From 9371a2eb9d10d9492a168fbb735ba0b0e4d76671 Mon Sep 17 00:00:00 2001 From: Rory& Date: Mon, 26 Feb 2024 17:10:46 +0100 Subject: Fix auth code to be excluded on federation. --- MatrixMediaGate/Services/AuthValidator.cs | 27 ++++++++++----------------- 1 file changed, 10 insertions(+), 17 deletions(-) (limited to 'MatrixMediaGate/Services/AuthValidator.cs') diff --git a/MatrixMediaGate/Services/AuthValidator.cs b/MatrixMediaGate/Services/AuthValidator.cs index 08ccd14..6f2b0c1 100644 --- a/MatrixMediaGate/Services/AuthValidator.cs +++ b/MatrixMediaGate/Services/AuthValidator.cs @@ -6,43 +6,36 @@ namespace MatrixMediaGate.Services; public class AuthValidator(ILogger logger, ProxyConfiguration cfg, IHttpContextAccessor ctx) { private static Dictionary _authCache = new(); - public async Task UpdateAuth() { - if (ctx.HttpContext is null) return false; - if (ctx.HttpContext.Connection.RemoteIpAddress is null) return false; + public async Task UpdateAuth() { + if (ctx.HttpContext?.Connection.RemoteIpAddress is null) return; var remote = ctx.HttpContext.Connection.RemoteIpAddress.ToString(); - - + if (_authCache.TryGetValue(remote, out var value)) { if (value > DateTime.Now.AddSeconds(30)) { - return true; + return; } _authCache.Remove(remote); } string? token = getToken(); - if (token is null) return false; + if (token is null) return; using var hc = new HttpClient(); using var req = new HttpRequestMessage(HttpMethod.Get, $"{cfg.Upstream}/_matrix/client/v3/account/whoami?access_token={token}"); - req.Headers.Host = cfg.Host; var response = await hc.SendAsync(req); - if (response.Content.Headers.ContentType?.MediaType != "application/json") return false; + if (response.Content.Headers.ContentType?.MediaType != "application/json") return; var content = await response.Content.ReadAsStringAsync(); var json = JsonDocument.Parse(content); if (json.RootElement.TryGetProperty("user_id", out var userId)) { _authCache[remote] = DateTime.Now.AddMinutes(5); logger.LogInformation("Authenticated {userId} on {remote}, expiring at {time}", userId, remote, _authCache[remote]); - return true; } - - return false; } public bool ValidateAuth() { - if (ctx.HttpContext is null) return false; - if (ctx.HttpContext.Connection.RemoteIpAddress is null) return false; + if (ctx.HttpContext?.Connection.RemoteIpAddress is null) return false; var remote = ctx.HttpContext.Connection.RemoteIpAddress.ToString(); if (_authCache.ContainsKey(remote)) { @@ -57,9 +50,9 @@ public class AuthValidator(ILogger logger, ProxyConfiguration cfg } private string? getToken() { - if (ctx is null) return null; - if (ctx.HttpContext.Request.Headers.ContainsKey("Authorization")) { - return ctx.HttpContext.Request.Headers["Authorization"].ToString().Split(' ', 2)[1]; + if (ctx.HttpContext is null) return null; + if (ctx.HttpContext.Request.Headers.TryGetValue("Authorization", out var header)) { + return header.ToString().Split(' ', 2)[1]; } else if (ctx.HttpContext.Request.Query.ContainsKey("access_token")) { return ctx.HttpContext.Request.Query["access_token"]!; -- cgit 1.5.1