cadmium-im/zirconium-sharp
1
0
Fork 0
mirror of https://github.com/cadmium-im/zirconium-sharp.git synced 2024-09-18 19:11:31 +00:00
Code Issues Projects Releases Wiki Activity

Make token validation on each request (auth provider should take care for caching)

Browse Source
This commit is contained in:
ChronosX88 2020-10-10 23:50:29 +04:00
parent 400c5410e9
commit 4dc832856e
Signed by: ChronosXYZ
GPG Key ID: 085A69A82C8C511A
2 changed files with 22 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/Zirconium/Core/Models/Session.cs
View File

@ -4,7 +4,6 @@ namespace Zirconium.Core.Models
{ {
public class Session public class Session
{ {
public string LastTokenHash { get; set; }
public SessionAuthData LastTokenPayload { get; set; } public SessionAuthData LastTokenPayload { get; set; }
public IPAddress ClientAddress { get; set; } public IPAddress ClientAddress { get; set; }
public ConnectionHandler ConnectionHandler { get; set; } public ConnectionHandler ConnectionHandler { get; set; }

50
src/Zirconium/Core/Router.cs
View File

@ -45,37 +45,28 @@ namespace Zirconium.Core
{ {
if (h.IsAuthorizationRequired()) if (h.IsAuthorizationRequired())
{ {
string hash; SessionAuthData tokenPayload;
using (SHA512 shaM = new SHA512Managed()) try
{ {
hash = shaM.ComputeHash(message.AuthToken.ToByteArray()).ConvertToString(); tokenPayload = _app.AuthManager.ValidateToken(message.AuthToken);
} }
if (session.LastTokenHash != hash) catch (Exception e)
{ {
SessionAuthData tokenPayload; Log.Warning(e.Message);
try var errorMsg = OtherUtils.GenerateProtocolError(
{ message,
tokenPayload = _app.AuthManager.ValidateToken(message.AuthToken); "unauthorized",
} "Unauthorized access",
catch (Exception e) new Dictionary<string, object>()
{ );
Log.Warning(e.Message); errorMsg.From = _app.Config.ServerID;
var errorMsg = OtherUtils.GenerateProtocolError( var serializedMsg = JsonConvert.SerializeObject(errorMsg);
message,
"unauthorized",
"Unauthorized access",
new Dictionary<string, object>()
);
errorMsg.From = _app.Config.ServerID;
var serializedMsg = JsonConvert.SerializeObject(errorMsg);
session.ConnectionHandler.SendMessage(serializedMsg); session.LastTokenPayload = null;
return; session.ConnectionHandler.SendMessage(serializedMsg);
} return;
session.LastTokenHash = hash;
session.LastTokenPayload = tokenPayload;
} }
session.LastTokenPayload = tokenPayload;
} }
var task = Task.Run(() => var task = Task.Run(() =>
@ -85,9 +76,12 @@ namespace Zirconium.Core
}); });
handlerTasks.Add(task); handlerTasks.Add(task);
} }
try { try
{
Task.WaitAll(handlerTasks.ToArray()); Task.WaitAll(handlerTasks.ToArray());
} catch (Exception e) { }
catch (Exception e)
{
Log.Error(e.ToString()); Log.Error(e.ToString());
} }
} }