add default basic authentication (#37)

chaldea · Jun 13, 2024 · 571fe00 · 571fe00
1 parent 8fe3e37
commit 571fe00
Show file tree

Hide file tree

Showing 5 changed files with 67 additions and 8 deletions.
diff --git a/examples/Simple/Simple.Client/Simple.Client.csproj b/examples/Simple/Simple.Client/Simple.Client.csproj
@@ -7,7 +7,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Chaldea.Fate.RhoAias" Version="1.2.0-beta-01" />
+    <PackageReference Include="Chaldea.Fate.RhoAias" Version="1.2.0-beta-03" />
     <PackageReference Include="Swashbuckle.AspNetCore" Version="6.4.0" />
   </ItemGroup>
 

diff --git a/examples/Simple/Simple.Server/Program.cs b/examples/Simple/Simple.Server/Program.cs
@@ -9,7 +9,6 @@
 builder.Services.AddSwaggerGen();
 builder.Services.AddAuthorization();
 builder.Services.AddRhoAias(builder.Configuration);
-builder.Services.AddAhoAiasJwtBearerAuthentication(builder.Configuration);
 builder.Services.AddHostedService<InitService>();
 
 var app = builder.Build();

diff --git a/examples/Simple/Simple.Server/Simple.Server.csproj b/examples/Simple/Simple.Server/Simple.Server.csproj
@@ -7,8 +7,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Chaldea.Fate.RhoAias" Version="1.2.0-beta-01" />
-    <PackageReference Include="Chaldea.Fate.RhoAias.Authentication.JwtBearer" Version="1.2.0-beta-01" />
+    <PackageReference Include="Chaldea.Fate.RhoAias" Version="1.2.0-beta-03" />
     <PackageReference Include="Swashbuckle.AspNetCore" Version="6.4.0" />
   </ItemGroup>
 

diff --git a/src/Chaldea.Fate.RhoAias/ServiceCollectionExtensions.cs b/src/Chaldea.Fate.RhoAias/ServiceCollectionExtensions.cs
@@ -2,6 +2,7 @@
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
 using System.Net;
+using Microsoft.AspNetCore.Authentication;
 using Microsoft.Extensions.Configuration;
 using Yarp.ReverseProxy.Forwarder;
 using Microsoft.AspNetCore.Routing;
@@ -37,6 +38,8 @@ public static IServiceCollection AddRhoAias(this IServiceCollection services, IC
         services.AddHostedService<ServerHostedService>();
         services.AddHostedService<CertRenewJob>();
         services.AddSingleton<ICompressor, GZipCompressor>();
+        services.AddAuthentication("Basic")
+            .AddScheme<AuthenticationSchemeOptions, BasicAuthenticationHandler>("Basic", null);
         return services;
     }
 

diff --git a/src/Chaldea.Fate.RhoAias/TokenManager.cs b/src/Chaldea.Fate.RhoAias/TokenManager.cs
@@ -1,4 +1,9 @@
-using System.Text.RegularExpressions;
+using System.Text.Encodings.Web;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
+using System.Security.Claims;
+using System.Text.RegularExpressions;
 
 namespace Chaldea.Fate.RhoAias;
 
@@ -11,12 +16,65 @@ internal class TokenManager : ITokenManager
 {
     public Task<Token> CreateAsync(Guid userId, string role, int expires)
     {
-        var token = Regex.Replace(Convert.ToBase64String(userId.ToByteArray()), "[/+=]", "");
         return Task.FromResult(new Token()
         {
-            AccessToken = token,
+            AccessToken = userId.ToString(),
             ExpiresIn = expires,
-            TokenType = "Base"
+            TokenType = "Basic"
         });
     }
+}
+
+internal class BasicAuthenticationHandler : AuthenticationHandler<AuthenticationSchemeOptions>
+{
+    private readonly IClientManager _clientManager;
+
+    public BasicAuthenticationHandler(
+        IOptionsMonitor<AuthenticationSchemeOptions> options, 
+        ILoggerFactory logger,
+        UrlEncoder encoder,
+        IClientManager clientManager) 
+        : base(options, logger, encoder)
+    {
+        _clientManager = clientManager;
+    }
+
+    protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
+    {
+        if (!Request.Headers.ContainsKey("Authorization"))
+        {
+            return AuthenticateResult.Fail("Missing Authorization Header");
+        }
+
+        try
+        {
+            var token = Request.Headers["Authorization"];
+            var id = ParseId(token);
+            var client = await _clientManager.GetClientAsync(id);
+            if (client == null)
+            {
+                return AuthenticateResult.Fail("Invalid token.");
+            }
+
+            var claims = new[] {
+                new Claim(ClaimTypes.NameIdentifier, client.Id.ToString()),
+                new Claim(ClaimTypes.Role, Role.Client)
+            };
+            var identity = new ClaimsIdentity(claims, Scheme.Name);
+            var principal = new ClaimsPrincipal(identity);
+            var ticket = new AuthenticationTicket(principal, Scheme.Name);
+
+            return AuthenticateResult.Success(ticket);
+        }
+        catch
+        {
+            return AuthenticateResult.Fail("Invalid Authorization Header");
+        }
+    }
+
+    private Guid ParseId(string token)
+    {
+        var id = Regex.Replace(token, @"(Bearer|Basic)\s", "");
+        return Guid.Parse(id);
+    }
 }