-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathProgram.cs
More file actions
117 lines (102 loc) · 3.57 KB
/
Program.cs
File metadata and controls
117 lines (102 loc) · 3.57 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.DependencyInjection;
using System;
using System.Security.Cryptography;
using System.Text;
var builder = WebApplication.CreateBuilder(args);
// Session and Cache configuration
builder.Services.AddDistributedMemoryCache();
builder.Services.AddSession(options =>
{
options.IdleTimeout = TimeSpan.FromMinutes(30);
options.Cookie.HttpOnly = true;
options.Cookie.IsEssential = true;
options.Cookie.SecurePolicy = CookieSecurePolicy.Always;
options.Cookie.SameSite = SameSiteMode.None;
});
var app = builder.Build();
app.UseSession();
// Access and protection for app.htm
app.Use(async (context, next) =>
{
if (context.Request.Path.StartsWithSegments("/app.htm"))
{
var authenticated = context.Session.GetBool("authenticated") ?? false;
if (!authenticated)
{
context.Response.StatusCode = 403;
await context.Response.WriteAsync("Zugriff verweigert");
return;
}
}
await next();
});
app.UseStaticFiles();
// Login-Logic to /login
app.MapGet("/login", async context =>
{
var mt = context.Request.Query["mt"];
if (mt == "AppChallenge")
{
var challenge = context.Session.GetString("challenge");
if (string.IsNullOrEmpty(challenge))
{
challenge = GenerateRandomString(8);
context.Session.SetString("challenge", challenge);
}
await context.Response.WriteAsJsonAsync(new { mt = "AppChallengeResult", challenge });
}
else if (mt == "AppLogin")
{
var app = context.Request.Query["app"];
var domain = context.Request.Query["domain"];
var sip = context.Request.Query["sip"];
var guid = context.Request.Query["guid"];
var dn = context.Request.Query["dn"];
var info = context.Request.Query["info"];
var digest = context.Request.Query["digest"];
var challenge = context.Session.GetString("challenge");
var appPwd = "pwd";
var data = $"{app}:{domain}:{sip}:{guid}:{dn}:{info}:{challenge}:{appPwd}";
using var sha = SHA256.Create();
var hash = BitConverter.ToString(sha.ComputeHash(Encoding.UTF8.GetBytes(data))).Replace("-", "").ToLower();
if (hash == digest)
{
context.Session.SetBool("authenticated", true);
await context.Response.WriteAsJsonAsync(new { mt = "AppLoginResult", ok = true });
}
else
{
await context.Response.WriteAsJsonAsync(new { mt = "AppLoginResult", ok = false });
}
}
else
{
await context.Response.WriteAsync("Unbekannter Request");
}
});
app.Run("https://0.0.0.0:8181");
// helper methods
static string GenerateRandomString(int length)
{
const string chars = "abcdefghijklmnopqrstuvwxyz123456789";
var result = new char[length];
using var rng = RandomNumberGenerator.Create();
var data = new byte[length];
rng.GetBytes(data);
for (int i = 0; i < length; i++) result[i] = chars[data[i] % chars.Length];
return new string(result);
}
public static class SessionExtensions
{
public static void SetBool(this ISession session, string key, bool value) =>
session.SetString(key, value ? "1" : "0");
public static bool? GetBool(this ISession session, string key) =>
session.GetString(key) switch
{
"1" => true,
"0" => false,
_ => null
};
}