diff options
| author | Tim <contact@bytim.eu> | 2025-04-19 19:33:04 +0200 |
|---|---|---|
| committer | Tim <contact@bytim.eu> | 2025-04-19 19:33:04 +0200 |
| commit | 6a9657a10dc5ef3c4dfddf222284eec6c933ac83 (patch) | |
| tree | a2b939a2e51ad04dd2635126be27d66c781666dd /VPNAuth.Server/Program.cs | |
| parent | ff9b1e112ed14746ed74dfff1fb4c19efd5502d4 (diff) | |
| download | VPNAuth-6a9657a10dc5ef3c4dfddf222284eec6c933ac83.tar.xz VPNAuth-6a9657a10dc5ef3c4dfddf222284eec6c933ac83.zip | |
Diffstat (limited to 'VPNAuth.Server/Program.cs')
| -rw-r--r-- | VPNAuth.Server/Program.cs | 78 |
1 files changed, 72 insertions, 6 deletions
diff --git a/VPNAuth.Server/Program.cs b/VPNAuth.Server/Program.cs index 822aba7..beae428 100644 --- a/VPNAuth.Server/Program.cs +++ b/VPNAuth.Server/Program.cs @@ -36,6 +36,12 @@ app.MapGet("/accept-auth/{id}", async (HttpContext context, int id) => return; } + if (authRequest.Username != context.GetUser()?.Username) + { + context.Response.StatusCode = StatusCodes.Status403Forbidden; + return; + } + authRequest.Accepted = true; db.SaveChanges(); @@ -80,7 +86,8 @@ app.MapPost("/access-token", async (HttpContext context) => ClientId = authRequest.ClientId, Scopes = authRequest.Scopes, CreationTime = DateTime.Now, - Token = PkceUtils.GenerateToken() + Token = PkceUtils.GenerateToken(), + Username = authRequest.Username }); db.SaveChanges(); @@ -92,7 +99,7 @@ app.MapPost("/access-token", async (HttpContext context) => }); }); -app.MapPost("/user-info", async (HttpContext context) => +app.MapPost("/user-info-settings", async (HttpContext context) => { using var db = new Database(); @@ -103,8 +110,10 @@ app.MapPost("/user-info", async (HttpContext context) => context.Response.StatusCode = StatusCodes.Status401Unauthorized; } - UserInformation? userInformation = db.UserInformation.Where(user => user.Sub == configUser!.Username) - .ToList().FirstOrDefault() ?? db.Add(new UserInformation + UserInformation? userInformation = db.UserInformation + .Where(user => user.Sub == configUser!.Username) + .ToList() + .FirstOrDefault() ?? db.Add(new UserInformation { Sub = configUser!.Username }).Entity; @@ -120,15 +129,72 @@ app.MapPost("/user-info", async (HttpContext context) => if (context.Request.Form.ContainsKey("email")) userInformation.Email = context.Request.Form["email"]!; - + if (context.Request.Form.ContainsKey("picture")) userInformation.Picture = context.Request.Form["picture"]!; - + userInformation.Name = userInformation.GivenName + " " + userInformation.FamilyName; db.SaveChanges(); }); +app.Map("/user-info", (HttpContext context) => +{ + if (context.Request.Method != "GET" && context.Request.Method != "POST") + { + context.Response.StatusCode = StatusCodes.Status405MethodNotAllowed; + return; + } + + var tokenHeader = context.Request.Headers["Authorization"].First()?.Split(" "); + + if (tokenHeader?.Length == 1 || tokenHeader?[0] != "Bearer") + { + context.Response.StatusCode = StatusCodes.Status400BadRequest; + return; + } + + if (tokenHeader.Length >= 2) + { + context.Response.StatusCode = StatusCodes.Status401Unauthorized; + return; + } + + using var db = new Database(); + var tokenDbEntry = db.AccessTokens + .Where(tokenEntry => tokenEntry.Token == tokenHeader[1]) + .ToList() + .FirstOrDefault(); + + if (tokenDbEntry == null) + { + context.Response.StatusCode = StatusCodes.Status403Forbidden; + return; + } + + var userInformation = db.UserInformation + .Where(entry => entry.Sub == tokenDbEntry.Username) + .ToList() + .FirstOrDefault(); + + if (userInformation == null) + { + context.Response.StatusCode = StatusCodes.Status204NoContent; + return; + } + + context.Response.WriteAsJsonAsync(new UserInfo + { + Email = userInformation.Email, + GivenName = userInformation.GivenName, + FamilyName = userInformation.FamilyName, + Name = userInformation.Name, + Picture = userInformation.Picture, + PreferredUsername = userInformation.PreferredUsername, + Sub = userInformation.Sub + }); +}); + app.MapStaticAssets(); app.MapRazorPages() .WithStaticAssets(); |