Moonlight-Panel/Servers
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Improved jwt handling for node access tokens. Switched to di plugin system

Browse Source
This commit is contained in:
ChiaraBm
2025-02-24 21:03:23 +01:00
parent 67efe71247
commit a8d867c3c7
11 changed files with 101 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
MoonlightServers.Daemon/Abstractions/Server.Crash.cs
View File

@@ -35,7 +35,7 @@ public partial class Server
public async Task InternalError()
{
await LogToConsole("An unhandled error occured performing action");
// TODO:
Logger.LogInformation("Reporting or smth");
}
}

33
MoonlightServers.Daemon/Helpers/AccessTokenHelper.cs
View File

@@ -1,4 +1,8 @@
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text;
using System.Text.Json;
using Microsoft.IdentityModel.Tokens;
using MoonCore.Attributes;
using MoonCore.Extended.Helpers;
using MoonlightServers.Daemon.Configuration;
@@ -15,8 +19,33 @@ public class AccessTokenHelper
Configuration = configuration;
}
public bool Process(string accessToken, out Dictionary<string, JsonElement> data)
// TODO: Improve
public bool Process(string accessToken, out Claim[] claims)
{
return JwtHelper.TryVerifyAndDecodePayload(Configuration.Security.Token, accessToken, out data);
var jwtSecurityTokenHandler = new JwtSecurityTokenHandler();
try
{
var data = jwtSecurityTokenHandler.ValidateToken(accessToken, new()
{
ClockSkew = TimeSpan.Zero,
ValidateLifetime = true,
ValidateAudience = false,
ValidateIssuer = false,
ValidateActor = false,
IssuerSigningKey = new SymmetricSecurityKey(
Encoding.UTF8.GetBytes(Configuration.Security.Token)
)
}, out var _);
claims = data.Claims.ToArray();
return true;
}
catch (Exception e)
{
claims = [];
return false;
}
}
}

6
MoonlightServers.Daemon/Helpers/ServerWebSocketConnection.cs
View File

@@ -50,7 +50,7 @@ public class ServerWebSocketConnection
}
// Validate access token data
if (!accessData.ContainsKey("type") || !accessData.ContainsKey("serverId"))
if (accessData.All(x => x.Type != "type") || accessData.All(x => x.Type != "serverId"))
{
Logger.LogDebug("Received invalid access token: Required parameters are missing");
@@ -63,7 +63,7 @@ public class ServerWebSocketConnection
}
// Validate access token type
var type = accessData["type"].GetString()!;
var type = accessData.First(x => x.Type == "type").Value;
if (type != "websocket")
{
@@ -77,7 +77,7 @@ public class ServerWebSocketConnection
return;
}
var serverId = accessData["serverId"].GetInt32();
var serverId = int.Parse(accessData.First(x => x.Type == "serverId").Value);
// Check that the access token isn't for another server
if (ServerId != -1 && ServerId == serverId)

6
MoonlightServers.Daemon/MoonlightServers.Daemon.csproj
View File

@@ -9,9 +9,9 @@
<ItemGroup>
<PackageReference Include="Docker.DotNet" Version="3.125.15" />
<PackageReference Include="Microsoft.AspNetCore.SignalR" Version="1.1.0" />
<PackageReference Include="MoonCore" Version="1.8.2" />
<PackageReference Include="MoonCore.Extended" Version="1.2.7" />
<PackageReference Include="MoonCore.Unix" Version="1.0.0" />
<PackageReference Include="MoonCore" Version="1.8.3" />
<PackageReference Include="MoonCore.Extended" Version="1.2.8" />
<PackageReference Include="MoonCore.Unix" Version="1.0.2" />
<PackageReference Include="Stateless" Version="5.17.0" />
<PackageReference Include="Swashbuckle.AspNetCore" Version="6.6.2"/>
</ItemGroup>