AutheliaMultiDomainProxy/Backend/AuthHelpers.cs

using System.Web;
using Nager.PublicSuffix;

namespace AutheliaMultiDomainProxy.Backend;

public class AuthHelpers {
	static DomainParser domainParser = new(new WebTldRuleProvider("https://share.zotan.services/public_suffix_list.dat"));

	public static (bool isAuthenticated, string? user) IsAuthenticated(IRequestCookieCollection cookies) {
		if (!cookies.ContainsKey(Vars.CookieName))
			return (false, null);

		var response = MakeUpstreamAutheliaRequest(cookies[Vars.CookieName]!);

		if (!response.IsSuccessStatusCode)
			return (false, null);

		return response.Headers.Contains("remote-user") ? (true, response.Headers.GetValues("remote-user").First()) : (true, null);
	}

	private static HttpResponseMessage MakeUpstreamAutheliaRequest(string cookie) {
		var client = new HttpClient();
		client.DefaultRequestHeaders.Add("cookie", $"authelia_session={cookie}");
		client.DefaultRequestHeaders.Add("x-forwarded-proto", "https");
		client.DefaultRequestHeaders.Add("Host", $"{Vars.AutheliaSubdomain}.{Vars.UpstreamPrimaryDomain}");
		var response = client.GetAsync($"http://127.0.0.1:9091/api/verify");
		return response.Result;
	}
	
	public static HttpResponseMessage MakeUpstreamAutheliaRequest(IHeaderDictionary headers, string? cookie) {
		var client = new HttpClient();

		foreach (var header in headers) {
			if (Vars.RequestHeaders.Contains(header.Key, StringComparer.InvariantCultureIgnoreCase))
				client.DefaultRequestHeaders.Add(header.Key, (IEnumerable<string?>)header.Value);
		}

		client.DefaultRequestHeaders.Host = $"{headers["Host"]}.amdp.{Vars.UpstreamPrimaryDomain}";

		if (!string.IsNullOrWhiteSpace(cookie))
			client.DefaultRequestHeaders.Add("cookie", $"authelia_session={cookie}");
		
		var response = client.GetAsync($"http://127.0.0.1:9091/api/verify");
		return response.Result;
	}

	public static string GetRootDomain(string url) {
		return domainParser.Parse(new Uri(url).Host).RegistrableDomain;
	}
}
Initial commit 2023-03-28 22:04:56 +02:00			`using System.Web;`
Automatically extract dstDomain from tgt 2023-03-28 23:56:06 +02:00			`using Nager.PublicSuffix;`
Initial commit 2023-03-28 22:04:56 +02:00
			`namespace AutheliaMultiDomainProxy.Backend;`

			`public class AuthHelpers {`
Code cleanup 2023-05-04 01:06:04 +02:00			`static DomainParser domainParser = new(new WebTldRuleProvider("https://share.zotan.services/public_suffix_list.dat"));`
Automatically extract dstDomain from tgt 2023-03-28 23:56:06 +02:00
Initial commit 2023-03-28 22:04:56 +02:00			`public static (bool isAuthenticated, string? user) IsAuthenticated(IRequestCookieCollection cookies) {`
			`if (!cookies.ContainsKey(Vars.CookieName))`
			`return (false, null);`

			`var response = MakeUpstreamAutheliaRequest(cookies[Vars.CookieName]!);`

			`if (!response.IsSuccessStatusCode)`
			`return (false, null);`

			`return response.Headers.Contains("remote-user") ? (true, response.Headers.GetValues("remote-user").First()) : (true, null);`
			`}`

			`private static HttpResponseMessage MakeUpstreamAutheliaRequest(string cookie) {`
			`var client = new HttpClient();`
Fix cookies with % characters 2023-04-02 15:22:28 +02:00			`client.DefaultRequestHeaders.Add("cookie", $"authelia_session={cookie}");`
Fix dashboard status 2023-03-28 22:47:01 +02:00			`client.DefaultRequestHeaders.Add("x-forwarded-proto", "https");`
Use string interpolation everywhere, harden host checks 2023-03-28 23:46:47 +02:00			`client.DefaultRequestHeaders.Add("Host", $"{Vars.AutheliaSubdomain}.{Vars.UpstreamPrimaryDomain}");`
Initial commit 2023-03-28 22:04:56 +02:00			`var response = client.GetAsync($"http://127.0.0.1:9091/api/verify");`
			`return response.Result;`
			`}`

			`public static HttpResponseMessage MakeUpstreamAutheliaRequest(IHeaderDictionary headers, string? cookie) {`
			`var client = new HttpClient();`

			`foreach (var header in headers) {`
			`if (Vars.RequestHeaders.Contains(header.Key, StringComparer.InvariantCultureIgnoreCase))`
			`client.DefaultRequestHeaders.Add(header.Key, (IEnumerable<string?>)header.Value);`
			`}`

Use string interpolation everywhere, harden host checks 2023-03-28 23:46:47 +02:00			`client.DefaultRequestHeaders.Host = $"{headers["Host"]}.amdp.{Vars.UpstreamPrimaryDomain}";`
Initial commit 2023-03-28 22:04:56 +02:00
			`if (!string.IsNullOrWhiteSpace(cookie))`
Fix cookies with % characters 2023-04-02 15:22:28 +02:00			`client.DefaultRequestHeaders.Add("cookie", $"authelia_session={cookie}");`
Initial commit 2023-03-28 22:04:56 +02:00
			`var response = client.GetAsync($"http://127.0.0.1:9091/api/verify");`
			`return response.Result;`
			`}`
Automatically extract dstDomain from tgt 2023-03-28 23:56:06 +02:00
			`public static string GetRootDomain(string url) {`
			`return domainParser.Parse(new Uri(url).Host).RegistrableDomain;`
			`}`
Initial commit 2023-03-28 22:04:56 +02:00			`}`