From bf6fe19ede4bda0b8e640a4a067631cd10034ccc Mon Sep 17 00:00:00 2001 From: usbharu <64310155+usbharu@users.noreply.github.com> Date: Mon, 1 May 2023 09:12:15 +0900 Subject: [PATCH] =?UTF-8?q?feat:=20=E8=AA=8D=E8=A8=BC=E3=81=AE=E7=A2=BA?= =?UTF-8?q?=E8=AA=8D=E3=81=AE=E5=AE=9F=E8=A3=85=E3=82=92=E8=BF=BD=E5=8A=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../dev/usbharu/hideout/plugins/HTTP.kt | 21 ++++----- .../dev/usbharu/hideout/plugins/Routing.kt | 3 ++ .../dev/usbharu/hideout/plugins/Security.kt | 6 ++- .../hideout/routing/AuthTestRouting.kt | 19 ++++++++ src/main/web/App.tsx | 46 ++++++++++++++++++- vite.config.ts | 4 +- 6 files changed, 84 insertions(+), 15 deletions(-) create mode 100644 src/main/kotlin/dev/usbharu/hideout/routing/AuthTestRouting.kt diff --git a/src/main/kotlin/dev/usbharu/hideout/plugins/HTTP.kt b/src/main/kotlin/dev/usbharu/hideout/plugins/HTTP.kt index 234130ad..98e5e259 100644 --- a/src/main/kotlin/dev/usbharu/hideout/plugins/HTTP.kt +++ b/src/main/kotlin/dev/usbharu/hideout/plugins/HTTP.kt @@ -1,21 +1,20 @@ package dev.usbharu.hideout.plugins -import io.ktor.http.* import io.ktor.server.application.* -import io.ktor.server.plugins.cors.routing.* import io.ktor.server.plugins.defaultheaders.* import io.ktor.server.plugins.forwardedheaders.* fun Application.configureHTTP() { - install(CORS) { - allowMethod(HttpMethod.Options) - allowMethod(HttpMethod.Put) - allowMethod(HttpMethod.Delete) - allowMethod(HttpMethod.Patch) - allowHeader(HttpHeaders.Authorization) - allowHeader("MyCustomHeader") - anyHost() // @TODO: Don't do this in production if possible. Try to limit it. - } +// install(CORS) { +// allowMethod(HttpMethod.Options) +// allowMethod(HttpMethod.Put) +// allowMethod(HttpMethod.Delete) +// allowMethod(HttpMethod.Patch) +// allowHeader(HttpHeaders.Authorization) +// allow +// allowHeader("MyCustomHeader") +// anyHost() // @TODO: Don't do this in production if possible. Try to limit it. +// } install(DefaultHeaders) { header("X-Engine", "Ktor") // will send this header with each response } diff --git a/src/main/kotlin/dev/usbharu/hideout/plugins/Routing.kt b/src/main/kotlin/dev/usbharu/hideout/plugins/Routing.kt index fed45736..7c843ce9 100644 --- a/src/main/kotlin/dev/usbharu/hideout/plugins/Routing.kt +++ b/src/main/kotlin/dev/usbharu/hideout/plugins/Routing.kt @@ -4,6 +4,7 @@ import dev.usbharu.hideout.routing.activitypub.inbox import dev.usbharu.hideout.routing.activitypub.outbox import dev.usbharu.hideout.routing.activitypub.usersAP import dev.usbharu.hideout.routing.api.v1.statuses +import dev.usbharu.hideout.routing.authTestRouting import dev.usbharu.hideout.routing.wellknown.webfinger import dev.usbharu.hideout.service.IPostService import dev.usbharu.hideout.service.activitypub.ActivityPubService @@ -31,5 +32,7 @@ fun Application.configureRouting( route("/api/v1") { statuses(postService) } + + authTestRouting() } } diff --git a/src/main/kotlin/dev/usbharu/hideout/plugins/Security.kt b/src/main/kotlin/dev/usbharu/hideout/plugins/Security.kt index 014e5cb8..79a5b90d 100644 --- a/src/main/kotlin/dev/usbharu/hideout/plugins/Security.kt +++ b/src/main/kotlin/dev/usbharu/hideout/plugins/Security.kt @@ -51,6 +51,7 @@ fun Application.configureSecurity(userAuthService: IUserAuthService, metaReposit realm = myRealm verifier(jwkProvider, issuer) { acceptLeeway(3) + } validate { jwtCredential -> if (jwtCredential.payload.getClaim("username").asString().isNotEmpty()) { @@ -59,6 +60,9 @@ fun Application.configureSecurity(userAuthService: IUserAuthService, metaReposit null } } + challenge { defaultScheme, realm -> + call.respondRedirect("/login") + } } } @@ -78,7 +82,7 @@ fun Application.configureSecurity(userAuthService: IUserAuthService, metaReposit .withClaim("username", user.username) .withExpiresAt(Date(System.currentTimeMillis() + 60000)) .sign(Algorithm.RSA256(publicKey, privateKey as RSAPrivateKey)) - return@post call.respond(hashSetOf("token" to token)) + return@post call.respond(token) } get("/.well-known/jwks.json") { diff --git a/src/main/kotlin/dev/usbharu/hideout/routing/AuthTestRouting.kt b/src/main/kotlin/dev/usbharu/hideout/routing/AuthTestRouting.kt new file mode 100644 index 00000000..79946c46 --- /dev/null +++ b/src/main/kotlin/dev/usbharu/hideout/routing/AuthTestRouting.kt @@ -0,0 +1,19 @@ +package dev.usbharu.hideout.routing + +import dev.usbharu.hideout.plugins.TOKEN_AUTH +import io.ktor.server.application.* +import io.ktor.server.auth.* +import io.ktor.server.auth.jwt.* +import io.ktor.server.response.* +import io.ktor.server.routing.* + + +fun Routing.authTestRouting(){ + authenticate(TOKEN_AUTH){ + get("/auth-check"){ + val principal = call.principal() + val username = principal!!.payload.getClaim("username") + call.respondText("Hello $username") + } + } +} diff --git a/src/main/web/App.tsx b/src/main/web/App.tsx index d1b57e50..62047d22 100644 --- a/src/main/web/App.tsx +++ b/src/main/web/App.tsx @@ -1,5 +1,47 @@ -import {Component} from "solid-js"; +import {Component, createSignal} from "solid-js"; export const App: Component = () => { - return (

aaa

) + + const fn = (form: HTMLButtonElement) => { + console.log(form) + } + + const [username, setUsername] = createSignal("") + const [password, setPassword] = createSignal("") + + return ( +
res.text()) + .then(res => fetch("/auth-check", { + method: "GET", + headers: { + 'Authorization': 'Bearer ' + res + } + })).then(res => console.log(res)) + } + + }> + setUsername(e.currentTarget.value)}/> + setPassword(e.currentTarget.value)}/> + +
+ ) +} + + +declare module 'solid-js' { + namespace JSX { + interface Directives { + fn: (form: HTMLFormElement) => void + } + } } diff --git a/vite.config.ts b/vite.config.ts index 391fa37d..4ae5194e 100644 --- a/vite.config.ts +++ b/vite.config.ts @@ -7,7 +7,9 @@ export default defineConfig({ server: { port: 3000, proxy: { - '/api': 'http://localhost:8080' + '/api': 'http://localhost:8080', + '/login': 'http://localhost:8080', + '/auth-check': 'http://localhost:8080', } }, root: './src/main/web',