From 4f22efa904bce37eafe4c80777ac5cd4183aee05 Mon Sep 17 00:00:00 2001 From: Ellet Date: Mon, 18 Dec 2023 14:39:43 +0300 Subject: [PATCH] Unfinished changes --- build.gradle.kts | 2 +- library/build.gradle.kts | 7 +- .../FirebaseAppCheckPluginConfiguration.kt | 6 +- .../FirebaseAppCheckTokenVerifierService.kt | 45 +++------- .../services/jwt/DecodedJwt.kt | 84 +------------------ ...irebaseAppCheckTokenVerifierServiceImpl.kt | 13 ++- settings.gradle.kts | 8 ++ 7 files changed, 31 insertions(+), 134 deletions(-) diff --git a/build.gradle.kts b/build.gradle.kts index fdcdb0c..617ca70 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -2,4 +2,4 @@ plugins { alias(libs.plugins.kotlin.jvm) apply false alias(libs.plugins.kotlin.multiplatform) apply false alias(libs.plugins.kotlinx.serialization) apply false -} \ No newline at end of file +} diff --git a/library/build.gradle.kts b/library/build.gradle.kts index ca55255..279bde7 100644 --- a/library/build.gradle.kts +++ b/library/build.gradle.kts @@ -2,7 +2,6 @@ plugins { alias(libs.plugins.kotlin.multiplatform) // application id("maven-publish") -// id("java-library") } val kotlinVersion = libs.versions.kotlin.get() @@ -19,6 +18,8 @@ description = kotlin { jvm() + linuxX64() + macosArm64() sourceSets { val commonMain by getting { @@ -54,10 +55,6 @@ kotlin { } } -repositories { - mavenCentral() -} - //publishing { // // val jitpackGroupId = "com.github.freshplatform" diff --git a/library/src/commonMain/kotlin/net/freshplatform/ktor_server/firebase_app_check/core/FirebaseAppCheckPluginConfiguration.kt b/library/src/commonMain/kotlin/net/freshplatform/ktor_server/firebase_app_check/core/FirebaseAppCheckPluginConfiguration.kt index 1fcf967..13ff14e 100644 --- a/library/src/commonMain/kotlin/net/freshplatform/ktor_server/firebase_app_check/core/FirebaseAppCheckPluginConfiguration.kt +++ b/library/src/commonMain/kotlin/net/freshplatform/ktor_server/firebase_app_check/core/FirebaseAppCheckPluginConfiguration.kt @@ -1,6 +1,5 @@ package net.freshplatform.ktor_server.firebase_app_check.core -import com.auth0.jwt.interfaces.DecodedJWT import io.ktor.http.* import io.ktor.server.application.* import io.ktor.server.response.* @@ -11,6 +10,7 @@ import net.freshplatform.ktor_server.firebase_app_check.exceptions.FirebaseAppCh import net.freshplatform.ktor_server.firebase_app_check.exceptions.FirebaseAppCheckVerifyJwtErrorType.* import net.freshplatform.ktor_server.firebase_app_check.exceptions.FirebaseAppCheckVerifyJwtException import net.freshplatform.ktor_server.firebase_app_check.service.FirebaseAppCheckTokenVerifierService +import net.freshplatform.ktor_server.firebase_app_check.services.jwt.DecodedJwt import net.freshplatform.ktor_server.firebase_app_check.utils.FirebaseAppCheckMessages import net.freshplatform.ktor_server.firebase_app_check.utils.extensions.protectRouteWithAppCheck @@ -47,10 +47,10 @@ class FirebaseAppCheckPluginConfiguration( var firebaseAppCheckApiBaseUrl: String = "https://firebaseappcheck.googleapis.com", var firebaseAppCheckPublicJwtSetUrl: String = "${firebaseAppCheckApiBaseUrl}/v1/jwks", var secureStrategy: FirebaseAppCheckSecureStrategy = FirebaseAppCheckSecureStrategy.ProtectSpecificRoutes, - var additionalSecurityCheck: suspend (decodedJwt: DecodedJWT) -> Boolean = { + var additionalSecurityCheck: suspend (decodedJwt: DecodedJwt) -> Boolean = { true }, - var afterSecurityCheck: suspend (decodedJwt: DecodedJWT) -> Unit = {}, + var afterSecurityCheck: suspend (decodedJwt: DecodedJwt) -> Unit = {}, // var consumeTheTokenAfterUsingIt: Boolean = false var errorBuilder: suspend (e: Exception, call: ApplicationCall, pluginConfig: FirebaseAppCheckPluginConfiguration) -> Unit = { e, call, pluginConfig -> diff --git a/library/src/commonMain/kotlin/net/freshplatform/ktor_server/firebase_app_check/service/FirebaseAppCheckTokenVerifierService.kt b/library/src/commonMain/kotlin/net/freshplatform/ktor_server/firebase_app_check/service/FirebaseAppCheckTokenVerifierService.kt index a2f099e..353ffb5 100644 --- a/library/src/commonMain/kotlin/net/freshplatform/ktor_server/firebase_app_check/service/FirebaseAppCheckTokenVerifierService.kt +++ b/library/src/commonMain/kotlin/net/freshplatform/ktor_server/firebase_app_check/service/FirebaseAppCheckTokenVerifierService.kt @@ -1,8 +1,10 @@ package net.freshplatform.ktor_server.firebase_app_check.service -import com.auth0.jwt.interfaces.DecodedJWT -import java.security.PublicKey -import java.util.concurrent.TimeUnit +import net.freshplatform.ktor_server.firebase_app_check.services.jwt.DecodedJwt +import kotlin.time.Duration +import kotlin.time.Duration.Companion.hours +import kotlin.time.Duration.Companion.minutes + /** * Configuration data class for fetching Firebase App Check public keys. This class @@ -22,26 +24,19 @@ data class FetchFirebaseAppCheckPublicKeyConfig( * * @param cacheSize The size of the cache for public keys. * @param expiresIn The duration for public keys to expire in the cache. - * @param timeUnit The time unit for cache expiration. */ data class FetchFirebaseAppCheckPublicKeyCacheConfig( val cacheSize: Long = 10, - val expiresIn: Long = 24, - val timeUnit: TimeUnit = TimeUnit.HOURS, + val expiresIn: Duration = 24.hours, ) /** - * Configuration data class for rate limiting of key fetch requests. This class specifies - * the bucket size, refill rate, and time unit for rate limiting. + * Configuration data class for rate limiting of key fetch requests. * - * @param bucketSize The bucket size for rate limiting. - * @param refillRate The time to refill the rate limit. - * @param timeUnit The time unit for rate limit refilling. + * @param enabled */ data class FetchFirebaseAppCheckPublicKeyRateLimitedConfig( - val bucketSize: Long = 10, - val refillRate: Long = 1, - val timeUnit: TimeUnit = TimeUnit.MINUTES + val enabled: Boolean ) /** @@ -77,25 +72,5 @@ interface FirebaseAppCheckTokenVerifierService { firebaseProjectId: String, firebaseProjectNumber: String, issuerBaseUrl: String - ): DecodedJWT -} - -class FirebaseAppCheckTokenVerifierServiceUnimplemented: FirebaseAppCheckTokenVerifierService { - override suspend fun fetchFirebaseAppCheckPublicKey( - jwtString: String, - url: String, - config: FetchFirebaseAppCheckPublicKeyConfig - ): PublicKey { - TODO("Not yet implemented") - } - - override suspend fun verifyFirebaseAppCheckToken( - jwtString: String, - publicKey: PublicKey, - firebaseProjectId: String, - firebaseProjectNumber: String, - issuerBaseUrl: String - ): DecodedJWT { - TODO("Not yet implemented") - } + ): DecodedJwt } \ No newline at end of file diff --git a/library/src/commonMain/kotlin/net/freshplatform/ktor_server/firebase_app_check/services/jwt/DecodedJwt.kt b/library/src/commonMain/kotlin/net/freshplatform/ktor_server/firebase_app_check/services/jwt/DecodedJwt.kt index 575e7ee..13ecc23 100644 --- a/library/src/commonMain/kotlin/net/freshplatform/ktor_server/firebase_app_check/services/jwt/DecodedJwt.kt +++ b/library/src/commonMain/kotlin/net/freshplatform/ktor_server/firebase_app_check/services/jwt/DecodedJwt.kt @@ -1,88 +1,6 @@ package net.freshplatform.ktor_server.firebase_app_check.services.jwt -import com.auth0.jwt.interfaces.Claim -import java.time.DateTimeException -import java.time.Instant -import java.util.* - -fun main() { - -} data class DecodedJwt( val token: String, - val header: String, - val payload: String, - val signature: String -) - -data class JwtPayload( - val issuer: String, - val subject: String, - val audience: String, - val expiresAt: Long, - val notBefore: Long, - val issuedAt: Long, - val id: String, - val getClaim: () -> Unit, - val claims: Map?, -) - -interface PayloadBase { - - /** - * Get a Claim given its name. If the Claim wasn't specified in the Payload, a 'null claim' - * will be returned. All the methods of that claim will return `null`. - * - * @param name the name of the Claim to retrieve. - * @return a non-null Claim. - */ - fun getClaim(name: String?): Claim? - - /** - * Get the Claims defined in the Token. - * - * @return a non-null Map containing the Claims defined in the Token. - */ - val claims: Map? -} - -interface HeaderBase { - - /** - * Getter for the Algorithm "alg" claim defined in the JWT's Header. If the claim is missing, it will return null. - * - * @return the Algorithm defined or null. - */ - fun getAlgorithm(): String? - - /** - * Getter for the Type "typ" claim defined in the JWT's Header. If the claim is missing, it will return null. - * - * @return the Type defined or null. - */ - fun getType(): String? - - /** - * Getter for the Content Type "cty" claim defined in the JWT's Header. If the claim is missing, it will return null. - * - * @return the Content Type defined or null. - */ - fun getContentType(): String? - - /** - * Get the value of the "kid" claim, or null if it's not available. - * - * @return the Key ID value or null. - */ - fun getKeyId(): String? - - /** - * Get a Private Claim given its name. If the Claim wasn't specified in the Header, a 'null claim' will be - * returned. All the methods of that claim will return `null`. - * - * @param name the name of the Claim to retrieve. - * @return a non-null Claim. - */ - fun getHeaderClaim(name: String?): Claim? -} \ No newline at end of file +) \ No newline at end of file diff --git a/library/src/jvmMain/kotlin/net/freshplatform/ktor_server/firebase_app_check/services/FirebaseAppCheckTokenVerifierServiceImpl.kt b/library/src/jvmMain/kotlin/net/freshplatform/ktor_server/firebase_app_check/services/FirebaseAppCheckTokenVerifierServiceImpl.kt index 829d3d0..54cab79 100644 --- a/library/src/jvmMain/kotlin/net/freshplatform/ktor_server/firebase_app_check/services/FirebaseAppCheckTokenVerifierServiceImpl.kt +++ b/library/src/jvmMain/kotlin/net/freshplatform/ktor_server/firebase_app_check/services/FirebaseAppCheckTokenVerifierServiceImpl.kt @@ -13,9 +13,11 @@ import net.freshplatform.ktor_server.firebase_app_check.exceptions.FirebaseAppCh import net.freshplatform.ktor_server.firebase_app_check.exceptions.FirebaseAppCheckVerifyJwtException import net.freshplatform.ktor_server.firebase_app_check.service.FetchFirebaseAppCheckPublicKeyConfig import net.freshplatform.ktor_server.firebase_app_check.service.FirebaseAppCheckTokenVerifierService +import net.freshplatform.ktor_server.firebase_app_check.services.jwt.DecodedJwt import java.net.URL import java.security.PublicKey import java.security.interfaces.RSAPublicKey +import kotlin.time.toJavaDuration class FirebaseAppCheckTokenVerifierServiceImpl : FirebaseAppCheckTokenVerifierService { override suspend fun fetchFirebaseAppCheckPublicKey( @@ -31,13 +33,10 @@ class FirebaseAppCheckTokenVerifierServiceImpl : FirebaseAppCheckTokenVerifierSe JwkProviderBuilder(URL(url)) .cached( cacheConfig.cacheSize, - cacheConfig.expiresIn, - cacheConfig.timeUnit, + cacheConfig.expiresIn.toJavaDuration(), ) .rateLimited( - rateLimitedConfig.bucketSize, - rateLimitedConfig.refillRate, - rateLimitedConfig.timeUnit, + rateLimitedConfig.enabled ) .build() @@ -109,7 +108,7 @@ class FirebaseAppCheckTokenVerifierServiceImpl : FirebaseAppCheckTokenVerifierSe firebaseProjectId: String, firebaseProjectNumber: String, issuerBaseUrl: String - ): DecodedJWT { + ): DecodedJwt { return withContext(Dispatchers.IO) { try { val verifier = JWT @@ -125,7 +124,7 @@ class FirebaseAppCheckTokenVerifierServiceImpl : FirebaseAppCheckTokenVerifierSe errorType = FirebaseAppCheckVerifyJwtErrorType.HeaderTypeIsNotJwt ) } - decodedJwt + DecodedJwt(decodedJwt.token) } catch (e: TokenExpiredException) { throw FirebaseAppCheckVerifyJwtException( message = e.message.toString(), diff --git a/settings.gradle.kts b/settings.gradle.kts index aee053f..8c51ff6 100644 --- a/settings.gradle.kts +++ b/settings.gradle.kts @@ -8,4 +8,12 @@ pluginManagement { mavenCentral() gradlePluginPortal() } +} + +dependencyResolutionManagement { + repositories { + mavenCentral() + google() + gradlePluginPortal() + } } \ No newline at end of file