public async Task Invoke(HttpContext context)
{
var authorizationHeader = ((FrameRequestHeaders)context.Request.Headers).HeaderAuthorization;
if (authorizationHeader.Count > 1)
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("Multiple Authorization headers is not allowed.");
return;
}
if (authorizationHeader.Count == 1)
{
var tokenValue = authorizationHeader.First().Substring(7);
if (!_tokenStore.IsValid(tokenValue))
{
context.Response.StatusCode = 401;
await context.Response.WriteAsync("Invalid authorization token.");
return;
}
}
await _next(context);
}
