Use API authorisation now provided by library.
This commit is contained in:
parent
c041c42dcf
commit
ba4bea18f4
6 changed files with 2 additions and 97 deletions
|
|
@ -1,59 +0,0 @@
|
||||||
using Microsoft.AspNetCore.Authentication;
|
|
||||||
using Microsoft.Extensions.Logging;
|
|
||||||
using Microsoft.Extensions.Options;
|
|
||||||
using System.Collections.Generic;
|
|
||||||
using System.Linq;
|
|
||||||
using System.Security.Claims;
|
|
||||||
using System.Text.Encodings.Web;
|
|
||||||
using System.Threading.Tasks;
|
|
||||||
|
|
||||||
namespace Robware.Api.Blog.Authentication {
|
|
||||||
public class ApiKeyAuthenticationHandler : AuthenticationHandler<ApiKeyAuthenticationOptions> {
|
|
||||||
private const string ApiKeyHeaderName = "X-Api-Key";
|
|
||||||
private readonly ApiKeyValidator _apiKeyValidator;
|
|
||||||
|
|
||||||
public ApiKeyAuthenticationHandler(IOptionsMonitor<ApiKeyAuthenticationOptions> options,
|
|
||||||
ILoggerFactory logger,
|
|
||||||
UrlEncoder encoder,
|
|
||||||
ISystemClock clock,
|
|
||||||
ApiKeyValidator apiKeyValidator)
|
|
||||||
: base(options, logger, encoder, clock) {
|
|
||||||
_apiKeyValidator = apiKeyValidator;
|
|
||||||
}
|
|
||||||
|
|
||||||
protected override async Task<AuthenticateResult> HandleAuthenticateAsync() {
|
|
||||||
if (!Request.Headers.TryGetValue(ApiKeyHeaderName, out var apiKeyHeaderValues)) {
|
|
||||||
return AuthenticateResult.NoResult();
|
|
||||||
}
|
|
||||||
|
|
||||||
var apiKey = apiKeyHeaderValues.FirstOrDefault();
|
|
||||||
|
|
||||||
if (apiKeyHeaderValues.Count == 0 || string.IsNullOrWhiteSpace(apiKey)) {
|
|
||||||
return AuthenticateResult.NoResult();
|
|
||||||
}
|
|
||||||
|
|
||||||
if (await _apiKeyValidator.Validate(apiKey)) {
|
|
||||||
var claims = new List<Claim>
|
|
||||||
{
|
|
||||||
new Claim(ApiKeyHeaderName, apiKey)
|
|
||||||
};
|
|
||||||
|
|
||||||
var identity = new ClaimsIdentity(claims, Options.AuthenticationType);
|
|
||||||
var principal = new ClaimsPrincipal(new[] { identity });
|
|
||||||
var ticket = new AuthenticationTicket(principal, Options.Scheme);
|
|
||||||
|
|
||||||
return AuthenticateResult.Success(ticket);
|
|
||||||
}
|
|
||||||
|
|
||||||
return AuthenticateResult.Fail("Invalid API Key provided.");
|
|
||||||
}
|
|
||||||
|
|
||||||
protected override async Task HandleChallengeAsync(AuthenticationProperties properties) {
|
|
||||||
Response.StatusCode = 401;
|
|
||||||
}
|
|
||||||
|
|
||||||
protected override async Task HandleForbiddenAsync(AuthenticationProperties properties) {
|
|
||||||
Response.StatusCode = 403;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
@ -1,9 +0,0 @@
|
||||||
using Microsoft.AspNetCore.Authentication;
|
|
||||||
|
|
||||||
namespace Robware.Api.Blog.Authentication {
|
|
||||||
public class ApiKeyAuthenticationOptions : AuthenticationSchemeOptions {
|
|
||||||
public const string DefaultScheme = "API Key";
|
|
||||||
public string Scheme => DefaultScheme;
|
|
||||||
public string AuthenticationType = DefaultScheme;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
@ -1,18 +0,0 @@
|
||||||
using System.Net.Http;
|
|
||||||
using System.Threading.Tasks;
|
|
||||||
|
|
||||||
namespace Robware.Api.Blog.Authentication
|
|
||||||
{
|
|
||||||
public class ApiKeyValidator {
|
|
||||||
private readonly HttpClient _httpClient;
|
|
||||||
|
|
||||||
public ApiKeyValidator(HttpClient httpClient) {
|
|
||||||
_httpClient = httpClient;
|
|
||||||
}
|
|
||||||
|
|
||||||
public async Task<bool> Validate(string apiKey) {
|
|
||||||
var response = await _httpClient.GetAsync("api/validate?key=" + apiKey);
|
|
||||||
return response.IsSuccessStatusCode;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
@ -1,10 +0,0 @@
|
||||||
using Microsoft.AspNetCore.Authentication;
|
|
||||||
using System;
|
|
||||||
|
|
||||||
namespace Robware.Api.Blog.Authentication {
|
|
||||||
public static class AuthenticationBuilderExtensions {
|
|
||||||
public static AuthenticationBuilder AddApiKeySupport(this AuthenticationBuilder authenticationBuilder, Action<ApiKeyAuthenticationOptions> options) {
|
|
||||||
return authenticationBuilder.AddScheme<ApiKeyAuthenticationOptions, ApiKeyAuthenticationHandler>(ApiKeyAuthenticationOptions.DefaultScheme, options);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
@ -7,6 +7,7 @@
|
||||||
<ItemGroup>
|
<ItemGroup>
|
||||||
<PackageReference Include="MongoDB.Driver" Version="2.10.4" />
|
<PackageReference Include="MongoDB.Driver" Version="2.10.4" />
|
||||||
<PackageReference Include="Newtonsoft.Json" Version="12.0.3" />
|
<PackageReference Include="Newtonsoft.Json" Version="12.0.3" />
|
||||||
|
<PackageReference Include="Robware.Lib.Auth.ApiKey" Version="1.0.2" />
|
||||||
</ItemGroup>
|
</ItemGroup>
|
||||||
|
|
||||||
<ItemGroup>
|
<ItemGroup>
|
||||||
|
|
|
||||||
|
|
@ -4,9 +4,9 @@ using Microsoft.Extensions.Configuration;
|
||||||
using Microsoft.Extensions.DependencyInjection;
|
using Microsoft.Extensions.DependencyInjection;
|
||||||
using Microsoft.Extensions.Hosting;
|
using Microsoft.Extensions.Hosting;
|
||||||
using MongoDB.Driver;
|
using MongoDB.Driver;
|
||||||
using Robware.Api.Blog.Authentication;
|
|
||||||
using Robware.Blog;
|
using Robware.Blog;
|
||||||
using Robware.Data;
|
using Robware.Data;
|
||||||
|
using Robware.Lib.Auth.ApiKey;
|
||||||
using System;
|
using System;
|
||||||
|
|
||||||
namespace Robware.Api.Blog {
|
namespace Robware.Api.Blog {
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue