hopefully really fixed origin

This commit is contained in:
Rudis Muiznieks 2023-04-30 18:07:57 -05:00
parent 1dea48554d
commit 4af6da6758
Signed by: rudism
GPG key ID: CABF2F86EF7884F9

View file

@ -5,6 +5,7 @@ using System.Text;
using System.Text.Json;
using Fido2NetLib;
using Fido2NetLib.Objects;
using Microsoft.AspNetCore.Diagnostics;
using Microsoft.Data.Sqlite;
using SQLitePCL;
@ -40,19 +41,12 @@ public static class Program {
private static string ConnectionString { get => $"Data Source={s_db}"; }
private static Fido2 GetFido2(HttpContext context) {
var origin = context.Request.Host.Value.Split(":").First();
Console.WriteLine($"origin {origin}");
var origin = context.Request.Headers["Origin"].First()!;
if (!s_fido2.ContainsKey(origin)) {
s_fido2.Add(origin, new(new Fido2Configuration {
ServerDomain = origin,
ServerDomain = s_domain ?? context.Request.Host.Value.Split(":").First(),
ServerName = "WebauthnProxy",
Origins = new(new[] { $"http{(
origin == "localhost"
? string.Empty
: "s")}://{origin}{(
origin == "localhost"
? $":{s_port}"
: string.Empty)}" }),
Origins = new(new[] { origin }),
}));
}
@ -62,6 +56,7 @@ public static class Program {
public static void Main(string[] args) {
var app = Initialize(args);
app.UseSession();
app.UseDeveloperExceptionPage();
app.MapGet("/favicon.ico", () => Results.File(Convert.FromBase64String(
$"AAABAAEAEBAAAAAAAABoBQAAFgAAACgAAAAQAAAAIAAAAAEACAAAAAAAAAEAAAAAAAAAAAAAAAEAAAAAAAD///8{new string('A', 1788)}="),
@ -69,7 +64,6 @@ public static class Program {
app.MapGet("/auth/check", async (context) => {
var token = context.Request.Cookies[COOKIE_NAME];
Console.WriteLine(token);
if (!TokenIsValid(token)) {
context.Response.ContentType = "text/plain";
context.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
@ -196,6 +190,7 @@ public static class Program {
var req = await context.Request.ReadFromJsonAsync<AddKeyRequest>();
if (req == null) {
context.Response.StatusCode = 400;
await context.Response.WriteAsJsonAsync(new { error = "bad request" });
return;
}
@ -230,6 +225,8 @@ public static class Program {
cmd.Parameters.Add(idParam);
cmd.Parameters.Add(keyParam);
await cmd.ExecuteNonQueryAsync();
await context.Response.WriteAsJsonAsync(new { status = "ok" });
});
app.Run($"http://0.0.0.0:{s_port}");