public override ValueTask <ConnectionStatus> OnConnectAsync(
ISocketConnection connection,
InitializeConnectionMessage message,
CancellationToken cancellationToken)
{
InitializeConnectionMessage = message;
return(new ValueTask <ConnectionStatus>(ConnectionStatus.Accept()));
}
// private readonly IAuthenticationSchemeProvider _schemes;
// public AuthenticationSocketInterceptor(IAuthenticationSchemeProvider schemes)
// {
// _schemes = schemes;
// }
// public async Task<ConnectionStatus> OnOpenAsync(
// HttpContext context,
// IReadOnlyDictionary<string, object> properties,
// CancellationToken cancellationToken)
// {
// if (properties.TryGetValue(WEBOCKET_PAYLOAD_AUTH_KEY, out object token) &&
// token is string stringToken)
// {
// context.Items[HTTP_CONTEXT_WEBSOCKET_AUTH_KEY] = stringToken;
// context.Features.Set<IAuthenticationFeature>(new AuthenticationFeature
// {
// OriginalPath = context.Request.Path,
// OriginalPathBase = context.Request.PathBase
// });
// // Give any IAuthenticationRequestHandler schemes a chance to handle the request
// var handlers = context.RequestServices.GetRequiredService<IAuthenticationHandlerProvider>();
// foreach (var scheme in await _schemes.GetRequestHandlerSchemesAsync())
// {
// var handler = handlers.GetHandlerAsync(context, scheme.Name) as IAuthenticationRequestHandler;
// if (handler != null && await handler.HandleRequestAsync())
// {
// return ConnectionStatus.Reject();
// }
// }
// var defaultAuthenticate = await _schemes.GetDefaultAuthenticateSchemeAsync();
// if (defaultAuthenticate != null)
// {
// var result = await context.AuthenticateAsync(defaultAuthenticate.Name);
// if (result?.Principal != null)
// {
// context.User = result.Principal;
// return ConnectionStatus.Accept();
// }
// }
// }
// return ConnectionStatus.Reject();
// }
public async ValueTask <ConnectionStatus> OnConnectAsync(ISocketConnection connection,
InitializeConnectionMessage message,
CancellationToken cancellationToken)
{
var schemes = connection.RequestServices.GetService <IAuthenticationSchemeProvider>();
if (schemes is null)
{
Console.WriteLine("Failed to get authentication scheme provider");
return(ConnectionStatus.Reject());
}
if (message.Payload?[WEBOCKET_PAYLOAD_AUTH_KEY] is not string stringToken)
{
Console.WriteLine("authToken was missing from request");
return(ConnectionStatus.Reject());
}
connection.HttpContext.Items[HTTP_CONTEXT_WEBSOCKET_AUTH_KEY] = stringToken;
connection.HttpContext.Features.Set <IAuthenticationFeature>(new AuthenticationFeature
{
OriginalPath = connection.HttpContext.Request.Path,
OriginalPathBase = connection.HttpContext.Request.PathBase
});
// Give any IAuthenticationRequestHandler schemes a chance to handle the request
var handlers = connection.HttpContext.RequestServices.GetRequiredService <IAuthenticationHandlerProvider>();
foreach (var scheme in await schemes.GetRequestHandlerSchemesAsync())
{
var handler =
handlers.GetHandlerAsync(connection.HttpContext, scheme.Name) as IAuthenticationRequestHandler;
if (handler != null && await handler.HandleRequestAsync())
{
return(ConnectionStatus.Reject());
}
}
var defaultAuthenticate = await schemes.GetDefaultAuthenticateSchemeAsync();
if (defaultAuthenticate != null)
{
var result = await connection.HttpContext.AuthenticateAsync(defaultAuthenticate.Name);
if (result?.Principal != null)
{
connection.HttpContext.User = result.Principal;
return(ConnectionStatus.Accept());
}
}
Console.WriteLine($"Failed to authenticate token {stringToken}");
return(ConnectionStatus.Reject());
}
public Task <ConnectionStatus> OnReceiveAsync(
ISocketConnection connection,
InitializeConnectionMessage message,
CancellationToken cancellationToken)
{
if (_interceptor != null &&
connection is WebSocketConnection con)
{
return(_interceptor.OnOpenAsync(
con.HttpContext,
message.Payload,
cancellationToken));
}
return(Task.FromResult(ConnectionStatus.Accept()));
}
/// <summary>
/// Intercepts the websocket connection, extracts the JWT from the onOpenMessage and authenticate the user with it. The connection will be rejected if the no JWT is given.
/// </summary>
public async Task <ConnectionStatus> OnOpenAsync(
HttpContext context,
IReadOnlyDictionary <string, object> properties,
CancellationToken cancellationToken
)
{
if (properties.TryGetValue(WEBOCKET_PAYLOAD_AUTH_KEY, out object token) &&
token is string stringToken)
{
// Das Token dem HTTP Context hinzufügen, sodass dies später für über den TokenRetriever verwendet werden aknn
context.Items[HTTP_CONTEXT_WEBSOCKET_AUTH_KEY] = stringToken;
context.Features.Set <IAuthenticationFeature>(new AuthenticationFeature
{
OriginalPath = context.Request.Path,
OriginalPathBase = context.Request.PathBase
});
// Give any IAuthenticationRequestHandler schemes a chance to handle the request
var handlers = context.RequestServices.GetRequiredService <IAuthenticationHandlerProvider>();
foreach (var scheme in await _schemes.GetRequestHandlerSchemesAsync())
{
var handler = handlers.GetHandlerAsync(context, scheme.Name) as IAuthenticationRequestHandler;
if (handler != null && await handler.HandleRequestAsync())
{
return(ConnectionStatus.Reject());
}
}
var defaultAuthenticate = await _schemes.GetDefaultAuthenticateSchemeAsync();
if (defaultAuthenticate != null)
{
// Benutzer mithilfe des Tokens authentifizieren
var result = await context.AuthenticateAsync(defaultAuthenticate.Name);
// war die Authentifizierung erfolgreich wird die Anfrage angenommen und der Websockt kann Nachrichten erhalten
if (result?.Principal != null)
{
context.User = result.Principal;
return(ConnectionStatus.Accept());
}
}
}
// Sollte kein Token vorhanden sein, wird die Anfrage abgelehnt
return(ConnectionStatus.Reject());
}
protected override async Task HandleAsync(
ISocketConnection connection,
InitializeConnectionMessage message,
CancellationToken cancellationToken)
{
ConnectionStatus connectionStatus =
_connectMessageInterceptor == null
? ConnectionStatus.Accept()
: await _connectMessageInterceptor.OnReceiveAsync(
connection, message, cancellationToken)
.ConfigureAwait(false);
if (connectionStatus.Accepted)
{
await connection.SendAsync(
AcceptConnectionMessage.Default.Serialize(),
cancellationToken)
.ConfigureAwait(false);
await connection.SendAsync(
KeepConnectionAliveMessage.Default.Serialize(),
cancellationToken)
.ConfigureAwait(false);
}
else
{
var rejectMessage = connectionStatus.Extensions == null
? new RejectConnectionMessage(
connectionStatus.Message)
: new RejectConnectionMessage(
connectionStatus.Message,
connectionStatus.Extensions);
await connection.SendAsync(
rejectMessage.Serialize(),
cancellationToken)
.ConfigureAwait(false);
// TODO : resources
await connection.CloseAsync(
connectionStatus.Message,
SocketCloseStatus.PolicyViolation,
cancellationToken)
.ConfigureAwait(false);
}
}
public async ValueTask <ConnectionStatus> OnConnectAsync(
ISocketConnection connection,
InitializeConnectionMessage message,
CancellationToken cancellationToken)
{
// Auth
object?token = null;
var payload = message.Payload ?? throw new Exception("Payload is missing. Can not authenticate user.");
payload?.TryGetValue(WEBOCKET_PAYLOAD_AUTH_KEY, out token);
if (token != null && token is string stringToken)
{
// Do auth
var context = connection.HttpContext;
context.Items.TryAdd(HTTP_CONTEXT_WEBSOCKET_AUTH_KEY, stringToken);
context.Features.Set <IAuthenticationFeature>(new AuthenticationFeature
{
OriginalPath = context.Request.Path,
OriginalPathBase = context.Request.PathBase
});
var authResult = await context.AuthenticateAsync(IdentityServerAuthenticationDefaults.AuthenticationScheme);
if (authResult?.Principal != null)
{
context.User = authResult.Principal;
// add connection to manager
_webSocketManager.AddSocketConnection(connection);
return(ConnectionStatus.Accept());
}
else
{
// reject websocket because user is not authenticated
return(ConnectionStatus.Reject());
}
}
else
{
return(ConnectionStatus.Reject());
}
}
public async Task <ConnectionStatus> OnOpenAsync(
HttpContext context,
IReadOnlyDictionary <string, object> properties,
CancellationToken cancellationToken)
{
if (properties.TryGetValue(WEBOCKET_PAYLOAD_AUTH_KEY, out object token) &&
token is string stringToken)
{
context.Items[HTTP_CONTEXT_WEBSOCKET_AUTH_KEY] = stringToken;
context.Features.Set <IAuthenticationFeature>(new AuthenticationFeature
{
OriginalPath = context.Request.Path,
OriginalPathBase = context.Request.PathBase
});
// Give any IAuthenticationRequestHandler schemes a chance to handle the request
var handlers = context.RequestServices.GetRequiredService <IAuthenticationHandlerProvider>();
foreach (var scheme in await _schemes.GetRequestHandlerSchemesAsync())
{
var handler = handlers.GetHandlerAsync(context, scheme.Name) as IAuthenticationRequestHandler;
if (handler != null && await handler.HandleRequestAsync())
{
return(ConnectionStatus.Reject());
}
}
var defaultAuthenticate = await _schemes.GetDefaultAuthenticateSchemeAsync();
if (defaultAuthenticate != null)
{
var result = await context.AuthenticateAsync(defaultAuthenticate.Name);
if (result?.Principal != null)
{
var webSocketContext = context.RequestServices.GetService <WebSocketContext>();
webSocketContext.User = result.Principal;
context.User = result.Principal;
return(ConnectionStatus.Accept());
}
}
}
return(ConnectionStatus.Reject());
}
public virtual ValueTask <ConnectionStatus> OnConnectAsync(
ISocketConnection connection,
InitializeConnectionMessage message,
CancellationToken cancellationToken) =>
new ValueTask <ConnectionStatus>(ConnectionStatus.Accept());
public SocketSessionInterceptorMock(ConnectionStatus connectionStatus = null)
{
_connectionStatus = connectionStatus ?? ConnectionStatus.Accept();
}
