VPNAuth.Server/Pages/Auth.cshtml.cs


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53

using Microsoft.AspNetCore.Mvc.RazorPages;
using Microsoft.EntityFrameworkCore.ChangeTracking;
using VPNAuth.Server.Database;

namespace VPNAuth.Server.Pages;

public class Auth : PageModel
{
    public Config Config;
    public ConfigUser? User;
    public bool ValidRequest;
    public EntityEntry<AuthRequest>? RequestEntry;
    
    public readonly List<string> RequiredQueryParams =
    [
        "response_type",
        "client_id",
        "scope",
        "code_challenge_method",
        "code_challenge"
    ];
    
    public void OnGet()
    {
        Config = Config.Read();
        User = HttpContext.GetUser();

        ValidRequest = RequiredQueryParams.All(key => Request.Query.ContainsKey(key))
                            && Config.FindApp(Request.Query["client_id"]!) != null
                            && Request.Query["code_challenge_method"] == "S256"
                            && User != null;

        RequestEntry = null;

        if (ValidRequest)
        {
            using var db = new Database.Database();
            RequestEntry = db.Add(new AuthRequest
            {
                InitTime = DateTime.Now,
                ClientId = Request.Query["client_id"]!,
                Code = PkceUtils.GenerateCode(),
                State = Request.Query["state"],
                Scopes = Request.Query["scope"].ToString().Split(" ").ToList(),
                CodeChallenge = Request.Query["code_challenge"]!,
                CodeChallengeMethod = Request.Query["code_challenge_method"]!,
                Accepted = false,
                Username = User!.Username!
            });
            db.SaveChanges();
        }
    }
}