PetriePanel-Team/PetriePanel
2
0
Fork 0
Code Issues 4 Pull Requests Projects Releases Wiki Activity

Authentication finally moved to the dotnet way in webapi, ready to be added to to deal with users and such

Browse Source 
Introspection access point properly uses basic auth of client id and secret to access
This commit is contained in:
littlefoot
2021-10-14 20:54:58 -04:00
parent 0dffa6e516
commit 320d939c76
9 changed files with 176 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
WebAPI/Data/AppSettings.cs
View File

@@ -7,7 +7,9 @@ namespace WebAPI.Data
{
public static string PterodactylAPIKey { get; private set; }
public static string PterodactylPanelURL { get; private set; }
public static string OIDCUserInfoEndpoint { get; private set; }
public static string OIDCIntrospectionEndpoint { get; private set; }
public static string OIDCClientId { get; private set; }
public static string OIDCClientSecret { get; set; }
public static void Init(IConfiguration configuration)
{
var fields = typeof(AppSettings).GetProperties();

23
WebAPI/Data/OIDCService.cs
View File

@@ -1,14 +1,21 @@
using System;
using System.Collections.Generic;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Text;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.Logging;
using Newtonsoft.Json;
namespace WebAPI.Data
{
public class OIDCService
{
protected class IntrospectionResponse
{
public bool Active { get; set; }
}
private HttpClient _httpClient { get; set; }
private ILogger<OIDCService> _logger { get; set; }
public OIDCService(ILogger<OIDCService> logger)
@@ -24,15 +31,23 @@ namespace WebAPI.Data
/// <returns>success</returns>
public async Task<bool> ValidateAccessToken(string accessToken)
{
Uri requestUri = new Uri($"{AppSettings.OIDCUserInfoEndpoint}");
HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, requestUri);
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
Uri requestUri = new Uri($"https://{AppSettings.OIDCIntrospectionEndpoint}");
HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Post, requestUri);
request.Content = new FormUrlEncodedContent(new Dictionary<string, string>()
{
{"token", accessToken}
});
string encodedAuth = Convert.ToBase64String(Encoding.GetEncoding(Encoding.Latin1.CodePage)
.GetBytes($"{AppSettings.OIDCClientId}:{AppSettings.OIDCClientSecret}"));
request.Headers.Authorization = new AuthenticationHeaderValue("Basic", encodedAuth);
HttpResponseMessage response = await _httpClient.SendAsync(request);
if (!response.IsSuccessStatusCode)
{
return false;
}
return true;
var responsecontent = await response.Content.ReadAsStringAsync();
return JsonConvert.DeserializeObject<IntrospectionResponse>(responsecontent).Active;
}
}