Add endpoints to manage IPC bans (#2715)

* Add endpoints to manage IPC bans

* Remove debug code

* Misc.

* Simplify unban logic

* Add explanatory comment to new string resource

ArchiSteamFarm/IPC/Controllers/Api/IPCController.cs

@@ -0,0 +1,78 @@
+//     _                _      _  ____   _                           _____
+//    / \    _ __  ___ | |__  (_)/ ___| | |_  ___   __ _  _ __ ___  |  ___|__ _  _ __  _ __ ___
+//   / _ \  | '__|/ __|| '_ \ | |\___ \ | __|/ _ \ / _` || '_ ` _ \ | |_  / _` || '__|| '_ ` _ \
+//  / ___ \ | |  | (__ | | | || | ___) || |_|  __/| (_| || | | | | ||  _|| (_| || |   | | | | | |
+// /_/   \_\|_|   \___||_| |_||_||____/  \__|\___| \__,_||_| |_| |_||_|   \__,_||_|   |_| |_| |_|
+// |
+// Copyright 2015-2022 Łukasz "JustArchi" Domeradzki
+// Contact: JustArchi@JustArchi.net
+// |
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// |
+// http://www.apache.org/licenses/LICENSE-2.0
+// |
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+using System;
+using System.Collections.Generic;
+using System.Globalization;
+using System.Linq;
+using System.Net;
+using System.Threading.Tasks;
+using ArchiSteamFarm.IPC.Integration;
+using ArchiSteamFarm.IPC.Responses;
+using ArchiSteamFarm.Localization;
+using Microsoft.AspNetCore.Mvc;
+
+namespace ArchiSteamFarm.IPC.Controllers.Api;
+
+[Route("Api/IPC")]
+public sealed class IPCController : ArchiController {
+	/// <summary>
+	///     Clears the list of all IP addresses currently blocked by ASFs IPC module
+	/// </summary>
+	[HttpDelete("Bans")]
+	[ProducesResponseType(typeof(GenericResponse), (int) HttpStatusCode.OK)]
+	public ActionResult<GenericResponse> BansDelete() {
+		ApiAuthenticationMiddleware.ClearFailedAuthorizations();
+
+		return Ok(new GenericResponse(true));
+	}
+
+	/// <summary>
+	///     Removes an IP address from the list of addresses currently blocked by ASFs IPC module
+	/// </summary>
+	[HttpDelete("Bans/{ipAddress:required}")]
+	[ProducesResponseType(typeof(GenericResponse), (int) HttpStatusCode.OK)]
+	[ProducesResponseType(typeof(GenericResponse), (int) HttpStatusCode.BadRequest)]
+	public ActionResult<GenericResponse> BansDeleteSpecific(string ipAddress) {
+		if (string.IsNullOrEmpty(ipAddress)) {
+			throw new ArgumentNullException(nameof(ipAddress));
+		}
+
+		if (!IPAddress.TryParse(ipAddress, out IPAddress? remoteAddress)) {
+			return BadRequest(new GenericResponse(false, string.Format(CultureInfo.CurrentCulture, Strings.ErrorIsInvalid, nameof(ipAddress))));
+		}
+
+		bool result = ApiAuthenticationMiddleware.UnbanIP(remoteAddress);
+
+		if (!result) {
+			return BadRequest(new GenericResponse(false, string.Format(CultureInfo.CurrentCulture, Strings.ErrorIPNotBanned, ipAddress)));
+		}
+
+		return Ok(new GenericResponse(true));
+	}
+
+	/// <summary>
+	///     Gets all IP addresses currently blocked by ASFs IPC module
+	/// </summary>
+	[HttpGet("Bans")]
+	[ProducesResponseType(typeof(GenericResponse<ISet<string>>), (int) HttpStatusCode.OK)]
+	public ActionResult<GenericResponse<ISet<string>>> BansGet() => Ok(new GenericResponse<ISet<string>>(ApiAuthenticationMiddleware.GetCurrentlyBannedIPs().Select(static ip => ip.ToString()).ToHashSet()));
+}

ArchiSteamFarm/IPC/Integration/ApiAuthenticationMiddleware.cs

@@ -24,6 +24,7 @@ using MvcNewtonsoftJsonOptions = Microsoft.AspNetCore.Mvc.MvcJsonOptions;
 #endif
 using System;
 using System.Collections.Concurrent;
+using System.Collections.Generic;
 using System.Diagnostics.CodeAnalysis;
 using System.Linq;
 using System.Net;
@@ -88,7 +89,19 @@ internal sealed class ApiAuthenticationMiddleware {
 		await context.Response.WriteJsonAsync(new GenericResponse<StatusCodeResponse>(false, statusCodeResponse), jsonOptions.Value.SerializerSettings).ConfigureAwait(false);
 	}
 
-	private static void ClearFailedAuthorizations(object? state = null) => FailedAuthorizations.Clear();
+	internal static void ClearFailedAuthorizations(object? state = null) => FailedAuthorizations.Clear();
+
+	internal static HashSet<IPAddress> GetCurrentlyBannedIPs() => FailedAuthorizations.Where(static kv => kv.Value >= MaxFailedAuthorizationAttempts).Select(static kv => kv.Key).ToHashSet();
+
+	internal static bool UnbanIP(IPAddress ipAddress) {
+		ArgumentNullException.ThrowIfNull(ipAddress);
+
+		if (!FailedAuthorizations.TryGetValue(ipAddress, out byte attempts) || (attempts < MaxFailedAuthorizationAttempts)) {
+			return false;
+		}
+
+		return FailedAuthorizations.TryRemove(ipAddress, out _);
+	}
 
 	private async Task<(HttpStatusCode StatusCode, bool Permanent)> GetAuthenticationStatus(HttpContext context) {
 		ArgumentNullException.ThrowIfNull(context);

ArchiSteamFarm/Localization/Strings.Designer.cs

@@ -981,6 +981,15 @@ namespace ArchiSteamFarm.Localization {
             }
         }
         
+        /// <summary>
+        ///   Looks up a localized string similar to The IP address {0} is not banned!.
+        /// </summary>
+        public static string ErrorIPNotBanned {
+            get {
+                return ResourceManager.GetString("ErrorIPNotBanned", resourceCulture);
+            }
+        }
+        
         /// <summary>
         ///   Looks up a localized string similar to {0} is empty!.
         /// </summary>

ArchiSteamFarm/Localization/Strings.resx

@@ -740,4 +740,8 @@ Process uptime: {1}</value>
 		<value>Please enter your cryptkey: </value>
 		<comment>Please note that this translation should end with space</comment>
 	</data>
+	<data name="ErrorIPNotBanned" xml:space="preserve">
+		<value>The IP address {0} is not banned!</value>
+		<comment>{0} will be replaced by an IP address which was requested to be unbanned from using IPC</comment>
+	</data>
 </root>