aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--libs/VNLib.Plugins.Sessions.OAuth/src/Endpoints/AccessTokenEndpoint.cs54
-rw-r--r--libs/VNLib.Plugins.Sessions.VNCache/src/WebSessionStore.cs10
-rw-r--r--plugins/SessionProvider/src/SessionProviderEntry.cs21
3 files changed, 18 insertions, 67 deletions
diff --git a/libs/VNLib.Plugins.Sessions.OAuth/src/Endpoints/AccessTokenEndpoint.cs b/libs/VNLib.Plugins.Sessions.OAuth/src/Endpoints/AccessTokenEndpoint.cs
index dc0530f..b73a7eb 100644
--- a/libs/VNLib.Plugins.Sessions.OAuth/src/Endpoints/AccessTokenEndpoint.cs
+++ b/libs/VNLib.Plugins.Sessions.OAuth/src/Endpoints/AccessTokenEndpoint.cs
@@ -1,5 +1,5 @@
/*
-* Copyright (c) 2023 Vaughn Nugent
+* Copyright (c) 2024 Vaughn Nugent
*
* Library: VNLib
* Package: VNLib.Plugins.Essentials.Sessions.OAuth
@@ -24,11 +24,9 @@
using System;
using System.Net;
-using System.Text.Json;
using System.Threading.Tasks;
using VNLib.Utils.Memory;
-using VNLib.Hashing.IdentityUtility;
using VNLib.Plugins.Essentials;
using VNLib.Plugins.Essentials.Oauth;
using VNLib.Plugins.Essentials.Endpoints;
@@ -50,7 +48,6 @@ namespace VNLib.Plugins.Sessions.OAuth.Endpoints
{
private readonly IApplicationTokenFactory TokenFactory;
private readonly ApplicationStore Applications;
- private readonly IAsyncLazy<ReadOnlyJsonWebKey?> JWTVerificationKey;
//override protection settings to allow most connections to authenticate
///<inheritdoc/>
@@ -68,9 +65,6 @@ namespace VNLib.Plugins.Sessions.OAuth.Endpoints
TokenFactory = tokenFactory;
Applications = new(pbase.GetContextOptions(), pbase.GetOrCreateSingleton<ManagedPasswordHashing>());
-
- //Try to get the application token key for verifying signed application JWTs
- JWTVerificationKey = pbase.TryGetSecretAsync("application_token_key").ToJsonWebKey().AsLazy();
}
@@ -82,19 +76,6 @@ namespace VNLib.Plugins.Sessions.OAuth.Endpoints
//process a refresh token
}
- //See if we have an application authorized with JWT
- else if (entity.RequestArgs.IsArgumentSet("grant_type", "application"))
- {
- if(entity.RequestArgs.TryGetNonEmptyValue("token", out string? appJwt))
- {
- //Try to get and verify the app
- UserApplication? app = GetApplicationFromJwt(appJwt);
-
- //generate token
- return await GenerateTokenAsync(entity, app);
- }
- }
-
//Check for grant_type parameter from the request body
else if (entity.RequestArgs.IsArgumentSet("grant_type", "client_credentials"))
{
@@ -121,10 +102,10 @@ namespace VNLib.Plugins.Sessions.OAuth.Endpoints
secret = secret.ToLower(null);
//Convert secret to private string that is unreferrenced
- using PrivateString secretPv = new(secret, false);
+ using PrivateString secretPv = PrivateString.ToPrivateString(secret, false)!;
//Get the application from apps store
- UserApplication? app = await Applications.VerifyAppAsync(clientId, secretPv);
+ UserApplication? app = await Applications.VerifyAppAsync(clientId, secretPv, entity.EventCancellation);
return await GenerateTokenAsync(entity, app);
}
@@ -135,35 +116,6 @@ namespace VNLib.Plugins.Sessions.OAuth.Endpoints
return VfReturnType.VirtualSkip;
}
- private UserApplication? GetApplicationFromJwt(string jwtData)
- {
- ReadOnlyJsonWebKey? verificationKey = JWTVerificationKey.Value;
-
- //Not enabled
- if (verificationKey == null)
- {
- return null;
- }
-
- //Parse application token
- using JsonWebToken jwt = JsonWebToken.Parse(jwtData);
-
- //verify the application jwt
- if (!jwt.VerifyFromJwk(verificationKey))
- {
- return null;
- }
-
- using JsonDocument doc = jwt.GetPayload();
-
- //Get expiration time
- DateTimeOffset exp = doc.RootElement.GetProperty("exp").GetDateTimeOffset();
-
- //Check if token is expired
- return exp < DateTimeOffset.UtcNow ? null : UserApplication.FromJwtDoc(doc.RootElement);
- }
-
-
private async Task<VfReturnType> GenerateTokenAsync(HttpEntity entity, UserApplication? app)
{
if (app == null)
diff --git a/libs/VNLib.Plugins.Sessions.VNCache/src/WebSessionStore.cs b/libs/VNLib.Plugins.Sessions.VNCache/src/WebSessionStore.cs
index ec515f6..aa908f1 100644
--- a/libs/VNLib.Plugins.Sessions.VNCache/src/WebSessionStore.cs
+++ b/libs/VNLib.Plugins.Sessions.VNCache/src/WebSessionStore.cs
@@ -1,5 +1,5 @@
/*
-* Copyright (c) 2023 Vaughn Nugent
+* Copyright (c) 2024 Vaughn Nugent
*
* Library: VNLib
* Package: VNLib.Plugins.Essentials.Sessions.VNCache
@@ -44,9 +44,16 @@ namespace VNLib.Plugins.Sessions.VNCache
private ILogProvider? baseLog;
+ ///<inheritdoc/>
protected override ISessionIdFactory IdFactory { get; }
+
+ ///<inheritdoc/>
protected override IRemoteCacheStore Cache { get; }
+
+ ///<inheritdoc/>
protected override ISessionFactory<WebSession> SessionFactory { get; }
+
+ ///<inheritdoc/>
protected override ILogProvider Log => baseLog!;
public WebSessionStore(PluginBase plugin, IConfigScope config)
@@ -86,6 +93,7 @@ namespace VNLib.Plugins.Sessions.VNCache
/// </summary>
public bool IsConnected => Cache.IsConnected;
+ ///<inheritdoc/>
public override ValueTask ReleaseSessionAsync(WebSession session, IHttpEvent entity)
{
//Get status flags first
diff --git a/plugins/SessionProvider/src/SessionProviderEntry.cs b/plugins/SessionProvider/src/SessionProviderEntry.cs
index 11a2639..fa2bd27 100644
--- a/plugins/SessionProvider/src/SessionProviderEntry.cs
+++ b/plugins/SessionProvider/src/SessionProviderEntry.cs
@@ -42,8 +42,8 @@ namespace VNLib.Plugins.Essentials.Sessions
{
///<inheritdoc/>
public override string PluginName => "Essentials.Sessions";
-
+ ///<inheritdoc/>
protected override void OnLoad()
{
List<RuntimeSessionProvider> providers = new();
@@ -64,9 +64,8 @@ namespace VNLib.Plugins.Essentials.Sessions
try
{
//Attempt to load provider
- ISessionProvider prov = this.CreateServiceExternal<ISessionProvider>(asm);
-
- //Add to list
+ ISessionProvider prov = this.CreateServiceExternal<ISessionProvider>(asm);
+
providers.Add(new(prov));
}
catch (Exception ex)
@@ -111,18 +110,10 @@ namespace VNLib.Plugins.Essentials.Sessions
* service container if its delcared as disposable.
*/
- private sealed class SessionProvider : VnDisposeable, ISessionProvider, IDisposable
+ private sealed class SessionProvider(RuntimeSessionProvider[] loaded) : VnDisposeable, ISessionProvider
{
//Default to an empty array for default support even if no runtime providers are loaded
- private RuntimeSessionProvider[] ProviderArray = Array.Empty<RuntimeSessionProvider>();
-
- public SessionProvider(RuntimeSessionProvider[] loaded)
- {
- ProviderArray = loaded;
- }
-
- public SessionProvider()
- { }
+ private RuntimeSessionProvider[] ProviderArray = loaded;
ValueTask<SessionHandle> ISessionProvider.GetSessionAsync(IHttpEvent entity, CancellationToken cancellationToken)
{
@@ -144,7 +135,7 @@ namespace VNLib.Plugins.Essentials.Sessions
protected override void Free()
{
//Remove current providers so we can dispose them
- ProviderArray = Array.Empty<RuntimeSessionProvider>();
+ ProviderArray = [];
}
}
}
generated by cgit (git 2.46.0) at 2024-10-01 15:40:09 +0000