Update client credentials (not currently enabled)

2022-10-30 22:35:42 +01:00 · 2022-10-30 22:35:42 +01:00 · 187a3a47f2
parent 68caa8d7a0
commit 187a3a47f2
3 changed files with 45 additions and 2 deletions
--- a/Pal.Client/.gitignore
+++ b/Pal.Client/.gitignore
@ -1 +1,2 @@
 /dist
+/Secrets.cs
--- a/Pal.Client/Pal.Client.csproj
+++ b/Pal.Client/Pal.Client.csproj
@ -3,7 +3,7 @@
 	<PropertyGroup>
 		<TargetFramework>net6.0-windows</TargetFramework>
 		<LangVersion>9.0</LangVersion>
-		<Version>1.10.0.0</Version>
+		<Version>1.11.0.0</Version>
 		<Nullable>enable</Nullable>
 	</PropertyGroup>

@ -17,8 +17,18 @@

 	<PropertyGroup Condition="'$(Configuration)' == 'Release'">
 		<OutputPath>dist</OutputPath>
+		<DebugType>none</DebugType>
+		<DebugSymbols>false</DebugSymbols>
 	</PropertyGroup>

+	<ItemGroup Condition="'$(Configuration)' == 'Release' And Exists('Certificate.pfx')">
+	  <None Remove="Certificate.pfx" />
+	</ItemGroup>
+
+	<ItemGroup Condition="'$(Configuration)' == 'Release' And Exists('Certificate.pfx')">
+	  <EmbeddedResource Include="Certificate.pfx" />
+	</ItemGroup>
+
 	<ItemGroup>
 		<PackageReference Include="DalamudPackager" Version="2.1.8" />
 		<PackageReference Include="Google.Protobuf" Version="3.21.8" />
--- a/Pal.Client/RemoteApi.cs
+++ b/Pal.Client/RemoteApi.cs
@ -1,13 +1,14 @@
 using Account;
 using Grpc.Core;
-using Grpc.Core.Interceptors;
 using Grpc.Net.Client;
 using Palace;
 using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Net.Http;
+using System.Net.Security;
 using System.Numerics;
+using System.Security.Cryptography.X509Certificates;
 using System.Threading;
 using System.Threading.Tasks;

@ -39,6 +40,7 @@ namespace Pal.Client
                    HttpHandler = new SocketsHttpHandler
                    {
                        ConnectTimeout = TimeSpan.FromSeconds(5),
+                        SslOptions = GetSslClientAuthenticationOptions(),
                    }
                });
                await _channel.ConnectAsync(cancellationToken);
@ -159,6 +161,36 @@ namespace Pal.Client
            { "User-Agent", UserAgent },
        };

+        private SslClientAuthenticationOptions? GetSslClientAuthenticationOptions()
+        {
+#if !DEBUG
+            var secrets = typeof(RemoteApi).Assembly.GetType("Pal.Client.Secrets");
+            if (secrets == null)
+                return null;
+
+            var pass = secrets.GetProperty("CertPassword")?.GetValue(null) as string;
+            if (pass == null)
+                return null;
+
+            var manifestResourceStream = typeof(RemoteApi).Assembly.GetManifestResourceStream("Pal.Client.Certificate.pfx");
+            if (manifestResourceStream == null)
+                return null;
+
+            var bytes = new byte[manifestResourceStream.Length];
+            manifestResourceStream.Read(bytes, 0, bytes.Length);
+
+            return new SslClientAuthenticationOptions
+            {
+                ClientCertificates = new X509CertificateCollection()
+                {
+                    new X509Certificate2(bytes, pass, X509KeyStorageFlags.DefaultKeySet),
+                },
+            };
+#else
+            return null;
+#endif
+        }
+
        public void Dispose()
        {
            _channel?.Dispose();