Implement disabling of local oauth2 controller

2025-04-15 13:08:28 +02:00
parent 7defc9a6a9
commit 65ea5985d3
1 changed files with 29 additions and 20 deletions
--- a/Moonlight.ApiServer/Http/Controllers/OAuth2/OAuth2Controller.cs
+++ b/Moonlight.ApiServer/Http/Controllers/OAuth2/OAuth2Controller.cs
@@ -43,6 +43,9 @@ public class OAuth2Controller : Controller
        [FromQuery(Name = "view")] string view = "login"
    )
    {
+        if (!Configuration.Authentication.EnableLocalOAuth2)
+            throw new HttpApiException("Local OAuth2 has been disabled", 403);
+
        if (Configuration.Authentication.OAuth2.ClientId != clientId ||
            redirectUri != ExpectedRedirectUri ||
            responseType != "code")
@@ -88,6 +91,9 @@ public class OAuth2Controller : Controller
        [FromQuery(Name = "view")] string view = "login"
    )
    {
+        if (!Configuration.Authentication.EnableLocalOAuth2)
+            throw new HttpApiException("Local OAuth2 has been disabled", 403);
+
        if (Configuration.Authentication.OAuth2.ClientId != clientId ||
            redirectUri != ExpectedRedirectUri ||
            responseType != "code")
@@ -161,6 +167,9 @@ public class OAuth2Controller : Controller
        [FromForm(Name = "client_id")] string clientId
    )
    {
+        if (!Configuration.Authentication.EnableLocalOAuth2)
+            throw new HttpApiException("Local OAuth2 has been disabled", 403);
+
        // Check header
        if (!Request.Headers.ContainsKey("Authorization"))
            throw new HttpApiException("You are missing the Authorization header", 400);
@@ -227,7 +236,7 @@ public class OAuth2Controller : Controller
        };
    }

-    private async Task<string> GenerateCode(User user)
+    private Task<string> GenerateCode(User user)
    {
        var securityTokenDescriptor = new SecurityTokenDescriptor()
        {
@@ -252,7 +261,9 @@ public class OAuth2Controller : Controller
        var jwtSecurityTokenHandler = new JwtSecurityTokenHandler();
        var securityToken = jwtSecurityTokenHandler.CreateToken(securityTokenDescriptor);

-        return jwtSecurityTokenHandler.WriteToken(securityToken);
+        return Task.FromResult(
+            jwtSecurityTokenHandler.WriteToken(securityToken)
+        );
    }

    private async Task<User> Register(string username, string email, string password)
@@ -270,9 +281,7 @@ public class OAuth2Controller : Controller
            Password = HashHelper.Hash(password)
        };

-        var finalUser = await UserRepository.Add(user);
-
-        return finalUser;
+        return await UserRepository.Add(user);
    }

    private async Task<User> Login(string email, string password)