Added oidc service to webapi with a dumb way of authenticating incoming tokens

2021-10-13 22:26:45 -04:00
parent cccd609233
commit 33cbb4f136
13 changed files with 120 additions and 114 deletions
--- a/Web/Data/WeatherForecast.cs
+++ b/Web/Data/WeatherForecast.cs
@@ -1,15 +0,0 @@
 using System;
 namespace Web.Data
 {
    public class WeatherForecast
    {
        public DateTime Date { get; set; }
        public int TemperatureC { get; set; }
        public int TemperatureF => 32 + (int) (TemperatureC / 0.5556);
        public string Summary { get; set; }
    }
 }
--- a/Web/Data/WeatherForecastService.cs
+++ b/Web/Data/WeatherForecastService.cs
@@ -1,25 +0,0 @@
 using System;
 using System.Linq;
 using System.Threading.Tasks;
 namespace Web.Data
 {
    public class WeatherForecastService
    {
        private static readonly string[] Summaries = new[]
        {
            "Freezing", "Bracing", "Chilly", "Cool", "Mild", "Warm", "Balmy", "Hot", "Sweltering", "Scorching"
        };
        public Task<WeatherForecast[]> GetForecastAsync(DateTime startDate)
        {
            var rng = new Random();
            return Task.FromResult(Enumerable.Range(1, 5).Select(index => new WeatherForecast
            {
                Date = startDate.AddDays(index),
                TemperatureC = rng.Next(-20, 55),
                Summary = Summaries[rng.Next(Summaries.Length)]
            }).ToArray());
        }
    }
 }
--- a/Web/Pages/Counter.razor
+++ b/Web/Pages/Counter.razor
@@ -1,17 +0,0 @@
@page "/counter"
 <h1>Counter</h1>
 <p>Current count: @currentCount</p>
 <button class="btn btn-primary" @onclick="IncrementCount">Click me</button>
@code {
    private int currentCount = 0;
    private void IncrementCount()
    {
        currentCount++;
    }
 }
--- a/Web/Pages/CreateServer.razor
+++ b/Web/Pages/CreateServer.razor
@@ -0,0 +1,21 @@
@page "/CreateServer"
@using Microsoft.AspNetCore.Http
@using Microsoft.AspNetCore.Authentication
@inject IHttpContextAccessor _httpContextAccessor
 <AuthorizeView>
    <Authorized>
    </Authorized>
    <NotAuthorized>
        <h1>You must be logged in to view this page!</h1>
    </NotAuthorized>
 </AuthorizeView>
@code {
    protected async override Task OnInitializedAsync()
    {
        string token = await _httpContextAccessor.HttpContext.GetTokenAsync("access_token");
        var t = 2;
    }
 }
--- a/Web/Pages/FetchData.razor
+++ b/Web/Pages/FetchData.razor
@@ -1,46 +0,0 @@
@page "/fetchdata"
@using Web.Data
@inject WeatherForecastService ForecastService
 <h1>Weather forecast</h1>
 <p>This component demonstrates fetching data from a service.</p>
@if (forecasts == null)
 {
    <p><em>Loading...</em></p>
 }
 else
 {
    <table class="table">
        <thead>
            <tr>
                <th>Date</th>
                <th>Temp. (C)</th>
                <th>Temp. (F)</th>
                <th>Summary</th>
            </tr>
        </thead>
        <tbody>
            @foreach (var forecast in forecasts)
            {
                <tr>
                    <td>@forecast.Date.ToShortDateString()</td>
                    <td>@forecast.TemperatureC</td>
                    <td>@forecast.TemperatureF</td>
                    <td>@forecast.Summary</td>
                </tr>
            }
        </tbody>
    </table>
 }
@code {
    private WeatherForecast[] forecasts;
    protected override async Task OnInitializedAsync()
    {
        forecasts = await ForecastService.GetForecastAsync(DateTime.Now);
    }
 }
--- a/Web/Startup.cs
+++ b/Web/Startup.cs
@@ -33,7 +33,6 @@ namespace Web
            services.AddRazorPages();
            services.AddServerSideBlazor();
            services.AddHttpContextAccessor();
            services.AddSingleton<WeatherForecastService>();
            services.AddAuthentication(options =>
                {
                    options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
--- a/WebAPI/Controllers/BaseController.cs
+++ b/WebAPI/Controllers/BaseController.cs
@@ -0,0 +1,16 @@
 using System;
 using System.Linq;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Net.Http.Headers;
 namespace WebAPI.Controllers
 {
    public class BaseController : ControllerBase
    {
        protected string BearerToken =>
            Request.Headers.Keys.Contains(HeaderNames.Authorization) &&
            Request.Headers[HeaderNames.Authorization].Count > 0
                ? Request.Headers[HeaderNames.Authorization].First()
                : String.Empty;
    }
 }
--- a/WebAPI/Controllers/HelloWorldController.cs
+++ b/WebAPI/Controllers/HelloWorldController.cs
@@ -10,20 +10,26 @@ namespace WebAPI.Controllers
 {
    [Route("api/[controller]")]
    [ApiController]
-    public class HelloWorldController : ControllerBase
+    public class HelloWorldController : BaseController
    {
        private readonly PterodactylService _pterodactylService;
        private readonly OIDCService _oidcService;
-        public HelloWorldController(PterodactylService pterodactylService)
+        public HelloWorldController(PterodactylService pterodactylService, OIDCService oidcService)
        {
            _pterodactylService = pterodactylService;
            _oidcService = oidcService;
        }
        [HttpGet]
        public async Task<string> HelloWorld()
        {
-            await Task.Delay(5000);
+            if (await _oidcService.ValidateAccessToken(BearerToken))
-            return AppSettings.PterodactylAPIKey;
+            {
-        }
+                return "Validated";
            }
            return "Failed";
        }
    }
 }
--- a/WebAPI/Data/AppSettings.cs
+++ b/WebAPI/Data/AppSettings.cs
@@ -7,6 +7,7 @@ namespace WebAPI.Data
    {
        public static string PterodactylAPIKey { get; private set; }
        public static string PterodactylPanelURL { get; private set; }
        public static string OIDCUserInfoEndpoint { get; private set; }
        public static void Init(IConfiguration configuration)
        {
            var fields = typeof(AppSettings).GetProperties();
--- a/WebAPI/Data/OIDCService.cs
+++ b/WebAPI/Data/OIDCService.cs
@@ -0,0 +1,39 @@
 using System;
 using System.Net.Http;
 using System.Net.Http.Headers;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Logging;
 namespace WebAPI.Data
 {
    public class OIDCService
    {
        private HttpClient _httpClient { get; set; }
        private ILogger<OIDCService> _logger { get; set; }
        public OIDCService(ILogger<OIDCService> logger)
        {
            _logger = logger;
            _httpClient = new HttpClient();
        }
        /// <summary>
        /// Simple check of an OIDC access token by attempting to hit the userinfo endpoint.
        /// </summary>
        /// <param name="accessToken">access token to check</param>
        /// <returns>success</returns>
        public async Task<bool> ValidateAccessToken(string accessToken)
        {
            Uri requestUri = new Uri($"{AppSettings.OIDCUserInfoEndpoint}");
            HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, requestUri);
            request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
            HttpResponseMessage response = await _httpClient.SendAsync(request);
            if (!response.IsSuccessStatusCode)
            {
                return false;
            }
            return false;
        }
    }
 }
--- a/WebAPI/Startup.cs
+++ b/WebAPI/Startup.cs
@@ -30,9 +30,39 @@ namespace WebAPI
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddControllers();
-            services.AddSwaggerGen(c => { c.SwaggerDoc("v1", new OpenApiInfo {Title = "Petrie Panel Web API", Version = "v1"}); });
+            services.AddSwaggerGen(c =>
            {
                c.SwaggerDoc("v1", new OpenApiInfo {Title = "Petrie Panel Web API", Version = "v1"});
                c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme()
                {
                    Description = "JWT Token",
                    Name = "Authorization",
                    In = ParameterLocation.Header,
                    Type = SecuritySchemeType.ApiKey,
                    Scheme = "Bearer"
                });
                c.AddSecurityRequirement(new OpenApiSecurityRequirement()
                {
                    {
                        new OpenApiSecurityScheme
                        {
                            Reference = new OpenApiReference
                            {
                                Type = ReferenceType.SecurityScheme,
                                Id = "Bearer"
                            },
                            Scheme = "oauth2",
                            Name = "Bearer",
                            In = ParameterLocation.Header,
                        },
                        new List<string>()
                    }
                });
            });
            services.AddDbContext<AppDbContext>(options => options.UseNpgsql(Configuration.GetConnectionString("DefaultConnection")));
            services.AddSingleton<PterodactylService>();
            services.AddSingleton<OIDCService>();
        }
        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
--- a/WebAPI/WebAPI.csproj
+++ b/WebAPI/WebAPI.csproj
@@ -16,8 +16,4 @@
        <PackageReference Include="Swashbuckle.AspNetCore" Version="5.6.3" />
    </ItemGroup>
    <ItemGroup>
      <Folder Include="Controllers" />
    </ItemGroup>
 </Project>
--- a/WebAPI/appsettings.json
+++ b/WebAPI/appsettings.json
@@ -11,5 +11,6 @@
  },
  "AllowedHosts": "*",
  "PterodactylAPIKey": "REPLACE_ME",
-  "PterodactylPanelURL": "https://panel.orfl.xyz"
+  "PterodactylPanelURL": "https://panel.orfl.xyz",
  "OIDCUserInfoEndpoint": "https://authentik.mattstop.com/application/o/userinfo"
 }