diff options
| author | Tim <contact@bytim.eu> | 2025-04-18 12:25:59 +0200 |
|---|---|---|
| committer | Tim <contact@bytim.eu> | 2025-04-18 12:25:59 +0200 |
| commit | 4b2ad030fa381662f4b0c2464e97b0d2c5f6a716 (patch) | |
| tree | dcc6af3136764322bd779110dcedd35e293d583c /VPNAuth.Server/Program.cs | |
| download | VPNAuth-4b2ad030fa381662f4b0c2464e97b0d2c5f6a716.tar.xz VPNAuth-4b2ad030fa381662f4b0c2464e97b0d2c5f6a716.zip | |
Initial commit
Diffstat (limited to 'VPNAuth.Server/Program.cs')
| -rw-r--r-- | VPNAuth.Server/Program.cs | 98 |
1 files changed, 98 insertions, 0 deletions
diff --git a/VPNAuth.Server/Program.cs b/VPNAuth.Server/Program.cs new file mode 100644 index 0000000..6ea0b40 --- /dev/null +++ b/VPNAuth.Server/Program.cs @@ -0,0 +1,98 @@ +using VPNAuth.Server; +using VPNAuth.Server.Database; +using VPNAuth.Server.Responses; + +Config.CreateIfNotExists(); + +var builder = WebApplication.CreateBuilder(args); + +// Add services to the container. +builder.Services.AddRazorPages(); + +var app = builder.Build(); + +// Configure the HTTP request pipeline. +if (!app.Environment.IsDevelopment()) +{ + app.UseExceptionHandler("/Error"); + // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts. + app.UseHsts(); +} + +app.UseHttpsRedirection(); + +app.UseRouting(); + +app.UseAuthorization(); + +app.MapGet("/accept-auth/{id}", async (HttpContext context, int id) => +{ + using var db = new Database(); + var authRequest = db.AuthRequests.Find(id); + if (authRequest == null || authRequest.Accepted) + { + context.Response.StatusCode = StatusCodes.Status404NotFound; + return; + } + + authRequest.Accepted = true; + db.SaveChanges(); + + var config = Config.Read(); + context.Response.StatusCode = StatusCodes.Status302Found; + context.Response.Headers["Location"] = config.FindApp(authRequest.ClientId)!.RedirectUri! + + "?code=" + authRequest.Code + + "&state=" + authRequest.State; +}); + +app.MapPost("/access-token", async (HttpContext context) => +{ + var config = Config.Read(); + if (context.Request.Form["grant_type"] != "authorization_code") + { + context.Response.StatusCode = StatusCodes.Status400BadRequest; + return; + } + + var clientSecret = config.FindApp(context.Request.Form["client_id"]!)!.Secret; // FIXME: null pointer + if (clientSecret != null && clientSecret != context.Request.Form["client_secret"]) + { + context.Response.StatusCode = StatusCodes.Status403Forbidden; + return; + } + + using var db = new Database(); + var authRequest = db.AuthRequests + .Where(request => request.Code == context.Request.Form["code"].ToString()) + .ToList() + .FirstOrDefault(); + if (authRequest == null) + { + context.Response.StatusCode = StatusCodes.Status404NotFound; + return; + } + + // TODO: validate code verifier -> context.Request.Form["code_verifier"] + + var accessTokenEntry = db.AccessTokens.Add(new AccessToken + { + ClientId = authRequest.ClientId, + Scopes = authRequest.Scopes, + CreationTime = DateTime.Now, + Token = PkceUtils.GenerateToken() + }); + db.SaveChanges(); + + await context.Response.WriteAsJsonAsync(new Token + { + AccessToken = accessTokenEntry.Entity.Token, + TokenType = "Bearer", + Expires = 0 // TODO: change to actual value + }); +}); + +app.MapStaticAssets(); +app.MapRazorPages() + .WithStaticAssets(); + +app.Run("http://localhost:8080"); |