private const string tenantId = "72f988bf-86f1-41af-91ab-2d7cd011db47"; // 72f988bf-86f1-41af-91ab-2d7cd011db47 629f581e-6f48-4447-a75e-66789a96f33d
public HomeController(ISettings settings, IHttpClient httpClient, IAccessTokenGetter accessTokenGetter, ITenantGetter tenantGetter)
{
this.settings = settings;
this.httpClient = httpClient;
this.accessTokenGetter = accessTokenGetter;
this.tenantGetter = tenantGetter;
}
public async Task InvokeAsync(HttpContext context,
IHttpClientFactory http,
IAccessTokenGetter accessTokenGetter)
{
if (!context.User.Identity.IsAuthenticated)
{
await _next(context);
return;
}
if (!context.User.TryGetEmail(out var email))
{
await _next(context);
return;
}
var accessToken = await accessTokenGetter.GetTokenAsync(context);
var request = new HttpRequestMessage(HttpMethod.Get, $"{_usersApiBaseUrl}/api/users/{email}/claims");
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
var response = await http.CreateClient().SendAsync(request);
if (!response.IsSuccessStatusCode)
{
await _next(context);
return;
}
IEnumerable <ApiClaim> claims;
using (var responseStream = await response.Content.ReadAsStreamAsync())
{
claims = await JsonSerializer.DeserializeAsync <ApiClaim[]>(responseStream);
}
foreach (var claim in claims)
{
context.User.Identities.First().AddClaim(new Claim(claim.ClaimType, claim.ClaimValue));
}
await _next(context);
}
public AccessTokenAuthorizationOperationHandler()
{
accessTokenExistence = ServerComponents.GetComponent <IAccessTokenExistence>().AssertNotNull();
accessTokenGetter = ServerComponents.GetComponent <IAccessTokenGetter>().AssertNotNull();
}
