|
| 1 | +using Microsoft.AspNetCore.Authentication.JwtBearer; |
1 | 2 | using Microsoft.AspNetCore.Http.HttpResults; |
2 | 3 | using Microsoft.IdentityModel.Tokens; |
3 | 4 | using skipper_paste; |
4 | 5 | using System.Text; |
5 | 6 | using System.Text.Json; |
6 | 7 |
|
7 | 8 | var builder = WebApplication.CreateBuilder(args); |
8 | | - |
| 9 | +builder.Logging.AddConfiguration(builder.Configuration.GetSection("Logging")); |
| 10 | +#if DEBUG |
| 11 | +builder.Logging.ClearProviders(); |
| 12 | +builder.Logging.AddSimpleConsole(); |
| 13 | +builder.Logging.SetMinimumLevel(LogLevel.Trace); |
| 14 | +#endif |
9 | 15 | // Add services to the container. |
10 | 16 | // Learn more about configuring OpenAPI at https://aka.ms/aspnet/openapi |
11 | 17 | builder.Services.AddOpenApi(); |
12 | 18 | builder.Services.AddCors(); |
| 19 | +builder.Services.AddAuthentication(); |
13 | 20 | builder.Services.AddAuthorizationBuilder() |
14 | 21 | .AddPolicy("PasteScope", policy => |
15 | 22 | { |
|
42 | 49 | issuer: $"https://{domain}", |
43 | 50 | audience: "paste", |
44 | 51 | claims: claims, |
45 | | - expires: DateTime.UtcNow.AddHours(1), |
| 52 | + expires: DateTime.UtcNow.AddYears(2), |
46 | 53 | signingCredentials: creds |
47 | 54 | ); |
48 | 55 |
|
|
54 | 61 | } |
55 | 62 |
|
56 | 63 | //add jwt token validation with secret configured from startup |
57 | | -builder.Services.AddAuthentication("Bearer") |
58 | | - .AddJwtBearer("Bearer", options => |
| 64 | +builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) |
| 65 | + .AddJwtBearer(options => |
59 | 66 | { |
60 | 67 | options.Authority = $"https://{domain}"; |
61 | 68 | options.Audience = "paste"; |
62 | 69 | options.RequireHttpsMetadata = false; // For development purposes only, |
63 | 70 | options.TokenValidationParameters = new TokenValidationParameters |
64 | 71 | { |
65 | 72 | ValidateIssuer = true, |
66 | | - ValidateAudience = false, |
| 73 | + ValidateAudience = true, |
67 | 74 | ValidateLifetime = true, |
68 | 75 | ValidateIssuerSigningKey = true, |
| 76 | + NameClaimType = System.Security.Claims.ClaimTypes.Name, |
69 | 77 | ValidIssuer = $"https://{domain}", |
70 | | - IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secret)), |
71 | | - LogValidationExceptions = true |
| 78 | + IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secret)) |
72 | 79 | }; |
73 | 80 | }); |
74 | 81 |
|
75 | 82 | var app = builder.Build(); |
76 | 83 |
|
77 | 84 | app.UseCors(); |
| 85 | +app.UseAuthentication(); |
| 86 | +app.UseAuthorization(); |
78 | 87 |
|
| 88 | +app.Logger.LogInformation("Checking paste directory at {directory}", pasteDirectory); |
79 | 89 |
|
80 | 90 | if (!Directory.Exists(pasteDirectory)) |
81 | 91 | { |
| 92 | + app.Logger.LogInformation("Paste directory at {directory} doesn't exist!", pasteDirectory); |
| 93 | + |
82 | 94 | Directory.CreateDirectory(pasteDirectory); |
83 | 95 | } |
84 | 96 |
|
|
92 | 104 | app.UseAuthentication(); |
93 | 105 | app.UseAuthentication(); |
94 | 106 |
|
95 | | -app.MapPost("/paste", (PasteData data) => |
| 107 | +app.MapPost("/paste", (PasteData data, HttpRequest request) => |
96 | 108 | { |
97 | 109 | var pasteId = RandomNameGenerator.GenerateRandomName(5); |
98 | 110 |
|
99 | 111 | File.WriteAllText(Path.Combine(pasteDirectory, pasteId + ".json"), JsonSerializer.Serialize(data)); |
100 | 112 |
|
101 | | - return Results.Ok(new PasteLink(pasteId, $"{domain}/get/{pasteId}")); |
| 113 | + return Results.Ok(new PasteLink(pasteId, $"{(request.IsHttps ? "https" : "http")}://{domain}/get/{pasteId}")); |
102 | 114 | }) |
103 | 115 | .WithName("PasteJson") |
104 | 116 | .RequireAuthorization(); |
|
118 | 130 | return Results.NotFound("Paste not found"); |
119 | 131 | } |
120 | 132 | }); |
| 133 | + //.RequireRateLimiting(); |
| 134 | + |
| 135 | +app.Logger.LogInformation("Starting main http work..."); |
| 136 | + |
121 | 137 |
|
122 | 138 | app.Run(); |
123 | 139 |
|
|
0 commit comments