public void Configure(JwtBearerOptions options)
{
var rsa = getKeyProvider();
options.TokenValidationParameters = new TokenValidationParameters
{
IssuerSigningKey = new RsaSecurityKey(rsa),
ValidAudience = "5", // should match the client ID assigned to osu! in the osu-web target deploy.
// TODO: figure out why this isn't included in the token.
ValidateIssuer = false,
ValidIssuer = "https://osu.ppy.sh/"
};
options.Events = new JwtBearerEvents
{
OnTokenValidated = async context =>
{
var jwtToken = (JwtSecurityToken)context.SecurityToken;
int tokenUserId = int.Parse(jwtToken.Subject);
using (var db = databaseFactory.GetInstance())
{
// check expiry/revocation against database
var userId = await db.GetUserIdFromTokenAsync(jwtToken);
if (userId != tokenUserId)
{
Console.WriteLine("Token revoked or expired");
context.Fail("Token has expired or been revoked");
}
}
},
};
}
public void Configure(JwtBearerOptions options)
{
options.TokenValidationParameters = new TokenValidationParameters
{
IssuerSigningKey = new SymmetricSecurityKey(getKey()),
// client id, going to ignore this.
//ValidAudience = "3"
ValidateAudience = false,
ValidateIssuer = true,
ValidIssuer = "Sakamoto"
};
options.Events = new JwtBearerEvents
{
OnTokenValidated = async context =>
{
var jwtToken = (JwtSecurityToken)context.SecurityToken;
int tokenUserId = int.Parse(jwtToken.Subject);
using (var db = databaseFactory.GetInstance())
{
// check expiry/revocation against database
var userId = await db.GetUserIdFromTokenAsync(jwtToken);
if (userId != tokenUserId)
{
Console.WriteLine("Token revoked or expired");
context.Fail("Token has expired or been revoked");
}
}
},
};
}
public async Task <MultiplayerRoom> JoinRoom(long roomId)
{
Log($"Joining room {roomId}");
bool isRestricted;
using (var db = databaseFactory.GetInstance())
isRestricted = await db.IsUserRestrictedAsync(CurrentContextUserId);
if (isRestricted)
{
throw new InvalidStateException("Can't join a room when restricted.");
}
using (var userUsage = await GetOrCreateLocalUserState())
{
if (userUsage.Item != null)
{
// if the user already has a state, it means they are already in a room and can't join another without first leaving.
throw new InvalidStateException("Can't join a room when already in another room.");
}
// add the user to the room.
var roomUser = new MultiplayerRoomUser(CurrentContextUserId);
// track whether this join necessitated starting the process of fetching the room and adding it to the ACTIVE_ROOMS store.
bool newRoomFetchStarted = false;
MultiplayerRoom?room = null;
using (var roomUsage = await ACTIVE_ROOMS.GetForUse(roomId, true))
{
try
{
if (roomUsage.Item == null)
{
newRoomFetchStarted = true;
// the requested room is not yet tracked by this server.
room = await retrieveRoom(roomId);
// the above call will only succeed if this user is the host.
room.Host = roomUser;
// mark the room active - and wait for confirmation of this operation from the database - before adding the user to the room.
await markRoomActive(room);
roomUsage.Item = room;
}
else
{
room = roomUsage.Item;
// this is a sanity check to keep *rooms* in a good state.
// in theory the connection clean-up code should handle this correctly.
if (room.Users.Any(u => u.UserID == roomUser.UserID))
{
throw new InvalidOperationException($"User {roomUser.UserID} attempted to join room {room.RoomID} they are already present in.");
}
}
userUsage.Item = new MultiplayerClientState(Context.ConnectionId, CurrentContextUserId, roomId);
room.Users.Add(roomUser);
await updateDatabaseParticipants(room);
await Clients.Group(GetGroupId(roomId)).UserJoined(roomUser);
await Groups.AddToGroupAsync(Context.ConnectionId, GetGroupId(roomId));
Log($"Joined room {room.RoomID}");
}
catch
{
try
{
if (userUsage.Item != null)
{
// the user was joined to the room, so we can run the standard leaveRoom method.
// this will handle closing the room if this was the only user.
await leaveRoom(userUsage.Item, roomUsage);
}
else if (newRoomFetchStarted)
{
if (room != null)
{
// the room was retrieved and associated to the usage, but something failed before the user (host) could join.
// for now, let's mark the room as ended if this happens.
await endDatabaseMatch(room);
}
roomUsage.Destroy();
}
}
finally
{
// no matter how we end up cleaning up the room, ensure the user's context is destroyed.
userUsage.Destroy();
}
throw;
}
}
return(JsonConvert.DeserializeObject <MultiplayerRoom>(JsonConvert.SerializeObject(room)) ?? throw new InvalidOperationException());
}
}
