From 900bb5e845c3ad44defbd427cae3d44a4a43321f Mon Sep 17 00:00:00 2001 From: ivarlovlie Date: Sat, 25 Feb 2023 13:15:44 +0100 Subject: feat: Initial commit --- .../src/Endpoints/V1/ApiTokens/CreateTokenRoute.cs | 58 ++++++++++++++++++++++ .../src/Endpoints/V1/ApiTokens/DeleteTokenRoute.cs | 31 ++++++++++++ .../src/Endpoints/V1/ApiTokens/GetTokensRoute.cs | 36 ++++++++++++++ 3 files changed, 125 insertions(+) create mode 100644 code/api/src/Endpoints/V1/ApiTokens/CreateTokenRoute.cs create mode 100644 code/api/src/Endpoints/V1/ApiTokens/DeleteTokenRoute.cs create mode 100644 code/api/src/Endpoints/V1/ApiTokens/GetTokensRoute.cs (limited to 'code/api/src/Endpoints/V1/ApiTokens') diff --git a/code/api/src/Endpoints/V1/ApiTokens/CreateTokenRoute.cs b/code/api/src/Endpoints/V1/ApiTokens/CreateTokenRoute.cs new file mode 100644 index 0000000..163ddb6 --- /dev/null +++ b/code/api/src/Endpoints/V1/ApiTokens/CreateTokenRoute.cs @@ -0,0 +1,58 @@ +using System.Text; + +namespace IOL.GreatOffice.Api.Endpoints.V1.ApiTokens; + +public class CreateTokenRoute : RouteBaseSync.WithRequest.WithActionResult +{ + private readonly MainAppDatabase _database; + private readonly AppConfiguration _configuration; + private readonly ILogger _logger; + + public CreateTokenRoute(MainAppDatabase database, VaultService vaultService, ILogger logger) { + _database = database; + _configuration = vaultService.GetCurrentAppConfiguration(); + _logger = logger; + } + + public class Payload + { + public DateTime ExpiryDate { get; set; } + public bool AllowRead { get; set; } + public bool AllowCreate { get; set; } + public bool AllowUpdate { get; set; } + public bool AllowDelete { get; set; } + } + + /// + /// Create a new api token with the provided claims. + /// + /// The claims to set on the api token + /// + [ApiVersion(ApiSpecV1.VERSION_STRING)] + [HttpPost("~/v{version:apiVersion}/api-tokens/create")] + public override ActionResult Handle(Payload request) { + var user = _database.Users.SingleOrDefault(c => c.Id == LoggedInUser.Id); + if (user == default) { + return NotFound(new KnownProblemModel("User does not exist")); + } + + var token_entropy = _configuration.APP_AES_KEY; + if (token_entropy.IsNullOrWhiteSpace()) { + _logger.LogWarning("No token entropy is available, Basic auth is disabled"); + return NotFound(); + } + + var accessToken = new ApiAccessToken() { + User = user, + ExpiryDate = request.ExpiryDate.ToUniversalTime(), + AllowCreate = request.AllowCreate, + AllowRead = request.AllowRead, + AllowDelete = request.AllowDelete, + AllowUpdate = request.AllowUpdate + }; + + _database.AccessTokens.Add(accessToken); + _database.SaveChanges(); + return Ok(Convert.ToBase64String(Encoding.UTF8.GetBytes(accessToken.Id.ToString().EncryptWithAes(token_entropy)))); + } +} \ No newline at end of file diff --git a/code/api/src/Endpoints/V1/ApiTokens/DeleteTokenRoute.cs b/code/api/src/Endpoints/V1/ApiTokens/DeleteTokenRoute.cs new file mode 100644 index 0000000..ee19e40 --- /dev/null +++ b/code/api/src/Endpoints/V1/ApiTokens/DeleteTokenRoute.cs @@ -0,0 +1,31 @@ +namespace IOL.GreatOffice.Api.Endpoints.V1.ApiTokens; + +public class DeleteTokenRoute : RouteBaseSync.WithRequest.WithActionResult +{ + private readonly MainAppDatabase _database; + private readonly ILogger _logger; + + public DeleteTokenRoute(MainAppDatabase database, ILogger logger) { + _database = database; + _logger = logger; + } + + /// + /// Delete an api token, rendering it unusable + /// + /// Id of the token to delete + /// Nothing + [ApiVersion(ApiSpecV1.VERSION_STRING)] + [HttpDelete("~/v{version:apiVersion}/api-tokens/delete")] + public override ActionResult Handle(Guid id) { + var token = _database.AccessTokens.SingleOrDefault(c => c.Id == id); + if (token == default) { + _logger.LogWarning("A deletion request of an already deleted (maybe) api token was received."); + return NotFound(); + } + + _database.AccessTokens.Remove(token); + _database.SaveChanges(); + return Ok(); + } +} \ No newline at end of file diff --git a/code/api/src/Endpoints/V1/ApiTokens/GetTokensRoute.cs b/code/api/src/Endpoints/V1/ApiTokens/GetTokensRoute.cs new file mode 100644 index 0000000..ee46b34 --- /dev/null +++ b/code/api/src/Endpoints/V1/ApiTokens/GetTokensRoute.cs @@ -0,0 +1,36 @@ +namespace IOL.GreatOffice.Api.Endpoints.V1.ApiTokens; + +public class GetTokensRoute : RouteBaseSync.WithoutRequest.WithResult>> +{ + private readonly MainAppDatabase _database; + + public GetTokensRoute(MainAppDatabase database) { + _database = database; + } + + public class ResponseModel + { + public DateTime ExpiryDate { get; set; } + public bool AllowRead { get; set; } + public bool AllowCreate { get; set; } + public bool AllowUpdate { get; set; } + public bool AllowDelete { get; set; } + public bool HasExpired => ExpiryDate < AppDateTime.UtcNow; + } + + /// + /// Get all tokens, both active and inactive. + /// + /// A list of tokens + [ApiVersion(ApiSpecV1.VERSION_STRING)] + [HttpGet("~/v{version:apiVersion}/api-tokens")] + public override ActionResult> Handle() { + return Ok(_database.AccessTokens.Where(c => c.User.Id == LoggedInUser.Id).Select(c => new ResponseModel() { + AllowCreate = c.AllowCreate, + AllowRead = c.AllowRead, + AllowDelete = c.AllowDelete, + AllowUpdate = c.AllowUpdate, + ExpiryDate = c.ExpiryDate + })); + } +} \ No newline at end of file -- cgit v1.3