Started implementing client and api server auth and the refresh endpoint

2024-10-19 16:37:37 +02:00
parent 6be3b8338d
commit 8883b521e9
7 changed files with 94 additions and 9 deletions
--- a/Moonlight.ApiServer/Http/Controllers/Auth/AuthController.cs
+++ b/Moonlight.ApiServer/Http/Controllers/Auth/AuthController.cs
@@ -1,4 +1,5 @@
 using Microsoft.AspNetCore.Mvc;
+using MoonCore.Exceptions;
 using MoonCore.Extended.Abstractions;
 using MoonCore.Extended.Helpers;
 using MoonCore.Extended.OAuth2.ApiServer;
@@ -39,6 +40,40 @@ public class AuthController : Controller
        return Mapper.Map<AuthStartResponse>(data);
    }

+    [HttpPost("refresh")]
+    public async Task Refresh([FromBody] RefreshRequest request)
+    {
+        var authConfig = ConfigService.Get().Authentication;
+        
+        var tokenPair = await TokenHelper.RefreshPair(
+            request.RefreshToken,
+            authConfig.MlAccessSecret,
+            authConfig.MlRefreshSecret,
+            (refreshTokenData, newTokenData) =>
+            {
+                if (!refreshTokenData.TryGetValue("userId", out var userIdStr) || !int.TryParse(userIdStr, out var userId))
+                    return false;
+                
+                var user = UserRepository.Get().FirstOrDefault(x => x.Id == userId);
+
+                if (user == null)
+                    return false;
+                
+                //TODO: External check
+                
+                newTokenData.Add("userId", user.Id.ToString());
+                return true;
+            }
+        );
+
+        if (!tokenPair.HasValue)
+            throw new HttpApiException("Unable to refresh token", 401);
+        
+        Response.Cookies.Append("ml-access", tokenPair.Value.AccessToken);
+        Response.Cookies.Append("ml-refresh", tokenPair.Value.RefreshToken);
+        Response.Cookies.Append("ml-timestamp", DateTimeOffset.UtcNow.AddSeconds(3600).ToUnixTimeSeconds().ToString());
+    }
+
    [HttpGet("handle")]
    public async Task Handle([FromQuery(Name = "code")] string code)
    {
--- a/Moonlight.ApiServer/Moonlight.ApiServer.csproj
+++ b/Moonlight.ApiServer/Moonlight.ApiServer.csproj
@@ -12,7 +12,7 @@
          <PrivateAssets>all</PrivateAssets>
          <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
        </PackageReference>
-        <PackageReference Include="MoonCore" Version="1.6.1" />
+        <PackageReference Include="MoonCore" Version="1.6.2" />
        <PackageReference Include="MoonCore.Extended" Version="1.1.0" />
        <PackageReference Include="MoonCore.PluginFramework" Version="1.0.0" />
        <PackageReference Include="Pomelo.EntityFrameworkCore.MySql" Version="8.0.2" />
--- a/Moonlight.ApiServer/Program.cs
+++ b/Moonlight.ApiServer/Program.cs
@@ -135,7 +135,7 @@ if (config.Authentication.UseLocalOAuth2Service)

 builder.Services.AddTokenAuthentication(configuration =>
 {
-    configuration.AccessSecret = config.Authentication.AccessSecret;
+    configuration.AccessSecret = config.Authentication.MlAccessSecret;
    configuration.DataLoader = async (data, provider, context) =>
    {
        if (!data.TryGetValue("userId", out var userIdStr) || !int.TryParse(userIdStr, out var userId))
@@ -148,7 +148,7 @@ builder.Services.AddTokenAuthentication(configuration =>
            return false;
        
        // OAuth2 - Check external
-        if (DateTime.UtcNow > user.RefreshTimestamp)
+        if (false && DateTime.UtcNow > user.RefreshTimestamp)
        {
            var tokenConsumer = new TokenConsumer(user.AccessToken, user.RefreshToken, user.RefreshTimestamp,
                async refreshToken =>
@@ -170,7 +170,7 @@ builder.Services.AddTokenAuthentication(configuration =>
                    };
                });

-            await tokenConsumer.GetAccessToken();
+            //await tokenConsumer.GetAccessToken();
            //TODO: API CALL (modular)
        }