Foxchat.NET/Foxchat.Identity/Database/Models/Application.cs

using System.Security.Cryptography;
using Foxchat.Core;
using Foxchat.Identity.Utils;
using Microsoft.AspNetCore.WebUtilities;
using Microsoft.EntityFrameworkCore;

namespace Foxchat.Identity.Database.Models;

public class Application : BaseModel
{
    public required string ClientId { get; init; }
    public required string ClientSecret { get; init; }
    public required string Name { get; init; }
    public required string[] Scopes { get; init; }
    public required string[] RedirectUris { get; set; }

    public static Application Create(string name, string[] scopes, string[] redirectUrls)
    {
        var clientId = RandomNumberGenerator.GetHexString(32, true);
        var clientSecretBytes = RandomNumberGenerator.GetBytes(48);
        var clientSecret = WebEncoders.Base64UrlEncode(clientSecretBytes);

        if (scopes.Any(s => !OauthUtils.Scopes.Contains(s)))
        {
            throw new ArgumentException("Invalid scopes passed to Application.Create", nameof(scopes));
        }

        if (redirectUrls.Any(s => !OauthUtils.ValidateRedirectUri(s)))
        {
            throw new ArgumentException("Invalid redirect URLs passed to Application.Create", nameof(redirectUrls));
        }

        return new Application
        {
            ClientId = clientId,
            ClientSecret = clientSecret,
            Name = name,
            Scopes = scopes,
            RedirectUris = redirectUrls
        };
    }
}

public static class ContextApplicationExtensions
{
    public static async Task<Application> GetApplicationAsync(this IdentityContext db, string clientId)
    {
        return await db.Applications.FirstOrDefaultAsync(a => a.ClientId == clientId)
            ?? throw new ApiError.Unauthorized("Invalid client ID or client secret");
    }

    public static async Task<Application> GetApplicationAsync(this IdentityContext db, string clientId, string clientSecret)
    {
        var app = await db.GetApplicationAsync(clientId);
        if (app.ClientSecret != clientSecret) throw new ApiError.Unauthorized("Invalid client ID or client secret");
        return app;
    }
}
add a bunch of authentication stuff 2024-05-19 17:20:45 +02:00			`using System.Security.Cryptography;`
add basic suppport for client_credentials oauth grant 2024-05-20 17:00:21 +02:00			`using Foxchat.Core;`
			`using Foxchat.Identity.Utils;`
add a bunch of authentication stuff 2024-05-19 17:20:45 +02:00			`using Microsoft.AspNetCore.WebUtilities;`
add basic suppport for client_credentials oauth grant 2024-05-20 17:00:21 +02:00			`using Microsoft.EntityFrameworkCore;`
add a bunch of authentication stuff 2024-05-19 17:20:45 +02:00
			`namespace Foxchat.Identity.Database.Models;`

			`public class Application : BaseModel`
			`{`
			`public required string ClientId { get; init; }`
			`public required string ClientSecret { get; init; }`
			`public required string Name { get; init; }`
			`public required string[] Scopes { get; init; }`
add basic suppport for client_credentials oauth grant 2024-05-20 17:00:21 +02:00			`public required string[] RedirectUris { get; set; }`
add a bunch of authentication stuff 2024-05-19 17:20:45 +02:00
add basic suppport for client_credentials oauth grant 2024-05-20 17:00:21 +02:00			`public static Application Create(string name, string[] scopes, string[] redirectUrls)`
add a bunch of authentication stuff 2024-05-19 17:20:45 +02:00			`{`
add basic suppport for client_credentials oauth grant 2024-05-20 17:00:21 +02:00			`var clientId = RandomNumberGenerator.GetHexString(32, true);`
add a bunch of authentication stuff 2024-05-19 17:20:45 +02:00			`var clientSecretBytes = RandomNumberGenerator.GetBytes(48);`
			`var clientSecret = WebEncoders.Base64UrlEncode(clientSecretBytes);`

add basic suppport for client_credentials oauth grant 2024-05-20 17:00:21 +02:00			`if (scopes.Any(s => !OauthUtils.Scopes.Contains(s)))`
add a bunch of authentication stuff 2024-05-19 17:20:45 +02:00			`{`
			`throw new ArgumentException("Invalid scopes passed to Application.Create", nameof(scopes));`
			`}`

add basic suppport for client_credentials oauth grant 2024-05-20 17:00:21 +02:00			`if (redirectUrls.Any(s => !OauthUtils.ValidateRedirectUri(s)))`
			`{`
			`throw new ArgumentException("Invalid redirect URLs passed to Application.Create", nameof(redirectUrls));`
			`}`

add a bunch of authentication stuff 2024-05-19 17:20:45 +02:00			`return new Application`
			`{`
			`ClientId = clientId,`
			`ClientSecret = clientSecret,`
			`Name = name,`
			`Scopes = scopes,`
add basic suppport for client_credentials oauth grant 2024-05-20 17:00:21 +02:00			`RedirectUris = redirectUrls`
add a bunch of authentication stuff 2024-05-19 17:20:45 +02:00			`};`
			`}`
			`}`

add basic suppport for client_credentials oauth grant 2024-05-20 17:00:21 +02:00			`public static class ContextApplicationExtensions`
add a bunch of authentication stuff 2024-05-19 17:20:45 +02:00			`{`
add basic suppport for client_credentials oauth grant 2024-05-20 17:00:21 +02:00			`public static async Task<Application> GetApplicationAsync(this IdentityContext db, string clientId)`
			`{`
			`return await db.Applications.FirstOrDefaultAsync(a => a.ClientId == clientId)`
			`?? throw new ApiError.Unauthorized("Invalid client ID or client secret");`
			`}`

			`public static async Task<Application> GetApplicationAsync(this IdentityContext db, string clientId, string clientSecret)`
			`{`
			`var app = await db.GetApplicationAsync(clientId);`
			`if (app.ClientSecret != clientSecret) throw new ApiError.Unauthorized("Invalid client ID or client secret");`
			`return app;`
			`}`
add a bunch of authentication stuff 2024-05-19 17:20:45 +02:00			`}`