetApplicationFromJwt(string jwtData) - { - ReadOnlyJsonWebKey? verificationKey = JWTVerificationKey.Value; - - //Not enabled - if (verificationKey == null) - { - return null; - } - - //Parse application token - using JsonWebToken jwt = JsonWebToken.Parse(jwtData); - - //verify the application jwt - if (!jwt.VerifyFromJwk(verificationKey)) - { - return null; - } - - using JsonDocument doc = jwt.GetPayload(); - - //Get expiration time - DateTimeOffset exp = doc.RootElement.GetProperty("exp").GetDateTimeOffset(); - - //Check if token is expired - return exp < DateTimeOffset.UtcNow ? null : UserApplication.FromJwtDoc(doc.RootElement); - } - - private async Task<VfReturnType> GenerateTokenAsync(HttpEntity entity, UserApplication? app) { if (app == null) diff --git a/libs/VNLib.Plugins.Sessions.VNCache/src/WebSessionStore.cs b/libs/VNLib.Plugins.Sessions.VNCache/src/WebSessionStore.cs index ec515f6..aa908f1 100644 --- a/libs/VNLib.Plugins.Sessions.VNCache/src/WebSessionStore.cs +++ b/libs/VNLib.Plugins.Sessions.VNCache/src/WebSessionStore.cs @@ -1,5 +1,5 @@ /* -* Copyright (c) 2023 Vaughn Nugent +* Copyright (c) 2024 Vaughn Nugent * * Library: VNLib * Package: VNLib.Plugins.Essentials.Sessions.VNCache @@ -44,9 +44,16 @@ namespace VNLib.Plugins.Sessions.VNCache private ILogProvider? baseLog; + ///<inheritdoc/> protected override ISessionIdFactory IdFactory { get; } + + ///<inheritdoc/> protected override IRemoteCacheStore Cache { get; } + + ///<inheritdoc/> protected override ISessionFactory<WebSession> SessionFactory { get; } + + ///<inheritdoc/> protected override ILogProvider Log => baseLog!; public WebSessionStore(PluginBase plugin, IConfigScope config) @@ -86,6 +93,7 @@ namespace VNLib.Plugins.Sessions.VNCache /// </summary> public bool IsConnected => Cache.IsConnected; + ///<inheritdoc/> public override ValueTask ReleaseSessionAsync(WebSession session, IHttpEvent entity) { //Get status flags first diff --git a/plugins/SessionProvider/src/SessionProviderEntry.cs b/plugins/SessionProvider/src/SessionProviderEntry.cs index 11a2639..fa2bd27 100644 --- a/plugins/SessionProvider/src/SessionProviderEntry.cs +++ b/plugins/SessionProvider/src/SessionProviderEntry.cs @@ -42,8 +42,8 @@ namespace VNLib.Plugins.Essentials.Sessions { ///<inheritdoc/> public override string PluginName => "Essentials.Sessions"; - + ///<inheritdoc/> protected override void OnLoad() { List<RuntimeSessionProvider> providers = new(); @@ -64,9 +64,8 @@ namespace VNLib.Plugins.Essentials.Sessions try { //Attempt to load provider - ISessionProvider prov = this.CreateServiceExternal<ISessionProvider>(asm); - - //Add to list + ISessionProvider prov = this.CreateServiceExternal<ISessionProvider>(asm); + providers.Add(new(prov)); } catch (Exception ex) @@ -111,18 +110,10 @@ namespace VNLib.Plugins.Essentials.Sessions * service container if its delcared as disposable. */ - private sealed class SessionProvider : VnDisposeable, ISessionProvider, IDisposable + private sealed class SessionProvider(RuntimeSessionProvider[] loaded) : VnDisposeable, ISessionProvider { //Default to an empty array for default support even if no runtime providers are loaded - private RuntimeSessionProvider[] ProviderArray = Array.Empty<RuntimeSessionProvider>(); - - public SessionProvider(RuntimeSessionProvider[] loaded) - { - ProviderArray = loaded; - } - - public SessionProvider() - { } + private RuntimeSessionProvider[] ProviderArray = loaded; ValueTask<SessionHandle> ISessionProvider.GetSessionAsync(IHttpEvent entity, CancellationToken cancellationToken) { @@ -144,7 +135,7 @@ namespace VNLib.Plugins.Essentials.Sessions protected override void Free() { //Remove current providers so we can dispose them - ProviderArray = Array.Empty<RuntimeSessionProvider>(); + ProviderArray = []; } } } |