btcpayserver/BTCPayServer/Extensions/AuthorizationExtensions.cs

using System.Security.Claims;
using System.Threading.Tasks;
using BTCPayServer.Abstractions.Constants;
using BTCPayServer.Client;
using BTCPayServer.Security.Bitpay;
using BTCPayServer.Security.Greenfield;
using BTCPayServer.Services;
using CsvHelper.Configuration.Attributes;
using Microsoft.AspNetCore.Authorization;

namespace BTCPayServer
{
    public static class AuthorizationExtensions
    {
        public static async Task<(bool HotWallet, bool RPCImport)> CanUseHotWallet(
            this IAuthorizationService authorizationService,
            PoliciesSettings policiesSettings,
            ClaimsPrincipal user)
        {
            if (!user.Identity.IsAuthenticated)
                return (false, false);
            var claimUser = user.Identity as ClaimsIdentity;
            if (claimUser is null)
                return (false, false);

            bool isAdmin = false;
            if (claimUser.AuthenticationType == AuthenticationSchemes.Cookie)
                isAdmin = user.IsInRole(Roles.ServerAdmin);
            else if (claimUser.AuthenticationType == GreenfieldConstants.AuthenticationType)
                isAdmin = (await authorizationService.AuthorizeAsync(user, Policies.CanModifyServerSettings)).Succeeded;
            return isAdmin ? (true, true) :
                   (policiesSettings?.AllowHotWalletForAll is true, policiesSettings?.AllowHotWalletRPCImportForAll is true);
        }
    }
}
GreenField API: Wallet API (#2246) * GreenField: Wallet API * more work * wip * rough fiunish of transaction sending api * Allow to create tx without broadcasting and small fixes * Refactor Wallet Receive feature ad add greenfield api for address reserve for wallet * add wallet api client * add docs * fix json converter tags * fixes and add wallet tests * fix tests * fix rebase * fixes * just pass the tests already * ugggh * small cleanup * revert int support in numeric string converter and make block id as native number in json * fix LN endpoint * try fix flaky test * Revert "try fix flaky test" This reverts commit 2e0d256325b892f7741325dcbab01196f74d182a. * try fix other flaky test * return proepr error if fee rate could not be fetched * try fix test again * reduce fee related logic for wallet api * try reduce code changes for pr scope * change auth logic for initial release of wallet api 2021-03-11 13:34:52 +01:00			`using System.Security.Claims;`
			`using System.Threading.Tasks;`
Rewrite the CanUseHotWallet, check if the derivationscheme is actually a hotwallet, before retrieving the seed 2021-03-11 21:46:32 +09:00			`using BTCPayServer.Abstractions.Constants;`
GreenField API: Wallet API (#2246) * GreenField: Wallet API * more work * wip * rough fiunish of transaction sending api * Allow to create tx without broadcasting and small fixes * Refactor Wallet Receive feature ad add greenfield api for address reserve for wallet * add wallet api client * add docs * fix json converter tags * fixes and add wallet tests * fix tests * fix rebase * fixes * just pass the tests already * ugggh * small cleanup * revert int support in numeric string converter and make block id as native number in json * fix LN endpoint * try fix flaky test * Revert "try fix flaky test" This reverts commit 2e0d256325b892f7741325dcbab01196f74d182a. * try fix other flaky test * return proepr error if fee rate could not be fetched * try fix test again * reduce fee related logic for wallet api * try reduce code changes for pr scope * change auth logic for initial release of wallet api 2021-03-11 13:34:52 +01:00			`using BTCPayServer.Client;`
			`using BTCPayServer.Security.Bitpay;`
Rename GreenField -> Greenfield 2022-01-14 13:05:23 +09:00			`using BTCPayServer.Security.Greenfield;`
GreenField API: Wallet API (#2246) * GreenField: Wallet API * more work * wip * rough fiunish of transaction sending api * Allow to create tx without broadcasting and small fixes * Refactor Wallet Receive feature ad add greenfield api for address reserve for wallet * add wallet api client * add docs * fix json converter tags * fixes and add wallet tests * fix tests * fix rebase * fixes * just pass the tests already * ugggh * small cleanup * revert int support in numeric string converter and make block id as native number in json * fix LN endpoint * try fix flaky test * Revert "try fix flaky test" This reverts commit 2e0d256325b892f7741325dcbab01196f74d182a. * try fix other flaky test * return proepr error if fee rate could not be fetched * try fix test again * reduce fee related logic for wallet api * try reduce code changes for pr scope * change auth logic for initial release of wallet api 2021-03-11 13:34:52 +01:00			`using BTCPayServer.Services;`
Rewrite the CanUseHotWallet, check if the derivationscheme is actually a hotwallet, before retrieving the seed 2021-03-11 21:46:32 +09:00			`using CsvHelper.Configuration.Attributes;`
GreenField API: Wallet API (#2246) * GreenField: Wallet API * more work * wip * rough fiunish of transaction sending api * Allow to create tx without broadcasting and small fixes * Refactor Wallet Receive feature ad add greenfield api for address reserve for wallet * add wallet api client * add docs * fix json converter tags * fixes and add wallet tests * fix tests * fix rebase * fixes * just pass the tests already * ugggh * small cleanup * revert int support in numeric string converter and make block id as native number in json * fix LN endpoint * try fix flaky test * Revert "try fix flaky test" This reverts commit 2e0d256325b892f7741325dcbab01196f74d182a. * try fix other flaky test * return proepr error if fee rate could not be fetched * try fix test again * reduce fee related logic for wallet api * try reduce code changes for pr scope * change auth logic for initial release of wallet api 2021-03-11 13:34:52 +01:00			`using Microsoft.AspNetCore.Authorization;`

			`namespace BTCPayServer`
			`{`
			`public static class AuthorizationExtensions`
			`{`
			`public static async Task<(bool HotWallet, bool RPCImport)> CanUseHotWallet(`
			`this IAuthorizationService authorizationService,`
			`PoliciesSettings policiesSettings,`
			`ClaimsPrincipal user)`
			`{`
Rewrite the CanUseHotWallet, check if the derivationscheme is actually a hotwallet, before retrieving the seed 2021-03-11 21:46:32 +09:00			`if (!user.Identity.IsAuthenticated)`
			`return (false, false);`
			`var claimUser = user.Identity as ClaimsIdentity;`
			`if (claimUser is null)`
			`return (false, false);`

			`bool isAdmin = false;`
			`if (claimUser.AuthenticationType == AuthenticationSchemes.Cookie)`
			`isAdmin = user.IsInRole(Roles.ServerAdmin);`
Rename GreenField -> Greenfield 2022-01-14 13:05:23 +09:00			`else if (claimUser.AuthenticationType == GreenfieldConstants.AuthenticationType)`
Rewrite the CanUseHotWallet, check if the derivationscheme is actually a hotwallet, before retrieving the seed 2021-03-11 21:46:32 +09:00			`isAdmin = (await authorizationService.AuthorizeAsync(user, Policies.CanModifyServerSettings)).Succeeded;`
Run dotnet format (#3244) 2021-12-31 16:59:02 +09:00			`return isAdmin ? (true, true) :`
Rewrite the CanUseHotWallet, check if the derivationscheme is actually a hotwallet, before retrieving the seed 2021-03-11 21:46:32 +09:00			`(policiesSettings?.AllowHotWalletForAll is true, policiesSettings?.AllowHotWalletRPCImportForAll is true);`
GreenField API: Wallet API (#2246) * GreenField: Wallet API * more work * wip * rough fiunish of transaction sending api * Allow to create tx without broadcasting and small fixes * Refactor Wallet Receive feature ad add greenfield api for address reserve for wallet * add wallet api client * add docs * fix json converter tags * fixes and add wallet tests * fix tests * fix rebase * fixes * just pass the tests already * ugggh * small cleanup * revert int support in numeric string converter and make block id as native number in json * fix LN endpoint * try fix flaky test * Revert "try fix flaky test" This reverts commit 2e0d256325b892f7741325dcbab01196f74d182a. * try fix other flaky test * return proepr error if fee rate could not be fetched * try fix test again * reduce fee related logic for wallet api * try reduce code changes for pr scope * change auth logic for initial release of wallet api 2021-03-11 13:34:52 +01:00			`}`
			`}`
			`}`