leon.hoppe/HopFrame
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

Removed implicit callback definition

Browse Source
This commit is contained in:
Leon Hoppe
2024-12-23 12:17:54 +01:00
parent 73d89a241f
commit 3031dda710
6 changed files with 18 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
HopFrame.sln.DotSettings.user
View File

@@ -80,6 +80,7 @@
</wpf:ResourceDictionary> </wpf:ResourceDictionary>

4
src/HopFrame.Api/Controller/OpenIdController.cs
View File

@@ -14,7 +14,7 @@ public class OpenIdController(IOpenIdAccessor accessor, IOptions<OpenIdOptions>
[HttpGet("redirect")] [HttpGet("redirect")]
public async Task<IActionResult> RedirectToProvider([FromQuery] string redirectAfter, [FromQuery] int performRedirect = 1) { public async Task<IActionResult> RedirectToProvider([FromQuery] string redirectAfter, [FromQuery] int performRedirect = 1) {
var uri = await accessor.ConstructAuthUri(DefaultCallback, redirectAfter); var uri = await accessor.ConstructAuthUri(redirectAfter);
if (performRedirect == 1) { if (performRedirect == 1) {
return Redirect(uri); return Redirect(uri);
@@ -29,7 +29,7 @@ public class OpenIdController(IOpenIdAccessor accessor, IOptions<OpenIdOptions>
return BadRequest("Authorization code is missing"); return BadRequest("Authorization code is missing");
} }
var token = await accessor.RequestToken(code, DefaultCallback); var token = await accessor.RequestToken(code);
if (token is null) { if (token is null) {
return Forbid("Authorization code is not valid"); return Forbid("Authorization code is not valid");

5
src/HopFrame.Api/Extensions/ServiceCollectionExtensions.cs
View File

@@ -3,6 +3,7 @@ using HopFrame.Api.Logic;
using HopFrame.Api.Logic.Implementation; using HopFrame.Api.Logic.Implementation;
using HopFrame.Database; using HopFrame.Database;
using HopFrame.Security.Authentication; using HopFrame.Security.Authentication;
using HopFrame.Security.Authentication.OpenID;
using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.Configuration; using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.DependencyInjection;
@@ -25,8 +26,10 @@ public static class ServiceCollectionExtensions {
if (!defaultAuthenticationSection.Exists() || configuration.GetValue<bool>("HopFrame:Authentication:DefaultAuthentication")) if (!defaultAuthenticationSection.Exists() || configuration.GetValue<bool>("HopFrame:Authentication:DefaultAuthentication"))
controllers.Add(typeof(AuthController)); controllers.Add(typeof(AuthController));
if (configuration.GetValue<bool>("HopFrame:Authentication:OpenID:Enabled")) if (configuration.GetValue<bool>("HopFrame:Authentication:OpenID:Enabled")) {
IOpenIdAccessor.DefaultCallback = OpenIdController.DefaultCallback;
controllers.Add(typeof(OpenIdController)); controllers.Add(typeof(OpenIdController));
}
AddHopFrameNoEndpoints<TDbContext>(services, configuration); AddHopFrameNoEndpoints<TDbContext>(services, configuration);
services.AddMvcCore().UseSpecificControllers(controllers.ToArray()); services.AddMvcCore().UseSpecificControllers(controllers.ToArray());

6
src/HopFrame.Security/Authentication/OpenID/IOpenIdAccessor.cs
View File

@@ -3,9 +3,11 @@ using HopFrame.Security.Authentication.OpenID.Models;
namespace HopFrame.Security.Authentication.OpenID; namespace HopFrame.Security.Authentication.OpenID;
public interface IOpenIdAccessor { public interface IOpenIdAccessor {
public static string DefaultCallback;
Task<OpenIdConfiguration> LoadConfiguration(); Task<OpenIdConfiguration> LoadConfiguration();
Task<OpenIdToken> RequestToken(string code, string defaultCallback); Task<OpenIdToken> RequestToken(string code);
Task<string> ConstructAuthUri(string defaultCallback, string state = null); Task<string> ConstructAuthUri(string state = null);
Task<OpenIdIntrospection> InspectToken(string token); Task<OpenIdIntrospection> InspectToken(string token);
Task<OpenIdToken> RefreshAccessToken(string refreshToken); Task<OpenIdToken> RefreshAccessToken(string refreshToken);
} }

8
src/HopFrame.Security/Authentication/OpenID/Implementation/OpenIdAccessor.cs
View File

@@ -32,13 +32,13 @@ internal class OpenIdAccessor(IHttpClientFactory clientFactory, IOptions<OpenIdO
return config; return config;
} }
public async Task<OpenIdToken> RequestToken(string code, string defaultCallback) { public async Task<OpenIdToken> RequestToken(string code) {
if (options.Value.Cache.Enabled && options.Value.Cache.Auth.Enabled && cache.TryGetValue(AuthCodeCacheKey + code, out object cachedToken)) { if (options.Value.Cache.Enabled && options.Value.Cache.Auth.Enabled && cache.TryGetValue(AuthCodeCacheKey + code, out object cachedToken)) {
return cachedToken as OpenIdToken; return cachedToken as OpenIdToken;
} }
var protocol = accessor.HttpContext!.Request.IsHttps ? "https" : "http"; var protocol = accessor.HttpContext!.Request.IsHttps ? "https" : "http";
var callback = options.Value.Callback ?? Path.Combine($"{protocol}://{accessor.HttpContext!.Request.Host.Value}", defaultCallback); var callback = options.Value.Callback ?? Path.Combine($"{protocol}://{accessor.HttpContext!.Request.Host.Value}", IOpenIdAccessor.DefaultCallback);
var configuration = await LoadConfiguration(); var configuration = await LoadConfiguration();
@@ -65,9 +65,9 @@ internal class OpenIdAccessor(IHttpClientFactory clientFactory, IOptions<OpenIdO
return token; return token;
} }
public async Task<string> ConstructAuthUri(string defaultCallback, string state = null) { public async Task<string> ConstructAuthUri(string state = null) {
var protocol = accessor.HttpContext!.Request.IsHttps ? "https" : "http"; var protocol = accessor.HttpContext!.Request.IsHttps ? "https" : "http";
var callback = options.Value.Callback ?? Path.Combine($"{protocol}://{accessor.HttpContext!.Request.Host.Value}", defaultCallback); var callback = options.Value.Callback ?? Path.Combine($"{protocol}://{accessor.HttpContext!.Request.Host.Value}", IOpenIdAccessor.DefaultCallback);
var configuration = await LoadConfiguration(); var configuration = await LoadConfiguration();
return $"{configuration.AuthorizationEndpoint}?response_type=code&client_id={options.Value.ClientId}&redirect_uri={callback}&scope=openid%20profile%20email%20offline_access&state={state}"; return $"{configuration.AuthorizationEndpoint}?response_type=code&client_id={options.Value.ClientId}&redirect_uri={callback}&scope=openid%20profile%20email%20offline_access&state={state}";

6
testing/HopFrame.Testing.Api/Controllers/TestController.cs
View File

@@ -2,6 +2,7 @@ using HopFrame.Api.Logic;
using HopFrame.Api.Models; using HopFrame.Api.Models;
using HopFrame.Database.Models; using HopFrame.Database.Models;
using HopFrame.Database.Repositories; using HopFrame.Database.Repositories;
using HopFrame.Security.Authentication.OpenID;
using HopFrame.Security.Authorization; using HopFrame.Security.Authorization;
using HopFrame.Security.Claims; using HopFrame.Security.Claims;
using HopFrame.Testing.Api.Models; using HopFrame.Testing.Api.Models;
@@ -68,9 +69,8 @@ public class TestController(ITokenContext userContext, DatabaseContext context,
} }
[HttpGet("url")] [HttpGet("url")]
public async Task<ActionResult<SingleValueResult<string>>> GetUrl() { public ActionResult<string> GetUrl() {
var protocol = Request.IsHttps ? "https" : "http"; return Ok(IOpenIdAccessor.DefaultCallback ?? "Not set");
return Ok($"{protocol}://{Request.Host.Value}/auth/callback");
} }
} }