/// <summary>
/// Used to query app info from an ID
/// </summary>
/// <param name="e"></param>
/// <param name="path"></param>
/// <returns></returns>
public static async Task OnQueryRequest(Microsoft.AspNetCore.Http.HttpContext e)
{
//Decode request
OAuthInfoRequest request = Program.DecodePostBody <OAuthInfoRequest>(e);
//Find the application
DbOauthApp app = await Program.connection.GetOAuthAppByAppID(request.client_id);
if (app == null)
{
throw new StandardError("App not found.", StandardErrorCode.NotFound);
}
//Get all scopes that are usable
List <OAuthScopeEntry> scopes = OAuthScopeStatics.GetOAuthScopes(request.scopes);
if (scopes.Count == 0)
{
throw new StandardError("No scopes found.", StandardErrorCode.InvalidInput);
}
//Determine if this is dangerous
bool is_dangerous = false;
foreach (var s in scopes)
{
is_dangerous = is_dangerous || s.is_dangerous;
}
//Create scopes URL
string scopesSeparated = "";
foreach (var s in scopes)
{
scopesSeparated += s.id + ",";
}
scopesSeparated.TrimEnd(',');
//Respond
string baseUrl = Program.connection.config.hosts.master + "/api";
await Program.QuickWriteJsonToDoc(e, new OAuthInfoResponse
{
name = app.name,
description = app.description,
icon = app.icon_url,
is_dangerous = is_dangerous,
scopes = scopes,
client_id = app.client_id,
endpoints = new OAuthInfoResponse_Endpoints
{
authorize = baseUrl + "/auth/oauth/authorize?client_id=" + app.client_id + "&scopes=" + System.Web.HttpUtility.UrlEncode(scopesSeparated),
report = baseUrl + "/auth/oauth/report"
}
});
}
public async Task <DbOauthApp> GetOAuthAppByInternalID(ObjectId id)
{
var filterBuilder = Builders <DbOauthApp> .Filter;
var filter = filterBuilder.Eq("_id", id);
var result = await system_oauth_apps.FindAsync(filter);
DbOauthApp c = await result.FirstOrDefaultAsync();
if (c == null)
{
return(null);
}
return(c);
}
/// <summary>
/// Used to obtain an access token from a backend server
/// </summary>
/// <param name="e"></param>
/// <returns></returns>
public static async Task OnVerifyRequest(Microsoft.AspNetCore.Http.HttpContext e)
{
//Decode request
VerifyRequestPayload request = Program.DecodePostBody <VerifyRequestPayload>(e);
//Find the application
DbOauthApp app = await Program.connection.GetOAuthAppByAppID(request.client_id);
if (app == null)
{
throw new StandardError("App not found.", StandardErrorCode.NotFound);
}
//Verify that the secret matches
if (request.client_secret != app.client_secret)
{
throw new StandardError("Client secret does not match!", StandardErrorCode.InternalSigninError);
}
//Get a token using this
var token = await Program.connection.GetTokenByPreflightAsync(request.preflight_token);
if (token == null)
{
await Program.QuickWriteJsonToDoc(e, new VerifyResponsePayload
{
ok = false
});
return;
}
//Deactivate preflight token internally
token.oauth_preflight = null;
await token.UpdateAsync(Program.connection);
//Create and write a response
await Program.QuickWriteJsonToDoc(e, new VerifyResponsePayload
{
access_token = token.token,
scopes = token.oauth_scopes,
ok = true
});
}
public static async Task OnCreateRequest(Microsoft.AspNetCore.Http.HttpContext e, DbUser u)
{
//Decode request body
CreateApplicationRequest request = Program.DecodePostBody <CreateApplicationRequest>(e);
//Verify that all required elements are listed
List <EditResponseError> errors = new List <EditResponseError>();
if (request.name == null)
{
errors.Add(new EditResponseError("NAME", "This field is required."));
}
if (request.description == null)
{
errors.Add(new EditResponseError("DESCRIPTION", "This field is required."));
}
if (request.redirect_uri == null)
{
errors.Add(new EditResponseError("REDIRECT_URI", "This field is required."));
}
if (await TryRespondWithError(e, errors))
{
return;
}
//Verify that all fields match requirements
if (request.name.Length == 0)
{
errors.Add(new EditResponseError("NAME", "This field is required."));
}
else if (request.name.Length < 2)
{
errors.Add(new EditResponseError("NAME", "Name must be at least 2 characters long."));
}
else if (request.name.Length > 24)
{
errors.Add(new EditResponseError("NAME", "Name must be at less than 24 characters."));
}
if (request.description.Length == 0)
{
errors.Add(new EditResponseError("DESCRIPTION", "This field is required."));
}
else if (request.description.Length < 2)
{
errors.Add(new EditResponseError("DESCRIPTION", "Description must be at least 2 characters long."));
}
else if (request.description.Length > 256)
{
errors.Add(new EditResponseError("DESCRIPTION", "Description must be at less than 256 characters."));
}
if (!request.redirect_uri.StartsWith("http://") && !request.redirect_uri.StartsWith("https://"))
{
errors.Add(new EditResponseError("REDIRECT_URI", "Only http and https redirects are permitted."));
}
if (await TryRespondWithError(e, errors))
{
return;
}
//If an icon is set, verify it
string icon = null;
if (request.icon_token != null)
{
var iconInfo = await Program.connection.GetUserContentByToken(request.icon_token);
if (iconInfo == null)
{
errors.Add(new EditResponseError("ICON", "Icon verification failed."));
}
else if (iconInfo.application_id != ICON_APP_ID)
{
errors.Add(new EditResponseError("ICON", "Icon verification failed."));
}
else
{
icon = iconInfo.url;
}
}
//Generate an application ID and secret
string appId = LibDeltaSystem.Tools.SecureStringTool.GenerateSecureString(24);
while (await Program.connection.GetOAuthAppByAppID(appId) != null)
{
appId = LibDeltaSystem.Tools.SecureStringTool.GenerateSecureString(24);
}
string appSecret = LibDeltaSystem.Tools.SecureStringTool.GenerateSecureString(42);
//Create oauth app
DbOauthApp app = new DbOauthApp
{
client_id = appId,
client_secret = appSecret,
description = request.description,
icon_url = icon,
name = request.name,
owner_id = u.id,
redirect_uri = request.redirect_uri,
_id = MongoDB.Bson.ObjectId.GenerateNewId()
};
//Insert in database
await Program.connection.system_oauth_apps.InsertOneAsync(app);
//Write app info
await Program.QuickWriteJsonToDoc(e, app);
}
