From bfc2f5b122c9cbd3fd8d27df9866326687ebfe18 Mon Sep 17 00:00:00 2001 From: joegoldman2 <147369450+joegoldman2@users.noreply.github.com> Date: Fri, 3 Nov 2023 20:15:55 +0200 Subject: [PATCH] Remove hardcoded Metadata Service BLOB url to allow users to override it (#444) * Remove hardcoded Metadata Service BLOB url to allow users to override it * mds => mds3 --- .../Fido2NetLibBuilderExtensions.cs | 9 ++++++--- .../Fido2MetadataServiceRepository.cs | 19 +++---------------- 2 files changed, 9 insertions(+), 19 deletions(-) diff --git a/Src/Fido2.AspNet/Fido2NetLibBuilderExtensions.cs b/Src/Fido2.AspNet/Fido2NetLibBuilderExtensions.cs index b4d2a10c..523930d8 100644 --- a/Src/Fido2.AspNet/Fido2NetLibBuilderExtensions.cs +++ b/Src/Fido2.AspNet/Fido2NetLibBuilderExtensions.cs @@ -62,7 +62,7 @@ public static IFido2MetadataServiceBuilder AddFileSystemMetadataRepository(this public static IFido2MetadataServiceBuilder AddConformanceMetadataRepository( this IFido2MetadataServiceBuilder builder, - HttpClient client = null, + HttpClient client = null, string origin = "") { builder.Services.AddTransient(provider => @@ -75,9 +75,12 @@ public static IFido2MetadataServiceBuilder AddConformanceMetadataRepository( public static IFido2MetadataServiceBuilder AddFidoMetadataRepository(this IFido2MetadataServiceBuilder builder, Action clientBuilder = null) { - var httpClientBuilder = builder.Services.AddHttpClient(nameof(Fido2MetadataServiceRepository)); + var httpClientBuilder = builder.Services.AddHttpClient(nameof(Fido2MetadataServiceRepository), client => + { + client.BaseAddress = new Uri("https://mds3.fidoalliance.org/"); + }); - if (clientBuilder != null) + if (clientBuilder != null) clientBuilder(httpClientBuilder); builder.Services.AddTransient(); diff --git a/Src/Fido2/Metadata/Fido2MetadataServiceRepository.cs b/Src/Fido2/Metadata/Fido2MetadataServiceRepository.cs index 544f5df5..3a3439b4 100644 --- a/Src/Fido2/Metadata/Fido2MetadataServiceRepository.cs +++ b/Src/Fido2/Metadata/Fido2MetadataServiceRepository.cs @@ -37,7 +37,6 @@ public sealed class Fido2MetadataServiceRepository : IMetadataRepository "Mx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH"u8 + "WD9f"u8; - private readonly string _blobUrl = "https://mds3.fidoalliance.org/"; private readonly IHttpClientFactory _httpClientFactory; public Fido2MetadataServiceRepository(IHttpClientFactory httpClientFactory) @@ -57,23 +56,10 @@ public async Task GetBLOBAsync(CancellationToken cancellati } private async Task GetRawBlobAsync(CancellationToken cancellationToken) - { - var url = _blobUrl; - return await DownloadStringAsync(url, cancellationToken); - } - - private async Task DownloadStringAsync(string url, CancellationToken cancellationToken) - { - return await _httpClientFactory - .CreateClient(nameof(Fido2MetadataServiceRepository)) - .GetStringAsync(url, cancellationToken); - } - - private async Task DownloadDataAsync(string url, CancellationToken cancellationToken) { return await _httpClientFactory .CreateClient(nameof(Fido2MetadataServiceRepository)) - .GetByteArrayAsync(url, cancellationToken); + .GetStringAsync("/", cancellationToken); } private async Task DeserializeAndValidateBlobAsync(string rawBLOBJwt, CancellationToken cancellationToken) @@ -174,7 +160,8 @@ private async Task DeserializeAndValidateBlobAsync(string r if (element.Certificate.Issuer != element.Certificate.Subject) { var cdp = CryptoUtils.CDPFromCertificateExts(element.Certificate.Extensions); - var crlFile = await DownloadDataAsync(cdp, cancellationToken); + using var client = _httpClientFactory.CreateClient(); + var crlFile = await client.GetByteArrayAsync(cdp, cancellationToken); if (CryptoUtils.IsCertInCRL(crlFile, element.Certificate)) throw new Fido2VerificationException($"Cert {element.Certificate.Subject} found in CRL {cdp}"); }