path: root/VPNAuth.Server/Api/Oidc.cs

using VPNAuth.Server.Responses;

namespace VPNAuth.Server.Api;

public static class Oidc
{
    public static async Task UserInfoHandler(HttpContext context)
    {
        if (context.Request.Method != "GET" && context.Request.Method != "POST")
        {
            context.Response.StatusCode = StatusCodes.Status405MethodNotAllowed;
            return;
        }

        var tokenHeader = context.Request.Headers["Authorization"].First()?.Split(" ");

        if (tokenHeader?.Length == 1 || tokenHeader?[0] != "Bearer")
        {
            context.Response.StatusCode = StatusCodes.Status400BadRequest;
            return;
        }

        if (tokenHeader.Length < 2)
        {
            context.Response.StatusCode = StatusCodes.Status401Unauthorized;
            return;
        }

        using var db = new Database.Database();
        var tokenDbEntry = db.AccessTokens
            .Where(tokenEntry => tokenEntry.Token == tokenHeader[1])
            .ToList()
            .FirstOrDefault();

        if (tokenDbEntry == null)
        {
            context.Response.StatusCode = StatusCodes.Status403Forbidden;
            return;
        }

        var userInformation = db.UserInformation
            .Where(entry => entry.Sub == tokenDbEntry.Username)
            .ToList()
            .FirstOrDefault();

        if (userInformation == null)
        {
            context.Response.StatusCode = StatusCodes.Status204NoContent;
            return;
        }

        context.Response.WriteAsJsonAsync(new UserInfo
        {
            Email = userInformation.Email,
            GivenName = userInformation.GivenName,
            FamilyName = userInformation.FamilyName,
            Name = userInformation.Name,
            Picture = userInformation.Picture,
            PreferredUsername = userInformation.PreferredUsername,
            Sub = userInformation.Sub
        });
    }
}