szakatsa/Automatic-Parking
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add authorization and key-pairing
All checks were successful
Build, Push and Run Container / build (push) Successful in 30s
Details

Browse Source
This commit is contained in:
Szakáts Alpár
2025-08-16 20:40:27 +02:00
parent 8c801c88ce
commit a7ea7ff632
4 changed files with 81 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
Source/ProofOfConcept/Program.cs
View File

@@ -1,6 +1,10 @@
using System.Text.Json;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Caching.Memory;
using Microsoft.Extensions.Diagnostics.HealthChecks;
using ProofOfConcept.Models;
using ProofOfConcept.Services;
using ProofOfConcept.Utilities;
@@ -19,10 +23,35 @@ builder.Services.AddMemoryCache();
builder.Services.AddHybridCache();
builder.Services.AddHttpClient();
builder.Services.AddRazorPages();
builder.Services.AddHealthChecks()
.AddAsyncCheck("", cancellationToken => Task.FromResult(HealthCheckResult.Healthy()), ["ready"]); //TODO: Check tag
builder.Services.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddCookie()
.AddOpenIdConnect(options =>
{
options.Authority = "https://fleet-auth.prd.vn.cloud.tesla.com/oauth2/v3"; // Tesla auth
options.ClientId = "b2240ee4-332a-4252-91aa-bbcc24f78fdb";
options.ClientSecret = "ta-secret.YG+XSdlvr6Lv8U-x";
options.ResponseType = "code";
options.SaveTokens = true; // access_token, refresh_token in auth ticket
options.CallbackPath = new PathString("/token-exchange");
options.Scope.Add("openid");
options.Scope.Add("offline_access");
options.Scope.Add("vehicle_device_data");
options.Scope.Add("vehicle_location");
options.AdditionalAuthorizationParameters.Add("prompt_missing_scopes", "true");
options.AdditionalAuthorizationParameters.Add("require_requested_scopes", "true");
options.AdditionalAuthorizationParameters.Add("show_keypair_step", "true");
// PKCE, state, nonce are handled automatically
});
// Add own services
builder.Services.AddSingleton<IMessageProcessor, MessageProcessor>();
builder.Services.AddTransient<TeslaAuthenticatorService>();
builder.Services.AddTransient<ITeslaAuthenticatorService, TeslaAuthenticatorService>();
// Add hosted services
builder.Services.AddHostedService<MQTTServer>();
@@ -51,12 +80,15 @@ if (app.Environment.IsDevelopment())
});
app.MapGet("/CheckRegisteredApplication", ([FromServices] TeslaAuthenticatorService service) => service.CheckApplicationRegistrationAsync());
app.MapGet("/RegisterApplication", ([FromServices] TeslaAuthenticatorService service) => service.RegisterApplicationAsync());
app.MapGet("/Authorize", ([FromServices] TeslaAuthenticatorService service) => new RedirectResult(service.GetAplicationAuthorizationURL()));
app.MapGet("/Authorize", (async context => await context.ChallengeAsync(OpenIdConnectDefaults.AuthenticationScheme, new AuthenticationProperties { RedirectUri = "/" })));
app.MapGet("/KeyPairing", () => Results.Redirect("https://tesla.com/_ak/developer-domain.com"));
}
//Map static assets
app.MapStaticAssets();
//TODO: Build a middleware that responds with 503 if the public key is not registered at Tesla
app.MapRazorPages();
app.Run();