Support AutoDetect

MareSynchronosServer/MareSynchronosServer/Controllers/DiscoveryNotifyController.cs

@@ -0,0 +1,40 @@
+using MareSynchronos.API.SignalR;
+using MareSynchronosShared.Utils;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.SignalR;
+using System.Text.Json.Serialization;
+
+namespace MareSynchronosServer.Controllers;
+
+[Route("/main/discovery")] 
+[Authorize(Policy = "Internal")]
+public class DiscoveryNotifyController : Controller
+{
+    private readonly ILogger<DiscoveryNotifyController> _logger;
+    private readonly IHubContext<Hubs.MareHub, IMareHub> _hub;
+
+    public DiscoveryNotifyController(ILogger<DiscoveryNotifyController> logger, IHubContext<Hubs.MareHub, IMareHub> hub)
+    {
+        _logger = logger;
+        _hub = hub;
+    }
+
+    public sealed class NotifyRequestDto
+    {
+        [JsonPropertyName("targetUid")] public string TargetUid { get; set; } = string.Empty;
+        [JsonPropertyName("fromUid")] public string FromUid { get; set; } = string.Empty;
+        [JsonPropertyName("fromAlias")] public string? FromAlias { get; set; }
+    }
+
+    [HttpPost("notifyRequest")]
+    public async Task<IActionResult> NotifyRequest([FromBody] NotifyRequestDto dto)
+    {
+        if (string.IsNullOrEmpty(dto.TargetUid)) return BadRequest();
+        var name = string.IsNullOrEmpty(dto.FromAlias) ? dto.FromUid : dto.FromAlias;
+        var msg = $"{name} wants to pair with you (Nearby)";
+        _logger.LogInformation("Discovery notify request to {target} from {from}", dto.TargetUid, name);
+        await _hub.Clients.User(dto.TargetUid).Client_ReceiveServerMessage(MareSynchronos.API.Data.Enum.MessageSeverity.Information, msg);
+        return Accepted();
+    }
+}

MareSynchronosServer/MareSynchronosServer/Startup.cs

@@ -13,6 +13,7 @@ using Prometheus;
 using Microsoft.AspNetCore.Authentication.JwtBearer;
 using Microsoft.IdentityModel.Tokens;
 using System.Text;
+using Microsoft.AspNetCore.HttpOverrides;
 using StackExchange.Redis;
 using StackExchange.Redis.Extensions.Core.Configuration;
 using System.Net;
@@ -198,6 +199,21 @@ public class Startup
                     ValidateIssuerSigningKey = true,
                     IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(config.GetValue<string>(nameof(MareConfigurationBase.Jwt)))),
                 };
+
+                // Allow SignalR WebSocket connections to authenticate via access_token query on the hub path
+                options.Events = new JwtBearerEvents
+                {
+                    OnMessageReceived = context =>
+                    {
+                        var accessToken = context.Request.Query["access_token"].ToString();
+                        var path = context.HttpContext.Request.Path;
+                        if (!string.IsNullOrEmpty(accessToken) && path.StartsWithSegments(IMareHub.Path))
+                        {
+                            context.Token = accessToken;
+                        }
+                        return Task.CompletedTask;
+                    }
+                };
             });
 
         services.AddAuthentication(o =>
@@ -307,6 +323,12 @@ public class Startup
 
         var config = app.ApplicationServices.GetRequiredService<IConfigurationService<MareConfigurationBase>>();
 
+        // Respect X-Forwarded-* headers from reverse proxies (required for correct scheme/host)
+        app.UseForwardedHeaders(new ForwardedHeadersOptions
+        {
+            ForwardedHeaders = ForwardedHeaders.XForwardedProto | ForwardedHeaders.XForwardedHost | ForwardedHeaders.XForwardedFor
+        });
+
         app.UseIpRateLimiting();
 
         app.UseRouting();