From febfd944e08b93117419e7719d066f4d58135d73 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Damian=20B=C3=BCchel?= <damian.buechel@id.ethz.ch>
Date: Mon, 12 Aug 2024 14:42:09 +0200
Subject: [PATCH] SEBWIN-923: Removed hardcoded client credentials for SPS and
 used actual ones from join instruction.

---
 .../ScreenProctoringImplementation.cs          |  2 +-
 .../Service/Requests/OAuth2TokenRequest.cs     |  5 ++++-
 .../Service/Requests/Request.cs                | 18 ++++--------------
 .../ScreenProctoring/Service/ServiceProxy.cs   |  4 ++--
 4 files changed, 11 insertions(+), 18 deletions(-)

diff --git a/SafeExamBrowser.Proctoring/ScreenProctoring/ScreenProctoringImplementation.cs b/SafeExamBrowser.Proctoring/ScreenProctoring/ScreenProctoringImplementation.cs
index ea9770d9..550236ea 100644
--- a/SafeExamBrowser.Proctoring/ScreenProctoring/ScreenProctoringImplementation.cs
+++ b/SafeExamBrowser.Proctoring/ScreenProctoring/ScreenProctoringImplementation.cs
@@ -166,7 +166,7 @@ namespace SafeExamBrowser.Proctoring.ScreenProctoring
 		{
 			logger.Info("Connecting to service...");
 
-			var connect = service.Connect(settings.ServiceUrl);
+			var connect = service.Connect(settings.ClientId, settings.ClientSecret, settings.ServiceUrl);
 
 			if (connect.Success)
 			{
diff --git a/SafeExamBrowser.Proctoring/ScreenProctoring/Service/Requests/OAuth2TokenRequest.cs b/SafeExamBrowser.Proctoring/ScreenProctoring/Service/Requests/OAuth2TokenRequest.cs
index b016bf66..9aed6e94 100644
--- a/SafeExamBrowser.Proctoring/ScreenProctoring/Service/Requests/OAuth2TokenRequest.cs
+++ b/SafeExamBrowser.Proctoring/ScreenProctoring/Service/Requests/OAuth2TokenRequest.cs
@@ -17,8 +17,11 @@ namespace SafeExamBrowser.Proctoring.ScreenProctoring.Service.Requests
 		{
 		}
 
-		internal bool TryExecute(out string message)
+		internal bool TryExecute(string clientId, string clientSecret, out string message)
 		{
+			ClientId = clientId;
+			ClientSecret = clientSecret;
+
 			return TryRetrieveOAuth2Token(out message);
 		}
 	}
diff --git a/SafeExamBrowser.Proctoring/ScreenProctoring/Service/Requests/Request.cs b/SafeExamBrowser.Proctoring/ScreenProctoring/Service/Requests/Request.cs
index ba206f03..b3acab69 100644
--- a/SafeExamBrowser.Proctoring/ScreenProctoring/Service/Requests/Request.cs
+++ b/SafeExamBrowser.Proctoring/ScreenProctoring/Service/Requests/Request.cs
@@ -21,7 +21,6 @@ namespace SafeExamBrowser.Proctoring.ScreenProctoring.Service.Requests
 	{
 		private const int ATTEMPTS = 5;
 
-		private static string connectionToken;
 		private static string oauth2Token;
 
 		private readonly HttpClient httpClient;
@@ -30,20 +29,11 @@ namespace SafeExamBrowser.Proctoring.ScreenProctoring.Service.Requests
 		protected readonly ILogger logger;
 		protected readonly Parser parser;
 
+		protected static string ClientId { get; set; }
+		protected static string ClientSecret { get; set; }
+
 		protected (string, string) Authorization => (Header.AUTHORIZATION, $"Bearer {oauth2Token}");
 
-		internal static string ConnectionToken
-		{
-			get { return connectionToken; }
-			set { connectionToken = value; }
-		}
-
-		internal static string Oauth2Token
-		{
-			get { return oauth2Token; }
-			set { oauth2Token = value; }
-		}
-
 		protected Request(Api api, HttpClient httpClient, ILogger logger, Parser parser)
 		{
 			this.api = api;
@@ -98,7 +88,7 @@ namespace SafeExamBrowser.Proctoring.ScreenProctoring.Service.Requests
 
 		protected bool TryRetrieveOAuth2Token(out string message)
 		{
-			var secret = Convert.ToBase64String(Encoding.UTF8.GetBytes("test:test"));
+			var secret = Convert.ToBase64String(Encoding.UTF8.GetBytes($"{ClientId}:{ClientSecret}"));
 			var authorization = (Header.AUTHORIZATION, $"Basic {secret}");
 			var content = "grant_type=client_credentials&scope=read write";
 			var success = TryExecute(HttpMethod.Post, api.AccessTokenEndpoint, out var response, content, ContentType.URL_ENCODED, authorization);
diff --git a/SafeExamBrowser.Proctoring/ScreenProctoring/Service/ServiceProxy.cs b/SafeExamBrowser.Proctoring/ScreenProctoring/Service/ServiceProxy.cs
index 3af94ad2..eab26c49 100644
--- a/SafeExamBrowser.Proctoring/ScreenProctoring/Service/ServiceProxy.cs
+++ b/SafeExamBrowser.Proctoring/ScreenProctoring/Service/ServiceProxy.cs
@@ -33,12 +33,12 @@ namespace SafeExamBrowser.Proctoring.ScreenProctoring.Service
 			this.parser = new Parser(logger);
 		}
 
-		internal ServiceResponse Connect(string serviceUrl)
+		internal ServiceResponse Connect(string clientId, string clientSecret, string serviceUrl)
 		{
 			httpClient = new HttpClient { BaseAddress = new Uri(serviceUrl) };
 
 			var request = new OAuth2TokenRequest(api, httpClient, logger, parser);
-			var success = request.TryExecute(out var message);
+			var success = request.TryExecute(clientId, clientSecret, out var message);
 
 			if (success)
 			{