private JwtBindingConfiguration GetFunctionConfiguration(JwtBindingAttribute arg) { var configuration = _configuration.Value ?? new JwtBindingConfiguration(); configuration.Issuer = arg.Issuer ?? configuration.Issuer; configuration.Audience = arg.Audience ?? configuration.Audience; configuration.Scopes = arg.Scopes ?? configuration.Scopes; configuration.Roles = arg.Roles ?? configuration.Roles; configuration.Signature = arg.Signature ?? configuration.Signature; configuration.AllowedIdentities = arg.AllowedIdentities ?? configuration.AllowedIdentities; return(configuration); }
private JwtBindingConfiguration GetFunctionConfiguration(JwtBindingAttribute arg) { var configuration = _configuration.Value ?? new JwtBindingConfiguration(); configuration.Issuer = arg.Issuer ?? configuration.Issuer; configuration.Audience = arg.Audience ?? configuration.Audience; configuration.Scopes = arg.Scopes ?? configuration.Scopes; configuration.Roles = arg.Roles ?? configuration.Roles; configuration.SymmetricSecuritySigningKey = arg.Signature ?? configuration.SymmetricSecuritySigningKey; configuration.X509CertificateSigningKey = arg.X509CertificateSigningKey ?? configuration.X509CertificateSigningKey; configuration.AllowedIdentities = arg.AllowedIdentities ?? configuration.AllowedIdentities; return(configuration); }
private AuthorizedModel BuildItemFromAttribute(JwtBindingAttribute arg) { var configuration = GetFunctionConfiguration(arg); if ((configuration.DebugConfiguration?.Enabled).GetValueOrDefault()) { _logger.LogWarning("## WARNING ## - The JWT Validation Binding is running in DEBUG mode and currently returns fixed values!"); return(new AuthorizedModel { Name = configuration.DebugConfiguration?.Name, Subject = configuration.DebugConfiguration?.Subject }); } if (string.IsNullOrWhiteSpace(configuration.Issuer)) { _logger.LogWarning("No valid issuer configured, cannot validate token"); throw new ArgumentNullException(nameof(arg.Issuer), "The JwtBinding requires an issuer to validate JWT Tokens"); } if (_http.HttpContext != null) { var authHeaderValue = _http.HttpContext.Request.Headers["Authorization"]; if (AuthenticationHeaderValue.TryParse(authHeaderValue, out AuthenticationHeaderValue headerValue)) { _logger.LogInformation("Now validating token"); return(_service.ValidateToken(headerValue, configuration)); } throw new AuthorizationFailedException( new Exception("Authorization header is missing, add a bearer token to the header of your HTTP request") ); } throw new AuthorizationOperationException(); }