From 05b5de0939b6f06a68843f5bf1d1ceaafbcff7dc Mon Sep 17 00:00:00 2001 From: Kun Deng Date: Sun, 4 Sep 2022 20:45:17 -0400 Subject: [PATCH] Cleanup --- Controllers/Managers/TokenManager.cs | 3 -- Controllers/v1/AlbumController.cs | 11 +----- Controllers/v1/ArtistController.cs | 6 +-- Controllers/v1/CoverArtController.cs | 11 +----- Controllers/v1/GenreController.cs | 11 +----- Controllers/v1/LoginController.cs | 4 -- .../v1/SongCompressedDataControllers.cs | 6 +-- Controllers/v1/SongController.cs | 16 +------- Controllers/v1/SongDataController.cs | 21 +--------- Controllers/v1/SongStreamController.cs | 7 ---- Startup.cs | 39 ------------------- 11 files changed, 7 insertions(+), 128 deletions(-) diff --git a/Controllers/Managers/TokenManager.cs b/Controllers/Managers/TokenManager.cs index 08c0a15..4f819de 100644 --- a/Controllers/Managers/TokenManager.cs +++ b/Controllers/Managers/TokenManager.cs @@ -253,11 +253,8 @@ namespace Icarus.Controllers.Managers var claim = new List() { new System.Security.Claims.Claim("scope", AllScopes(), "string"), - // new System.Security.Claims.Claim("exp", $"{expires}", "integer"), new System.Security.Claims.Claim(JwtRegisteredClaimNames.Exp, expiredDate.ToString()), - // new System.Security.Claims.Claim("aud", $"{audience}", "string"), new System.Security.Claims.Claim(JwtRegisteredClaimNames.Aud, audience), - // new System.Security.Claims.Claim("iss", $"{issuer}", "string"), new System.Security.Claims.Claim(JwtRegisteredClaimNames.Iss, issuer), new Claim(JwtRegisteredClaimNames.Sub, subject), new System.Security.Claims.Claim(JwtRegisteredClaimNames.Iat, currentDate.ToString()) diff --git a/Controllers/v1/AlbumController.cs b/Controllers/v1/AlbumController.cs index 903494a..8a3a259 100644 --- a/Controllers/v1/AlbumController.cs +++ b/Controllers/v1/AlbumController.cs @@ -14,6 +14,7 @@ namespace Icarus.Controllers.V1 { [Route("api/v1/album")] [ApiController] + [Authorize] public class AlbumController : BaseController { #region Fields @@ -40,11 +41,6 @@ namespace Icarus.Controllers.V1 [HttpGet] public IActionResult Get() { - if (!IsTokenValid("read:albums")) - { - return StatusCode(401, "Not allowed"); - } - List albums = new List(); var albumContext = new AlbumContext(_connectionString); @@ -60,11 +56,6 @@ namespace Icarus.Controllers.V1 [HttpGet("{id}")] public IActionResult Get(int id) { - if (!IsTokenValid("read:albums")) - { - return StatusCode(401, "Not allowed"); - } - Album album = new Album { AlbumID = id diff --git a/Controllers/v1/ArtistController.cs b/Controllers/v1/ArtistController.cs index 51e21b2..a27f48a 100644 --- a/Controllers/v1/ArtistController.cs +++ b/Controllers/v1/ArtistController.cs @@ -13,6 +13,7 @@ namespace Icarus.Controllers.V1 { [Route("api/v1/artist")] [ApiController] + [Authorize] public class ArtistController : BaseController { #region Fields @@ -39,11 +40,6 @@ namespace Icarus.Controllers.V1 [HttpGet] public IActionResult Get() { - if (!IsTokenValid("read:artists")) - { - return StatusCode(401, "Not allowed"); - } - var artistContext = new ArtistContext(_connectionString); var artists = artistContext.Artists.ToList(); diff --git a/Controllers/v1/CoverArtController.cs b/Controllers/v1/CoverArtController.cs index 482b6a4..2dd422a 100644 --- a/Controllers/v1/CoverArtController.cs +++ b/Controllers/v1/CoverArtController.cs @@ -15,6 +15,7 @@ namespace Icarus.Controllers.V1 { [Route("api/v1/coverart")] [ApiController] + [Authorize] public class CoverArtController : BaseController { #region Fields @@ -36,11 +37,6 @@ namespace Icarus.Controllers.V1 #region HTTP Routes public IActionResult Get() { - if (!IsTokenValid("read:songs")) - { - return StatusCode(401, "Not allowed"); - } - var coverArtContext = new CoverArtContext(_connectionString); var coverArtRecords = coverArtContext.CoverArtImages.ToList(); @@ -60,11 +56,6 @@ namespace Icarus.Controllers.V1 [HttpGet("{id}")] public async Task Get(int id) { - if (!IsTokenValid("download:cover_art")) - { - return StatusCode(401, "Not allowed"); - } - var coverArt = new CoverArt { CoverArtID = id }; var coverArtContext = new CoverArtContext(_connectionString); diff --git a/Controllers/v1/GenreController.cs b/Controllers/v1/GenreController.cs index 8e29502..ae553e6 100644 --- a/Controllers/v1/GenreController.cs +++ b/Controllers/v1/GenreController.cs @@ -14,6 +14,7 @@ namespace Icarus.Controllers.V1 { [Route("api/v1/genre")] [ApiController] + [Authorize] public class GenreController : BaseController { #region Fields @@ -40,11 +41,6 @@ namespace Icarus.Controllers.V1 [HttpGet] public IActionResult Get() { - if (!IsTokenValid("read:genre")) - { - return StatusCode(401, "Not allowed"); - } - var genres = new List(); var genreStore = new GenreContext(_connectionString); @@ -60,11 +56,6 @@ namespace Icarus.Controllers.V1 [HttpGet("{id}")] public IActionResult Get(int id) { - if (!IsTokenValid("read:genre")) - { - return StatusCode(401, "Not allowed"); - } - var genre = new Genre { GenreID = id diff --git a/Controllers/v1/LoginController.cs b/Controllers/v1/LoginController.cs index 881e3d9..0458b4c 100644 --- a/Controllers/v1/LoginController.cs +++ b/Controllers/v1/LoginController.cs @@ -1,8 +1,5 @@ using System; -using System.Collections.Generic; -using System.Configuration; using System.Linq; -using System.Threading.Tasks; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Configuration; @@ -75,7 +72,6 @@ namespace Icarus.Controllers.V1 TokenManager tk = new TokenManager(_config); - // loginRes = tk.LogIn(user); loginRes = tk.LoginSymmetric(user); return Ok(loginRes); diff --git a/Controllers/v1/SongCompressedDataControllers.cs b/Controllers/v1/SongCompressedDataControllers.cs index cc96800..6045caf 100644 --- a/Controllers/v1/SongCompressedDataControllers.cs +++ b/Controllers/v1/SongCompressedDataControllers.cs @@ -19,6 +19,7 @@ namespace Icarus.Controllers.V1 { [Route("api/v1/song/compressed/data")] [ApiController] + [Authorize] public class SongCompressedDataController : BaseController { #region Fields @@ -47,11 +48,6 @@ namespace Icarus.Controllers.V1 [HttpGet("{id}")] public async Task Get(int id) { - if (!IsTokenValid("download:songs")) - { - return StatusCode(401, "Not allowed"); - } - var context = new SongContext(_connectionString); SongCompression cmp = new SongCompression(_archiveDir); diff --git a/Controllers/v1/SongController.cs b/Controllers/v1/SongController.cs index d94f78f..05cc9f2 100644 --- a/Controllers/v1/SongController.cs +++ b/Controllers/v1/SongController.cs @@ -18,6 +18,7 @@ namespace Icarus.Controllers.V1 { [Route("api/v1/song")] [ApiController] + [Authorize] public class SongController : BaseController { #region Fields @@ -49,11 +50,6 @@ namespace Icarus.Controllers.V1 [HttpGet] public IActionResult Get() { - if (!IsTokenValid("read:song_details")) - { - return StatusCode(401, "Not allowed"); - } - List songs = new List(); Console.WriteLine("Attemtping to retrieve songs"); _logger.LogInformation("Attempting to retrieve songs"); @@ -71,11 +67,6 @@ namespace Icarus.Controllers.V1 [HttpGet("{id}")] public IActionResult Get(int id) { - if (!IsTokenValid("read:song_details")) - { - return StatusCode(401, "Not allowed"); - } - var context = new SongContext(_connectionString); Song song = new Song { SongID = id }; @@ -92,11 +83,6 @@ namespace Icarus.Controllers.V1 [HttpPut("{id}")] public IActionResult Put(int id, [FromBody] Song song) { - if (!IsTokenValid("update:songs")) - { - return StatusCode(401, "Not allowed"); - } - var context = new SongContext(_connectionString); song.SongID = id; diff --git a/Controllers/v1/SongDataController.cs b/Controllers/v1/SongDataController.cs index 4760939..ab64a50 100644 --- a/Controllers/v1/SongDataController.cs +++ b/Controllers/v1/SongDataController.cs @@ -20,6 +20,7 @@ namespace Icarus.Controllers.V1 { [Route("api/v1/song/data")] [ApiController] + [Authorize] public class SongDataController : BaseController { #region Fields @@ -50,11 +51,6 @@ namespace Icarus.Controllers.V1 [Route("private-scoped")] public async Task Get(int id) { - if (!IsTokenValid("download:songs")) - { - return StatusCode(401, "Not allowed"); - } - var songContext = new SongContext(_connectionString); var songMetaData = songContext.RetrieveRecord(new Song { SongID = id}); @@ -79,11 +75,6 @@ namespace Icarus.Controllers.V1 [Route("private-scoped")] public IActionResult Post([FromForm(Name = "file")] List songData) { - if (!IsTokenValid("upload:songs")) - { - return StatusCode(401, "Not allowed"); - } - try { // Console.WriteLine("Uploading song..."); @@ -121,11 +112,6 @@ namespace Icarus.Controllers.V1 [Route("private-scoped")] public IActionResult Post ([FromForm] UploadSongWithDataForm up) { - if (!IsTokenValid("upload:songs")) - { - return StatusCode(401, "Not allowed"); - } - try { if (up.SongData.Length > 0 && up.CoverArtData.Length > 0 && !string.IsNullOrEmpty(up.SongFile)) @@ -147,11 +133,6 @@ namespace Icarus.Controllers.V1 [HttpDelete("delete/{id}")] public IActionResult Delete(int id) { - if (!IsTokenValid("delete:songs")) - { - return StatusCode(401, "Not allowed"); - } - var songContext = new SongContext(_connectionString); var songMetaData = new Song{ SongID = id }; diff --git a/Controllers/v1/SongStreamController.cs b/Controllers/v1/SongStreamController.cs index 4479800..967a74b 100644 --- a/Controllers/v1/SongStreamController.cs +++ b/Controllers/v1/SongStreamController.cs @@ -47,13 +47,6 @@ namespace Icarus.Controllers.V1 [HttpGet("{id}")] public async Task Get(int id) { - /** - if (!IsTokenValid("stream:songs")) - { - return StatusCode(401, "Not allowed"); - } - */ - var context = new SongContext(_config.GetConnectionString("DefaultConnection")); var song = context.Songs.FirstOrDefault(sng => sng.SongID == id); diff --git a/Startup.cs b/Startup.cs index 7462694..88603bd 100644 --- a/Startup.cs +++ b/Startup.cs @@ -19,35 +19,6 @@ using Icarus.Database.Contexts; namespace Icarus { - public static class ServiceStartup - { - public static IServiceCollection AddAsymmetricAuthentication(this IServiceCollection services, IConfiguration configuration) - { - var issuerSigningCertificate = new Icarus.Certs.SigningIssuerCertificate(); - RsaSecurityKey issuerSigningKey = issuerSigningCertificate.GetIssuerSigningKey(configuration["RSAKeys:PublicKeyPath"]); - - services.AddAuthentication(authOptions => - { - }) - .AddJwtBearer(options => - { - options.TokenValidationParameters = new TokenValidationParameters - { - IssuerSigningKey = issuerSigningKey, - }; - }); - - return services; - } - - private static bool LifetimeValidator(DateTime? notBefore, - DateTime? expires, - SecurityToken securityToken, - TokenValidationParameters validationParameters) - { - return expires != null && expires > DateTime.UtcNow; - } - } public class Startup { #region Constructors @@ -95,16 +66,6 @@ namespace Icarus services.AddDbContext(options => options.UseMySQL(connString)); services.AddDbContext(options => options.UseMySQL(connString)); - // services.AddAsymmetricAuthentication(Configuration); - - /** - services.AddTransient(au => new AuthenticationService(new UserService(Configuration), new TokenService(Configuration), Configuration)); - services.AddTransient(us => new UserService(Configuration)); - services.AddTransient(tk => new TokenService(Configuration)); - services.AddTransient(); - services.AddTransient(uc => new UserContext(connString)); - */ - services.AddControllers() .AddNewtonsoftJson(); }