internal static AuthorizationLevel GetAuthorizationLevel(HttpRequestMessage request, ISecretManager secretManager, string functionName = null)
{
// TODO: Add support for validating "EasyAuth" headers
// first see if a key value is specified via headers or query string (header takes precidence)
IEnumerable <string> values;
string keyValue = null;
if (request.Headers.TryGetValues(FunctionsKeyHeaderName, out values))
{
keyValue = values.FirstOrDefault();
}
else
{
var queryParameters = request.GetQueryNameValuePairs().ToDictionary(p => p.Key, p => p.Value, StringComparer.OrdinalIgnoreCase);
queryParameters.TryGetValue("code", out keyValue);
}
if (!string.IsNullOrEmpty(keyValue))
{
// see if the key specified is the master key
HostSecretsInfo hostSecrets = secretManager.GetHostSecrets();
if (!string.IsNullOrEmpty(hostSecrets.MasterKey) &&
Key.SecretValueEquals(keyValue, hostSecrets.MasterKey))
{
return(AuthorizationLevel.Admin);
}
// see if the key specified matches the host function key
if (hostSecrets.FunctionKeys != null &&
hostSecrets.FunctionKeys.Any(k => Key.SecretValueEquals(keyValue, k.Value)))
{
return(AuthorizationLevel.Function);
}
// if there is a function specific key specified try to match against that
if (functionName != null)
{
IDictionary <string, string> functionSecrets = secretManager.GetFunctionSecrets(functionName);
if (functionSecrets != null &&
functionSecrets.Values.Any(s => Key.SecretValueEquals(keyValue, s)))
{
return(AuthorizationLevel.Function);
}
}
}
return(AuthorizationLevel.Anonymous);
}
internal static AuthorizationLevel GetAuthorizationLevel(HttpRequestMessage request, ISecretManager secretManager, string functionName = null)
{
// TODO: Add support for validating "EasyAuth" headers
// first see if a key value is specified via headers or query string (header takes precidence)
IEnumerable<string> values;
string keyValue = null;
if (request.Headers.TryGetValues(FunctionsKeyHeaderName, out values))
{
keyValue = values.FirstOrDefault();
}
else
{
var queryParameters = request.GetQueryNameValuePairs().ToDictionary(p => p.Key, p => p.Value, StringComparer.OrdinalIgnoreCase);
queryParameters.TryGetValue("code", out keyValue);
}
if (!string.IsNullOrEmpty(keyValue))
{
// see if the key specified is the master key
HostSecretsInfo hostSecrets = secretManager.GetHostSecrets();
if (!string.IsNullOrEmpty(hostSecrets.MasterKey) &&
Key.SecretValueEquals(keyValue, hostSecrets.MasterKey))
{
return AuthorizationLevel.Admin;
}
// see if the key specified matches the host function key
if (hostSecrets.FunctionKeys != null &&
hostSecrets.FunctionKeys.Any(k => Key.SecretValueEquals(keyValue, k.Value)))
{
return AuthorizationLevel.Function;
}
// if there is a function specific key specified try to match against that
if (functionName != null)
{
IDictionary<string, string> functionSecrets = secretManager.GetFunctionSecrets(functionName);
if (functionSecrets != null &&
functionSecrets.Values.Any(s => Key.SecretValueEquals(keyValue, s)))
{
return AuthorizationLevel.Function;
}
}
}
return AuthorizationLevel.Anonymous;
}
public IHttpActionResult Get()
{
var hostSecrets = _secretManager.GetHostSecrets();
return(GetKeysResult(hostSecrets.FunctionKeys));
}