hopefully really fixed origin

This commit is contained in:
Rudis Muiznieks 2023-04-30 18:07:57 -05:00
parent 1dea48554d
commit 4af6da6758
Signed by: rudism
GPG Key ID: CABF2F86EF7884F9
1 changed files with 8 additions and 11 deletions

View File

@ -5,6 +5,7 @@ using System.Text;
using System.Text.Json; using System.Text.Json;
using Fido2NetLib; using Fido2NetLib;
using Fido2NetLib.Objects; using Fido2NetLib.Objects;
using Microsoft.AspNetCore.Diagnostics;
using Microsoft.Data.Sqlite; using Microsoft.Data.Sqlite;
using SQLitePCL; using SQLitePCL;
@ -40,19 +41,12 @@ public static class Program {
private static string ConnectionString { get => $"Data Source={s_db}"; } private static string ConnectionString { get => $"Data Source={s_db}"; }
private static Fido2 GetFido2(HttpContext context) { private static Fido2 GetFido2(HttpContext context) {
var origin = context.Request.Host.Value.Split(":").First(); var origin = context.Request.Headers["Origin"].First()!;
Console.WriteLine($"origin {origin}");
if (!s_fido2.ContainsKey(origin)) { if (!s_fido2.ContainsKey(origin)) {
s_fido2.Add(origin, new(new Fido2Configuration { s_fido2.Add(origin, new(new Fido2Configuration {
ServerDomain = origin, ServerDomain = s_domain ?? context.Request.Host.Value.Split(":").First(),
ServerName = "WebauthnProxy", ServerName = "WebauthnProxy",
Origins = new(new[] { $"http{( Origins = new(new[] { origin }),
origin == "localhost"
? string.Empty
: "s")}://{origin}{(
origin == "localhost"
? $":{s_port}"
: string.Empty)}" }),
})); }));
} }
@ -62,6 +56,7 @@ public static class Program {
public static void Main(string[] args) { public static void Main(string[] args) {
var app = Initialize(args); var app = Initialize(args);
app.UseSession(); app.UseSession();
app.UseDeveloperExceptionPage();
app.MapGet("/favicon.ico", () => Results.File(Convert.FromBase64String( app.MapGet("/favicon.ico", () => Results.File(Convert.FromBase64String(
$"AAABAAEAEBAAAAAAAABoBQAAFgAAACgAAAAQAAAAIAAAAAEACAAAAAAAAAEAAAAAAAAAAAAAAAEAAAAAAAD///8{new string('A', 1788)}="), $"AAABAAEAEBAAAAAAAABoBQAAFgAAACgAAAAQAAAAIAAAAAEACAAAAAAAAAEAAAAAAAAAAAAAAAEAAAAAAAD///8{new string('A', 1788)}="),
@ -69,7 +64,6 @@ public static class Program {
app.MapGet("/auth/check", async (context) => { app.MapGet("/auth/check", async (context) => {
var token = context.Request.Cookies[COOKIE_NAME]; var token = context.Request.Cookies[COOKIE_NAME];
Console.WriteLine(token);
if (!TokenIsValid(token)) { if (!TokenIsValid(token)) {
context.Response.ContentType = "text/plain"; context.Response.ContentType = "text/plain";
context.Response.StatusCode = (int)HttpStatusCode.Unauthorized; context.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
@ -196,6 +190,7 @@ public static class Program {
var req = await context.Request.ReadFromJsonAsync<AddKeyRequest>(); var req = await context.Request.ReadFromJsonAsync<AddKeyRequest>();
if (req == null) { if (req == null) {
context.Response.StatusCode = 400; context.Response.StatusCode = 400;
await context.Response.WriteAsJsonAsync(new { error = "bad request" });
return; return;
} }
@ -230,6 +225,8 @@ public static class Program {
cmd.Parameters.Add(idParam); cmd.Parameters.Add(idParam);
cmd.Parameters.Add(keyParam); cmd.Parameters.Add(keyParam);
await cmd.ExecuteNonQueryAsync(); await cmd.ExecuteNonQueryAsync();
await context.Response.WriteAsJsonAsync(new { status = "ok" });
}); });
app.Run($"http://0.0.0.0:{s_port}"); app.Run($"http://0.0.0.0:{s_port}");