2023-02-11 20:10:45 +00:00
|
|
|
|
using System;
|
|
|
|
|
using Dalamud.Logging;
|
2022-12-21 19:23:48 +00:00
|
|
|
|
using Grpc.Core;
|
|
|
|
|
using System.Net.Security;
|
|
|
|
|
using System.Security.Cryptography.X509Certificates;
|
|
|
|
|
|
|
|
|
|
namespace Pal.Client.Net
|
|
|
|
|
{
|
|
|
|
|
internal partial class RemoteApi
|
|
|
|
|
{
|
2023-02-11 20:10:45 +00:00
|
|
|
|
private Metadata UnauthorizedHeaders() => new()
|
2022-12-21 19:23:48 +00:00
|
|
|
|
{
|
2023-02-10 19:48:14 +00:00
|
|
|
|
{ "User-Agent", _userAgent },
|
2022-12-21 19:23:48 +00:00
|
|
|
|
};
|
|
|
|
|
|
2023-02-11 20:10:45 +00:00
|
|
|
|
private Metadata AuthorizedHeaders() => new()
|
2022-12-21 19:23:48 +00:00
|
|
|
|
{
|
2023-02-11 20:10:45 +00:00
|
|
|
|
{ "Authorization", $"Bearer {_loginInfo.AuthToken}" },
|
2023-02-10 19:48:14 +00:00
|
|
|
|
{ "User-Agent", _userAgent },
|
2022-12-21 19:23:48 +00:00
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
private SslClientAuthenticationOptions? GetSslClientAuthenticationOptions()
|
|
|
|
|
{
|
|
|
|
|
#if !DEBUG
|
|
|
|
|
var secrets = typeof(RemoteApi).Assembly.GetType("Pal.Client.Secrets");
|
|
|
|
|
if (secrets == null)
|
|
|
|
|
return null;
|
|
|
|
|
|
|
|
|
|
var pass = secrets.GetProperty("CertPassword")?.GetValue(null) as string;
|
|
|
|
|
if (pass == null)
|
|
|
|
|
return null;
|
|
|
|
|
|
|
|
|
|
var manifestResourceStream = typeof(RemoteApi).Assembly.GetManifestResourceStream("Pal.Client.Certificate.pfx");
|
|
|
|
|
if (manifestResourceStream == null)
|
|
|
|
|
return null;
|
|
|
|
|
|
|
|
|
|
var bytes = new byte[manifestResourceStream.Length];
|
2023-02-11 20:10:45 +00:00
|
|
|
|
int read = manifestResourceStream.Read(bytes, 0, bytes.Length);
|
|
|
|
|
if (read != bytes.Length)
|
|
|
|
|
throw new InvalidOperationException();
|
2022-12-21 19:23:48 +00:00
|
|
|
|
|
|
|
|
|
var certificate = new X509Certificate2(bytes, pass, X509KeyStorageFlags.DefaultKeySet);
|
|
|
|
|
PluginLog.Debug($"Using client certificate {certificate.GetCertHashString()}");
|
|
|
|
|
return new SslClientAuthenticationOptions
|
|
|
|
|
{
|
|
|
|
|
ClientCertificates = new X509CertificateCollection()
|
|
|
|
|
{
|
|
|
|
|
certificate,
|
|
|
|
|
},
|
|
|
|
|
};
|
|
|
|
|
#else
|
|
|
|
|
PluginLog.Debug("Not using client certificate");
|
|
|
|
|
return null;
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public bool HasRoleOnCurrentServer(string role)
|
|
|
|
|
{
|
|
|
|
|
if (Service.Configuration.Mode != Configuration.EMode.Online)
|
|
|
|
|
return false;
|
|
|
|
|
|
2023-02-15 01:38:04 +00:00
|
|
|
|
var account = Service.Configuration.FindAccount(RemoteUrl);
|
2022-12-21 19:23:48 +00:00
|
|
|
|
return account == null || account.CachedRoles.Contains(role);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|