Api keys with openiddict (#1262)

* Remove OpenIddict * Add API Key system * Revert removing OpenIddict * fix rebase * fix tests * pr changes * fix tests * fix apikey test * pr change * fix db * add migration attrs * fix migration error * PR Changes * Fix sqlite migration * change api key to use Authorization Header * add supportAddForeignKey * use tempdata status message * fix add api key css * remove redirect url + app identifier feature :(
2025-12-18 14:34:23 +01:00 · 2020-02-24 14:36:15 +01:00
parent a3e7729c52
commit fa51180dfa
29 changed files with 1502 additions and 44 deletions
--- a/BTCPayServer/Controllers/RestApi/TestOpenIdController.cs
+++ b/BTCPayServer/Controllers/RestApi/TestOpenIdController.cs
@@ -0,0 +1,65 @@
+using System.Threading.Tasks;
+using BTCPayServer.Data;
+using BTCPayServer.Models;
+using BTCPayServer.Security;
+using BTCPayServer.Services.Stores;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Mvc;
+using OpenIddict.Validation.AspNetCore;
+
+namespace BTCPayServer.Controllers.RestApi
+{
+    /// <summary>
+    /// this controller serves as a testing endpoint for our OpenId unit tests
+    /// </summary>
+    [Route("api/test/openid")]
+    [ApiController]
+    [Authorize(AuthenticationSchemes = AuthenticationSchemes.OpenId)]
+    public class TestOpenIdController : ControllerBase
+    {
+        private readonly UserManager<ApplicationUser> _userManager;
+        private readonly StoreRepository _storeRepository;
+
+        public TestOpenIdController(UserManager<ApplicationUser> userManager, StoreRepository storeRepository)
+        {
+            _userManager = userManager;
+            _storeRepository = storeRepository;
+        }
+
+        [HttpGet("me/id")]
+        public string GetCurrentUserId()
+        {
+            return _userManager.GetUserId(User);
+        }
+
+        [HttpGet("me")]
+        public async Task<ApplicationUser> GetCurrentUser()
+        {
+            return await _userManager.GetUserAsync(User);
+        }
+
+        [HttpGet("me/is-admin")]
+        [Authorize(Policy = Policies.CanModifyServerSettings.Key, AuthenticationSchemes = AuthenticationSchemes.OpenId)]
+        public bool AmIAnAdmin()
+        {
+            return true;
+        }
+
+        [HttpGet("me/stores")]
+        [Authorize(Policy = Policies.CanModifyStoreSettings.Key,
+            AuthenticationSchemes = AuthenticationSchemes.OpenId)]
+        public async Task<StoreData[]> GetCurrentUserStores()
+        {
+            return await _storeRepository.GetStoresByUserId(_userManager.GetUserId(User));
+        }
+
+        [HttpGet("me/stores/{storeId}/can-edit")]
+        [Authorize(Policy = Policies.CanModifyStoreSettings.Key,
+            AuthenticationSchemes = AuthenticationSchemes.OpenId)]
+        public bool CanEdit(string storeId)
+        {
+            return true;
+        }
+    }
+}