🐛 Still bug fixes in auth service

DysonNetwork.Pass/Auth/OidcProvider/Services/OidcProviderService.cs

@@ -156,15 +156,16 @@ public class OidcProviderService(
 
         var claims = new List<Claim>
         {
-            new Claim(JwtRegisteredClaimNames.Iss, _options.IssuerUri),
-            new Claim(JwtRegisteredClaimNames.Sub, session.AccountId.ToString()),
-            new Claim(JwtRegisteredClaimNames.Aud, client.Id.ToString()),
-            new Claim(JwtRegisteredClaimNames.Iat, now.ToUnixTimeSeconds().ToString(), ClaimValueTypes.Integer64),
-            new Claim(JwtRegisteredClaimNames.Exp,
+            new(JwtRegisteredClaimNames.Iss, _options.IssuerUri),
+            new(JwtRegisteredClaimNames.Sub, session.AccountId.ToString()),
+            new(JwtRegisteredClaimNames.Aud, client.Id.ToString()),
+            new(JwtRegisteredClaimNames.Iat, now.ToUnixTimeSeconds().ToString(), ClaimValueTypes.Integer64),
+            new(JwtRegisteredClaimNames.Exp,
                 now.Plus(Duration.FromSeconds(_options.AccessTokenLifetime.TotalSeconds)).ToUnixTimeSeconds()
                     .ToString(), ClaimValueTypes.Integer64),
-            new Claim(JwtRegisteredClaimNames.AuthTime, session.CreatedAt.ToUnixTimeSeconds().ToString(),
-                ClaimValueTypes.Integer64)
+            new(JwtRegisteredClaimNames.AuthTime, session.CreatedAt.ToUnixTimeSeconds().ToString(),
+                ClaimValueTypes.Integer64),
+            new(JwtRegisteredClaimNames.Aud, client.Id)
         };
 
         // Add nonce if provided (required for implicit and hybrid flows)
@@ -300,7 +301,7 @@ public class OidcProviderService(
                 new Claim(JwtRegisteredClaimNames.Jti, session.Id.ToString()),
                 new Claim(JwtRegisteredClaimNames.Iat, now.ToUnixTimeSeconds().ToString(),
                     ClaimValueTypes.Integer64),
-                new Claim("client_id", client.Id)
+                new Claim(JwtRegisteredClaimNames.Aud, client.Id)
             ]),
             Expires = expiresAt.ToDateTimeUtc(),
             Issuer = _options.IssuerUri,

DysonNetwork.Pass/Auth/TokenAuthService.cs

@@ -1,3 +1,4 @@
+using System.IdentityModel.Tokens.Jwt;
 using System.Security.Cryptography;
 using System.Text;
 using DysonNetwork.Pass.Wallet;

DysonNetwork.Pusher/Connection/WebSocketController.cs

@@ -24,7 +24,7 @@ public class WebSocketController(WebSocketService ws, ILogger<WebSocketContext>
         }
 
         var accountId = currentUser.Id!;
-        var deviceId = currentSession.Challenge.DeviceId!;
+        var deviceId = currentSession.Challenge?.DeviceId ?? Guid.NewGuid().ToString();
 
         if (string.IsNullOrEmpty(deviceId))
         {
@@ -67,7 +67,11 @@ public class WebSocketController(WebSocketService ws, ILogger<WebSocketContext>
         catch (Exception ex)
         {
             logger.LogError(ex,
-                "WebSocket disconnected with user @{UserName}#{UserId} and device #{DeviceId} unexpectedly");
+                "WebSocket disconnected with user @{UserName}#{UserId} and device #{DeviceId} unexpectedly",
+                currentUser.Name,
+                currentUser.Id,
+                deviceId
+            );
         }
         finally
         {