vasich/Yuna
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

OpenAuthImplementStarted

Browse Source
This commit is contained in:
Vasya Ryzhkoff
2024-07-26 17:17:39 +07:00
parent 65b924c174
commit d332cd0d96
12 changed files with 294 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

159
Yuna.Website/Yuna.Website.Server/API/OpenAuthEndpoints.cs Normal file
View File

@ -0,0 +1,159 @@
using Microsoft.AspNetCore.Mvc;
using System.Text.Json.Serialization;
using Yuna.Website.Server.Infrastructure;
using Yuna.Website.Server.Services.OpenAuthService;
namespace Yuna.Website.Server.API
{
public class OpenAuthEndpoints
{
public void Define(WebApplication app)
{
app.MapGet("~/.well-known/openid-configuration", GetConfiguration);
app.MapMethods("/v1.0", ["HEAD"], Ping);
app.MapGet("api/oauth/login", LoginViaOauth);
}
public class DiscoveryResponse
{
[JsonPropertyName("issuer")]
public string? Issuer { get; set; }
[JsonPropertyName("authorization_endpoint")]
public string? AuthorizationEndpoint { get; set; }
[JsonPropertyName("token_endpoint")]
public string? TokenEndpoint { get; set; }
[JsonPropertyName("token_endpoint_auth_methods_supported")]
public IList<string>? TokenEndpointAuthMethodsSupported { get; set; }
[JsonPropertyName("token_endpoint_auth_signing_alg_values_supported")]
public IList<string>? TokenEndpointAuthSigningAlgValuesSupported { get; set; }
[JsonPropertyName("userinfo_endpoint")]
public string? UserinfoEndpoint { get; set; }
[JsonPropertyName("check_session_iframe")]
public string? CheckSessionIframe { get; set; }
[JsonPropertyName("end_session_endpoint")]
public string? EndSessionEndpoint { get; set; }
[JsonPropertyName("jwks_uri")]
public string? JwksUri { get; set; }
[JsonPropertyName("registration_endpoint")]
public string? RegistrationEndpoint { get; set; }
[JsonPropertyName("scopes_supported")]
public IList<string>? ScopesSupported { get; set; }
[JsonPropertyName("response_types_supported")]
public IList<string>? ResponseTypesSupported { get; set; }
[JsonPropertyName("acr_values_supported")]
public IList<string>? AcrValuesSupported { get; set; }
[JsonPropertyName("subject_types_supported")]
public IList<string>? SubjectTypesSupported { get; set; }
[JsonPropertyName("userinfo_signing_alg_values_supported")]
public IList<string>? UserinfoSigningAlgValuesSupported { get; set; }
[JsonPropertyName("userinfo_encryption_alg_values_supported")]
public IList<string>? UserinfoEncryptionAlgValuesSupported { get; set; }
[JsonPropertyName("userinfo_encryption_enc_values_supported")]
public IList<string>? UserinfoEncryptionEncValuesSupported { get; set; }
[JsonPropertyName("id_token_signing_alg_values_supported")]
public IList<string>? IdTokenSigningAlgValuesSupported { get; set; }
[JsonPropertyName("id_token_encryption_alg_values_supported")]
public IList<string>? IdTokenEncryptionAlgValuesSupported { get; set; }
[JsonPropertyName("id_token_encryption_enc_values_supported")]
public IList<string>? IdTokenEncryptionEncValuesSupported { get; set; }
[JsonPropertyName("request_object_signing_alg_values_supported")]
public IList<string>? RequestObjectSigningAlgValuesSupported { get; set; }
[JsonPropertyName("display_values_supported")]
public IList<string>? DisplayValuesSupported { get; set; }
[JsonPropertyName("claim_types_supported")]
public IList<string>? ClaimTypesSupported { get; set; }
[JsonPropertyName("claims_supported")]
public IList<string>? ClaimsSupported { get; set; }
[JsonPropertyName("claims_parameter_supported")]
public bool? ClaimsParameterSupported { get; set; }
[JsonPropertyName("service_documentation")]
public string? ServiceDocumentation { get; set; }
[JsonPropertyName("ui_locales_supported")]
public IList<string>? UiLocalesSupported { get; set; }
}
public IResult GetConfiguration()
{
var response = new DiscoveryResponse()
{
Issuer = Settings.HttpsExternalUrl,
AuthorizationEndpoint = Settings.HttpsExternalUrl + "/makaka",
TokenEndpoint = Settings.HttpsExternalUrl + "/token",
TokenEndpointAuthMethodsSupported = ["client_secret_basic", "private_key_jwt"],
TokenEndpointAuthSigningAlgValuesSupported = ["RS256", "ES256"],
AcrValuesSupported = ["urn:mace:incommon:iap:silver", "urn:mace:incommon:iap:bronze"],
ResponseTypesSupported = ["code", "code id_token", "id_token", "token id_token"],
SubjectTypesSupported = [],
UserinfoEncryptionEncValuesSupported = ["A128CBC-HS256", "A128GCM"],
IdTokenSigningAlgValuesSupported = ["RS256", "ES256", "HS256"],
IdTokenEncryptionAlgValuesSupported = ["RSA1_5", "A128KW"],
IdTokenEncryptionEncValuesSupported = ["A128CBC-HS256", "A128GCM"],
RequestObjectSigningAlgValuesSupported = ["none", "RS256", "ES256"],
DisplayValuesSupported = ["page", "popup"],
ClaimTypesSupported = ["normal", "distributed"],
ScopesSupported = [],
ClaimsSupported = [],
ClaimsParameterSupported = false,
ServiceDocumentation = null,
UiLocalesSupported = ["ru-RU"],
};
return Results.Json(response);
}
public IResult Ping()
{
return Results.Ok();
}
public IResult LoginViaOauth(
[FromQuery] string state,
[FromQuery] string redirect_uri,
[FromQuery]string response_type,
[FromQuery]string client_id, HttpContext context,
IOpenAuthService openAuthService)
{
var host = context.Request.Host;
if (!openAuthService.ValidateLoginRequest(response_type, client_id, host.Value))
return Results.Unauthorized();
//TODO LOGIN PAGE URL IN SETTINGS
return Results.Redirect($"https://localhost:5173/login?redirect_to={redirect_uri}");
}
}
}