wip: oauth
This commit is contained in:
@@ -9,7 +9,7 @@ var builder = WebApplication.CreateBuilder(args);
|
||||
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
|
||||
builder.Services.AddEndpointsApiExplorer();
|
||||
builder.Services.AddSwaggerGen();
|
||||
|
||||
builder.Services.AddDataProtection();
|
||||
var app = builder.Build();
|
||||
|
||||
// Configure the HTTP request pipeline.
|
||||
@@ -65,7 +65,7 @@ app.MapGet("/login-user", (HttpContext ctx) =>
|
||||
|
||||
#region Secured
|
||||
//todo: add to services
|
||||
//builder.Services.AddDataProtection();
|
||||
|
||||
|
||||
const string DataProtectorName = "cookie-protector";
|
||||
// https://learn.microsoft.com/ru-ru/dotnet/api/microsoft.aspnetcore.dataprotection.idataprotector?view=aspnetcore-8.0
|
||||
@@ -113,37 +113,37 @@ app.MapGet("/secured-method-protected", (HttpContext ctx, [FromServices] IDataPr
|
||||
|
||||
//todo: uncomment
|
||||
//
|
||||
// app.Use((ctx,next) =>
|
||||
// {
|
||||
// var protector = ctx.RequestServices.GetService<IDataProtectionProvider>();
|
||||
// var dp = protector.CreateProtector(DataProtectorName);
|
||||
//
|
||||
// // authentication
|
||||
// if (ctx.Request.Cookies.ContainsKey(AuthCookie))
|
||||
// {
|
||||
// var cookie = ctx.Request.Cookies[AuthCookie]!;
|
||||
//
|
||||
// var cookieUnprotected = dp.Unprotect(cookie);
|
||||
//
|
||||
// var parts = cookieUnprotected.Split("&").ToList();
|
||||
// var entityType = parts[1].Split(":")[1];
|
||||
// var entityName = parts[0].Split(":")[1];
|
||||
//
|
||||
// // authorization
|
||||
// var claims = new List<Claim>();
|
||||
// claims.Add(new Claim("Type", entityType));
|
||||
// claims.Add(new Claim("Name", entityName));
|
||||
//
|
||||
// var identity = new ClaimsIdentity(claims);
|
||||
// var user = new ClaimsPrincipal(identity);
|
||||
// ctx.User = user;
|
||||
//
|
||||
// return next();
|
||||
// }
|
||||
//
|
||||
// ctx.Response.StatusCode = StatusCodes.Status401Unauthorized;
|
||||
// return Task.CompletedTask;
|
||||
// });
|
||||
app.Use((ctx,next) =>
|
||||
{
|
||||
var protector = ctx.RequestServices.GetService<IDataProtectionProvider>();
|
||||
var dp = protector.CreateProtector(DataProtectorName);
|
||||
|
||||
// authentication
|
||||
if (ctx.Request.Cookies.ContainsKey(AuthCookie))
|
||||
{
|
||||
var cookie = ctx.Request.Cookies[AuthCookie]!;
|
||||
|
||||
var cookieUnprotected = dp.Unprotect(cookie);
|
||||
|
||||
var parts = cookieUnprotected.Split("&").ToList();
|
||||
var entityType = parts[1].Split(":")[1];
|
||||
var entityName = parts[0].Split(":")[1];
|
||||
|
||||
// authorization
|
||||
var claims = new List<Claim>();
|
||||
claims.Add(new Claim("Type", entityType));
|
||||
claims.Add(new Claim("Name", entityName));
|
||||
|
||||
var identity = new ClaimsIdentity(claims);
|
||||
var user = new ClaimsPrincipal(identity);
|
||||
ctx.User = user;
|
||||
|
||||
return next();
|
||||
}
|
||||
|
||||
ctx.Response.StatusCode = StatusCodes.Status401Unauthorized;
|
||||
return Task.CompletedTask;
|
||||
});
|
||||
|
||||
app.MapGet("/login-user-claims", (HttpContext ctx, [FromServices] IDataProtectionProvider protector) =>
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user