private JwtBindingConfiguration GetFunctionConfiguration(JwtBindingAttribute arg)
{
var configuration = _configuration.Value ?? new JwtBindingConfiguration();
configuration.Issuer = arg.Issuer ?? configuration.Issuer;
configuration.Audience = arg.Audience ?? configuration.Audience;
configuration.Scopes = arg.Scopes ?? configuration.Scopes;
configuration.Roles = arg.Roles ?? configuration.Roles;
configuration.Signature = arg.Signature ?? configuration.Signature;
configuration.AllowedIdentities = arg.AllowedIdentities ?? configuration.AllowedIdentities;
return(configuration);
}
private JwtBindingConfiguration GetFunctionConfiguration(JwtBindingAttribute arg)
{
var configuration = _configuration.Value ?? new JwtBindingConfiguration();
configuration.Issuer = arg.Issuer ?? configuration.Issuer;
configuration.Audience = arg.Audience ?? configuration.Audience;
configuration.Scopes = arg.Scopes ?? configuration.Scopes;
configuration.Roles = arg.Roles ?? configuration.Roles;
configuration.SymmetricSecuritySigningKey = arg.Signature ?? configuration.SymmetricSecuritySigningKey;
configuration.X509CertificateSigningKey = arg.X509CertificateSigningKey ?? configuration.X509CertificateSigningKey;
configuration.AllowedIdentities = arg.AllowedIdentities ?? configuration.AllowedIdentities;
return(configuration);
}
private AuthorizedModel BuildItemFromAttribute(JwtBindingAttribute arg)
{
var configuration = GetFunctionConfiguration(arg);
if ((configuration.DebugConfiguration?.Enabled).GetValueOrDefault())
{
_logger.LogWarning("## WARNING ## - The JWT Validation Binding is running in DEBUG mode and currently returns fixed values!");
return(new AuthorizedModel
{
Name = configuration.DebugConfiguration?.Name,
Subject = configuration.DebugConfiguration?.Subject
});
}
if (string.IsNullOrWhiteSpace(configuration.Issuer))
{
_logger.LogWarning("No valid issuer configured, cannot validate token");
throw new ArgumentNullException(nameof(arg.Issuer), "The JwtBinding requires an issuer to validate JWT Tokens");
}
if (_http.HttpContext != null)
{
var authHeaderValue = _http.HttpContext.Request.Headers["Authorization"];
if (AuthenticationHeaderValue.TryParse(authHeaderValue, out AuthenticationHeaderValue headerValue))
{
_logger.LogInformation("Now validating token");
return(_service.ValidateToken(headerValue, configuration));
}
throw new AuthorizationFailedException(
new Exception("Authorization header is missing, add a bearer token to the header of your HTTP request")
);
}
throw new AuthorizationOperationException();
}
