Ejemplo n.º 1
0
        public UserIdentity GetUserFromContext(NancyContext ctx)
        {
            string jwt = string.Empty;

            try
            {
                jwt = ctx.Request.Headers.Authorization ?? string.Empty;
                if (jwt.StartsWith(Bearer))
                {
                    jwt = jwt.Substring(Bearer.Length);
                }
                //The Authorization header value should be removed, so it won't be logged
                ctx.Request.Headers.Authorization = "...obscured...";
            }
            catch (Exception e)
            {
                _log.Error(new { Message = $"Unable to parse Authorization header: {e}" });
            }
            UserIdentity user;
            var          userInCache = _userCache.TryGetValue(jwt, out user);

            if (!userInCache)
            {
                user            = ValidateUser(jwt);
                _userCache[jwt] = user;
            }
            if (user != null && user.Valid && user.ExpirationTime < DateTime.UtcNow)
            {
                user.Valid = false;
            }

            return(user);
        }
Ejemplo n.º 2
0
        public void OnError(NancyContext context, Exception ex, Response newResponse, IDictionary <string, object> logData)
        {
            if (context.Items.ContainsKey(NancyServiceBootstrapper.StartTimeString))
            {
                var startTime = (DateTime)context.Items[NancyServiceBootstrapper.StartTimeString];
                var endTime   = DateTime.UtcNow;
                logData[NancyServiceBootstrapper.StartTimeString] = startTime;
                logData[NancyServiceBootstrapper.EndTimeString]   = endTime;
                logData["CallDuration"] = (int)endTime.Subtract(startTime).TotalMilliseconds;
            }

            var correlationId = string.Empty;

            if (context.Items.ContainsKey(CorrelationIdString))
            {
                correlationId = (string)context.Items[CorrelationIdString];
            }

            logData["Host"]       = Environment.MachineName;
            logData["StackTrace"] = ex.ToString();

            _logger.Error(new BaseMessage
            {
                Message       = context.Request.Path,
                CorrelationId = correlationId,
                Info          = logData
            });

            newResponse.Headers.Add("CorrelationId", correlationId);
        }
Ejemplo n.º 3
0
        private void ConfigureJwksKeyValidationParameters()
        {
            if (string.IsNullOrEmpty(OAuth2JwksLocation))
            {
                _log.Error(new { Message = "No Jwks file configured." });
                return;
            }

            var    client = new HttpClient();
            string data;

            try
            {
                data = client.GetStringAsync(OAuth2JwksLocation).Result;
            }
            catch (Exception e)
            {
                _log.Error(new { Message = $"Unable to receive Jwks file from {OAuth2JwksLocation}. Exception: {e}" });
                return;
            }

            var jwks = JsonConvert.DeserializeObject <JwksFile>(data);
            var key  = jwks.Keys?.FirstOrDefault()?.X5C?.FirstOrDefault();

            if (string.IsNullOrEmpty(key))
            {
                _log.Error(new { Message = "The public key was not found in the Jwks file." });
                return;
            }

            var certificate     = new X509Certificate2(Convert.FromBase64String(key));
            var auth0SigningKey = new X509SecurityKey(certificate);

            _jwksKeyValidationParameters = new TokenValidationParameters()
            {
                ValidIssuer              = OAuth2Issuer,
                ValidAudiences           = new [] { OAuth2JwksAudience },
                IssuerSigningKey         = auth0SigningKey,
                IssuerSigningKeyResolver = (token, securityToken, kid, validationParameters) => new List <X509SecurityKey> {
                    new X509SecurityKey(certificate)
                }
            };
        }