mirror of
https://github.com/btcpayserver/btcpayserver.git
synced 2024-11-20 02:28:31 +01:00
76a6d94bbe
* WIP New APIs for dealing with custodians/exchanges * Simplified things * More API refinements + index.html file for quick viewing * Finishing touches on spec * Switched cryptoCode to paymentMethod as this allows us to differentiate between onchain and lightning * Moved draft API docs to "/docs-draft" * WIP baby steps * Added DB migration for CustodianAccountData * Rough but working POST /v1/api/custodian-account + GET /v1/api/custodian * WIP + early Kraken API client * Moved service registration to proper location * Working create + list custodian accounts + permissions + WIP Kraken client * Kraken API Balances call is working * Added asset balances to response * List Custodian Accounts call does not load assetBalances by default, because it can fail. Can be requested when needed. * Call to get the details of 1 specific custodian account * Added permissions to swagger * Added "tradableAssetPairs" to Kraken custodian response + cache the tradable pairs in memory for 24 hours * Removed unused file * WIP + Moved files to better locations * Updated docs * Working API endpoint to get info on a trade (same response as creating a new trade) * Working API endpoints for Deposit + Trade + untested Withdraw * Delete custodian account * Trading works, better error handling, cleanup * Working withdrawals + New endpoint for getting bid/ask prices * Completed withdrawals + new endpoint for getting info on a past withdrawal to simplify testing, Enums are output as strings, * Better error handling when withdrawing to a wrong destination * WithdrawalAddressName in config is now a string per currency (dictionary) * Added TODOs * Only show the custodian account "config" to users who are allowed * Added the new permissions to the API Keys UI * Renamed KrakenClient to KrakenExchange * WIP Kraken Config Form * Removed files for UI again, will make separate PR later * Fixed docs + Refactored to use PaymentMethod more + Added "name" to custodian account + Using cancelationToken everywhere * Updated withdrawal info docs * First unit test * Complete tests for /api/v1/custodians and /api/v1/custodian-accounts endpoints + Various improvements and fixes * Mock custodian and more exceptions * Many more tests + cleanup, moved files to better locations * More tests * WIP more tests * Greenfield API tests complete * Added missing "Name" column * Cleanup, TODOs and beginning of Kraken Tests * Added Kraken tests using public endpoints + handling of "SATS" currency * Added 1st mocked Kraken API call: GetAssetBalancesAsync * Added assert for bad config * Mocked more Kraken API responses + added CreationDate to withdrawal response * pr review club changes * Make Kraken Custodian a plugin * Re-added User-Agent header as it is required * Fixed bug in market trade on Kraken using a percentage as qty * A short delay so Kraken has the time to execute the market order and we don't fetch the details too quickly. * Merged the draft swagger into the main swagger since it didn't work anymore * Fixed API permissions test * Removed 2 TODOs * Fixed unit test * Remove Kraken Api as it should be separate opt-in plugin * Flatten namespace hierarchy and use InnerExeption instead of OriginalException * Remove useless line * Make sure account is from a specific store * Proper error if custodian code not found * Remove various warnings * Remove various warnings * Handle CustodianApiException through an exception filter * Store custodian-account blob directly * Remove duplications, transform methods into property * Improve docs tags * Make sure the custodianCode saved is canonical * Fix test Co-authored-by: Wouter Samaey <wouter.samaey@storefront.be> Co-authored-by: nicolas.dorier <nicolas.dorier@gmail.com>
158 lines
6.1 KiB
C#
158 lines
6.1 KiB
C#
using System;
|
|
using System.Collections.Concurrent;
|
|
using System.Collections.Generic;
|
|
using System.Linq;
|
|
using System.Threading.Tasks;
|
|
using BTCPayServer.Data;
|
|
using BTCPayServer.Fido2;
|
|
using Microsoft.EntityFrameworkCore;
|
|
using Microsoft.Extensions.Logging;
|
|
using NBitcoin;
|
|
using NBitcoin.Crypto;
|
|
|
|
namespace BTCPayServer
|
|
{
|
|
public class LoginWithLNURLAuthViewModel
|
|
{
|
|
public string UserId { get; set; }
|
|
public Uri LNURLEndpoint { get; set; }
|
|
public bool RememberMe { get; set; }
|
|
}
|
|
|
|
public class LnurlAuthService
|
|
{
|
|
public readonly ConcurrentDictionary<string, byte[]> CreationStore =
|
|
new ConcurrentDictionary<string, byte[]>();
|
|
public readonly ConcurrentDictionary<string, byte[]> LoginStore =
|
|
new ConcurrentDictionary<string, byte[]>();
|
|
public readonly ConcurrentDictionary<string, byte[]> FinalLoginStore =
|
|
new ConcurrentDictionary<string, byte[]>();
|
|
private readonly ApplicationDbContextFactory _contextFactory;
|
|
private readonly ILogger<LnurlAuthService> _logger;
|
|
|
|
public LnurlAuthService(ApplicationDbContextFactory contextFactory, ILogger<LnurlAuthService> logger)
|
|
{
|
|
_contextFactory = contextFactory;
|
|
_logger = logger;
|
|
}
|
|
|
|
public async Task<byte[]> RequestCreation(string userId)
|
|
{
|
|
await using var dbContext = _contextFactory.CreateContext();
|
|
var user = await dbContext.Users.Include(applicationUser => applicationUser.Fido2Credentials)
|
|
.FirstOrDefaultAsync(applicationUser => applicationUser.Id == userId);
|
|
if (user == null)
|
|
{
|
|
return null;
|
|
}
|
|
var k1 = RandomUtils.GetBytes(32);
|
|
CreationStore.AddOrReplace(userId, k1);
|
|
return k1;
|
|
}
|
|
|
|
public async Task<bool> CompleteCreation(string name, string userId, ECDSASignature sig, PubKey pubKey)
|
|
{
|
|
try
|
|
{
|
|
await using var dbContext = _contextFactory.CreateContext();
|
|
var user = await dbContext.Users.Include(applicationUser => applicationUser.Fido2Credentials)
|
|
.FirstOrDefaultAsync(applicationUser => applicationUser.Id == userId);
|
|
var pubkeyBytes = pubKey.ToBytes();
|
|
if (!CreationStore.TryGetValue(userId.ToLowerInvariant(), out var k1) || user == null || await dbContext.Fido2Credentials.AnyAsync(credential => credential.Type == Fido2Credential.CredentialType.LNURLAuth && credential.Blob == pubkeyBytes))
|
|
{
|
|
return false;
|
|
}
|
|
|
|
if (!global::LNURL.LNAuthRequest.VerifyChallenge(sig, pubKey, k1))
|
|
{
|
|
return false;
|
|
}
|
|
|
|
var newCredential = new Fido2Credential() {Name = name, ApplicationUserId = userId, Type = Fido2Credential.CredentialType.LNURLAuth, Blob = pubkeyBytes};
|
|
|
|
await dbContext.Fido2Credentials.AddAsync(newCredential);
|
|
await dbContext.SaveChangesAsync();
|
|
CreationStore.Remove(userId, out _);
|
|
return true;
|
|
}
|
|
catch (Exception)
|
|
{
|
|
return false;
|
|
}
|
|
}
|
|
|
|
public async Task Remove(string id, string userId)
|
|
{
|
|
await using var context = _contextFactory.CreateContext();
|
|
var device = await context.Fido2Credentials.FindAsync( id);
|
|
if (device == null || !device.ApplicationUserId.Equals(userId, StringComparison.InvariantCulture))
|
|
{
|
|
return;
|
|
}
|
|
|
|
context.Fido2Credentials.Remove(device);
|
|
await context.SaveChangesAsync();
|
|
}
|
|
|
|
|
|
public async Task<byte[]> RequestLogin(string userId)
|
|
{
|
|
await using var dbContext = _contextFactory.CreateContext();
|
|
var user = await dbContext.Users.Include(applicationUser => applicationUser.Fido2Credentials)
|
|
.FirstOrDefaultAsync(applicationUser => applicationUser.Id == userId);
|
|
if (!(user?.Fido2Credentials?.Any(credential => credential.Type == Fido2Credential.CredentialType.LNURLAuth) is true))
|
|
{
|
|
return null;
|
|
}
|
|
|
|
var k1 = RandomUtils.GetBytes(32);
|
|
|
|
FinalLoginStore.TryRemove(userId, out _);
|
|
LoginStore.AddOrReplace(userId, k1);
|
|
return k1;
|
|
}
|
|
|
|
public async Task<bool> CompleteLogin(string userId, ECDSASignature sig, PubKey pubKey){
|
|
await using var dbContext = _contextFactory.CreateContext();
|
|
userId = userId.ToLowerInvariant();
|
|
var user = await dbContext.Users.Include(applicationUser => applicationUser.Fido2Credentials)
|
|
.FirstOrDefaultAsync(applicationUser => applicationUser.Id == userId);
|
|
if (user == null || !LoginStore.TryGetValue(userId, out var k1))
|
|
{
|
|
return false;
|
|
}
|
|
|
|
var pubKeyBytes = pubKey.ToBytes();
|
|
var credential = user.Fido2Credentials
|
|
.Where(fido2Credential => fido2Credential.Type is Fido2Credential.CredentialType.LNURLAuth)
|
|
.FirstOrDefault(fido2Credential => fido2Credential.Blob.SequenceEqual(pubKeyBytes));
|
|
if (credential is null)
|
|
{
|
|
return false;
|
|
}
|
|
if (!global::LNURL.LNAuthRequest.VerifyChallenge(sig, pubKey, k1))
|
|
{
|
|
return false;
|
|
}
|
|
LoginStore.Remove(userId, out _);
|
|
|
|
FinalLoginStore.AddOrReplace(userId, k1);
|
|
// 7. return OK to client
|
|
return true;
|
|
}
|
|
|
|
public async Task<bool> HasCredentials(string userId)
|
|
{
|
|
await using var context = _contextFactory.CreateContext();
|
|
return await context.Fido2Credentials.Where(fDevice => fDevice.ApplicationUserId == userId && fDevice.Type == Fido2Credential.CredentialType.LNURLAuth).AnyAsync();
|
|
}
|
|
}
|
|
|
|
public class LightningAddressQuery
|
|
{
|
|
public string[] StoreIds { get; set; }
|
|
public string[] Usernames { get; set; }
|
|
|
|
}
|
|
}
|