andry/EMS-ESP32
1
0
Fork 0
mirror of https://github.com/emsesp/EMS-ESP32.git synced 2025-12-06 15:59:52 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
fd48fb63d835e219cb20a17b536ea3d8051bafb2
EMS-ESP32/lib/framework/SecuritySettingsService.cpp
Proddy 73a51ae4ad first commit using PsychicHttp
2023-12-25 13:27:02 +01:00

123 lines
4.7 KiB
C++
Raw Blame History

#include <SecuritySettingsService.h>
#include "../../src/emsesp_stub.hpp"
SecuritySettingsService::SecuritySettingsService(PsychicHttpServer * server, FS * fs)
: _server(server)
, _httpEndpoint(SecuritySettings::read, SecuritySettings::update, this, server, SECURITY_SETTINGS_PATH, this)
, _fsPersistence(SecuritySettings::read, SecuritySettings::update, this, fs, SECURITY_SETTINGS_FILE)
, _jwtHandler(FACTORY_JWT_SECRET) {
addUpdateHandler([&](const String & originId) { configureJWTHandler(); }, false);
}
void SecuritySettingsService::begin() {
_fsPersistence.readFromFS();
configureJWTHandler();
}
void SecuritySettingsService::registerURI() {
_httpEndpoint.registerURI();
_server->on(GENERATE_TOKEN_PATH, HTTP_GET, wrapRequest(std::bind(&SecuritySettingsService::generateToken, this, _1), AuthenticationPredicates::IS_ADMIN));
}
Authentication SecuritySettingsService::authenticateRequest(PsychicRequest * request) {
if (request->hasHeader(AUTHORIZATION_HEADER)) {
auto value = request->header(AUTHORIZATION_HEADER);
if (value.startsWith(AUTHORIZATION_HEADER_PREFIX)) {
value = value.substring(AUTHORIZATION_HEADER_PREFIX_LEN);
return authenticateJWT(value);
}
} else if (request->hasParam(ACCESS_TOKEN_PARAMATER)) {
String value = request->getParam(ACCESS_TOKEN_PARAMATER)->value();
return authenticateJWT(value);
}
return Authentication();
}
void SecuritySettingsService::configureJWTHandler() {
_jwtHandler.setSecret(_state.jwtSecret);
}
Authentication SecuritySettingsService::authenticateJWT(String & jwt) {
DynamicJsonDocument payloadDocument(MAX_JWT_SIZE);
_jwtHandler.parseJWT(jwt, payloadDocument);
if (payloadDocument.is<JsonObject>()) {
JsonObject parsedPayload = payloadDocument.as<JsonObject>();
String username = parsedPayload["username"];
for (User _user : _state.users) {
if (_user.username == username && validatePayload(parsedPayload, &_user)) {
return Authentication(_user);
}
}
}
return Authentication();
}
Authentication SecuritySettingsService::authenticate(const String & username, const String & password) {
for (User _user : _state.users) {
if (_user.username == username && _user.password == password) {
return Authentication(_user);
}
}
return Authentication();
}
inline void populateJWTPayload(JsonObject & payload, User * user) {
payload["username"] = user->username;
payload["admin"] = user->admin;
}
boolean SecuritySettingsService::validatePayload(JsonObject & parsedPayload, User * user) {
DynamicJsonDocument jsonDocument(MAX_JWT_SIZE);
JsonObject payload = jsonDocument.to<JsonObject>();
populateJWTPayload(payload, user);
return payload == parsedPayload;
}
String SecuritySettingsService::generateJWT(User * user) {
DynamicJsonDocument jsonDocument(MAX_JWT_SIZE);
JsonObject payload = jsonDocument.to<JsonObject>();
populateJWTPayload(payload, user);
return _jwtHandler.buildJWT(payload);
}
PsychicRequestFilterFunction SecuritySettingsService::filterRequest(AuthenticationPredicate predicate) {
return [this, predicate](PsychicRequest * request) {
Authentication authentication = authenticateRequest(request);
return predicate(authentication);
};
}
PsychicHttpRequestCallback SecuritySettingsService::wrapRequest(PsychicHttpRequestCallback onRequest, AuthenticationPredicate predicate) {
return [this, onRequest, predicate](PsychicRequest * request) {
Authentication authentication = authenticateRequest(request);
if (!predicate(authentication)) {
return request->reply(401);
}
return onRequest(request);
};
}
PsychicJsonRequestCallback SecuritySettingsService::wrapCallback(PsychicJsonRequestCallback onRequest, AuthenticationPredicate predicate) {
return [this, onRequest, predicate](PsychicRequest * request, JsonVariant & json) {
Authentication authentication = authenticateRequest(request);
if (!predicate(authentication)) {
return request->reply(401);
}
return onRequest(request, json);
};
}
esp_err_t SecuritySettingsService::generateToken(PsychicRequest * request) {
String usernameParam = request->getParam("username")->value();
for (User _user : _state.users) {
if (_user.username == usernameParam) {
PsychicJsonResponse response = PsychicJsonResponse(request, false, GENERATE_TOKEN_SIZE);
JsonObject root = response.getRoot();
root["token"] = generateJWT(&_user);
return response.send();
}
}
return request->reply(401);
}
Reference in New Issue View Git Blame Copy Permalink