From 66e2b3db82cceaa2d21e52c64e4e60b03a5091ae Mon Sep 17 00:00:00 2001 From: Stanley Dimant Date: Wed, 24 Aug 2022 23:01:03 +0200 Subject: [PATCH] fix auth for grpc calls --- .../Hubs/MareHub.Files.cs | 20 ++++++++++++++++--- .../SecretKeyGrpcAuthenticationHandler.cs | 3 ++- .../FileService.cs | 1 - 3 files changed, 19 insertions(+), 5 deletions(-) diff --git a/MareSynchronosServer/MareSynchronosServer/Hubs/MareHub.Files.cs b/MareSynchronosServer/MareSynchronosServer/Hubs/MareHub.Files.cs index 682d632..fb882d9 100644 --- a/MareSynchronosServer/MareSynchronosServer/Hubs/MareHub.Files.cs +++ b/MareSynchronosServer/MareSynchronosServer/Hubs/MareHub.Files.cs @@ -2,9 +2,11 @@ using System.Collections.Generic; using System.IO; using System.Linq; +using System.Security.Claims; using System.Security.Cryptography; using System.Threading.Tasks; using Google.Protobuf; +using Grpc.Core; using MareSynchronos.API; using MareSynchronosShared.Authentication; using MareSynchronosShared.Models; @@ -38,7 +40,11 @@ namespace MareSynchronosServer.Hubs var ownFiles = await _dbContext.Files.Where(f => f.Uploaded && f.Uploader.UID == AuthenticatedUserId).ToListAsync().ConfigureAwait(false); var request = new DeleteFilesRequest(); request.Hash.AddRange(ownFiles.Select(f => f.Hash)); - _ = await _fileServiceClient.DeleteFilesAsync(request).ConfigureAwait(false); + Metadata headers = new Metadata() + { + { "Authorization", Context.User!.Claims.SingleOrDefault(c => c.Type == ClaimTypes.Authentication)?.Value } + }; + _ = await _fileServiceClient.DeleteFilesAsync(request, headers).ConfigureAwait(false); } [Authorize(AuthenticationSchemes = SecretKeyGrpcAuthenticationHandler.AuthScheme)] @@ -52,7 +58,11 @@ namespace MareSynchronosServer.Hubs FileSizeRequest request = new FileSizeRequest(); request.Hash.AddRange(hashes); - var grpcResponse = await _fileServiceClient.GetFileSizesAsync(request).ConfigureAwait(false); + Metadata headers = new Metadata() + { + { "Authorization", Context.User!.Claims.SingleOrDefault(c => c.Type == ClaimTypes.Authentication)?.Value } + }; + var grpcResponse = await _fileServiceClient.GetFileSizesAsync(request, headers).ConfigureAwait(false); foreach (var hash in grpcResponse.HashToFileSize) { @@ -201,7 +211,11 @@ namespace MareSynchronosServer.Hubs File.Delete(tempFileName); req.Hash = computedHashString; req.Uploader = AuthenticatedUserId; - _ = await _fileServiceClient.UploadFileAsync(req).ConfigureAwait(false); + Metadata headers = new Metadata() + { + { "Authorization", Context.User!.Claims.SingleOrDefault(c => c.Type == ClaimTypes.Authentication)?.Value } + }; + _ = await _fileServiceClient.UploadFileAsync(req, headers).ConfigureAwait(false); } catch (Exception ex) { diff --git a/MareSynchronosServer/MareSynchronosShared/Authentication/SecretKeyGrpcAuthenticationHandler.cs b/MareSynchronosServer/MareSynchronosShared/Authentication/SecretKeyGrpcAuthenticationHandler.cs index 2e49ce1..f1bc485 100644 --- a/MareSynchronosServer/MareSynchronosShared/Authentication/SecretKeyGrpcAuthenticationHandler.cs +++ b/MareSynchronosServer/MareSynchronosShared/Authentication/SecretKeyGrpcAuthenticationHandler.cs @@ -49,7 +49,8 @@ namespace MareSynchronosShared.Authentication var claims = new List { - new(ClaimTypes.NameIdentifier, uid) + new(ClaimTypes.NameIdentifier, uid), + new(ClaimTypes.Authentication, authHeader) }; var identity = new ClaimsIdentity(claims, nameof(SecretKeyGrpcAuthenticationHandler)); diff --git a/MareSynchronosServer/MareSynchronosStaticFilesServer/FileService.cs b/MareSynchronosServer/MareSynchronosStaticFilesServer/FileService.cs index 92044be..ee184e2 100644 --- a/MareSynchronosServer/MareSynchronosStaticFilesServer/FileService.cs +++ b/MareSynchronosServer/MareSynchronosStaticFilesServer/FileService.cs @@ -8,7 +8,6 @@ using Microsoft.Extensions.Logging; using System; using System.IO; using System.Linq; -using System.Security.Policy; using System.Threading.Tasks; namespace MareSynchronosStaticFilesServer;