From 1f6aaac1fee5c4c39c057de31167f745c84b1d52 Mon Sep 17 00:00:00 2001 From: Paul Schneider Date: Fri, 3 Aug 2018 02:59:37 +0200 Subject: [PATCH] interactif console oauth2 login --- Yavsc/Startup/Startup.OAuthHelpers.cs | 24 +++++++---- Yavsc/Startup/Startup.cs | 7 +++- test/Mandatory/ServerSideFixture.cs | 3 +- test/WIP/YavscWorkInProgress.cs | 59 ++++++++++++++++++--------- 4 files changed, 63 insertions(+), 30 deletions(-) diff --git a/Yavsc/Startup/Startup.OAuthHelpers.cs b/Yavsc/Startup/Startup.OAuthHelpers.cs index be266038..0aee7770 100644 --- a/Yavsc/Startup/Startup.OAuthHelpers.cs +++ b/Yavsc/Startup/Startup.OAuthHelpers.cs @@ -17,11 +17,11 @@ namespace Yavsc { private Client GetApplication(string clientId) { - Client app = null; - using (var dbContext = new ApplicationDbContext()) - { - app = dbContext.Applications.FirstOrDefault(x => x.Id == clientId); - } + if (_dbContext==null) + logger.LogError("no db!"); + Client app = _dbContext.Applications.FirstOrDefault(x => x.Id == clientId); + if (app==null) + logger.LogError("no app!"); return app; } private readonly ConcurrentDictionary _authenticationCodes = new ConcurrentDictionary(StringComparer.Ordinal); @@ -43,12 +43,18 @@ namespace Yavsc if (context.TryGetBasicCredentials(out clientId, out clientSecret) || context.TryGetFormCredentials(out clientId, out clientSecret)) { - logger.LogInformation($"ValidateClientAuthentication: Got id&secret: ({clientId} {clientSecret})"); + logger.LogInformation($"ValidateClientAuthentication: Got id: ({clientId} secret: {clientSecret})"); var client = GetApplication(clientId); + if (client==null) { + context.SetError("invalid_clientId", "Client secret is invalid."); + return Task.FromResult(null); + } else if (client.Type == ApplicationTypes.NativeConfidential) { + logger.LogInformation($"NativeConfidential key"); if (string.IsNullOrWhiteSpace(clientSecret)) { + logger.LogInformation($"invalid_clientId: Client secret should be sent."); context.SetError("invalid_clientId", "Client secret should be sent."); return Task.FromResult(null); } @@ -59,6 +65,7 @@ namespace Yavsc if (client.Secret != clientSecret) { context.SetError("invalid_clientId", "Client secret is invalid."); + logger.LogInformation($"invalid_clientId: Client secret is invalid."); return Task.FromResult(null); } } @@ -67,6 +74,7 @@ namespace Yavsc if (!client.Active) { context.SetError("invalid_clientId", "Client is inactive."); + logger.LogInformation($"invalid_clientId: Client is inactive."); return Task.FromResult(null); } @@ -75,9 +83,9 @@ namespace Yavsc logger.LogInformation($"\\o/ ValidateClientAuthentication: Validated ({clientId})"); context.Validated(); } - else Startup.logger.LogInformation($":'( ValidateClientAuthentication: KO ({clientId})"); + else logger.LogInformation($":'( ValidateClientAuthentication: KO ({clientId})"); } - else Startup.logger.LogWarning($"ValidateClientAuthentication: neither Basic nor Form credential were found"); + else logger.LogWarning($"ValidateClientAuthentication: neither Basic nor Form credential were found"); return Task.FromResult(0); } UserManager _usermanager; diff --git a/Yavsc/Startup/Startup.cs b/Yavsc/Startup/Startup.cs index f2c4bbb1..44eb5020 100755 --- a/Yavsc/Startup/Startup.cs +++ b/Yavsc/Startup/Startup.cs @@ -254,10 +254,12 @@ namespace Yavsc }); CheckServices(services); } + static ApplicationDbContext _dbContext; // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. - public void Configure(IApplicationBuilder app, IHostingEnvironment env, - IOptions siteSettings, + public void Configure( + IApplicationBuilder app, IHostingEnvironment env, + ApplicationDbContext dbContext, IOptions siteSettings, IOptions localizationOptions, IOptions oauth2SettingsContainer, IAuthorizationService authorizationService, @@ -267,6 +269,7 @@ namespace Yavsc UserManager usermanager, ILoggerFactory loggerFactory) { + _dbContext = dbContext; _usermanager = usermanager; GoogleSettings = googleSettings.Value; ResourcesHelpers.GlobalLocalizer = localizer; diff --git a/test/Mandatory/ServerSideFixture.cs b/test/Mandatory/ServerSideFixture.cs index ef56ef62..42085946 100644 --- a/test/Mandatory/ServerSideFixture.cs +++ b/test/Mandatory/ServerSideFixture.cs @@ -18,7 +18,8 @@ namespace test public EMailer _mailer; public ILoggerFactory _loggerFactory; public IEmailSender _mailSender; - + public static string ApiKey => "53f4d5da-93a9-4584-82f9-b8fdf243b002" ; + // public ServerSideFixture() { InitTestHost(); diff --git a/test/WIP/YavscWorkInProgress.cs b/test/WIP/YavscWorkInProgress.cs index cebe6265..ca239f48 100644 --- a/test/WIP/YavscWorkInProgress.cs +++ b/test/WIP/YavscWorkInProgress.cs @@ -6,6 +6,8 @@ using System; using System.Collections.Generic; using System.Linq; using System.Net; +using System.Security; +using System.Text; using System.Threading.Tasks; using Xunit; using Xunit.Abstractions; @@ -67,31 +69,50 @@ namespace test throw; } } - public struct LoginIntentData + public static string GetPassword() { - public string clientId; - public string clientSecret; - public string scope; - public string authorizeUrl; - public string redirectUrl; - public string accessTokenUrl; - public string login; - public string pass; + var pwd = new StringBuilder(); + while (true) + { + var len = pwd.ToString().Length; + ConsoleKeyInfo i = Console.ReadKey(true); + if (i.Key == ConsoleKey.Enter) + { + break; + } + else if (i.Key == ConsoleKey.Backspace) + { + if (pwd.Length > 0) + { + pwd.Remove(len - 1, 1); + Console.Write("\b \b"); + } + } + else + { + pwd.Append(i.KeyChar); + Console.Write("*"); + } + } + return pwd.ToString(); } public static IEnumerable GetLoginIntentData(int numTests) { - var allData = new List - { - new object[] {"d9be5e97-c19d-42e4-b444-0e65863b19e1", "blouh", "profile", - "http://localhost:5000/authorize", "http://localhost:5000/oauth/success", - "http://localhost:5000/token","joe", "badpass" - }, - new object[] { -4, -6, -10 }, - new object[] { -2, 2, 0 }, - new object[] { int.MinValue, -1, int.MaxValue }, - }; + var allData = new List(); + Console.WriteLine($"Please, enter {numTests}:"); + for (int iTest=0; iTest