From 187a3a47f29bccbb3f60ab79e4f00cf485f9b3be Mon Sep 17 00:00:00 2001 From: Liza Carvelli Date: Sun, 30 Oct 2022 22:35:42 +0100 Subject: [PATCH] Update client credentials (not currently enabled) --- Pal.Client/.gitignore | 1 + Pal.Client/Pal.Client.csproj | 12 +++++++++++- Pal.Client/RemoteApi.cs | 34 +++++++++++++++++++++++++++++++++- 3 files changed, 45 insertions(+), 2 deletions(-) diff --git a/Pal.Client/.gitignore b/Pal.Client/.gitignore index 9b1c8b1..e6b5067 100644 --- a/Pal.Client/.gitignore +++ b/Pal.Client/.gitignore @@ -1 +1,2 @@ /dist +/Secrets.cs diff --git a/Pal.Client/Pal.Client.csproj b/Pal.Client/Pal.Client.csproj index 623ce5f..8fba640 100644 --- a/Pal.Client/Pal.Client.csproj +++ b/Pal.Client/Pal.Client.csproj @@ -3,7 +3,7 @@ net6.0-windows 9.0 - 1.10.0.0 + 1.11.0.0 enable @@ -17,8 +17,18 @@ dist + none + false + + + + + + + + diff --git a/Pal.Client/RemoteApi.cs b/Pal.Client/RemoteApi.cs index 3082fa1..a0f4614 100644 --- a/Pal.Client/RemoteApi.cs +++ b/Pal.Client/RemoteApi.cs @@ -1,13 +1,14 @@ using Account; using Grpc.Core; -using Grpc.Core.Interceptors; using Grpc.Net.Client; using Palace; using System; using System.Collections.Generic; using System.Linq; using System.Net.Http; +using System.Net.Security; using System.Numerics; +using System.Security.Cryptography.X509Certificates; using System.Threading; using System.Threading.Tasks; @@ -39,6 +40,7 @@ namespace Pal.Client HttpHandler = new SocketsHttpHandler { ConnectTimeout = TimeSpan.FromSeconds(5), + SslOptions = GetSslClientAuthenticationOptions(), } }); await _channel.ConnectAsync(cancellationToken); @@ -159,6 +161,36 @@ namespace Pal.Client { "User-Agent", UserAgent }, }; + private SslClientAuthenticationOptions? GetSslClientAuthenticationOptions() + { +#if !DEBUG + var secrets = typeof(RemoteApi).Assembly.GetType("Pal.Client.Secrets"); + if (secrets == null) + return null; + + var pass = secrets.GetProperty("CertPassword")?.GetValue(null) as string; + if (pass == null) + return null; + + var manifestResourceStream = typeof(RemoteApi).Assembly.GetManifestResourceStream("Pal.Client.Certificate.pfx"); + if (manifestResourceStream == null) + return null; + + var bytes = new byte[manifestResourceStream.Length]; + manifestResourceStream.Read(bytes, 0, bytes.Length); + + return new SslClientAuthenticationOptions + { + ClientCertificates = new X509CertificateCollection() + { + new X509Certificate2(bytes, pass, X509KeyStorageFlags.DefaultKeySet), + }, + }; +#else + return null; +#endif + } + public void Dispose() { _channel?.Dispose();