diff options
| author | ivar <i@oiee.no> | 2023-11-11 22:10:42 +0100 |
|---|---|---|
| committer | ivar <i@oiee.no> | 2023-11-11 22:10:42 +0100 |
| commit | 854dedead3a3ed987997a0132f527db73b65b0ac (patch) | |
| tree | 982dddd8b1dc4c819147912222ec2b38dd3b671e /code/api/src/Utilities/BasicAuthenticationHandler.cs | |
| parent | 7e874b9aecabe22a731d582505cadd87b699d159 (diff) | |
| download | greatoffice-854dedead3a3ed987997a0132f527db73b65b0ac.tar.xz greatoffice-854dedead3a3ed987997a0132f527db73b65b0ac.zip | |
Div more changes
Diffstat (limited to 'code/api/src/Utilities/BasicAuthenticationHandler.cs')
| -rw-r--r-- | code/api/src/Utilities/BasicAuthenticationHandler.cs | 27 |
1 files changed, 17 insertions, 10 deletions
diff --git a/code/api/src/Utilities/BasicAuthenticationHandler.cs b/code/api/src/Utilities/BasicAuthenticationHandler.cs index 3b92293..41486ef 100644 --- a/code/api/src/Utilities/BasicAuthenticationHandler.cs +++ b/code/api/src/Utilities/BasicAuthenticationHandler.cs @@ -1,7 +1,6 @@ using System.Net.Http.Headers; using System.Text; using System.Text.Encodings.Web; -using IOL.GreatOffice.Api.Models.Database; using Microsoft.Extensions.Options; namespace IOL.GreatOffice.Api.Utilities; @@ -16,17 +15,18 @@ public class BasicAuthenticationHandler : AuthenticationHandler<AuthenticationSc IOptionsMonitor<AuthenticationSchemeOptions> options, ILoggerFactory logger, UrlEncoder encoder, - ISystemClock clock, MainAppDatabase context, VaultService vaultService ) : - base(options, logger, encoder, clock) { + base(options, logger, encoder) + { _context = context; _configuration = vaultService.GetCurrentAppConfiguration(); _logger = logger.CreateLogger<BasicAuthenticationHandler>(); } - protected override Task<AuthenticateResult> HandleAuthenticateAsync() { + protected override Task<AuthenticateResult> HandleAuthenticateAsync() + { var endpoint = Context.GetEndpoint(); if (endpoint?.Metadata.GetMetadata<IAllowAnonymous>() != null) return Task.FromResult(AuthenticateResult.NoResult()); @@ -34,9 +34,11 @@ public class BasicAuthenticationHandler : AuthenticationHandler<AuthenticationSc if (!Request.Headers.ContainsKey("Authorization")) return Task.FromResult(AuthenticateResult.Fail("Missing Authorization Header")); - try { + try + { var tokenEntropy = _configuration.APP_AES_KEY; - if (tokenEntropy.IsNullOrWhiteSpace()) { + if (tokenEntropy.IsNullOrWhiteSpace()) + { _logger.LogWarning("No token entropy is available in env:TOKEN_ENTROPY, Basic auth is disabled"); return Task.FromResult(AuthenticateResult.Fail("Invalid Authorization Header")); } @@ -47,16 +49,19 @@ public class BasicAuthenticationHandler : AuthenticationHandler<AuthenticationSc var decryptedString = Encoding.UTF8.GetString(credentialBytes).DecryptWithAes(tokenEntropy); var tokenIsGuid = Guid.TryParse(decryptedString, out var tokenId); - if (!tokenIsGuid) { + if (!tokenIsGuid) + { return Task.FromResult(AuthenticateResult.Fail("Invalid Authorization Header")); } var token = _context.AccessTokens.Include(c => c.User).SingleOrDefault(c => c.Id == tokenId); - if (token == default) { + if (token == default) + { return Task.FromResult(AuthenticateResult.Fail("Invalid Authorization Header: Not Found")); } - if (token.HasExpired) { + if (token.HasExpired) + { return Task.FromResult(AuthenticateResult.Fail("Invalid Authorization Header: Expired")); } @@ -72,7 +77,9 @@ public class BasicAuthenticationHandler : AuthenticationHandler<AuthenticationSc var ticket = new AuthenticationTicket(principal, AppConstants.BASIC_AUTH_SCHEME); return Task.FromResult(AuthenticateResult.Success(ticket)); - } catch (Exception e) { + } + catch (Exception e) + { _logger.LogError(e, $"An exception occured when challenging {AppConstants.BASIC_AUTH_SCHEME}"); return Task.FromResult(AuthenticateResult.Fail("Invalid Authorization Header")); } |