diff options
Diffstat (limited to 'Libs/VNLib.Plugins.Essentials.Sessions.OAuth')
4 files changed, 29 insertions, 18 deletions
diff --git a/Libs/VNLib.Plugins.Essentials.Sessions.OAuth/Endpoints/AccessTokenEndpoint.cs b/Libs/VNLib.Plugins.Essentials.Sessions.OAuth/Endpoints/AccessTokenEndpoint.cs index a159456..d968398 100644 --- a/Libs/VNLib.Plugins.Essentials.Sessions.OAuth/Endpoints/AccessTokenEndpoint.cs +++ b/Libs/VNLib.Plugins.Essentials.Sessions.OAuth/Endpoints/AccessTokenEndpoint.cs @@ -30,12 +30,12 @@ using VNLib.Utils.Memory; using VNLib.Hashing.IdentityUtility; using VNLib.Plugins.Essentials.Oauth; using VNLib.Plugins.Essentials.Endpoints; +using VNLib.Plugins.Essentials.Oauth.Tokens; using VNLib.Plugins.Essentials.Oauth.Applications; using VNLib.Plugins.Essentials.Extensions; using VNLib.Plugins.Extensions.Loading; using VNLib.Plugins.Extensions.Loading.Sql; using VNLib.Plugins.Extensions.Validation; -using VNLib.Plugins.Essentials.Oauth.Tokens; namespace VNLib.Plugins.Essentials.Sessions.OAuth.Endpoints { @@ -56,9 +56,9 @@ namespace VNLib.Plugins.Essentials.Sessions.OAuth.Endpoints //override protection settings to allow most connections to authenticate protected override ProtectionSettings EndpointProtectionSettings { get; } = new() { - BrowsersOnly = false, - SessionsRequired = false, - VerifySessionCors = false + DisableBrowsersOnly = true, + DisableSessionsRequired = true, + DisableVerifySessionCors = true }; public AccessTokenEndpoint(string path, PluginBase pbase, CreateTokenImpl tokenStore, Task<JsonDocument?> verificationKey) @@ -117,7 +117,7 @@ namespace VNLib.Plugins.Essentials.Sessions.OAuth.Endpoints secret = secret.ToLower(); //Convert secret to private string that is unreferrenced - PrivateString secretPv = new(secret, false); + using PrivateString secretPv = new(secret, false); //Get the application from apps store UserApplication? app = await Applications.VerifyAppAsync(clientId, secretPv); @@ -171,7 +171,7 @@ namespace VNLib.Plugins.Essentials.Sessions.OAuth.Endpoints if (result == null) { - entity.CloseResponseError(HttpStatusCode.ServiceUnavailable, ErrorType.TemporarilyUnabavailable, "You have reached the maximum number of valid tokens for this application"); + entity.CloseResponseError(HttpStatusCode.TooManyRequests, ErrorType.TemporarilyUnabavailable, "You have reached the maximum number of valid tokens for this application"); return VfReturnType.VirtualSkip; } diff --git a/Libs/VNLib.Plugins.Essentials.Sessions.OAuth/O2SessionProviderEntry.cs b/Libs/VNLib.Plugins.Essentials.Sessions.OAuth/O2SessionProviderEntry.cs index 07b6530..f4462a4 100644 --- a/Libs/VNLib.Plugins.Essentials.Sessions.OAuth/O2SessionProviderEntry.cs +++ b/Libs/VNLib.Plugins.Essentials.Sessions.OAuth/O2SessionProviderEntry.cs @@ -27,16 +27,17 @@ using System.Text.Json; using VNLib.Net.Http; using VNLib.Utils.Logging; using VNLib.Utils.Extensions; +using VNLib.Data.Caching.Extensions; using VNLib.Plugins.Essentials.Oauth.Tokens; using VNLib.Plugins.Essentials.Oauth.Applications; using VNLib.Plugins.Essentials.Sessions.OAuth; +using VNLib.Plugins.Essentials.Sessions.Runtime; using VNLib.Plugins.Essentials.Sessions.OAuth.Endpoints; using VNLib.Plugins.Extensions.Loading; using VNLib.Plugins.Extensions.Loading.Routing; using VNLib.Plugins.Extensions.Loading.Sql; using VNLib.Plugins.Extensions.Loading.Events; -using VNLib.Plugins.Essentials.Sessions.Runtime; -using VNLib.Data.Caching.Extensions; + namespace VNLib.Plugins.Essentials.Sessions.Oauth { @@ -69,7 +70,7 @@ namespace VNLib.Plugins.Essentials.Sessions.Oauth //Optional application jwt token Task<JsonDocument?> jwtTokenSecret = plugin.TryGetSecretAsync("application_token_key") - .ContinueWith(static t => t.Result == null ? null : JsonDocument.Parse(t.Result), TaskScheduler.Default); + .ContinueWith(static t => t.Result == null ? null : t.Result.GetJsonDocument(), TaskScheduler.Default); //Access token endpoint is optional if (oauth2Config.TryGetValue("token_path", out JsonElement el)) @@ -107,7 +108,7 @@ namespace VNLib.Plugins.Essentials.Sessions.Oauth IReadOnlyDictionary<string, JsonElement> oauth2Config) { //Init cache client - using VnCacheClient cache = new(plugin.IsDebug() ? plugin.Log : null, Utils.Memory.Memory.Shared); + using VnCacheClient cache = new(plugin.IsDebug() ? localized : null, Utils.Memory.Memory.Shared); try { @@ -125,7 +126,7 @@ namespace VNLib.Plugins.Essentials.Sessions.Oauth await cache.LoadConfigAsync(plugin, cacheConfig); //Init session provider now that client is loaded - _sessions = new(cache.Resource!, cacheLimit, idProv, plugin.GetContextOptions()); + _sessions = new(cache.Resource!, cacheLimit, 100, idProv, plugin.GetContextOptions()); //Schedule cleanup interval with the plugin scheduler plugin.ScheduleInterval(_sessions, cleanupInterval); diff --git a/Libs/VNLib.Plugins.Essentials.Sessions.OAuth/OAuth2SessionProvider.cs b/Libs/VNLib.Plugins.Essentials.Sessions.OAuth/OAuth2SessionProvider.cs index d698c81..106029f 100644 --- a/Libs/VNLib.Plugins.Essentials.Sessions.OAuth/OAuth2SessionProvider.cs +++ b/Libs/VNLib.Plugins.Essentials.Sessions.OAuth/OAuth2SessionProvider.cs @@ -55,18 +55,20 @@ namespace VNLib.Plugins.Essentials.Sessions.OAuth private readonly IOauthSessionIdFactory factory; private readonly TokenStore TokenStore; - - public OAuth2SessionProvider(FBMClient client, int maxCacheItems, IOauthSessionIdFactory idFactory, DbContextOptions dbCtx) + private readonly uint MaxConnections; + + public OAuth2SessionProvider(FBMClient client, int maxCacheItems, uint maxConnections, IOauthSessionIdFactory idFactory, DbContextOptions dbCtx) : base(client, maxCacheItems) { factory = idFactory; TokenStore = new(dbCtx); + MaxConnections = maxConnections; } ///<inheritdoc/> - protected override RemoteSession SessionCtor(string sessionId) => new OAuth2Session(sessionId, Client, BackgroundTimeout, InvlidatateCache); + protected override RemoteSession SessionCtor(string sessionId) => new OAuth2Session(sessionId, Client, BackgroundTimeout, InvalidatateCache); - private void InvlidatateCache(OAuth2Session session) + private void InvalidatateCache(OAuth2Session session) { lock (CacheLock) { @@ -91,6 +93,14 @@ namespace VNLib.Plugins.Essentials.Sessions.OAuth return SessionHandle.Empty; } + //Limit max number of waiting clients + if (WaitingConnections > MaxConnections) + { + //Set 503 for temporary unavail + entity.CloseResponse(System.Net.HttpStatusCode.ServiceUnavailable); + return new SessionHandle(null, FileProcessArgs.VirtualSkip, null); + } + //Recover the session RemoteSession session = await base.GetSessionAsync(entity, sessionId, cancellationToken); @@ -174,14 +184,14 @@ namespace VNLib.Plugins.Essentials.Sessions.OAuth /* - * Interval for remving expired tokens + * Interval for removing expired tokens */ ///<inheritdoc/> async Task IIntervalScheduleable.OnIntervalAsync(ILogProvider log, CancellationToken cancellationToken) { //Calculate valid token time - DateTimeOffset validAfter = DateTimeOffset.UtcNow.Subtract(factory.SessionValidFor); + DateTime validAfter = DateTime.UtcNow.Subtract(factory.SessionValidFor); //Remove tokens from db store IReadOnlyCollection<ActiveToken> revoked = await TokenStore.CleanupExpiredTokensAsync(validAfter, cancellationToken); //exception list diff --git a/Libs/VNLib.Plugins.Essentials.Sessions.OAuth/VNLib.Plugins.Essentials.Sessions.OAuth.csproj b/Libs/VNLib.Plugins.Essentials.Sessions.OAuth/VNLib.Plugins.Essentials.Sessions.OAuth.csproj index d75a1c0..e9927b5 100644 --- a/Libs/VNLib.Plugins.Essentials.Sessions.OAuth/VNLib.Plugins.Essentials.Sessions.OAuth.csproj +++ b/Libs/VNLib.Plugins.Essentials.Sessions.OAuth/VNLib.Plugins.Essentials.Sessions.OAuth.csproj @@ -31,7 +31,7 @@ <Exec Command="erase "F:\Programming\Web Plugins\DevPlugins\RuntimeAssets\$(TargetName)" /q > nul" /> </Target> <ItemGroup> - <ProjectReference Include="..\..\..\..\VNLib\Http\VNLib.Net.Http.csproj" /> + <ProjectReference Include="..\..\..\..\VNLib\Http\src\VNLib.Net.Http.csproj" /> <ProjectReference Include="..\..\..\..\VNLib\Plugins\src\VNLib.Plugins.csproj" /> <ProjectReference Include="..\..\..\..\VNLib\Utils\src\VNLib.Utils.csproj" /> <ProjectReference Include="..\..\..\DataCaching\VNLib.Data.Caching.Extensions\VNLib.Data.Caching.Extensions.csproj" /> |