Implemented modular oauth2 system

2025-04-15 13:03:13 +02:00
parent f81b84e4b3
commit 504cb8e950
7 changed files with 108 additions and 61 deletions
--- a/Moonlight.ApiServer/Implementations/LocalOAuth2Provider.cs
+++ b/Moonlight.ApiServer/Implementations/LocalOAuth2Provider.cs
@@ -0,0 +1,81 @@
+using Microsoft.EntityFrameworkCore;
+using MoonCore.Exceptions;
+using MoonCore.Extended.Abstractions;
+using MoonCore.Helpers;
+using Moonlight.ApiServer.Configuration;
+using Moonlight.ApiServer.Database.Entities;
+using Moonlight.ApiServer.Interfaces;
+using Moonlight.Shared.Http.Responses.OAuth2;
+
+namespace Moonlight.ApiServer.Implementations;
+
+public class LocalOAuth2Provider : IOAuth2Provider
+{
+    private readonly AppConfiguration Configuration;
+    private readonly ILogger<LocalOAuth2Provider> Logger;
+    private readonly DatabaseRepository<User> UserRepository;
+
+    public LocalOAuth2Provider(
+        AppConfiguration configuration,
+        ILogger<LocalOAuth2Provider> logger,
+        DatabaseRepository<User> userRepository
+    )
+    {
+        UserRepository = userRepository;
+        Configuration = configuration;
+        Logger = logger;
+    }
+
+    public async Task<User?> Sync(string code)
+    {
+        // Create http client to call the auth provider
+        var httpClient = new HttpClient();
+        using var httpApiClient = new HttpApiClient(httpClient);
+
+        httpClient.DefaultRequestHeaders.Add("Authorization",
+            $"Basic {Configuration.Authentication.OAuth2.ClientSecret}");
+
+        // Build access endpoint
+        var accessEndpoint = string.IsNullOrEmpty(Configuration.Authentication.OAuth2.AccessEndpoint)
+            ? $"{Configuration.PublicUrl}/oauth2/handle"
+            : Configuration.Authentication.OAuth2.AccessEndpoint;
+
+        // Build redirect uri
+        var redirectUri = string.IsNullOrEmpty(Configuration.Authentication.OAuth2.AuthorizationRedirect)
+            ? Configuration.PublicUrl
+            : Configuration.Authentication.OAuth2.AuthorizationRedirect;
+
+        // Call the auth provider
+        OAuth2HandleResponse handleData;
+
+        try
+        {
+            handleData = await httpApiClient.PostJson<OAuth2HandleResponse>(accessEndpoint, new FormUrlEncodedContent(
+                [
+                    new KeyValuePair<string, string>("grant_type", "authorization_code"),
+                    new KeyValuePair<string, string>("code", code),
+                    new KeyValuePair<string, string>("redirect_uri", redirectUri),
+                    new KeyValuePair<string, string>("client_id", Configuration.Authentication.OAuth2.ClientId)
+                ]
+            ));
+        }
+        catch (HttpApiException e)
+        {
+            if (e.Status == 400)
+                Logger.LogTrace("The auth server returned an error: {e}", e);
+            else
+                Logger.LogCritical("The auth server returned an error: {e}", e);
+
+            throw new HttpApiException("Unable to request user data", 500);
+        }
+
+        // Handle the returned data
+        var userId = handleData.UserId;
+
+        var user = await UserRepository
+            .Get()
+            .FirstOrDefaultAsync(x => x.Id == userId);
+
+        return user;
+    }
+}