Added auth RPC routes.
This commit is contained in:
parent
34528ae413
commit
8a06836985
3 changed files with 80 additions and 5 deletions
63
src/Auth/AuthRpcActions.php
Normal file
63
src/Auth/AuthRpcActions.php
Normal file
|
@ -0,0 +1,63 @@
|
|||
<?php
|
||||
namespace Misuzu\Auth;
|
||||
|
||||
use RuntimeException;
|
||||
use Misuzu\Users\{UsersContext,UserInfo};
|
||||
use Aiwass\Server\{RpcActionHandler,RpcProcedure};
|
||||
use Syokuhou\IConfig;
|
||||
|
||||
final class AuthRpcActions extends RpcActionHandler {
|
||||
public function __construct(
|
||||
private IConfig $impersonateConfig,
|
||||
private UsersContext $usersCtx,
|
||||
private AuthContext $authCtx
|
||||
) {}
|
||||
|
||||
private function canImpersonateUserId(UserInfo $impersonator, string $targetId): bool {
|
||||
if($impersonator->isSuperUser())
|
||||
return true;
|
||||
|
||||
$whitelist = $this->impersonateConfig->getArray(sprintf('allow.u%s', $impersonator->getId()));
|
||||
return in_array($targetId, $whitelist, true);
|
||||
}
|
||||
|
||||
#[RpcProcedure('misuzu:auth:attemptMisuzuAuth')]
|
||||
public function procAttemptMisuzuAuth(string $remoteAddr, string $token): array {
|
||||
$tokenInfo = $this->authCtx->createAuthTokenPacker()->unpack($token);
|
||||
if(!$tokenInfo->isEmpty())
|
||||
$token = $tokenInfo->getSessionToken();
|
||||
|
||||
$sessions = $this->authCtx->getSessions();
|
||||
try {
|
||||
$sessionInfo = $sessions->getSession(sessionToken: $token);
|
||||
} catch(RuntimeException $ex) {
|
||||
return ['method' => 'misuzu', 'error' => 'token'];
|
||||
}
|
||||
|
||||
if($sessionInfo->hasExpired()) {
|
||||
$sessions->deleteSessions(sessionInfos: $sessionInfo);
|
||||
return ['method' => 'misuzu', 'error' => 'expired'];
|
||||
}
|
||||
|
||||
$sessions->recordSessionActivity(sessionInfo: $sessionInfo, remoteAddr: $remoteAddr);
|
||||
|
||||
$users = $this->usersCtx->getUsers();
|
||||
$userInfo = $users->getUser($sessionInfo->getUserId(), 'id');
|
||||
if($tokenInfo->hasImpersonatedUserId() && $this->canImpersonateUserId($userInfo, $tokenInfo->getImpersonatedUserId())) {
|
||||
$userInfoReal = $userInfo;
|
||||
|
||||
try {
|
||||
$userInfo = $users->getUser($tokenInfo->getImpersonatedUserId(), 'id');
|
||||
} catch(RuntimeException $ex) {
|
||||
$userInfo = $userInfoReal;
|
||||
}
|
||||
}
|
||||
|
||||
return [
|
||||
'method' => 'misuzu',
|
||||
'type' => 'user',
|
||||
'user' => $userInfo->getId(),
|
||||
'expires' => $sessionInfo->getExpiresTime(),
|
||||
];
|
||||
}
|
||||
}
|
|
@ -282,11 +282,23 @@ class MisuzuContext {
|
|||
$routingCtx->register(new LegacyRoutes($this->urls));
|
||||
|
||||
$rpcServer = new RpcServer;
|
||||
$routingCtx->getRouter()->scopeTo('/_hanyuu')->register($rpcServer->createRouteHandler(
|
||||
$routingCtx->getRouter()->register($rpcServer->createRouteHandler(
|
||||
new HmacVerificationProvider(fn() => $this->config->getString('aleister.secret'))
|
||||
));
|
||||
|
||||
$rpcServer->register(new Auth\AuthRpcActions(
|
||||
$this->config->scopeTo('impersonate'),
|
||||
$this->usersCtx,
|
||||
$this->authCtx
|
||||
));
|
||||
|
||||
// This RPC server will eventually despawn when Hanyuu fully owns auth
|
||||
$hanyuuRpcServer = new RpcServer;
|
||||
$routingCtx->getRouter()->scopeTo('/_hanyuu')->register($hanyuuRpcServer->createRouteHandler(
|
||||
new HmacVerificationProvider(fn() => $this->config->getString('hanyuu.secret'))
|
||||
));
|
||||
|
||||
$rpcServer->register(new Hanyuu\HanyuuRpcActions(
|
||||
$hanyuuRpcServer->register(new Hanyuu\HanyuuRpcActions(
|
||||
fn() => $this->config->getString('hanyuu.endpoint'),
|
||||
$this->config->scopeTo('impersonate'),
|
||||
$this->urls,
|
||||
|
|
|
@ -2,15 +2,15 @@
|
|||
namespace Misuzu\SharpChat;
|
||||
|
||||
use RuntimeException;
|
||||
use Index\Colour\Colour;
|
||||
use Index\Http\Routing\{HandlerAttribute,HttpDelete,HttpGet,HttpOptions,HttpPost,RouteHandler};
|
||||
use Syokuhou\IConfig;
|
||||
use Misuzu\RoutingContext;
|
||||
use Misuzu\Auth\{AuthContext,AuthInfo,Sessions};
|
||||
use Misuzu\Emoticons\Emotes;
|
||||
use Misuzu\Perms\Permissions;
|
||||
use Misuzu\URLs\URLRegistry;
|
||||
use Misuzu\Users\{Bans,UsersContext,UserInfo};
|
||||
use Index\Colour\Colour;
|
||||
use Index\Http\Routing\{HandlerAttribute,HttpDelete,HttpGet,HttpOptions,HttpPost,RouteHandler};
|
||||
use Syokuhou\IConfig;
|
||||
|
||||
final class SharpChatRoutes extends RouteHandler {
|
||||
private string $hashKey;
|
||||
|
|
Loading…
Reference in a new issue