blob: 9e57595c5165194018de741024593e386ed96af6 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
using System.Net.Http.Headers;
using Microsoft.AspNetCore.Mvc.Filters;
namespace IOL.GreatOffice.Api.Utilities;
public class BasicAuthenticationAttribute : TypeFilterAttribute
{
public BasicAuthenticationAttribute(string claimPermission) : base(typeof(BasicAuthenticationFilter))
{
Arguments = [
new Claim(claimPermission, "True")
];
}
}
public class BasicAuthenticationFilter : IAuthorizationFilter
{
private readonly Claim _claim;
public BasicAuthenticationFilter(Claim claim)
{
_claim = claim;
}
public void OnAuthorization(AuthorizationFilterContext context)
{
if (!context.HttpContext.Request.Headers.TryGetValue("Authorization", out Microsoft.Extensions.Primitives.StringValues authzHeaderValue)) return;
try
{
var authHeader = AuthenticationHeaderValue.Parse(authzHeaderValue);
if (authHeader.Parameter is null)
{
context.Result = new ForbidResult(AppConstants.BASIC_AUTH_SCHEME);
}
var hasClaim = context.HttpContext.User.Claims.Any(c => c.Type == _claim.Type && c.Value == _claim.Value);
if (!hasClaim)
{
context.Result = new ForbidResult(AppConstants.BASIC_AUTH_SCHEME);
}
}
catch
{
// ignore
}
}
}
|
