tgstation-server 6.16.0
The /tg/station 13 server suite
Loading...
Searching...
No Matches
ApiRootController.cs
Go to the documentation of this file.
1using System;
2using System.Linq;
3using System.Threading;
4using System.Threading.Tasks;
5
6using Microsoft.AspNetCore.Authorization;
7using Microsoft.AspNetCore.Mvc;
8using Microsoft.Extensions.Logging;
9using Microsoft.Extensions.Options;
10using Microsoft.Extensions.Primitives;
11using Microsoft.Net.Http.Headers;
12
13using Octokit;
14
29
31{
35 [Route(Routes.ApiRoot)]
36 public sealed class ApiRootController : ApiController
37 {
42
47
52
57
62
67
72
77
94 IDatabaseContext databaseContext,
95 IAuthenticationContext authenticationContext,
101 IOptions<GeneralConfiguration> generalConfigurationOptions,
102 IOptionsSnapshot<SecurityConfiguration> securityConfigurationOptions,
103 ILogger<ApiRootController> logger,
104 IApiHeadersProvider apiHeadersProvider,
106 : base(
107 databaseContext,
108 authenticationContext,
109 apiHeadersProvider,
110 logger,
111 false)
112 {
113 this.assemblyInformationProvider = assemblyInformationProvider ?? throw new ArgumentNullException(nameof(assemblyInformationProvider));
114 this.platformIdentifier = platformIdentifier ?? throw new ArgumentNullException(nameof(platformIdentifier));
115 this.oAuthProviders = oAuthProviders ?? throw new ArgumentNullException(nameof(oAuthProviders));
116 this.swarmService = swarmService ?? throw new ArgumentNullException(nameof(swarmService));
117 this.serverControl = serverControl ?? throw new ArgumentNullException(nameof(serverControl));
118 generalConfiguration = generalConfigurationOptions?.Value ?? throw new ArgumentNullException(nameof(generalConfigurationOptions));
119 securityConfiguration = securityConfigurationOptions?.Value ?? throw new ArgumentNullException(nameof(securityConfigurationOptions));
120 this.loginAuthority = loginAuthority ?? throw new ArgumentNullException(nameof(loginAuthority));
121 }
122
130 [HttpGet]
131 [AllowAnonymous]
132 [ProducesResponseType(typeof(ServerInformationResponse), 200)]
133 public IActionResult ServerInfo()
134 {
135 // if they tried to authenticate in any form and failed, let them know immediately
136 bool failIfUnauthed;
137 if (ApiHeaders == null)
138 {
139 try
140 {
141 // we only allow authorization header issues
143 }
144 catch (HeadersException ex)
145 {
146 return HeadersIssue(ex);
147 }
148
149 failIfUnauthed = Request.Headers.Authorization.Count > 0;
150 }
151 else
152 failIfUnauthed = ApiHeaders.Token != null;
153
154 if (failIfUnauthed && !AuthenticationContext.Valid)
155 return Unauthorized();
156
157 return Json(new ServerInformationResponse
158 {
160 ApiVersion = ApiHeaders.Version,
161 DMApiVersion = DMApiConstants.InteropVersion,
162 MinimumPasswordLength = generalConfiguration.MinimumPasswordLength,
163 InstanceLimit = generalConfiguration.InstanceLimit,
165 UserGroupLimit = generalConfiguration.UserGroupLimit,
166 ValidInstancePaths = generalConfiguration.ValidInstancePaths,
167 WindowsHost = platformIdentifier.IsWindows,
168 SwarmServers = swarmService
170 ?.Select(swarmServerInfo => new SwarmServerResponse(swarmServerInfo))
171 .ToList(),
172 OAuthProviderInfos = oAuthProviders.ProviderInfos(),
173 OidcProviderInfos = securityConfiguration.OidcProviderInfos().ToList(),
175 OidcStrictMode = securityConfiguration.OidcStrictMode,
176 });
177 }
178
188 [HttpPost]
189 [ProducesResponseType(typeof(TokenResponse), 200)]
190 [ProducesResponseType(typeof(ErrorMessageResponse), 429)]
191 public ValueTask<IActionResult> CreateToken(CancellationToken cancellationToken)
192 {
193 if (ApiHeaders == null)
194 {
195 Response.Headers.Add(HeaderNames.WWWAuthenticate, new StringValues($"basic realm=\"Create TGS {ApiHeaders.BearerAuthenticationScheme} token\""));
196 return ValueTask.FromResult(HeadersIssue(ApiHeadersProvider.HeadersException!));
197 }
198
199 return loginAuthority.InvokeTransformable<LoginResult, TokenResponse>(this, authority => authority.AttemptLogin(cancellationToken));
200 }
201
210 [HttpPost("oauth_gateway")]
211 [ProducesResponseType(typeof(OAuthGatewayResponse), 200)]
212 [ProducesResponseType(typeof(ErrorMessageResponse), 429)]
213 public ValueTask<IActionResult> CreateOAuthGatewayToken(CancellationToken cancellationToken)
214 => loginAuthority.InvokeTransformable<OAuthGatewayLoginResult, OAuthGatewayResponse>(this, authority => authority.AttemptOAuthGatewayLogin(cancellationToken));
215 }
216}
Represents the header that must be present for every server request.
Definition ApiHeaders.cs:25
static readonly Version Version
Get the version of the Api the caller is using.
Definition ApiHeaders.cs:69
Thrown when trying to generate ApiHeaders from Microsoft.AspNetCore.Http.Headers.RequestHeaders fails...
uint UserGroupLimit
The maximum number of user groups allowed.
List< string >? ValidInstancePaths
Limits the locations instances may be created or attached from.
uint MinimumPasswordLength
Minimum length of database user passwords.
uint InstanceLimit
The maximum number of Instances allowed.
Represents an error message returned by the server.
Success result for an OAuth gateway login attempt.
Represents a JWT returned by the API.
Routes to a server actions.
Definition Routes.cs:9
const string ApiRoot
The root of API methods.
Definition Routes.cs:13
Constants used for communication with the DMAPI.
static readonly Version InteropVersion
The DMAPI InteropVersion being used.
Configuration options pertaining to user security.
IEnumerable< OidcProviderInfo > OidcProviderInfos()
Get the OidcProviderInfos from the SecurityConfiguration.
bool OidcStrictMode
If OIDC strict mode should be enabled. This mode enforces the existence of at least one OpenIDConnect...
Base Controller for API functions.
IActionResult HeadersIssue(HeadersException headersException)
Response for missing/Invalid headers.
Root ApiController for the Application.
ApiRootController(IDatabaseContext databaseContext, IAuthenticationContext authenticationContext, IAssemblyInformationProvider assemblyInformationProvider, IOAuthProviders oAuthProviders, IPlatformIdentifier platformIdentifier, ISwarmService swarmService, IServerControl serverControl, IOptions< GeneralConfiguration > generalConfigurationOptions, IOptionsSnapshot< SecurityConfiguration > securityConfigurationOptions, ILogger< ApiRootController > logger, IApiHeadersProvider apiHeadersProvider, IRestAuthorityInvoker< ILoginAuthority > loginAuthority)
Initializes a new instance of the ApiRootController class.
readonly SecurityConfiguration securityConfiguration
The SecurityConfiguration for the ApiRootController.
ValueTask< IActionResult > CreateOAuthGatewayToken(CancellationToken cancellationToken)
Attempt to authenticate a User using ApiController.ApiHeaders.
ValueTask< IActionResult > CreateToken(CancellationToken cancellationToken)
Attempt to authenticate a User using ApiController.ApiHeaders.
readonly IServerControl serverControl
The IServerControl for the ApiRootController.
readonly IRestAuthorityInvoker< ILoginAuthority > loginAuthority
The IRestAuthorityInvoker<TAuthority> for the ILoginAuthority.
readonly IPlatformIdentifier platformIdentifier
The IPlatformIdentifier for the ApiRootController.
readonly GeneralConfiguration generalConfiguration
The GeneralConfiguration for the ApiRootController.
IActionResult ServerInfo()
Main page of the Application.
readonly IAssemblyInformationProvider assemblyInformationProvider
The IAssemblyInformationProvider for the ApiRootController.
readonly IOAuthProviders oAuthProviders
The IOAuthProviders for the ApiRootController.
readonly ISwarmService swarmService
The ISwarmService for the ApiRootController.
bool Valid
If the IAuthenticationContext is for a valid login.
ApiHeaders CreateAuthlessHeaders()
Attempt to create Api.ApiHeaders without checking for the presence of an Microsoft....
HeadersException? HeadersException
The Api.HeadersException thrown when attempting to parse the ApiHeaders if any.
Invokes TAuthority methods and generates IActionResult responses.
Represents a service that may take an updated Host assembly and run it, stopping the current assembly...
bool UpdateInProgress
Whether or not the server is currently updating.
For creating and accessing authentication contexts.
Dictionary< OAuthProvider, OAuthProviderInfo > ProviderInfos()
Gets a Dictionary<TKey, TValue> of the provider client IDs.
Used for swarm operations. Functions may be no-op based on configuration.
List< SwarmServerInformation >? GetSwarmServers()
Gets the list of SwarmServerInformations in the swarm, including the current one.
For identifying the current platform.
bool IsWindows
If the current platform is a Windows platform.
@ UpdateInProgress
Another update is already in progress.
@ Unauthorized
The swarm private keys didn't match.