internal static HttpStatusCode Invoke(TenantMiddlewareOptions tenantMiddlewareOptions, string systemBaseUriFromHeader,
string tenantIdFromHeader, string base64Signature)
{
tenantMiddlewareOptions.LogCallback?.Invoke(TenantMiddlewareLogLevel.Debug, $"TenantMiddleware invoke started with {systemBaseUriFromHeader}, {tenantIdFromHeader}, {base64Signature}");
if (systemBaseUriFromHeader != null || tenantIdFromHeader != null)
{
if (base64Signature == null)
{
tenantMiddlewareOptions.LogCallback?.Invoke(TenantMiddlewareLogLevel.Debug, "Signature is missing in request header");
return(HttpStatusCode.Forbidden);
}
if (tenantMiddlewareOptions.SignatureSecretKey == null)
{
tenantMiddlewareOptions.LogCallback?.Invoke(TenantMiddlewareLogLevel.Error, "SignatureSecretKey is missing in tenantMiddlewareOptions");
return(HttpStatusCode.InternalServerError);
}
if (tenantMiddlewareOptions.IgnoreSignature)
{
tenantMiddlewareOptions.LogCallback?.Invoke(TenantMiddlewareLogLevel.Error, "Signature is ignored, don't use this in production environment!");
}
else
{
var encoding = new ASCIIEncoding();
var data = systemBaseUriFromHeader + tenantIdFromHeader;
tenantMiddlewareOptions.LogCallback?.Invoke(TenantMiddlewareLogLevel.Debug, $"Signature will be calculated using '{data}'");
var messageBytes = encoding.GetBytes(data);
try
{
var signature = Convert.FromBase64String(base64Signature);
if (!SignatureIsValid(messageBytes, signature, tenantMiddlewareOptions.SignatureSecretKey))
{
tenantMiddlewareOptions.LogCallback?.Invoke(TenantMiddlewareLogLevel.Debug,
"Signature does not match");
return(HttpStatusCode.Forbidden);
}
tenantMiddlewareOptions.LogCallback?.Invoke(TenantMiddlewareLogLevel.Debug,
"Signature matches!");
}
catch (FormatException)
{
tenantMiddlewareOptions.LogCallback?.Invoke(TenantMiddlewareLogLevel.Error,
"Signature is in wrong format");
return(HttpStatusCode.Forbidden);
}
catch (Exception e)
{
tenantMiddlewareOptions.LogCallback?.Invoke(TenantMiddlewareLogLevel.Error,
$"Exception while checking signature. Exception={e.Message}");
return(HttpStatusCode.Forbidden);
}
}
}
tenantMiddlewareOptions.OnTenantIdentified(tenantIdFromHeader ?? tenantMiddlewareOptions.DefaultTenantId,
systemBaseUriFromHeader ?? tenantMiddlewareOptions.DefaultSystemBaseUri);
tenantMiddlewareOptions.LogCallback?.Invoke(TenantMiddlewareLogLevel.Debug,
"Tenant identified!");
return(0);
}
public TenantMiddlewareHandler(TenantMiddlewareOptions tenantMiddlewareOptions)
{
if (tenantMiddlewareOptions == null)
{
throw new ArgumentNullException(nameof(tenantMiddlewareOptions));
}
if (tenantMiddlewareOptions.OnTenantIdentified == null)
{
throw new ArgumentNullException(nameof(tenantMiddlewareOptions.OnTenantIdentified));
}
if (tenantMiddlewareOptions.DefaultSystemBaseUri != null &&
!Uri.IsWellFormedUriString(tenantMiddlewareOptions.DefaultSystemBaseUri, UriKind.RelativeOrAbsolute))
{
throw new ArgumentException("Is no valid URI", nameof(tenantMiddlewareOptions.DefaultSystemBaseUri));
}
_tenantMiddlewareOptions = tenantMiddlewareOptions;
}
public static IApplicationBuilder UseTenantMiddleware(this IApplicationBuilder app,
TenantMiddlewareOptions tenantMiddlewareOptions)
{
if (tenantMiddlewareOptions == null)
{
throw new ArgumentNullException(nameof(tenantMiddlewareOptions));
}
if (tenantMiddlewareOptions.OnTenantIdentified == null)
{
throw new ArgumentNullException(nameof(tenantMiddlewareOptions.OnTenantIdentified));
}
if (tenantMiddlewareOptions.DefaultSystemBaseUri != null && !Uri.IsWellFormedUriString(tenantMiddlewareOptions.DefaultSystemBaseUri, UriKind.RelativeOrAbsolute))
{
throw new ArgumentException("Is no valid URI", nameof(tenantMiddlewareOptions.DefaultSystemBaseUri));
}
app.UseMiddleware <TenantMiddleware>(tenantMiddlewareOptions);
return(app);
}