-
Notifications
You must be signed in to change notification settings - Fork 10
Expand file tree
/
Copy pathAuthUtils.cs
More file actions
104 lines (84 loc) · 3.2 KB
/
AuthUtils.cs
File metadata and controls
104 lines (84 loc) · 3.2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
using OpenShock.Common.Constants;
using System.Diagnostics.CodeAnalysis;
using System.Security.Claims;
namespace OpenShock.Common.Utils;
public static class AuthUtils
{
private static readonly string[] TokenHeaderNames = [
AuthConstants.ApiTokenHeaderName,
"Open-Shock-Token",
"ShockLinkToken"
];
private static readonly string[] DeviceTokenHeaderNames = [
AuthConstants.HubTokenHeaderName,
"Device-Token"
];
private static CookieOptions GetCookieOptions(string domain, TimeSpan lifetime)
{
return new CookieOptions
{
Expires = new DateTimeOffset(DateTime.UtcNow.Add(lifetime)),
Secure = true,
HttpOnly = true,
SameSite = SameSiteMode.Strict,
Domain = domain
};
}
public static void SetSessionKeyCookie(this HttpContext context, string sessionKey, string domain)
{
context.Response.Cookies.Append(AuthConstants.UserSessionCookieName, sessionKey, GetCookieOptions(domain, Duration.LoginSessionLifetime));
}
public static void RemoveSessionKeyCookie(this HttpContext context, string domain)
{
context.Response.Cookies.Append(AuthConstants.UserSessionCookieName, string.Empty, GetCookieOptions(domain, TimeSpan.FromDays(-1)));
}
public static bool TryGetUserSession(this HttpContext context, [NotNullWhen(true)] out string? sessionToken)
{
if (context.Request.Cookies.TryGetValue(AuthConstants.UserSessionCookieName, out sessionToken) && !string.IsNullOrEmpty(sessionToken))
{
return true;
}
if(context.Request.Headers.TryGetValue(AuthConstants.UserSessionHeaderName, out var headerSessionCookie) && !string.IsNullOrEmpty(headerSessionCookie))
{
sessionToken = headerSessionCookie.ToString();
return true;
}
sessionToken = null;
return false;
}
public static bool TryGetApiTokenFromHeader(this HttpContext context, [NotNullWhen(true)] out string? token)
{
foreach (string header in TokenHeaderNames)
{
if (context.Request.Headers.TryGetValue(header, out var value) && !string.IsNullOrEmpty(value))
{
token = value!;
return true;
}
}
token = null;
return false;
}
public static bool TryGetDeviceTokenFromHeader(this HttpContext context, [NotNullWhen(true)] out string? token)
{
foreach (string header in DeviceTokenHeaderNames)
{
if (context.Request.Headers.TryGetValue(header, out var value) && !string.IsNullOrEmpty(value))
{
token = value!;
return true;
}
}
token = null;
return false;
}
public static string GetAuthenticationMethod(this HttpContext context)
{
var authMethodClaim = context.User.Claims.FirstOrDefault(x => x.Type == ClaimTypes.AuthenticationMethod);
if (authMethodClaim == null)
{
throw new Exception("No authentication method claim found, this should not happen and is a bug!");
}
return authMethodClaim.Value;
}
}