MireaBackend/Security/Services/PreAuthService.cs

64 lines
2.4 KiB
C#
Raw Normal View History

2024-05-29 04:31:47 +03:00
using Mirea.Api.Security.Common.Domain;
using Mirea.Api.Security.Common.Dto.Requests;
using Mirea.Api.Security.Common.Dto.Responses;
using Mirea.Api.Security.Common.Interfaces;
using System;
2024-05-29 05:27:49 +03:00
using System.Security;
2024-05-29 04:31:47 +03:00
using System.Text.Json;
using System.Threading;
using System.Threading.Tasks;
namespace Mirea.Api.Security.Services;
public class PreAuthService(ICacheService cache)
{
public TimeSpan Lifetime { private get; init; }
2024-05-29 05:30:00 +03:00
private static string GeneratePreAuthToken() => Guid.NewGuid().ToString().Replace("-", "") +
2024-05-29 04:55:34 +03:00
GeneratorKey.GenerateString(16);
2024-05-29 04:31:47 +03:00
2024-05-29 04:57:44 +03:00
private static string GetPreAuthCacheKey(string fingerprint) => $"{fingerprint}_pre_auth_token";
2024-05-29 04:58:21 +03:00
public async Task<PreAuthTokenResponse> GeneratePreAuthTokenAsync(TokenRequest request, string userId, CancellationToken cancellation = default)
2024-05-29 04:31:47 +03:00
{
2024-05-29 04:58:21 +03:00
var preAuthToken = GeneratePreAuthToken();
2024-05-29 04:31:47 +03:00
2024-05-29 04:58:21 +03:00
var preAuthTokenStruct = new PreAuthToken
2024-05-29 04:31:47 +03:00
{
Fingerprint = request.Fingerprint,
UserId = userId,
UserAgent = request.UserAgent,
2024-05-29 05:27:27 +03:00
Token = preAuthToken,
Ip = request.Ip
2024-05-29 04:31:47 +03:00
};
await cache.SetAsync(
2024-05-29 04:57:44 +03:00
GetPreAuthCacheKey(request.Fingerprint),
2024-05-29 04:58:21 +03:00
JsonSerializer.SerializeToUtf8Bytes(preAuthTokenStruct),
2024-05-29 05:30:00 +03:00
absoluteExpirationRelativeToNow: Lifetime,
cancellationToken: cancellation);
2024-05-29 04:31:47 +03:00
return new PreAuthTokenResponse
{
2024-05-29 04:58:21 +03:00
Token = preAuthToken,
2024-05-29 04:31:47 +03:00
ExpiresIn = DateTime.UtcNow.Add(Lifetime)
};
}
2024-05-29 05:27:49 +03:00
public async Task<string> MatchToken(TokenRequest request, string preAuthToken, CancellationToken cancellation = default)
{
var preAuthTokenStruct = await cache.GetAsync<PreAuthToken>(GetPreAuthCacheKey(request.Fingerprint), cancellation)
?? throw new SecurityException($"The token was not found using fingerprint \"{request.Fingerprint}\"");
if (preAuthTokenStruct == null ||
preAuthTokenStruct.Token != preAuthToken ||
(preAuthTokenStruct.UserAgent != request.UserAgent &&
preAuthTokenStruct.Ip != request.Ip))
{
throw new SecurityException("It was not possible to verify the authenticity of the token");
}
await cache.RemoveAsync(GetPreAuthCacheKey(request.Fingerprint), cancellation);
return preAuthTokenStruct.UserId;
}
2024-05-29 04:31:47 +03:00
}