Switch to JWT authentication (#19)

* switch to jwt authentication * fix delete files * adjust saving of deletion of all files * update api to main/jwt Co-authored-by: rootdarkarchon <root.darkarchon@outlook.com>
2023-01-02 17:07:34 +01:00
parent bdd8830c8e
commit 5f0c12ecfa
15 changed files with 140 additions and 101 deletions
--- a/MareSynchronosServer/MareSynchronosServer/Hubs/MareHub.Files.cs
+++ b/MareSynchronosServer/MareSynchronosServer/Hubs/MareHub.Files.cs
@@ -1,5 +1,4 @@
-using System.Security.Claims;
-using System.Security.Cryptography;
+using System.Security.Cryptography;
 using System.Text.RegularExpressions;
 using Google.Protobuf;
 using Grpc.Core;
@@ -9,6 +8,7 @@ using MareSynchronosShared.Models;
 using MareSynchronosShared.Protos;
 using MareSynchronosShared.Utils;
 using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.SignalR;
 using Microsoft.EntityFrameworkCore;

 namespace MareSynchronosServer.Hubs;
@@ -37,7 +37,7 @@ public partial class MareHub
        request.Hash.AddRange(ownFiles.Select(f => f.Hash));
        Metadata headers = new Metadata()
            {
-                { "Authorization", Context.User!.Claims.SingleOrDefault(c => string.Equals(c.Type, ClaimTypes.Authentication, StringComparison.Ordinal))?.Value }
+                { "Authorization", Context.GetHttpContext().Request.Headers["Authorization"].ToString() }
            };
        _ = await _fileServiceClient.DeleteFilesAsync(request, headers).ConfigureAwait(false);
    }
@@ -213,7 +213,7 @@ public partial class MareHub

            Metadata headers = new Metadata()
            {
-                { "Authorization", Context.User!.Claims.SingleOrDefault(c => string.Equals(c.Type, ClaimTypes.Authentication, StringComparison.Ordinal))?.Value }
+                { "Authorization", Context.GetHttpContext().Request.Headers["Authorization"].ToString() }
            };
            var streamingCall = _fileServiceClient.UploadFile(headers);
            using var tempFileStream = new FileStream(tempFileName, FileMode.Open, FileAccess.Read);
--- a/MareSynchronosServer/MareSynchronosServer/Hubs/MareHub.cs
+++ b/MareSynchronosServer/MareSynchronosServer/Hubs/MareHub.cs
@@ -14,6 +14,7 @@ using Microsoft.EntityFrameworkCore;

 namespace MareSynchronosServer.Hubs;

+[Authorize(Policy = "Authenticated")]
 public partial class MareHub : Hub<IMareHub>, IMareHub
 {
    private readonly MareMetrics _mareMetrics;
@@ -118,6 +119,7 @@ public partial class MareHub : Hub<IMareHub>, IMareHub
        return Task.FromResult(needsReconnect);
    }

+    [Authorize(Policy = "Authenticated")]
    public override async Task OnConnectedAsync()
    {
        _logger.LogCallInfo(MareHubLogger.Args(_contextAccessor.GetIpAddress()));
@@ -125,6 +127,7 @@ public partial class MareHub : Hub<IMareHub>, IMareHub
        await base.OnConnectedAsync().ConfigureAwait(false);
    }

+    [Authorize(Policy = "Authenticated")]
    public override async Task OnDisconnectedAsync(Exception exception)
    {
        _mareMetrics.DecGauge(MetricsAPI.GaugeConnections);