diff options
Diffstat (limited to 'libs/VNLib.Plugins.Sessions.OAuth')
-rw-r--r-- | libs/VNLib.Plugins.Sessions.OAuth/src/Endpoints/AccessTokenEndpoint.cs | 8 | ||||
-rw-r--r-- | libs/VNLib.Plugins.Sessions.OAuth/src/OAuth2SessionProvider.cs | 10 |
2 files changed, 10 insertions, 8 deletions
diff --git a/libs/VNLib.Plugins.Sessions.OAuth/src/Endpoints/AccessTokenEndpoint.cs b/libs/VNLib.Plugins.Sessions.OAuth/src/Endpoints/AccessTokenEndpoint.cs index 9f0f35d..a867152 100644 --- a/libs/VNLib.Plugins.Sessions.OAuth/src/Endpoints/AccessTokenEndpoint.cs +++ b/libs/VNLib.Plugins.Sessions.OAuth/src/Endpoints/AccessTokenEndpoint.cs @@ -54,11 +54,11 @@ namespace VNLib.Plugins.Sessions.OAuth.Endpoints private readonly Task<ReadOnlyJsonWebKey?> JWTVerificationKey; //override protection settings to allow most connections to authenticate + ///<inheritdoc/> protected override ProtectionSettings EndpointProtectionSettings { get; } = new() { DisableBrowsersOnly = true, - DisableSessionsRequired = true, - DisableVerifySessionCors = true + DisableSessionsRequired = true }; public AccessTokenEndpoint(PluginBase pbase, IConfigScope config) @@ -120,8 +120,8 @@ namespace VNLib.Plugins.Sessions.OAuth.Endpoints } //Convert the clientid and secret to lowercase - clientId = clientId.ToLower(); - secret = secret.ToLower(); + clientId = clientId.ToLower(null); + secret = secret.ToLower(null); //Convert secret to private string that is unreferrenced using PrivateString secretPv = new(secret, false); diff --git a/libs/VNLib.Plugins.Sessions.OAuth/src/OAuth2SessionProvider.cs b/libs/VNLib.Plugins.Sessions.OAuth/src/OAuth2SessionProvider.cs index cc550de..d099e3c 100644 --- a/libs/VNLib.Plugins.Sessions.OAuth/src/OAuth2SessionProvider.cs +++ b/libs/VNLib.Plugins.Sessions.OAuth/src/OAuth2SessionProvider.cs @@ -48,7 +48,7 @@ namespace VNLib.Plugins.Sessions.OAuth /// Provides OAuth2 session management /// </summary> [ConfigurationName(O2SessionProviderEntry.OAUTH2_CONFIG_KEY)] - internal sealed class OAuth2SessionProvider : ISessionProvider, ITokenManager, IApplicationTokenFactory + internal sealed class OAuth2SessionProvider : ISessionProvider, ITokenManager, IApplicationTokenFactory, IIntervalScheduleable { private static readonly SessionHandle Skip = new(null, FileProcessArgs.VirtualSkip, null); @@ -68,6 +68,9 @@ namespace VNLib.Plugins.Sessions.OAuth _tokenFactory = plugin.GetOrCreateSingleton<OAuth2TokenFactory>(); TokenStore = new(plugin.GetContextOptions()); _tokenTypeString = $"client_credential,{_tokenFactory.TokenType}"; + + //Schedule interval + plugin.ScheduleInterval(this, TimeSpan.FromMinutes(2)); } public void SetLog(ILogProvider log) => _sessions.SetLog(log); @@ -196,9 +199,8 @@ namespace VNLib.Plugins.Sessions.OAuth /* * Interval for removing expired tokens */ - - [AsyncInterval(Minutes = 2)] - private async Task OnIntervalAsync(ILogProvider log, CancellationToken cancellationToken) + + public async Task OnIntervalAsync(ILogProvider log, CancellationToken cancellationToken) { //Calculate valid token time DateTime validAfter = DateTime.UtcNow.Subtract(_tokenFactory.SessionValidFor); |