From 7acd36bb794305347d200fad91ffcec402b4a98c Mon Sep 17 00:00:00 2001
From: Stanley Dimant <root.darkarchon@outlook.com>
Date: Thu, 31 Oct 2024 12:30:17 +0100
Subject: [PATCH] implement api call to get uids based on secret key

---
 MareAPI                                       |  2 +-
 .../Controllers/JwtController.cs              |  1 +
 .../Controllers/OAuthController.cs            | 23 +++++++++++++++++++
 3 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/MareAPI b/MareAPI
index 040add0..dc1c409 160000
--- a/MareAPI
+++ b/MareAPI
@@ -1 +1 @@
-Subproject commit 040add06083f76e5b41e64b8842339266a046871
+Subproject commit dc1c409ec65934fe3c50889d0517bc68f5fda431
diff --git a/MareSynchronosServer/MareSynchronosAuthService/Controllers/JwtController.cs b/MareSynchronosServer/MareSynchronosAuthService/Controllers/JwtController.cs
index 9aa5980..fad2ed4 100644
--- a/MareSynchronosServer/MareSynchronosAuthService/Controllers/JwtController.cs
+++ b/MareSynchronosServer/MareSynchronosAuthService/Controllers/JwtController.cs
@@ -9,6 +9,7 @@ using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.EntityFrameworkCore;
 using StackExchange.Redis.Extensions.Core.Abstractions;
+using System.Security.Cryptography;
 
 namespace MareSynchronosAuthService.Controllers;
 
diff --git a/MareSynchronosServer/MareSynchronosAuthService/Controllers/OAuthController.cs b/MareSynchronosServer/MareSynchronosAuthService/Controllers/OAuthController.cs
index a0e3cf9..4ddf55a 100644
--- a/MareSynchronosServer/MareSynchronosAuthService/Controllers/OAuthController.cs
+++ b/MareSynchronosServer/MareSynchronosAuthService/Controllers/OAuthController.cs
@@ -169,6 +169,29 @@ public class OAuthController : AuthControllerBase
         return Ok("The OAuth2 token was generated. The plugin will grab it automatically. You can close this browser tab.");
     }
 
+    [Authorize(Policy = "OAuthToken")]
+    [HttpPost(MareAuth.OAuth_GetUIDsBasedOnSecretKeys)]
+    public async Task<Dictionary<string, string>> GetUIDsBasedOnSecretKeys([FromBody] List<string> secretKeys)
+    {
+        if (!secretKeys.Any())
+            return [];
+
+        using var dbContext = await MareDbContextFactory.CreateDbContextAsync();
+
+        Dictionary<string, string> secretKeysToUIDDict = secretKeys.Distinct().ToDictionary(k => k, _ => string.Empty, StringComparer.Ordinal);
+        foreach (var key in secretKeys)
+        {
+            var shaKey = StringUtils.Sha256String(key);
+            var associatedAuth = await dbContext.Auth.AsNoTracking().SingleOrDefaultAsync(a => a.HashedKey == shaKey);
+            if (associatedAuth != null)
+            {
+                secretKeysToUIDDict[key] = associatedAuth.UserUID;
+            }
+        }
+
+        return secretKeysToUIDDict;
+    }
+
     [Authorize(Policy = "OAuthToken")]
     [HttpPost(MareAuth.OAuth_RenewOAuthToken)]
     public IActionResult RenewOAuthToken()