protected virtual bool VerifySignature(HttpContext context, SignatureValidationOptions validationOptions, out RequestSignature signature, out string reason)
{
var services = context.RequestServices;
var options = services.GetRequiredService <TransportSecuritySettings>();
signature = context.Request.GetSignature();
reason = string.Empty;
if (signature == null)
{
reason = "Request signature not present";
return(!options.SignatureRequred);
}
if (validationOptions.VerifyRequest && !signature.IsValid)
{
reason = "Request signature not valid";
return(false);
}
if (validationOptions.VerifyCertificate &&
!VerifyCertificate(signature.Token, signature.Certificate, out reason))
{
return(false);
}
return(true);
}
public virtual Task OnAuthorizationAsync(AuthorizationFilterContext context)
{
var services = context.HttpContext.RequestServices;
var logger = services.GetRequiredService <ILogger <SignatureFilterAttribute> >();
var options = new SignatureValidationOptions
{
VerifyRequest = true
};
if (!VerifySignature(context.HttpContext, options, out var signature, out var reason))
{
logger.LogWarning(reason);
context.Result = new StatusCodeResult(461);
}
return(Task.CompletedTask);
}
