diff options
author | vnugent <public@vaughnnugent.com> | 2024-02-14 14:29:25 -0500 |
---|---|---|
committer | vnugent <public@vaughnnugent.com> | 2024-02-14 14:29:25 -0500 |
commit | 3e2adf39ac884af8e2bd3c94e0a1ce3e08dd113a (patch) | |
tree | 055939564167e0f3c008409e68392cab4aa9c91f /libs/VNLib.Plugins.Sessions.OAuth/src/Endpoints | |
parent | e59b62516b4b9fce054b2d5833b27c85f3617974 (diff) |
Squashed commit of the following:
commit 71d6fb8c038adafa4a3a943cb0218cd234ef01ae
Author: vnugent <public@vaughnnugent.com>
Date: Mon Feb 12 20:12:28 2024 -0500
refactor: update to latest sql changes and remove untested oauth feature
commit 6941b12b44ccb1c184d9b6e33fbe19c72a0b3428
Author: vnugent <public@vaughnnugent.com>
Date: Sun Feb 4 01:30:26 2024 -0500
submit pending changes
Diffstat (limited to 'libs/VNLib.Plugins.Sessions.OAuth/src/Endpoints')
-rw-r--r-- | libs/VNLib.Plugins.Sessions.OAuth/src/Endpoints/AccessTokenEndpoint.cs | 54 |
1 files changed, 3 insertions, 51 deletions
diff --git a/libs/VNLib.Plugins.Sessions.OAuth/src/Endpoints/AccessTokenEndpoint.cs b/libs/VNLib.Plugins.Sessions.OAuth/src/Endpoints/AccessTokenEndpoint.cs index dc0530f..b73a7eb 100644 --- a/libs/VNLib.Plugins.Sessions.OAuth/src/Endpoints/AccessTokenEndpoint.cs +++ b/libs/VNLib.Plugins.Sessions.OAuth/src/Endpoints/AccessTokenEndpoint.cs @@ -1,5 +1,5 @@ /* -* Copyright (c) 2023 Vaughn Nugent +* Copyright (c) 2024 Vaughn Nugent * * Library: VNLib * Package: VNLib.Plugins.Essentials.Sessions.OAuth @@ -24,11 +24,9 @@ using System; using System.Net; -using System.Text.Json; using System.Threading.Tasks; using VNLib.Utils.Memory; -using VNLib.Hashing.IdentityUtility; using VNLib.Plugins.Essentials; using VNLib.Plugins.Essentials.Oauth; using VNLib.Plugins.Essentials.Endpoints; @@ -50,7 +48,6 @@ namespace VNLib.Plugins.Sessions.OAuth.Endpoints { private readonly IApplicationTokenFactory TokenFactory; private readonly ApplicationStore Applications; - private readonly IAsyncLazy<ReadOnlyJsonWebKey?> JWTVerificationKey; //override protection settings to allow most connections to authenticate ///<inheritdoc/> @@ -68,9 +65,6 @@ namespace VNLib.Plugins.Sessions.OAuth.Endpoints TokenFactory = tokenFactory; Applications = new(pbase.GetContextOptions(), pbase.GetOrCreateSingleton<ManagedPasswordHashing>()); - - //Try to get the application token key for verifying signed application JWTs - JWTVerificationKey = pbase.TryGetSecretAsync("application_token_key").ToJsonWebKey().AsLazy(); } @@ -82,19 +76,6 @@ namespace VNLib.Plugins.Sessions.OAuth.Endpoints //process a refresh token } - //See if we have an application authorized with JWT - else if (entity.RequestArgs.IsArgumentSet("grant_type", "application")) - { - if(entity.RequestArgs.TryGetNonEmptyValue("token", out string? appJwt)) - { - //Try to get and verify the app - UserApplication? app = GetApplicationFromJwt(appJwt); - - //generate token - return await GenerateTokenAsync(entity, app); - } - } - //Check for grant_type parameter from the request body else if (entity.RequestArgs.IsArgumentSet("grant_type", "client_credentials")) { @@ -121,10 +102,10 @@ namespace VNLib.Plugins.Sessions.OAuth.Endpoints secret = secret.ToLower(null); //Convert secret to private string that is unreferrenced - using PrivateString secretPv = new(secret, false); + using PrivateString secretPv = PrivateString.ToPrivateString(secret, false)!; //Get the application from apps store - UserApplication? app = await Applications.VerifyAppAsync(clientId, secretPv); + UserApplication? app = await Applications.VerifyAppAsync(clientId, secretPv, entity.EventCancellation); return await GenerateTokenAsync(entity, app); } @@ -135,35 +116,6 @@ namespace VNLib.Plugins.Sessions.OAuth.Endpoints return VfReturnType.VirtualSkip; } - private UserApplication? GetApplicationFromJwt(string jwtData) - { - ReadOnlyJsonWebKey? verificationKey = JWTVerificationKey.Value; - - //Not enabled - if (verificationKey == null) - { - return null; - } - - //Parse application token - using JsonWebToken jwt = JsonWebToken.Parse(jwtData); - - //verify the application jwt - if (!jwt.VerifyFromJwk(verificationKey)) - { - return null; - } - - using JsonDocument doc = jwt.GetPayload(); - - //Get expiration time - DateTimeOffset exp = doc.RootElement.GetProperty("exp").GetDateTimeOffset(); - - //Check if token is expired - return exp < DateTimeOffset.UtcNow ? null : UserApplication.FromJwtDoc(doc.RootElement); - } - - private async Task<VfReturnType> GenerateTokenAsync(HttpEntity entity, UserApplication? app) { if (app == null) |