From 6d16bef137e1fd584ed564d7e2b8633961cec343 Mon Sep 17 00:00:00 2001 From: "Daniel J. Summers" Date: Mon, 23 Nov 2020 20:01:50 -0500 Subject: [PATCH] Auth works! (#1) --- src/JobsJobsJobs.Api/.gitignore | 1 + src/JobsJobsJobs.Api/Auth.fs | 18 +++--------------- src/JobsJobsJobs.Api/Handlers.fs | 14 +++++++------- src/JobsJobsJobs.Api/appsettings.json | 3 +++ src/jobs-jobs-jobs/src/auth/index.ts | 2 +- 5 files changed, 15 insertions(+), 23 deletions(-) create mode 100644 src/JobsJobsJobs.Api/appsettings.json diff --git a/src/JobsJobsJobs.Api/.gitignore b/src/JobsJobsJobs.Api/.gitignore index c6e49ef..22f0eb9 100644 --- a/src/JobsJobsJobs.Api/.gitignore +++ b/src/JobsJobsJobs.Api/.gitignore @@ -1,2 +1,3 @@ obj/ bin/ +appsettings.*.json diff --git a/src/JobsJobsJobs.Api/Auth.fs b/src/JobsJobsJobs.Api/Auth.fs index 93ac76d..6e4642d 100644 --- a/src/JobsJobsJobs.Api/Auth.fs +++ b/src/JobsJobsJobs.Api/Auth.fs @@ -1,31 +1,20 @@ module JobsJobsJobs.Api.Auth -open FSharp.Json -open JWT - -/// A JWT (de)serializer utilizing FSharp.Json -type FSharpJsonSerializer () = - interface IJsonSerializer with - member __.Serialize (any : obj) = - Json.serialize any - member __.Deserialize<'T> json = - Json.deserialize<'T> json - - open Data open Domain +open FSharp.Json open JWT.Algorithms open JWT.Builder +open JWT.Exceptions open System open System.Net.Http open System.Net.Http.Headers -open JWT.Exceptions /// Verify a user's credentials with No Agenda Social let verifyWithMastodon accessToken = async { use client = new HttpClient () use req = new HttpRequestMessage (HttpMethod.Get, $"{config.auth.apiUrl}accounts/verify_credentials") - req.Headers.Authorization <- AuthenticationHeaderValue $"Bearer {accessToken}" + req.Headers.Authorization <- AuthenticationHeaderValue ("Bearer", accessToken) match! client.SendAsync req |> Async.AwaitTask with | res when res.IsSuccessStatusCode -> let! body = res.Content.ReadAsStringAsync () @@ -45,7 +34,6 @@ let createJwt citizenId = async { .WithAlgorithm(HMACSHA256Algorithm ()) // TODO: generate separate secret for server .WithSecret(config.auth.secret) - .WithSerializer(FSharpJsonSerializer ()) .AddClaim("sub", CitizenId.toString citizen.id) .AddClaim("exp", DateTimeOffset.UtcNow.AddHours(1.).ToUnixTimeSeconds ()) .AddClaim("nam", citizen.displayName) diff --git a/src/JobsJobsJobs.Api/Handlers.fs b/src/JobsJobsJobs.Api/Handlers.fs index 4f2967d..ae57669 100644 --- a/src/JobsJobsJobs.Api/Handlers.fs +++ b/src/JobsJobsJobs.Api/Handlers.fs @@ -53,10 +53,12 @@ module Error = let error (ex : Exception) msg = fun ctx -> seq { - string ctx.request.url - match msg with "" -> () | _ -> " ~ "; msg - "\n"; (ex.GetType().Name); ": "; ex.Message; "\n" - ex.StackTrace + yield string ctx.request.url + match msg with + | "" -> () + | _ -> yield " ~ "; yield msg + yield "\n"; yield (ex.GetType().Name); yield ": "; yield ex.Message; yield "\n" + yield ex.StackTrace } |> Seq.reduce (+) |> (eventX >> ctx.runtime.logger.error) @@ -116,9 +118,7 @@ module Citizen = | Error exn -> return! Error.error exn "Could not issue access token" ctx | Error exn -> return! Error.error exn "Could not update Jobs, Jobs, Jobs database" ctx | Error exn -> return! Error.error exn "Token not received" ctx - | Error msg -> - // Error message regarding exclusivity to No Agenda Social members - return Some ctx + | Error msg -> return! Error.error (exn msg) "Could not authenticate with NAS" ctx | Error exn -> return! Error.error exn "Token not received" ctx } diff --git a/src/JobsJobsJobs.Api/appsettings.json b/src/JobsJobsJobs.Api/appsettings.json new file mode 100644 index 0000000..1797133 --- /dev/null +++ b/src/JobsJobsJobs.Api/appsettings.json @@ -0,0 +1,3 @@ +{ + +} diff --git a/src/jobs-jobs-jobs/src/auth/index.ts b/src/jobs-jobs-jobs/src/auth/index.ts index 09d4b3d..8ae95de 100644 --- a/src/jobs-jobs-jobs/src/auth/index.ts +++ b/src/jobs-jobs-jobs/src/auth/index.ts @@ -53,7 +53,7 @@ export async function logOn(authCode: string) { }) ) const token = await resp.json() - await jjjAuthorize(token.access_code) + await jjjAuthorize(token.access_token) // TODO: navigate to user welcome page console.info(`Success - response ${JSON.stringify(token)}`) } catch (e) {