Beispiel #1
0
        public async Task Invoke(HttpContext context)
        {
            var  token       = _options.TokenRetriever(context.Request);
            bool removeToken = false;

            try
            {
                if (token != null)
                {
                    removeToken = true;

                    context.Items.Add(_tokenKey, token);

                    // seems to be a JWT
                    if (token.Contains('.'))
                    {
                        // see if local validation is setup
                        if (_jwtNext != null)
                        {
                            await _jwtNext(context);

                            return;
                        }
                        // otherwise use introspection endpoint
                        if (_introspectionNext != null)
                        {
                            await _introspectionNext(context);

                            return;
                        }

                        _logger.LogWarning("No validator configured for JWT token");
                    }
                    else
                    {
                        // use introspection endpoint
                        if (_introspectionNext != null)
                        {
                            await _introspectionNext(context);

                            return;
                        }

                        _logger.LogWarning("No validator configured for reference token. Ensure ApiName and ApiSecret have been configured to use introspection.");
                    }
                }

                await _nopNext(context);
            }
            finally
            {
                if (removeToken)
                {
                    context.Items.Remove(_tokenKey);
                }
            }
        }
Beispiel #2
0
        public async Task Invoke(HttpContext context)
        {
            var token = _options.TokenRetriever(context.Request);

            if (token == null)
            {
                await _nopNext(context);

                return;
            }

            context.Items.Add("idsrv4:tokenvalidation:token", token);

            // seems to be a JWT
            if (token.Contains('.'))
            {
                // see if local validation is setup
                if (_jwtNext != null)
                {
                    await _jwtNext(context);

                    return;
                }
                // otherwise use introspection endpoint
                if (_introspectionNext != null)
                {
                    await _introspectionNext(context);

                    return;
                }

                _logger.LogWarning("No validator configured for JWT token");
            }
            else
            {
                // use introspection endpoint
                if (_introspectionNext != null)
                {
                    await _introspectionNext(context);

                    return;
                }

                _logger.LogWarning("No validator configured for reference token");
            }

            await _next(context);
        }
        public async Task Invoke(HttpContext context)
        {
#if NET452
            // The following line forces HttpClient to negotiate with latest versions of TLS when targeting your build at NET452
            System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;
#endif

            var  token       = _options.TokenRetriever(context.Request);
            bool removeToken = false;

            try
            {
                if (token != null)
                {
                    removeToken = true;

                    context.Items.Add(_tokenKey, token);

                    // seems to be a JWT
                    if (token.Contains('.'))
                    {
                        // see if local validation is setup
                        if (_jwtNext != null)
                        {
                            await _jwtNext(context);

                            return;
                        }
                        // otherwise use introspection endpoint
                        if (_introspectionNext != null)
                        {
                            await _introspectionNext(context);

                            return;
                        }

                        _logger.LogWarning("No validator configured for JWT token");
                    }
                    else
                    {
                        // use introspection endpoint
                        if (_introspectionNext != null)
                        {
                            await _introspectionNext(context);

                            return;
                        }

                        _logger.LogWarning("No validator configured for reference token. Ensure ApiName and ApiSecret have been configured to use introspection.");
                    }
                }

                await _nopNext(context);
            }
            finally
            {
                if (removeToken)
                {
                    context.Items.Remove(_tokenKey);
                }
            }
        }