feat: adding endpoints for refreshing oauth tokens

Author: ProgrammingByPermutation

src/Nullinside.Api.Common/Twitch/ITwitchApiProxy.cs

@@ -14,6 +14,11 @@ public interface ITwitchApiProxy {
   ///   The Twitch access token. These are the credentials used for all requests.
   /// </summary>
   TwitchAccessToken? OAuth { get; set; }
+  
+  /// <summary>
+  ///   The Twitch app configuration. These are used for all requests.
+  /// </summary>
+  TwitchAppConfig? TwitchAppConfig { get; set; }
 
   /// <summary>
   ///   Creates a new access token from a code using Twitch's OAuth workflow.

src/Nullinside.Api.Common/Twitch/TwitchApiProxy.cs

@@ -29,25 +29,15 @@ public class TwitchApiProxy : ITwitchApiProxy {
   /// </summary>
   private static readonly ILog Log = LogManager.GetLogger(typeof(TwitchApiProxy));
 
-  /// <summary>
-  ///   The, public, twitch client id.
-  /// </summary>
-  protected readonly string? _clientId;
-
-  /// <summary>
-  ///   The, private, twitch client secret.
-  /// </summary>
-  protected readonly string? _clientSecret;
-
-  /// <summary>
-  ///   The redirect url.
-  /// </summary>
-  protected readonly string? _clientRedirect;
-
   /// <summary>
   ///   Initializes a new instance of the <see cref="TwitchApiProxy" /> class.
   /// </summary>
   public TwitchApiProxy() {
+    TwitchAppConfig = new() {
+      ClientId = Environment.GetEnvironmentVariable("TWITCH_BOT_CLIENT_ID"),
+      ClientSecret = Environment.GetEnvironmentVariable("TWITCH_BOT_CLIENT_SECRET"),
+      ClientRedirect = Environment.GetEnvironmentVariable("TWITCH_BOT_CLIENT_REDIRECT")
+    };
   }
 
   /// <summary>
@@ -64,15 +54,17 @@ public TwitchApiProxy() {
   /// "TWITCH_BOT_CLIENT_REDIRECT" when null.</param>
   public TwitchApiProxy(string token, string refreshToken, DateTime tokenExpires, string? clientId = null, 
     string? clientSecret = null, string? clientRedirect = null) {
-    _clientId = clientId ?? Environment.GetEnvironmentVariable("TWITCH_BOT_CLIENT_ID");
-    _clientSecret = clientSecret ?? Environment.GetEnvironmentVariable("TWITCH_BOT_CLIENT_SECRET");
-    _clientRedirect = clientRedirect ?? Environment.GetEnvironmentVariable("TWITCH_BOT_CLIENT_REDIRECT");
-    
     OAuth = new TwitchAccessToken {
       AccessToken = token,
       RefreshToken = refreshToken,
       ExpiresUtc = tokenExpires
     };
+    
+    TwitchAppConfig = new() {
+      ClientId = clientId ?? Environment.GetEnvironmentVariable("TWITCH_BOT_CLIENT_ID"),
+      ClientSecret = clientSecret ?? Environment.GetEnvironmentVariable("TWITCH_BOT_CLIENT_SECRET"),
+      ClientRedirect = clientRedirect ?? Environment.GetEnvironmentVariable("TWITCH_BOT_CLIENT_REDIRECT")
+    };
   }
 
   /// <summary>
@@ -81,12 +73,16 @@ public TwitchApiProxy(string token, string refreshToken, DateTime tokenExpires,
   public int Retries { get; set; } = 3;
 
   /// <inheritdoc />
-  public TwitchAccessToken? OAuth { get; set; }
+  public virtual TwitchAccessToken? OAuth { get; set; }
+  
+  /// <inheritdoc />
+  public virtual TwitchAppConfig? TwitchAppConfig { get; set; }
 
   /// <inheritdoc />
   public virtual async Task<TwitchAccessToken?> CreateAccessToken(string code, CancellationToken token = new()) {
     ITwitchAPI api = GetApi();
-    AuthCodeResponse? response = await api.Auth.GetAccessTokenFromCodeAsync(code, _clientSecret, _clientRedirect);
+    AuthCodeResponse? response = await api.Auth.GetAccessTokenFromCodeAsync(code, TwitchAppConfig?.ClientSecret, 
+      TwitchAppConfig?.ClientRedirect);
     if (null == response) {
       return null;
     }
@@ -102,12 +98,12 @@ public TwitchApiProxy(string token, string refreshToken, DateTime tokenExpires,
   /// <inheritdoc />
   public virtual async Task<TwitchAccessToken?> RefreshAccessToken(CancellationToken token = new()) {
     try {
-      if (string.IsNullOrWhiteSpace(_clientSecret) || string.IsNullOrWhiteSpace(_clientId)) {
+      if (string.IsNullOrWhiteSpace(TwitchAppConfig?.ClientSecret) || string.IsNullOrWhiteSpace(TwitchAppConfig?.ClientId)) {
         return null;
       }
 
       ITwitchAPI api = GetApi();
-      RefreshResponse? response = await api.Auth.RefreshAuthTokenAsync(OAuth?.RefreshToken, _clientSecret, _clientId);
+      RefreshResponse? response = await api.Auth.RefreshAuthTokenAsync(OAuth?.RefreshToken, TwitchAppConfig?.ClientSecret, TwitchAppConfig?.ClientId);
       if (null == response) {
         return null;
       }
@@ -175,7 +171,7 @@ public virtual  async Task<IEnumerable<TwitchModeratedChannel>> GetUserModChanne
 
       var request = new HttpRequestMessage(HttpMethod.Get, url);
       request.Headers.Add("Authorization", $"Bearer {OAuth?.AccessToken}");
-      request.Headers.Add("Client-Id", _clientId);
+      request.Headers.Add("Client-Id", TwitchAppConfig?.ClientId);
 
       using HttpResponseMessage response = await client.SendAsync(request);
       response.EnsureSuccessStatusCode();
@@ -317,7 +313,7 @@ public virtual  async Task<IEnumerable<string>> GetChannelsLive(IEnumerable<stri
   protected virtual ITwitchAPI GetApi() {
     var api = new TwitchAPI {
       Settings = {
-        ClientId = _clientId,
+        ClientId = TwitchAppConfig?.ClientId,
         AccessToken = OAuth?.AccessToken
       }
     };

src/Nullinside.Api.Common/Twitch/TwitchAppConfig.cs

@@ -0,0 +1,21 @@
+namespace Nullinside.Api.Common.Twitch;
+
+/// <summary>
+/// The configuration for a twitch app that provides OAuth tokens.
+/// </summary>
+public class TwitchAppConfig {
+  /// <summary>
+  /// The client id.
+  /// </summary>
+  public string? ClientId { get; set; }
+  
+  /// <summary>
+  /// The client secret.
+  /// </summary>
+  public string? ClientSecret { get; set; }
+  
+  /// <summary>
+  /// A registered URL that the Twitch API is allowed to redirect to on our website.
+  /// </summary>
+  public string? ClientRedirect { get; set; }
+}

src/Nullinside.Api/Controllers/UserController.cs

@@ -144,10 +144,46 @@ public async Task<RedirectResult> TwitchStreamingToolsLogin([FromQuery] string c
     CancellationToken token = new()) {
     string? siteUrl = _configuration.GetValue<string>("Api:SiteUrl");
     if (null == await api.CreateAccessToken(code, token)) {
-      return Redirect($"{siteUrl}/user/login?error=3");
+      return Redirect($"{siteUrl}/user/login/desktop?error=3");
+    }
+
+    return Redirect($"{siteUrl}/user/login/desktop?bearer={api.OAuth?.AccessToken}&refresh={api.OAuth?.RefreshToken}&expiresUtc={api.OAuth?.ExpiresUtc?.ToString()}");
+  }
+  
+  /// <summary>
+  ///   Used to refresh OAuth tokens from the desktop application.
+  /// </summary>
+  /// <param name="code">The credentials provided by twitch.</param>
+  /// <param name="api">The twitch api.</param>
+  /// <param name="token">The cancellation token.</param>
+  /// <returns>
+  ///   A redirect to the nullinside website.
+  ///   Errors:
+  ///   2 = Internal error generating token.
+  ///   3 = Code was invalid
+  ///   4 = Twitch account has no email
+  /// </returns>
+  [AllowAnonymous]
+  [HttpPost]
+  [Route("twitch-login/twitch-streaming-tools")]
+  public async Task<IActionResult> TwitchStreamingToolsRefreshToken(string refreshToken, [FromServices] ITwitchApiProxy api,
+    CancellationToken token = new()) {
+    string? siteUrl = _configuration.GetValue<string>("Api:SiteUrl");
+    api.OAuth = new() {
+      AccessToken = null,
+      RefreshToken = refreshToken,
+      ExpiresUtc = DateTime.MinValue
+    };
+    
+    if (null == await api.RefreshAccessToken(token)) {
+      return this.BadRequest();
     }
 
-    return Redirect($"{siteUrl}/user/login?token={api.OAuth?.AccessToken}&refresh={api.OAuth?.RefreshToken}&expiresUtc={api.OAuth?.ExpiresUtc?.ToString()}&desktop=true");
+    return Ok(new {
+      bearer = api.OAuth.AccessToken,
+      refresh = api.OAuth.RefreshToken,
+      expiresUtc = api.OAuth.ExpiresUtc
+    });
   }
 
   /// <summary>

src/Nullinside.Api/Program.cs

@@ -31,7 +31,7 @@
       builder.EnableRetryOnFailure(3);
     }));
 builder.Services.AddScoped<IAuthorizationHandler, BasicAuthorizationHandler>();
-builder.Services.AddScoped<ITwitchApiProxy, TwitchApiProxy>();
+builder.Services.AddTransient<ITwitchApiProxy, TwitchApiProxy>();
 builder.Services.AddAuthentication()
   .AddScheme<AuthenticationSchemeOptions, BasicAuthenticationHandler>("Bearer", _ => { });
 builder.Services.AddScoped<IDockerProxy, DockerProxy>();