public void SignContext(OAuthContext context, TokenBase accessToken)
{
EnsureStateIsValid();
if (accessToken.ConsumerKey != ConsumerKey)
{
throw Error.SuppliedTokenWasNotIssuedToThisConsumer(ConsumerKey, accessToken.ConsumerKey);
}
var signer = new OAuthContextSigner();
var auth = new NonceGenerator();
context.UseAuthorizationHeader = UseHeaderForOAuthParameters;
context.ConsumerKey = accessToken.ConsumerKey;
context.Token = accessToken.Token;
context.TokenSecret = accessToken.TokenSecret;
context.SignatureMethod = SignatureMethod;
context.Timestamp = DateTime.Now.EpocString();
context.Nonce = auth.GenerateNonce();
context.Version = "1.0";
string signatureBase = context.GenerateSignatureBase();
Console.WriteLine("signature_base: {0}", signatureBase);
signer.SignContext(context,
new SigningContext
{
Algorithm = Key, SignatureBase = signatureBase, ConsumerSecret = ConsumerSecret
});
Console.WriteLine("oauth_singature: {0}", context.Signature);
}
public async Task <IActionResult> ConnectLauncher([Required] LauncherLinkCodeCheckForm request)
{
Response.ContentType = "application/json";
var user = await GetUserForNewLink(request.Code);
// Update user to consume the code
user.LauncherCodeExpires = DateTime.UtcNow - TimeSpan.FromSeconds(1);
user.LauncherLinkCode = null;
user.TotalLauncherLinks += 1;
// Create a new code, which the user doesn't directly see to avoid it leaking as easily
var code = NonceGenerator.GenerateNonce(42);
var remoteAddress = HttpContext.Connection.RemoteIpAddress;
await database.LauncherLinks.AddAsync(new LauncherLink()
{
User = user,
LinkCode = code,
LastIp = remoteAddress?.ToString(),
LastConnection = DateTime.UtcNow
});
await database.LogEntries.AddAsync(new LogEntry()
{
Message = $"New launcher link created from: {remoteAddress}",
TargetUserId = user.Id
});
await database.SaveChangesAsync();
logger.LogInformation("New launcher linked to user {Id} from {RemoteAddress}", user.Id, remoteAddress);
return(Created(string.Empty, new LauncherLinkResult(true, code)));
}
public async Task User_ClearingLfsTokenClearsHashedAsWell()
{
var database = new EditableInMemoryDatabaseFixture("UserClearApiToken");
var user = new User()
{
UserName = "******",
Email = "*****@*****.**",
LfsToken = NonceGenerator.GenerateNonce(32)
};
await database.Database.Users.AddAsync(user);
await database.Database.SaveChangesAsync();
Assert.NotNull(user.LfsToken);
Assert.NotNull(user.HashedLfsToken);
user.LfsToken = null;
await database.Database.SaveChangesAsync();
Assert.Null(user.LfsToken);
Assert.Null(user.HashedLfsToken);
var searched = await database.Database.Users.FirstAsync();
Assert.Equal(user.Id, searched.Id);
Assert.Null(searched.HashedLfsToken);
}
protected void SetupSessionForSSO(string ssoSource, string?returnTo, Session session)
{
session.LastUsed = DateTime.UtcNow;
var remoteAddress = Request.HttpContext.Connection.RemoteIpAddress;
session.LastUsedFrom = remoteAddress;
session.SsoNonce = NonceGenerator.GenerateNonce(AppInfo.SsoNonceLength);
session.StartedSsoLogin = ssoSource;
session.SsoStartTime = DateTime.UtcNow;
session.SsoReturnUrl = returnTo;
}
public OAuthContext BuildExchangeRequestTokenForAccessTokenContext(TokenBase requestToken,
NameValueCollection additionalQueryParameters)
{
EnsureStateIsValid();
if (requestToken.ConsumerKey != ConsumerKey)
{
throw Error.SuppliedTokenWasNotIssuedToThisConsumer(ConsumerKey, requestToken.ConsumerKey);
}
var auth = new NonceGenerator();
var factory = new OAuthContextFactory();
var signer = new OAuthContextSigner();
OAuthContext context = factory.FromUri("GET", AccessTokenUri);
if (additionalQueryParameters != null)
{
context.QueryParameters.Add(additionalQueryParameters);
}
context.ConsumerKey = ConsumerKey;
context.Token = requestToken.Token;
context.TokenSecret = requestToken.TokenSecret;
context.RequestMethod = "GET";
context.SignatureMethod = SignatureMethod;
context.Timestamp = DateTime.Now.EpocString();
context.Nonce = auth.GenerateNonce();
context.Version = "1.0";
string signatureBase = context.GenerateSignatureBase();
Console.WriteLine("signature_base: {0}", signatureBase);
signer.SignContext(context,
new SigningContext
{
Algorithm = Key, SignatureBase = signatureBase, ConsumerSecret = ConsumerSecret
});
Console.WriteLine("oauth_singature: {0}", context.Signature);
Uri uri = context.GenerateUri();
Console.WriteLine("Uri: {0}", uri);
return(context);
}
public void SignContext(IOAuthContext context)
{
EnsureStateIsValid();
context.UseAuthorizationHeader = UseHeaderForOAuthParameters;
context.Nonce = _nonceGenerator.GenerateNonce(context);
context.ConsumerKey = ConsumerKey;
context.Realm = Realm;
context.SignatureMethod = SignatureMethod;
context.Timestamp = DateTime.Now.Epoch().ToString();
context.Version = "1.0";
context.Nonce = NonceGenerator.GenerateNonce(context);
string signatureBase = context.GenerateSignatureBase();
_signer.SignContext(context, new SigningContext {
Algorithm = Key, SignatureBase = signatureBase, ConsumerSecret = ConsumerSecret
});
}
public async Task <ActionResult <string> > CreateOwnAPIToken()
{
// We must re-fetch this data to get it from our db context for updating it
var user = await database.Users.FindAsync(HttpContext.AuthenticatedUser() !.Id);
if (user == null)
{
return(Problem("Could not find authenticated user in the database"));
}
logger.LogInformation("User ({Email}) created a new API token", user.Email);
await database.LogEntries.AddAsync(new LogEntry()
{
Message = "API token created by user",
TargetUserId = user.Id
});
user.ApiToken = NonceGenerator.GenerateNonce(AppInfo.APITokenByteCount);
await database.SaveChangesAsync();
return(user.ApiToken);
}
public void CreateSecret()
{
Secret = NonceGenerator.GenerateNonce(32);
this.BumpUpdatedAt();
}
public void SignContext(OAuthContext context, TokenBase accessToken)
{
EnsureStateIsValid();
if (accessToken.ConsumerKey != ConsumerKey)
throw Error.SuppliedTokenWasNotIssuedToThisConsumer(ConsumerKey, accessToken.ConsumerKey);
var signer = new OAuthContextSigner();
var auth = new NonceGenerator();
context.UseAuthorizationHeader = UseHeaderForOAuthParameters;
context.ConsumerKey = accessToken.ConsumerKey;
context.Token = accessToken.Token;
context.TokenSecret = accessToken.TokenSecret;
context.SignatureMethod = SignatureMethod;
context.Timestamp = DateTime.Now.EpocString();
context.Nonce = auth.GenerateNonce();
context.Version = "1.0";
string signatureBase = context.GenerateSignatureBase();
Console.WriteLine("signature_base: {0}", signatureBase);
signer.SignContext(context,
new SigningContext
{Algorithm = Key, SignatureBase = signatureBase, ConsumerSecret = ConsumerSecret});
Console.WriteLine("oauth_singature: {0}", context.Signature);
}
public OAuthContext BuildExchangeRequestTokenForAccessTokenContext(TokenBase requestToken,
NameValueCollection additionalQueryParameters)
{
EnsureStateIsValid();
if (requestToken.ConsumerKey != ConsumerKey)
throw Error.SuppliedTokenWasNotIssuedToThisConsumer(ConsumerKey, requestToken.ConsumerKey);
var auth = new NonceGenerator();
var factory = new OAuthContextFactory();
var signer = new OAuthContextSigner();
OAuthContext context = factory.FromUri("GET", AccessTokenUri);
if (additionalQueryParameters != null)
context.QueryParameters.Add(additionalQueryParameters);
context.ConsumerKey = ConsumerKey;
context.Token = requestToken.Token;
context.TokenSecret = requestToken.TokenSecret;
context.RequestMethod = "GET";
context.SignatureMethod = SignatureMethod;
context.Timestamp = DateTime.Now.EpocString();
context.Nonce = auth.GenerateNonce();
context.Version = "1.0";
string signatureBase = context.GenerateSignatureBase();
Console.WriteLine("signature_base: {0}", signatureBase);
signer.SignContext(context,
new SigningContext
{Algorithm = Key, SignatureBase = signatureBase, ConsumerSecret = ConsumerSecret});
Console.WriteLine("oauth_singature: {0}", context.Signature);
Uri uri = context.GenerateUri();
Console.WriteLine("Uri: {0}", uri);
return context;
}