Add AuthLifetimeService

Refactor AuthManager

Akari.Prototype.Server/Services/AuthManager.cs

@@ -1,25 +1,70 @@
-using Microsoft.Extensions.Logging;
+using Akari.Prototype.Server.Models;
+using Akari.Prototype.Server.Utils;
+using Isopoh.Cryptography.Argon2;
+using Microsoft.Extensions.Hosting;
+using Microsoft.Extensions.Logging;
 using System;
+using System.Collections.Concurrent;
 using System.Collections.Generic;
 using System.Linq;
+using System.Runtime.InteropServices;
+using System.Security.Cryptography;
+using System.Text;
+using System.Threading;
 using System.Threading.Tasks;
 
 namespace Akari.Prototype.Server.Services
 {
-    public class AuthManager : IAuthManager
+    public sealed class AuthManager : IAuthManager, IDisposable
     {
+        public const int AuthKeysLength = 256 / 8;
+
+        public IEnumerable<KeyValuePair<string, TimedEntry<AesGcm>>> Pairs => _keys;
+
         private readonly ILogger<AuthManager> _logger;
         private readonly IKeyManager _keyManager;
 
+        private IDictionary<string, TimedEntry<AesGcm>> _keys;
+
         public AuthManager(ILogger<AuthManager> logger, IKeyManager keyManager)
         {
             _logger = logger;
             _keyManager = keyManager;
+            _keys = new ConcurrentDictionary<string, TimedEntry<AesGcm>>();
         }
 
-        public void Auth(byte[] token, string name)
+        public void Auth(string name, string token)
         {
+            // Derive key and store it
+            using var key = Security.Argon2idDeriveBytes(token, name, AuthKeysLength, clear: true);
 
+            SetKey(name, new AesGcm(key.Buffer));
+        }
+
+        public bool Remove(string name)
+        {
+            return _keys.Remove(name);
+        }
+
+        private void SetKey(string name, AesGcm aesGcm)
+        {
+            _logger.LogDebug($"New fingerprint auth: {name}");
+
+            if (_keys.TryGetValue(name, out var oldEntry))
+            {
+                _logger.LogDebug($"Old auth were present for '{name}', clearing it");
+
+                oldEntry.Value.Dispose();
+            }
+
+            _keys[name] = new TimedEntry<AesGcm>(DateTime.Now, aesGcm);
+
+            _logger.LogDebug($"New auth '{name}' at [{_keys[name].CreationDate}], expires at [{_keys[name].CreationDate + AuthLifetimeService.AuthLifetime}]");
+        }
+
+        public void Dispose()
+        {
+            _keys.Clear();
         }
     }
 }