diff options
author | vnugent <public@vaughnnugent.com> | 2023-01-12 17:47:41 -0500 |
---|---|---|
committer | vnugent <public@vaughnnugent.com> | 2023-01-12 17:47:41 -0500 |
commit | 751e1a107195f0c9c98c866e8267a5a760545982 (patch) | |
tree | 71a775c91bfd9d455b727c72d2fb628c530f64cc /Libs/VNLib.Plugins.Essentials.Sessions.OAuth/OAuth2SessionIdProvider.cs | |
parent | 9bb5ddd8f19c0ecabd7af4ee58d80c16826bc183 (diff) |
Large project reorder and consolidation
Diffstat (limited to 'Libs/VNLib.Plugins.Essentials.Sessions.OAuth/OAuth2SessionIdProvider.cs')
-rw-r--r-- | Libs/VNLib.Plugins.Essentials.Sessions.OAuth/OAuth2SessionIdProvider.cs | 132 |
1 files changed, 0 insertions, 132 deletions
diff --git a/Libs/VNLib.Plugins.Essentials.Sessions.OAuth/OAuth2SessionIdProvider.cs b/Libs/VNLib.Plugins.Essentials.Sessions.OAuth/OAuth2SessionIdProvider.cs deleted file mode 100644 index e1cfc7f..0000000 --- a/Libs/VNLib.Plugins.Essentials.Sessions.OAuth/OAuth2SessionIdProvider.cs +++ /dev/null @@ -1,132 +0,0 @@ -/* -* Copyright (c) 2022 Vaughn Nugent -* -* Library: VNLib -* Package: VNLib.Plugins.Essentials.Sessions.OAuth -* File: OAuth2SessionIdProvider.cs -* -* OAuth2SessionIdProvider.cs is part of VNLib.Plugins.Essentials.Sessions.OAuth which is part of the larger -* VNLib collection of libraries and utilities. -* -* VNLib.Plugins.Essentials.Sessions.OAuth is free software: you can redistribute it and/or modify -* it under the terms of the GNU Affero General Public License as -* published by the Free Software Foundation, either version 3 of the -* License, or (at your option) any later version. -* -* VNLib.Plugins.Essentials.Sessions.OAuth is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -* GNU Affero General Public License for more details. -* -* You should have received a copy of the GNU Affero General Public License -* along with this program. If not, see https://www.gnu.org/licenses/. -*/ - -using System; -using System.Diagnostics.CodeAnalysis; - -using VNLib.Utils.Memory; -using VNLib.Utils.Extensions; -using VNLib.Hashing; -using VNLib.Net.Http; -using VNLib.Plugins.Essentials.Extensions; -using VNLib.Plugins.Essentials.Sessions.Runtime; -using VNLib.Plugins.Essentials.Oauth.Applications; -using VNLib.Plugins.Sessions.Cache.Client; -using static VNLib.Plugins.Essentials.Oauth.OauthSessionExtensions; - -namespace VNLib.Plugins.Essentials.Sessions.OAuth -{ - /// <summary> - /// Generates secure OAuth2 session tokens and initalizes new OAuth2 sessions - /// </summary> - internal class OAuth2SessionIdProvider : IOauthSessionIdFactory - { - private readonly string SessionIdPrefix; - private readonly int _bufferSize; - private readonly int _tokenSize; - - ///<inheritdoc/> - public int MaxTokensPerApp { get; } - ///<inheritdoc/> - public TimeSpan SessionValidFor { get; } - ///<inheritdoc/> - string IOauthSessionIdFactory.TokenType => "Bearer"; - - public OAuth2SessionIdProvider(string sessionIdPrefix, int maxTokensPerApp, int tokenSize, TimeSpan validFor) - { - SessionIdPrefix = sessionIdPrefix; - MaxTokensPerApp = maxTokensPerApp; - SessionValidFor = validFor; - _tokenSize = tokenSize; - _bufferSize = tokenSize * 2; - } - - ///<inheritdoc/> - bool ISessionIdFactory.TryGetSessionId(IHttpEvent entity, [NotNullWhen(true)] out string? sessionId) - { - //Get authorization token and make sure its not too large to cause a buffer overflow - if (entity.Server.HasAuthorization(out string? token) && (token.Length + SessionIdPrefix.Length) <= _bufferSize) - { - //Compute session id from token - sessionId = ComputeSessionIdFromToken(token); - - return true; - } - else - { - sessionId = null; - } - - return false; - } - - private string ComputeSessionIdFromToken(string token) - { - //Buffer to copy data to - using UnsafeMemoryHandle<char> buffer = Memory.UnsafeAlloc<char>(_bufferSize, true); - - //Writer to accumulate data - ForwardOnlyWriter<char> writer = new(buffer.Span); - - //Append session id prefix and token - writer.Append(SessionIdPrefix); - writer.Append(token); - - //Compute base64 hash of token and - return ManagedHash.ComputeBase64Hash(writer.AsSpan(), HashAlg.SHA256); - } - - ///<inheritdoc/> - TokenAndSessionIdResult IOauthSessionIdFactory.GenerateTokensAndId() - { - //Alloc buffer for random data - using UnsafeMemoryHandle<byte> mem = Memory.UnsafeAlloc<byte>(_tokenSize, true); - - //Generate token from random cng bytes - RandomHash.GetRandomBytes(mem); - - //Token is the raw value - string token = Convert.ToBase64String(mem.Span); - - //The session id is the HMAC of the token - string sessionId = ComputeSessionIdFromToken(token); - - //Clear buffer - Memory.InitializeBlock(mem.Span); - - //Return sessid result - return new(sessionId, token, null); - } - - ///<inheritdoc/> - void IOauthSessionIdFactory.InitNewSession(RemoteSession session, UserApplication app, IHttpEvent entity) - { - //Store session variables - session[APP_ID_ENTRY] = app.Id; - session[TOKEN_TYPE_ENTRY] = "client_credential,bearer"; - session[SCOPES_ENTRY] = app.Permissions; - session.UserID = app.UserId; - } - } -} |