metrics service
fixes to auth info
This commit is contained in:
@@ -34,6 +34,7 @@
|
||||
<ItemGroup>
|
||||
<Protobuf Include="Proto\Aoba.proto"></Protobuf>
|
||||
<Protobuf Include="Proto\Auth.proto"></Protobuf>
|
||||
<Protobuf Include="Proto\Metrics.proto"></Protobuf>
|
||||
</ItemGroup>
|
||||
|
||||
</Project>
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
using AobaCore.Services;
|
||||
|
||||
using AobaServer.Models;
|
||||
using AobaServer.Services;
|
||||
using AobaServer.Utils;
|
||||
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
@@ -16,7 +17,7 @@ namespace AobaServer.Controllers;
|
||||
#if DEBUG
|
||||
[AllowAnonymous]
|
||||
[Route("auth")]
|
||||
public class AuthController(AccountsService accountsService, AuthInfo authInfo) : Controller
|
||||
public class AuthController(AccountsService accountsService, AuthConfigService authConfig) : Controller
|
||||
{
|
||||
[HttpPost("login")]
|
||||
public async Task<IActionResult> Login([FromForm] string username, [FromForm] string password, CancellationToken cancellationToken)
|
||||
@@ -25,6 +26,7 @@ public class AuthController(AccountsService accountsService, AuthInfo authInfo)
|
||||
|
||||
if (user == null)
|
||||
return Problem("Invalid login Credentials", statusCode: StatusCodes.Status400BadRequest);
|
||||
var authInfo = await authConfig.GetDefaultAuthInfoAsync();
|
||||
Response.Cookies.Append("token", user.GetToken(authInfo), new CookieOptions
|
||||
{
|
||||
IsEssential = true,
|
||||
|
||||
@@ -1,4 +1,6 @@
|
||||
using MongoDB.Bson.IO;
|
||||
using MongoDB.Bson;
|
||||
using MongoDB.Bson.IO;
|
||||
using MongoDB.Bson.Serialization.Attributes;
|
||||
|
||||
using System.Security.Cryptography;
|
||||
using System.Text.Json;
|
||||
@@ -7,6 +9,8 @@ namespace AobaServer.Models;
|
||||
|
||||
public class AuthInfo
|
||||
{
|
||||
[BsonId]
|
||||
public ObjectId Id { get; set; }
|
||||
public required string Issuer { get; set; }
|
||||
public required string Audience { get; set; }
|
||||
public required byte[] SecureKey { get; set; }
|
||||
|
||||
@@ -10,6 +10,9 @@ using Microsoft.AspNetCore.Authentication.JwtBearer;
|
||||
using Microsoft.AspNetCore.Http.Features;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
|
||||
using MongoDB.Driver;
|
||||
using MongoDB.Driver.Core.Extensions.DiagnosticSources;
|
||||
|
||||
var builder = WebApplication.CreateBuilder(args);
|
||||
|
||||
builder.WebHost.ConfigureKestrel(o =>
|
||||
@@ -33,8 +36,21 @@ builder.Services.AddControllers(opt => opt.ModelBinderProviders.Add(new BsonIdMo
|
||||
builder.Services.AddObersability(builder.Configuration);
|
||||
builder.Services.AddGrpc();
|
||||
|
||||
var authInfo = AuthInfo.LoadOrCreate("Auth.json", "aobaV2", "aoba");
|
||||
builder.Services.AddSingleton(authInfo);
|
||||
//DB
|
||||
var dbString = config["DB_STRING"];
|
||||
var settings = MongoClientSettings.FromConnectionString(dbString);
|
||||
settings.ClusterConfigurator = cb => cb.Subscribe(new DiagnosticsActivityEventSubscriber());
|
||||
var dbClient = new MongoClient(settings);
|
||||
var db = dbClient.GetDatabase("Aoba");
|
||||
|
||||
builder.Services.AddSingleton(dbClient);
|
||||
builder.Services.AddSingleton<IMongoDatabase>(db);
|
||||
|
||||
var authCfg = new AuthConfigService(db);
|
||||
builder.Services.AddSingleton(authCfg);
|
||||
|
||||
|
||||
var authInfo = authCfg.GetDefaultAuthInfoAsync().GetAwaiter().GetResult();
|
||||
var signingKey = new SymmetricSecurityKey(authInfo.SecureKey);
|
||||
|
||||
var validationParams = new TokenValidationParameters
|
||||
@@ -66,6 +82,7 @@ builder.Services.AddCors(o =>
|
||||
});
|
||||
});
|
||||
|
||||
var metricsAuthInfo = authCfg.GetAuthInfoAsync("aoba", "metrics").GetAwaiter().GetResult();
|
||||
builder.Services.AddAuthentication(options =>
|
||||
{
|
||||
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
|
||||
@@ -73,7 +90,7 @@ builder.Services.AddAuthentication(options =>
|
||||
}).AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, options => //Bearer auth
|
||||
{
|
||||
options.TokenValidationParameters = validationParams;
|
||||
options.TokenHandlers.Add(new MetricsTokenValidator(authInfo));
|
||||
options.TokenHandlers.Add(new MetricsTokenValidator(metricsAuthInfo));
|
||||
options.Events = new JwtBearerEvents
|
||||
{
|
||||
OnMessageReceived = ctx => //Retreive token from cookie if not found in headers
|
||||
@@ -102,8 +119,8 @@ builder.Services.AddAuthentication(options =>
|
||||
};
|
||||
}).AddScheme<AuthenticationSchemeOptions, AobaAuthenticationHandler>("Aoba", null);
|
||||
|
||||
var dbString = config["DB_STRING"];
|
||||
builder.Services.AddAoba(dbString ?? "mongodb://localhost:27017");
|
||||
|
||||
builder.Services.AddAoba();
|
||||
builder.Services.Configure<FormOptions>(opt =>
|
||||
{
|
||||
opt.ValueLengthLimit = int.MaxValue;
|
||||
|
||||
12
AobaServer/Proto/Metrics.proto
Normal file
12
AobaServer/Proto/Metrics.proto
Normal file
@@ -0,0 +1,12 @@
|
||||
syntax = "proto3";
|
||||
|
||||
option csharp_namespace = "Aoba.RPC.Metrics";
|
||||
package aoba.Metrics;
|
||||
|
||||
import "Proto/Auth.proto";
|
||||
import "google/protobuf/empty.proto";
|
||||
|
||||
|
||||
service Metrics {
|
||||
rpc GetToken(google.protobuf.Empty) returns (Auth.Jwt);
|
||||
}
|
||||
26
AobaServer/Services/AuthConfigService.cs
Normal file
26
AobaServer/Services/AuthConfigService.cs
Normal file
@@ -0,0 +1,26 @@
|
||||
using AobaServer.Models;
|
||||
|
||||
using MongoDB.Driver;
|
||||
|
||||
namespace AobaServer.Services;
|
||||
|
||||
public class AuthConfigService(IMongoDatabase db)
|
||||
{
|
||||
public IMongoCollection<AuthInfo> _authInfo = db.GetCollection<AuthInfo>("auth_config");
|
||||
|
||||
public async Task<AuthInfo> GetAuthInfoAsync(string issuer, string audience)
|
||||
{
|
||||
var info = await _authInfo.Find("{}").FirstOrDefaultAsync();
|
||||
if(info != null)
|
||||
return info;
|
||||
|
||||
info = AuthInfo.Create(issuer, audience);
|
||||
await _authInfo.InsertOneAsync(info);
|
||||
return info;
|
||||
}
|
||||
|
||||
public Task<AuthInfo> GetDefaultAuthInfoAsync()
|
||||
{
|
||||
return GetAuthInfoAsync("aobaV2", "aoba");
|
||||
}
|
||||
}
|
||||
33
AobaServer/Services/MetricsRpcService.cs
Normal file
33
AobaServer/Services/MetricsRpcService.cs
Normal file
@@ -0,0 +1,33 @@
|
||||
using Aoba.RPC;
|
||||
using Aoba.RPC.Auth;
|
||||
|
||||
using Google.Protobuf.WellKnownTypes;
|
||||
|
||||
using Grpc.Core;
|
||||
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
|
||||
using System.IdentityModel.Tokens.Jwt;
|
||||
|
||||
namespace AobaServer.Services;
|
||||
|
||||
public class MetricsRpcService(AuthConfigService authConfig): Aoba.RPC.Metrics.Metrics.MetricsBase
|
||||
{
|
||||
[AllowAnonymous]
|
||||
public override async Task<Jwt> GetToken(Empty request, ServerCallContext context)
|
||||
{
|
||||
var authInfo = await authConfig.GetAuthInfoAsync("aoba", "metrics");
|
||||
var handler = new JwtSecurityTokenHandler();
|
||||
|
||||
var jwt = handler.CreateEncodedJwt(new SecurityTokenDescriptor
|
||||
{
|
||||
Audience = authInfo.Audience,
|
||||
Issuer = authInfo.Issuer,
|
||||
IssuedAt = DateTime.UtcNow,
|
||||
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(authInfo.SecureKey), SecurityAlgorithms.HmacSha256)
|
||||
});
|
||||
|
||||
return new Jwt { Token = jwt };
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user