Beispiel #1
0
        private async Task <T> Request <T>(string url)
        {
            Exception innerException = null;

            try
            {
                var client = _httpFactory.CreateClient(Constants.API_CLIENT_NAME);
                if (_authorizationContext.IsUserContext())
                {
                    if (_httpContextAccessor?.HttpContext?.Request?.Headers?.TryGetValue("Authorization", out var authHeader) ?? false)
                    {
                        client.DefaultRequestHeaders.Authorization = AuthenticationHeaderValue.Parse(authHeader);
                    }
                }
                else
                {
                    client.DefaultRequestHeaders.Add(AuthConstants.SystemUserSecret, _configuration.GetValue <string>(AuthConstants.SystemUserSecret));
                }

                var response = await client.GetAsync(url);

                if (response.IsSuccessStatusCode)
                {
                    var json = await response.Content.ReadAsStringAsync();

                    return(JsonConvert.DeserializeObject <T>(json));
                }
            }
            catch (Exception e)
            {
                innerException = e;
            }

            throw new Exception("Error requesting Common-Api", innerException);
        }
Beispiel #2
0
        protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, CustomerAdminRequirement requirement)
        {
            if (!_authContext.IsUserContext())
            {
                return;
            }

            var currentUser = await _userService.GetUser(_authContext.GetUserIdFromClaims());

            if (currentUser.IsPersonalCustomerAdmin)
            {
                context.Succeed(requirement);
            }

            return;
        }
Beispiel #3
0
        protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, CustomerIdRequirement requirement)
        {
            if (!_authContext.IsUserContext())
            {
                return(Task.CompletedTask);
            }

            var claimsCustomerId = _authContext.GetCustomerIdFromClaims();

            var asd = context.Resource as AuthorizationFilterContext;

            var customerId = _customerIdService.GetCustomerId();

            if (!customerId.HasValue || customerId.Value == claimsCustomerId)
            {
                context.Succeed(requirement);
            }

            return(Task.CompletedTask);
        }
Beispiel #4
0
        public Task HandleAsync(AuthorizationHandlerContext context)
        {
            // If we are a user we return so the other Handlers can handle it
            if (_authContext.IsUserContext())
            {
                return(Task.CompletedTask);
            }

            var pendingRequirements = context.PendingRequirements.ToList();
            var headerSecret        = _authContext.GetSecretFromHeader();

            foreach (var req in pendingRequirements)
            {
                if (headerSecret == _secret)
                {
                    context.Succeed(req);
                }
            }

            return(Task.CompletedTask);
        }