private async Task ValidateToken(AuthorizationFilterContext context, IOperation operation)
{
var token = context.HttpContext.Request?.Headers["Authorization"];
if (!string.IsNullOrWhiteSpace(token))
{
var result = await service.Send(operation, new VerifyAuthenticationRequest
{
Token = token
});
if (result.IsWithoutErrors() && !string.IsNullOrWhiteSpace(result.Output))
{
var syrinxAuthorizationClaims = JsonConvert.DeserializeObject <UserAuthorizationEntity>(result.Output);
if (!permissions.HasPermissions(syrinxAuthorizationClaims))
{
throw CommonExceptions.AccessDenied(operation, StatusCodes.Status403Forbidden);
}
context.HttpContext.User.AddIdentity(AuthenticationUtils.GetClaimsIdentity(syrinxAuthorizationClaims));
return;
}
}
throw CommonExceptions.AccessDenied(operation, StatusCodes.Status401Unauthorized);
}
private static ClaimsIdentity GetIdentity(IReadOnlyCollection <Claim> claims) => claims?.Count == 3 ? AuthenticationUtils.GetClaimsIdentity(claims) : null;
private static ClaimsIdentity GetIdentity(UserAuthorizationEntity entity) => entity != null?AuthenticationUtils.GetClaimsIdentity(entity) : null;
