btcpayserver/BTCPayServer/Security/GreenField/APIKeysAuthenticationHandler.cs

#nullable enable
using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Claims;
using System.Text.Encodings.Web;
using System.Threading.Tasks;
using BTCPayServer.Client;
using BTCPayServer.Data;
using BTCPayServer.Services;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Identity;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;
using Microsoft.Net.Http.Headers;

namespace BTCPayServer.Security.Greenfield
{
    public class APIKeysAuthenticationHandler : AuthenticationHandler<GreenfieldAuthenticationOptions>
    {
        private readonly APIKeyRepository _apiKeyRepository;
        private readonly IOptionsMonitor<IdentityOptions> _identityOptions;
        private readonly UserManager<ApplicationUser> _userManager;

        public APIKeysAuthenticationHandler(
            APIKeyRepository apiKeyRepository,
            IOptionsMonitor<IdentityOptions> identityOptions,
            IOptionsMonitor<GreenfieldAuthenticationOptions> options,
            ILoggerFactory logger,
            UrlEncoder encoder,
            UserManager<ApplicationUser> userManager) : base(options, logger, encoder)
        {
            _apiKeyRepository = apiKeyRepository;
            _identityOptions = identityOptions;
            _userManager = userManager;
        }
        protected override Task HandleChallengeAsync(AuthenticationProperties properties)
        {
            // This one deserve some explanation...
            // Some routes have this authorization.
            // [Authorize(AuthenticationSchemes = AuthenticationSchemes.Cookie + "," + AuthenticationSchemes.Greenfield)]
            // This is meant for API routes that we wish to access by greenfield but also via the browser for documentation purpose (say /misc/rate-sources)
            // Now, if we aren't logged nor authenticated via greenfield, the AuthenticationHandlers get challenged.
            // The last handler to be challenged is the CookieAuthenticationHandler, which instruct to handle the challenge as a redirection to
            // the login page.
            // But this isn't what we want when we call the API programmatically, instead we want an error 401 with a json error message.
            // This hack modify a request's header to trick the CookieAuthenticationHandler to not do a redirection.
            if (!Request.Headers.Accept.Any(s => s is string && s.StartsWith("text/html", StringComparison.OrdinalIgnoreCase)))
                Request.Headers.XRequestedWith = new Microsoft.Extensions.Primitives.StringValues("XMLHttpRequest");
            return base.HandleChallengeAsync(properties);
        }
        private bool IsJson(string contentType)
        {
            return contentType?.StartsWith("application/json", StringComparison.OrdinalIgnoreCase) is true;
        }
        protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
        {
            if (!Context.Request.HttpContext.GetAPIKey(out var apiKey) || string.IsNullOrEmpty(apiKey))
                return AuthenticateResult.NoResult();

            var key = await _apiKeyRepository.GetKey(apiKey, true);
            if (!UserService.TryCanLogin(key?.User, out var error))
            {
                return AuthenticateResult.Fail($"ApiKey authentication failed: {error}");
            }

            var claims = new List<Claim> { new (_identityOptions.CurrentValue.ClaimsIdentity.UserIdClaimType, key.UserId) };
            claims.AddRange((await _userManager.GetRolesAsync(key.User)).Select(s => new Claim(_identityOptions.CurrentValue.ClaimsIdentity.RoleClaimType, s)));
            claims.AddRange(Permission.ToPermissions(key.GetBlob()?.Permissions ?? Array.Empty<string>()).Select(permission =>
                new Claim(GreenfieldConstants.ClaimTypes.Permission, permission.ToString())));
            return AuthenticateResult.Success(new AuthenticationTicket(
                new ClaimsPrincipal(new ClaimsIdentity(claims, GreenfieldConstants.AuthenticationType)),
                GreenfieldConstants.AuthenticationType));
        }
    }
}
Greenfield: Store Rates Config (#3931) * Greenfield: Store Rates Config * FIX SWAGGER * rebase fix * Apply suggestions from code review Co-authored-by: d11n <mail@dennisreimann.de> * Update BTCPayServer/wwwroot/swagger/v1/swagger.template.stores-rates-config.json Co-authored-by: d11n <mail@dennisreimann.de> * Fix: Spread isn't converted from/to percentage, rename some fields, and move some routes * Fix error handling Co-authored-by: d11n <mail@dennisreimann.de> Co-authored-by: nicolas.dorier <nicolas.dorier@gmail.com> 2022-10-12 15:19:33 +02:00			`#nullable enable`
			`using System;`
Move directories, rename controllers 2020-03-27 12:58:45 +09:00			`using System.Collections.Generic;`
			`using System.Linq;`
			`using System.Security.Claims;`
			`using System.Text.Encodings.Web;`
			`using System.Threading.Tasks;`
			`using BTCPayServer.Client;`
			`using BTCPayServer.Data;`
Admins can approve registered users (#5647) * Users list: Cleanups * Policies: Flip registration settings * Policies: Add RequireUserApproval setting * Add approval to user * Require approval on login and for API key * API handling * AccountController cleanups * Test fix * Apply suggestions from code review Co-authored-by: Nicolas Dorier <nicolas.dorier@gmail.com> * Add missing imports * Communicate login requirements to user on account creation * Add login requirements to basic auth handler * Cleanups and test fix * Encapsulate approval logic in user service and log approval changes * Send follow up "Account approved" email Closes #5656. * Add notification for admins * Fix creating a user via the admin view * Update list: Unify flags into status column, add approve action * Adjust "Resend email" wording * Incorporate feedback from code review * Remove duplicate test server policy reset --------- Co-authored-by: Nicolas Dorier <nicolas.dorier@gmail.com> 2024-01-31 06:45:54 +01:00			`using BTCPayServer.Services;`
Move directories, rename controllers 2020-03-27 12:58:45 +09:00			`using Microsoft.AspNetCore.Authentication;`
			`using Microsoft.AspNetCore.Identity;`
			`using Microsoft.Extensions.Logging;`
			`using Microsoft.Extensions.Options;`
Greenfield: Store Rates Config (#3931) * Greenfield: Store Rates Config * FIX SWAGGER * rebase fix * Apply suggestions from code review Co-authored-by: d11n <mail@dennisreimann.de> * Update BTCPayServer/wwwroot/swagger/v1/swagger.template.stores-rates-config.json Co-authored-by: d11n <mail@dennisreimann.de> * Fix: Spread isn't converted from/to percentage, rename some fields, and move some routes * Fix error handling Co-authored-by: d11n <mail@dennisreimann.de> Co-authored-by: nicolas.dorier <nicolas.dorier@gmail.com> 2022-10-12 15:19:33 +02:00			`using Microsoft.Net.Http.Headers;`
Move directories, rename controllers 2020-03-27 12:58:45 +09:00
Rename GreenField -> Greenfield 2022-01-14 13:05:23 +09:00			`namespace BTCPayServer.Security.Greenfield`
Move directories, rename controllers 2020-03-27 12:58:45 +09:00			`{`
Rename GreenField -> Greenfield 2022-01-14 13:05:23 +09:00			`public class APIKeysAuthenticationHandler : AuthenticationHandler<GreenfieldAuthenticationOptions>`
Move directories, rename controllers 2020-03-27 12:58:45 +09:00			`{`
			`private readonly APIKeyRepository _apiKeyRepository;`
			`private readonly IOptionsMonitor<IdentityOptions> _identityOptions;`
			`private readonly UserManager<ApplicationUser> _userManager;`

Split the greenfield authhandler in two classes 2020-03-27 13:06:41 +09:00			`public APIKeysAuthenticationHandler(`
Move directories, rename controllers 2020-03-27 12:58:45 +09:00			`APIKeyRepository apiKeyRepository,`
			`IOptionsMonitor<IdentityOptions> identityOptions,`
Rename GreenField -> Greenfield 2022-01-14 13:05:23 +09:00			`IOptionsMonitor<GreenfieldAuthenticationOptions> options,`
Move directories, rename controllers 2020-03-27 12:58:45 +09:00			`ILoggerFactory logger,`
			`UrlEncoder encoder,`
Fix warnings (#5517) Co-authored-by: Dennis Reimann <mail@dennisreimann.de> 2023-11-28 23:20:03 +09:00			`UserManager<ApplicationUser> userManager) : base(options, logger, encoder)`
Move directories, rename controllers 2020-03-27 12:58:45 +09:00			`{`
			`_apiKeyRepository = apiKeyRepository;`
			`_identityOptions = identityOptions;`
			`_userManager = userManager;`
			`}`
Greenfield: Store Rates Config (#3931) * Greenfield: Store Rates Config * FIX SWAGGER * rebase fix * Apply suggestions from code review Co-authored-by: d11n <mail@dennisreimann.de> * Update BTCPayServer/wwwroot/swagger/v1/swagger.template.stores-rates-config.json Co-authored-by: d11n <mail@dennisreimann.de> * Fix: Spread isn't converted from/to percentage, rename some fields, and move some routes * Fix error handling Co-authored-by: d11n <mail@dennisreimann.de> Co-authored-by: nicolas.dorier <nicolas.dorier@gmail.com> 2022-10-12 15:19:33 +02:00			`protected override Task HandleChallengeAsync(AuthenticationProperties properties)`
			`{`
			`// This one deserve some explanation...`
			`// Some routes have this authorization.`
			`// [Authorize(AuthenticationSchemes = AuthenticationSchemes.Cookie + "," + AuthenticationSchemes.Greenfield)]`
			`// This is meant for API routes that we wish to access by greenfield but also via the browser for documentation purpose (say /misc/rate-sources)`
			`// Now, if we aren't logged nor authenticated via greenfield, the AuthenticationHandlers get challenged.`
			`// The last handler to be challenged is the CookieAuthenticationHandler, which instruct to handle the challenge as a redirection to`
			`// the login page.`
			`// But this isn't what we want when we call the API programmatically, instead we want an error 401 with a json error message.`
			`// This hack modify a request's header to trick the CookieAuthenticationHandler to not do a redirection.`
Fix warnings (#5517) Co-authored-by: Dennis Reimann <mail@dennisreimann.de> 2023-11-28 23:20:03 +09:00			`if (!Request.Headers.Accept.Any(s => s is string && s.StartsWith("text/html", StringComparison.OrdinalIgnoreCase)))`
Greenfield: Store Rates Config (#3931) * Greenfield: Store Rates Config * FIX SWAGGER * rebase fix * Apply suggestions from code review Co-authored-by: d11n <mail@dennisreimann.de> * Update BTCPayServer/wwwroot/swagger/v1/swagger.template.stores-rates-config.json Co-authored-by: d11n <mail@dennisreimann.de> * Fix: Spread isn't converted from/to percentage, rename some fields, and move some routes * Fix error handling Co-authored-by: d11n <mail@dennisreimann.de> Co-authored-by: nicolas.dorier <nicolas.dorier@gmail.com> 2022-10-12 15:19:33 +02:00			`Request.Headers.XRequestedWith = new Microsoft.Extensions.Primitives.StringValues("XMLHttpRequest");`
			`return base.HandleChallengeAsync(properties);`
			`}`
			`private bool IsJson(string contentType)`
			`{`
			`return contentType?.StartsWith("application/json", StringComparison.OrdinalIgnoreCase) is true;`
			`}`
Move directories, rename controllers 2020-03-27 12:58:45 +09:00			`protected override async Task<AuthenticateResult> HandleAuthenticateAsync()`
			`{`
			`if (!Context.Request.HttpContext.GetAPIKey(out var apiKey) \|\| string.IsNullOrEmpty(apiKey))`
			`return AuthenticateResult.NoResult();`

Set roles when authenticating via greenfield fixes #1855 2020-08-19 14:46:45 +02:00			`var key = await _apiKeyRepository.GetKey(apiKey, true);`
Admins can approve registered users (#5647) * Users list: Cleanups * Policies: Flip registration settings * Policies: Add RequireUserApproval setting * Add approval to user * Require approval on login and for API key * API handling * AccountController cleanups * Test fix * Apply suggestions from code review Co-authored-by: Nicolas Dorier <nicolas.dorier@gmail.com> * Add missing imports * Communicate login requirements to user on account creation * Add login requirements to basic auth handler * Cleanups and test fix * Encapsulate approval logic in user service and log approval changes * Send follow up "Account approved" email Closes #5656. * Add notification for admins * Fix creating a user via the admin view * Update list: Unify flags into status column, add approve action * Adjust "Resend email" wording * Incorporate feedback from code review * Remove duplicate test server policy reset --------- Co-authored-by: Nicolas Dorier <nicolas.dorier@gmail.com> 2024-01-31 06:45:54 +01:00			`if (!UserService.TryCanLogin(key?.User, out var error))`
Move directories, rename controllers 2020-03-27 12:58:45 +09:00			`{`
Admins can approve registered users (#5647) * Users list: Cleanups * Policies: Flip registration settings * Policies: Add RequireUserApproval setting * Add approval to user * Require approval on login and for API key * API handling * AccountController cleanups * Test fix * Apply suggestions from code review Co-authored-by: Nicolas Dorier <nicolas.dorier@gmail.com> * Add missing imports * Communicate login requirements to user on account creation * Add login requirements to basic auth handler * Cleanups and test fix * Encapsulate approval logic in user service and log approval changes * Send follow up "Account approved" email Closes #5656. * Add notification for admins * Fix creating a user via the admin view * Update list: Unify flags into status column, add approve action * Adjust "Resend email" wording * Incorporate feedback from code review * Remove duplicate test server policy reset --------- Co-authored-by: Nicolas Dorier <nicolas.dorier@gmail.com> 2024-01-31 06:45:54 +01:00			`return AuthenticateResult.Fail($"ApiKey authentication failed: {error}");`
Move directories, rename controllers 2020-03-27 12:58:45 +09:00			`}`
Run dotnet format (#3244) 2021-12-31 16:59:02 +09:00
Admins can approve registered users (#5647) * Users list: Cleanups * Policies: Flip registration settings * Policies: Add RequireUserApproval setting * Add approval to user * Require approval on login and for API key * API handling * AccountController cleanups * Test fix * Apply suggestions from code review Co-authored-by: Nicolas Dorier <nicolas.dorier@gmail.com> * Add missing imports * Communicate login requirements to user on account creation * Add login requirements to basic auth handler * Cleanups and test fix * Encapsulate approval logic in user service and log approval changes * Send follow up "Account approved" email Closes #5656. * Add notification for admins * Fix creating a user via the admin view * Update list: Unify flags into status column, add approve action * Adjust "Resend email" wording * Incorporate feedback from code review * Remove duplicate test server policy reset --------- Co-authored-by: Nicolas Dorier <nicolas.dorier@gmail.com> 2024-01-31 06:45:54 +01:00			`var claims = new List<Claim> { new (_identityOptions.CurrentValue.ClaimsIdentity.UserIdClaimType, key.UserId) };`
Set roles when authenticating via greenfield fixes #1855 2020-08-19 14:46:45 +02:00			`claims.AddRange((await _userManager.GetRolesAsync(key.User)).Select(s => new Claim(_identityOptions.CurrentValue.ClaimsIdentity.RoleClaimType, s)));`
Start using JSONB column instead of app side compressed data (#4574) 2023-02-21 15:06:34 +09:00			`claims.AddRange(Permission.ToPermissions(key.GetBlob()?.Permissions ?? Array.Empty<string>()).Select(permission =>`
Rename GreenField -> Greenfield 2022-01-14 13:05:23 +09:00			`new Claim(GreenfieldConstants.ClaimTypes.Permission, permission.ToString())));`
Move directories, rename controllers 2020-03-27 12:58:45 +09:00			`return AuthenticateResult.Success(new AuthenticationTicket(`
Rename GreenField -> Greenfield 2022-01-14 13:05:23 +09:00			`new ClaimsPrincipal(new ClaimsIdentity(claims, GreenfieldConstants.AuthenticationType)),`
			`GreenfieldConstants.AuthenticationType));`
Move directories, rename controllers 2020-03-27 12:58:45 +09:00			`}`
			`}`
			`}`