94 lines
3.2 KiB
C#
94 lines
3.2 KiB
C#
|
using Microsoft.AspNetCore.Authorization;
|
|||
|
|
|||
|
using Org.BouncyCastle.Asn1.X509;
|
|||
|
using Org.BouncyCastle.Crypto.Generators;
|
|||
|
using Org.BouncyCastle.Crypto.Prng;
|
|||
|
using Org.BouncyCastle.Crypto;
|
|||
|
using Org.BouncyCastle.Security;
|
|||
|
using Org.BouncyCastle.X509;
|
|||
|
|
|||
|
using SocialPub.ClientModels;
|
|||
|
|
|||
|
using System.Security.Cryptography.X509Certificates;
|
|||
|
using Org.BouncyCastle.Math;
|
|||
|
using SocialPub.Models.User;
|
|||
|
using System.Security.Claims;
|
|||
|
|
|||
|
namespace SocialPub.Extensions
|
|||
|
{
|
|||
|
public static class Extensions
|
|||
|
{
|
|||
|
public static string GetLogsConnectionString(this IConfiguration configuration) =>
|
|||
|
configuration.GetSection("Serilog")
|
|||
|
?.GetSection("WriteTo")
|
|||
|
?.GetChildren()
|
|||
|
?.First()
|
|||
|
?.GetSection("Args")
|
|||
|
?.GetSection("databaseUrl")
|
|||
|
?.Value;
|
|||
|
|
|||
|
public static AuthorizationPolicy IsAdminPolicy() =>
|
|||
|
new AuthorizationPolicyBuilder().RequireAuthenticatedUser()
|
|||
|
.RequireClaim(Policies.IsAdmin, true.ToString().ToLower())
|
|||
|
.RequireClaim(Policies.IsUser, true.ToString().ToLower())
|
|||
|
.RequireClaim(Policies.IsModerator, true.ToString().ToLower())
|
|||
|
.Build();
|
|||
|
|
|||
|
public static AuthorizationPolicy IsUserPolicy() =>
|
|||
|
new AuthorizationPolicyBuilder().RequireAuthenticatedUser()
|
|||
|
.RequireClaim(Policies.IsUser, true.ToString().ToLower())
|
|||
|
.Build();
|
|||
|
|
|||
|
public static AuthorizationPolicy IsModeratorPolicy() =>
|
|||
|
new AuthorizationPolicyBuilder().RequireAuthenticatedUser()
|
|||
|
.RequireClaim(Policies.IsUser, true.ToString().ToLower())
|
|||
|
.RequireClaim(Policies.IsModerator, true.ToString().ToLower())
|
|||
|
.Build();
|
|||
|
|
|||
|
public static string GetHostWithPath(this HttpContext httpContext) =>
|
|||
|
$"https://{httpContext.Request.Host}{httpContext.Request.Path}";
|
|||
|
|
|||
|
public static string GetHost(this HttpContext httpContext) =>
|
|||
|
$"https://{httpContext.Request.Host}";
|
|||
|
|
|||
|
public static X509Certificate2 GetX509Certificate2(string certName)
|
|||
|
{
|
|||
|
var keypairgen = new RsaKeyPairGenerator();
|
|||
|
keypairgen.Init(new KeyGenerationParameters(new SecureRandom(new CryptoApiRandomGenerator()), 512));
|
|||
|
|
|||
|
var keypair = keypairgen.GenerateKeyPair();
|
|||
|
|
|||
|
var gen = new X509V3CertificateGenerator();
|
|||
|
|
|||
|
var CN = new X509Name("CN=" + certName);
|
|||
|
var SN = BigInteger.ProbablePrime(120, new Random());
|
|||
|
|
|||
|
gen.SetSerialNumber(SN);
|
|||
|
gen.SetSubjectDN(CN);
|
|||
|
gen.SetIssuerDN(CN);
|
|||
|
gen.SetNotAfter(DateTime.MaxValue);
|
|||
|
gen.SetNotBefore(DateTime.Now.Subtract(new TimeSpan(7, 0, 0, 0)));
|
|||
|
gen.SetSignatureAlgorithm("MD5WithRSA");
|
|||
|
gen.SetPublicKey(keypair.Public);
|
|||
|
|
|||
|
var newCert = gen.Generate(keypair.Private);
|
|||
|
|
|||
|
return new X509Certificate2(DotNetUtilities.ToX509Certificate((Org.BouncyCastle.X509.X509Certificate)newCert));
|
|||
|
}
|
|||
|
|
|||
|
public static UserPolicyType GetHighestPolicy(this ClaimsPrincipal claimsPrincipal)
|
|||
|
{
|
|||
|
if (bool.Parse(claimsPrincipal.FindFirstValue(Policies.IsAdmin)))
|
|||
|
return UserPolicyType.IsAdmin;
|
|||
|
|
|||
|
if (bool.Parse(claimsPrincipal.FindFirstValue(Policies.IsModerator)))
|
|||
|
return UserPolicyType.IsModerator;
|
|||
|
|
|||
|
if (bool.Parse(claimsPrincipal.FindFirstValue(Policies.IsUser)))
|
|||
|
return UserPolicyType.IsUser;
|
|||
|
|
|||
|
return UserPolicyType.IsUser;
|
|||
|
}
|
|||
|
}
|
|||
|
}
|