From 7088c48dd2014364d6b24891b913ff798132e97a Mon Sep 17 00:00:00 2001 From: vnugent Date: Sun, 10 Mar 2024 16:14:08 -0400 Subject: Squashed commit of the following: commit 720136fef00095c808f9d5c75449e3fd03e82ca0 Author: vnugent Date: Wed Mar 6 21:33:12 2024 -0500 chore: Took a look around commit 71d6fb8c038adafa4a3a943cb0218cd234ef01ae Author: vnugent Date: Mon Feb 12 20:12:28 2024 -0500 refactor: update to latest sql changes and remove untested oauth feature commit 6941b12b44ccb1c184d9b6e33fbe19c72a0b3428 Author: vnugent Date: Sun Feb 4 01:30:26 2024 -0500 submit pending changes --- .../src/OAuth2TokenFactory.cs | 51 ++++++++++++++-------- 1 file changed, 34 insertions(+), 17 deletions(-) (limited to 'libs/VNLib.Plugins.Sessions.OAuth/src/OAuth2TokenFactory.cs') diff --git a/libs/VNLib.Plugins.Sessions.OAuth/src/OAuth2TokenFactory.cs b/libs/VNLib.Plugins.Sessions.OAuth/src/OAuth2TokenFactory.cs index b97abae..6d055df 100644 --- a/libs/VNLib.Plugins.Sessions.OAuth/src/OAuth2TokenFactory.cs +++ b/libs/VNLib.Plugins.Sessions.OAuth/src/OAuth2TokenFactory.cs @@ -1,5 +1,5 @@ /* -* Copyright (c) 2023 Vaughn Nugent +* Copyright (c) 2024 Vaughn Nugent * * Library: VNLib * Package: VNLib.Plugins.Essentials.Sessions.OAuth @@ -23,26 +23,21 @@ */ using System; +using System.Net; +using System.Diagnostics.CodeAnalysis; using VNLib.Hashing; using VNLib.Net.Http; using VNLib.Plugins.Sessions.Cache.Client; using VNLib.Plugins.Extensions.Loading; -using VNLib.Plugins.Essentials.Extensions; - namespace VNLib.Plugins.Sessions.OAuth { [ConfigurationName(OAuth2SessionProvider.OAUTH2_CONFIG_KEY)] - internal sealed class OAuth2TokenFactory : ISessionIdFactory, IOauthSessionIdFactory + internal sealed class OAuth2TokenFactory(PluginBase plugin, IConfigScope config) + : ISessionIdFactory, IOauthSessionIdFactory { - private readonly OAuth2SessionConfig _config; - - public OAuth2TokenFactory(PluginBase plugin, IConfigScope config) - { - //Get the oauth2 config - _config = config.DeserialzeAndValidate(); - } + private readonly OAuth2SessionConfig _config = config.DeserialzeAndValidate(); /* * ID Regeneration is always false as OAuth2 sessions @@ -68,13 +63,10 @@ namespace VNLib.Plugins.Sessions.OAuth TimeSpan IOauthSessionIdFactory.SessionValidFor => TimeSpan.FromSeconds(_config.TokenLifeTimeSeconds); /// - string IOauthSessionIdFactory.TokenType => "Bearer"; + string IOauthSessionIdFactory.TokenType => _config.TokenType; /// - bool ISessionIdFactory.CanService(IHttpEvent entity) - { - return entity.Server.HasAuthorization(out _); - } + bool ISessionIdFactory.CanService(IHttpEvent entity) => HasBearerToken(entity.Server, out _); /// public GetTokenResult GenerateTokensAndId() @@ -93,7 +85,32 @@ namespace VNLib.Plugins.Sessions.OAuth string? ISessionIdFactory.TryGetSessionId(IHttpEvent entity) { - return entity.Server.HasAuthorization(out string? token) ? token : null; + return HasBearerToken(entity.Server, out string ? token) ? token : null; + } + + /// + /// Gets the bearer token from an authorization header + /// + /// + /// The token stored in the user's authorization header + /// True if the authorization header was set, has a Bearer token value + private bool HasBearerToken(IConnectionInfo ci, [NotNullWhen(true)] out string? token) + { + //Get auth header value + string? authorization = ci.Headers[HttpRequestHeader.Authorization]; + + //Check if its set + if (!string.IsNullOrWhiteSpace(authorization)) + { + int bearerIndex = authorization.IndexOf(_config.TokenType, StringComparison.OrdinalIgnoreCase); + + //Calc token offset, get token, and trim any whitespace + token = authorization.AsSpan(bearerIndex + _config.TokenType.Length).Trim().ToString(); + return true; + } + + token = null; + return false; } } } \ No newline at end of file -- cgit