Syncshells (#11)
* some groups stuff * further groups rework * fixes for pause changes * adjsut timeout interval * fixes and namespace change to file scoped * more fixes * further implement groups * fix change group ownership * add some more stuff for groups * more fixes and additions * some fixes based on analyzers, add shard info to ui * add discord command, cleanup * fix regex * add group migration and deletion on user deletion * add api method for client to check health of connection * adjust regex for vanity * fixes for server and bot * fixes some string comparison in linq queries * fixes group leave and sets alias to null * fix syntax in changeownership * add better logging, fixes for group leaving * fixes for group leave Co-authored-by: Stanley Dimant <root.darkarchon@outlook.com>
This commit is contained in:
rootdarkarchon
@@ -1,63 +1,56 @@
|
||||
using System.Security.Claims;
|
||||
using System.Security.Cryptography;
|
||||
using System.Text;
|
||||
using System.Text.Encodings.Web;
|
||||
using MareSynchronosServer;
|
||||
using MareSynchronosShared.Data;
|
||||
using MareSynchronosShared.Metrics;
|
||||
using MareSynchronosShared.Protos;
|
||||
using Microsoft.AspNetCore.Authentication;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
using Microsoft.Extensions.Logging;
|
||||
using Microsoft.Extensions.Options;
|
||||
using ISystemClock = Microsoft.AspNetCore.Authentication.ISystemClock;
|
||||
|
||||
namespace MareSynchronosShared.Authentication
|
||||
namespace MareSynchronosShared.Authentication;
|
||||
|
||||
public class SecretKeyGrpcAuthenticationHandler : AuthenticationHandler<AuthenticationSchemeOptions>
|
||||
{
|
||||
public const string AuthScheme = "SecretKeyGrpcAuth";
|
||||
|
||||
public class SecretKeyGrpcAuthenticationHandler : AuthenticationHandler<AuthenticationSchemeOptions>
|
||||
private readonly AuthService.AuthServiceClient _authClient;
|
||||
private readonly IHttpContextAccessor _accessor;
|
||||
|
||||
public SecretKeyGrpcAuthenticationHandler(IHttpContextAccessor accessor, AuthService.AuthServiceClient authClient,
|
||||
IOptionsMonitor<AuthenticationSchemeOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock) : base(options, logger, encoder, clock)
|
||||
{
|
||||
public const string AuthScheme = "SecretKeyGrpcAuth";
|
||||
this._authClient = authClient;
|
||||
_accessor = accessor;
|
||||
}
|
||||
|
||||
private readonly AuthService.AuthServiceClient _authClient;
|
||||
private readonly IHttpContextAccessor _accessor;
|
||||
|
||||
public SecretKeyGrpcAuthenticationHandler(IHttpContextAccessor accessor, AuthService.AuthServiceClient authClient,
|
||||
IOptionsMonitor<AuthenticationSchemeOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock) : base(options, logger, encoder, clock)
|
||||
protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
|
||||
{
|
||||
if(!Request.Headers.TryGetValue("Authorization", out var authHeader))
|
||||
{
|
||||
this._authClient = authClient;
|
||||
_accessor = accessor;
|
||||
authHeader = string.Empty;
|
||||
}
|
||||
var ip = _accessor.GetIpAddress();
|
||||
|
||||
var authResult = await _authClient.AuthorizeAsync(new AuthRequest() {Ip = ip, SecretKey = authHeader}).ConfigureAwait(false);
|
||||
|
||||
if (!authResult.Success)
|
||||
{
|
||||
return AuthenticateResult.Fail("Failed Authorization");
|
||||
}
|
||||
|
||||
protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
|
||||
string uid = authResult.Uid;
|
||||
|
||||
var claims = new List<Claim>
|
||||
{
|
||||
if(!Request.Headers.TryGetValue("Authorization", out var authHeader))
|
||||
{
|
||||
authHeader = string.Empty;
|
||||
}
|
||||
var ip = _accessor.GetIpAddress();
|
||||
new(ClaimTypes.NameIdentifier, uid),
|
||||
new(ClaimTypes.Authentication, authHeader)
|
||||
};
|
||||
|
||||
var authResult = await _authClient.AuthorizeAsync(new AuthRequest() {Ip = ip, SecretKey = authHeader}).ConfigureAwait(false);
|
||||
var identity = new ClaimsIdentity(claims, nameof(SecretKeyGrpcAuthenticationHandler));
|
||||
var principal = new ClaimsPrincipal(identity);
|
||||
var ticket = new AuthenticationTicket(principal, Scheme.Name);
|
||||
|
||||
if (!authResult.Success)
|
||||
{
|
||||
return AuthenticateResult.Fail("Failed Authorization");
|
||||
}
|
||||
|
||||
string uid = authResult.Uid;
|
||||
|
||||
var claims = new List<Claim>
|
||||
{
|
||||
new(ClaimTypes.NameIdentifier, uid),
|
||||
new(ClaimTypes.Authentication, authHeader)
|
||||
};
|
||||
|
||||
var identity = new ClaimsIdentity(claims, nameof(SecretKeyGrpcAuthenticationHandler));
|
||||
var principal = new ClaimsPrincipal(identity);
|
||||
var ticket = new AuthenticationTicket(principal, Scheme.Name);
|
||||
|
||||
return AuthenticateResult.Success(ticket);
|
||||
}
|
||||
return AuthenticateResult.Success(ticket);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user