예제 #1
0
        internal static HttpStatusCode Invoke(TenantMiddlewareOptions tenantMiddlewareOptions, string systemBaseUriFromHeader,
                                              string tenantIdFromHeader, string base64Signature)
        {
            tenantMiddlewareOptions.LogCallback?.Invoke(TenantMiddlewareLogLevel.Debug, $"TenantMiddleware invoke started with {systemBaseUriFromHeader}, {tenantIdFromHeader}, {base64Signature}");
            if (systemBaseUriFromHeader != null || tenantIdFromHeader != null)
            {
                if (base64Signature == null)
                {
                    tenantMiddlewareOptions.LogCallback?.Invoke(TenantMiddlewareLogLevel.Debug, "Signature is missing in request header");
                    return(HttpStatusCode.Forbidden);
                }
                if (tenantMiddlewareOptions.SignatureSecretKey == null)
                {
                    tenantMiddlewareOptions.LogCallback?.Invoke(TenantMiddlewareLogLevel.Error, "SignatureSecretKey is missing in tenantMiddlewareOptions");
                    return(HttpStatusCode.InternalServerError);
                }

                if (tenantMiddlewareOptions.IgnoreSignature)
                {
                    tenantMiddlewareOptions.LogCallback?.Invoke(TenantMiddlewareLogLevel.Error, "Signature is ignored, don't use this in production environment!");
                }
                else
                {
                    var encoding = new ASCIIEncoding();
                    var data     = systemBaseUriFromHeader + tenantIdFromHeader;
                    tenantMiddlewareOptions.LogCallback?.Invoke(TenantMiddlewareLogLevel.Debug, $"Signature will be calculated using '{data}'");
                    var messageBytes = encoding.GetBytes(data);
                    try
                    {
                        var signature = Convert.FromBase64String(base64Signature);
                        if (!SignatureIsValid(messageBytes, signature, tenantMiddlewareOptions.SignatureSecretKey))
                        {
                            tenantMiddlewareOptions.LogCallback?.Invoke(TenantMiddlewareLogLevel.Debug,
                                                                        "Signature does not match");
                            return(HttpStatusCode.Forbidden);
                        }
                        tenantMiddlewareOptions.LogCallback?.Invoke(TenantMiddlewareLogLevel.Debug,
                                                                    "Signature matches!");
                    }
                    catch (FormatException)
                    {
                        tenantMiddlewareOptions.LogCallback?.Invoke(TenantMiddlewareLogLevel.Error,
                                                                    "Signature is in wrong format");
                        return(HttpStatusCode.Forbidden);
                    }
                    catch (Exception e)
                    {
                        tenantMiddlewareOptions.LogCallback?.Invoke(TenantMiddlewareLogLevel.Error,
                                                                    $"Exception while checking signature. Exception={e.Message}");
                        return(HttpStatusCode.Forbidden);
                    }
                }
            }
            tenantMiddlewareOptions.OnTenantIdentified(tenantIdFromHeader ?? tenantMiddlewareOptions.DefaultTenantId,
                                                       systemBaseUriFromHeader ?? tenantMiddlewareOptions.DefaultSystemBaseUri);
            tenantMiddlewareOptions.LogCallback?.Invoke(TenantMiddlewareLogLevel.Debug,
                                                        "Tenant identified!");
            return(0);
        }
        public TenantMiddlewareHandler(TenantMiddlewareOptions tenantMiddlewareOptions)
        {
            if (tenantMiddlewareOptions == null)
            {
                throw new ArgumentNullException(nameof(tenantMiddlewareOptions));
            }
            if (tenantMiddlewareOptions.OnTenantIdentified == null)
            {
                throw new ArgumentNullException(nameof(tenantMiddlewareOptions.OnTenantIdentified));
            }
            if (tenantMiddlewareOptions.DefaultSystemBaseUri != null &&
                !Uri.IsWellFormedUriString(tenantMiddlewareOptions.DefaultSystemBaseUri, UriKind.RelativeOrAbsolute))
            {
                throw new ArgumentException("Is no valid URI", nameof(tenantMiddlewareOptions.DefaultSystemBaseUri));
            }

            _tenantMiddlewareOptions = tenantMiddlewareOptions;
        }
        public static IApplicationBuilder UseTenantMiddleware(this IApplicationBuilder app,
                                                              TenantMiddlewareOptions tenantMiddlewareOptions)
        {
            if (tenantMiddlewareOptions == null)
            {
                throw new ArgumentNullException(nameof(tenantMiddlewareOptions));
            }
            if (tenantMiddlewareOptions.OnTenantIdentified == null)
            {
                throw new ArgumentNullException(nameof(tenantMiddlewareOptions.OnTenantIdentified));
            }
            if (tenantMiddlewareOptions.DefaultSystemBaseUri != null && !Uri.IsWellFormedUriString(tenantMiddlewareOptions.DefaultSystemBaseUri, UriKind.RelativeOrAbsolute))
            {
                throw new ArgumentException("Is no valid URI", nameof(tenantMiddlewareOptions.DefaultSystemBaseUri));
            }

            app.UseMiddleware <TenantMiddleware>(tenantMiddlewareOptions);
            return(app);
        }