From fdb055f4687c59c5bd0859388dace05766f7ce06 Mon Sep 17 00:00:00 2001
From: vman <public@vaughnnugent.com>
Date: Fri, 4 Nov 2022 22:12:55 -0400
Subject: Jwt/jwk support, runtime provider updates

---
 .../SessionIdFactory.cs                            | 59 ++++++++++++++++++++++
 1 file changed, 59 insertions(+)
 create mode 100644 Libs/VNLib.Plugins.Essentials.Sessions/SessionIdFactory.cs

(limited to 'Libs/VNLib.Plugins.Essentials.Sessions/SessionIdFactory.cs')

diff --git a/Libs/VNLib.Plugins.Essentials.Sessions/SessionIdFactory.cs b/Libs/VNLib.Plugins.Essentials.Sessions/SessionIdFactory.cs
new file mode 100644
index 0000000..ff0608e
--- /dev/null
+++ b/Libs/VNLib.Plugins.Essentials.Sessions/SessionIdFactory.cs
@@ -0,0 +1,59 @@
+using System;
+using System.Diagnostics.CodeAnalysis;
+
+using VNLib.Hashing;
+using VNLib.Net.Http;
+using VNLib.Plugins.Essentials.Extensions;
+
+#nullable enable
+
+namespace VNLib.Plugins.Essentials.Sessions.Memory
+{
+    internal sealed class SessionIdFactory : ISessionIdFactory
+    {
+        private readonly int IdSize;
+        private readonly string cookieName;
+        private readonly TimeSpan ValidFor;
+
+        public SessionIdFactory(uint idSize, string cookieName, TimeSpan validFor)
+        {
+            IdSize = (int)idSize;
+            this.cookieName = cookieName;
+            ValidFor = validFor;
+        }
+
+        public string GenerateSessionId(IHttpEvent entity)
+        {
+            //Random hex hash
+            string cookie = RandomHash.GetRandomBase32(IdSize);
+
+            //Set the session id cookie
+            entity.Server.SetCookie(cookieName, cookie, ValidFor, secure: true, httpOnly: true);
+
+            //return session-id value from cookie value
+            return cookie;
+        }
+
+        public bool TryGetSessionId(IHttpEvent entity, [NotNullWhen(true)] out string? sessionId)
+        {
+            //Get authorization token and make sure its not too large to cause a buffer overflow
+            if (entity.Server.GetCookie(cookieName, out sessionId))
+            {
+                return true;
+            }
+            //Only add sessions for user-agents
+            else if (entity.Server.IsBrowser())
+            {
+                //Get a new session id
+                sessionId = GenerateSessionId(entity);
+
+                return true;
+            }
+            else
+            {
+                sessionId = null;
+                return false;
+            }
+        }
+    }
+}
-- 
cgit