| | | 1 | | using System; |
| | | 2 | | using IdentityModel.AspNetCore.OAuth2Introspection; |
| | | 3 | | using Microsoft.AspNetCore.Http; |
| | | 4 | | using Microsoft.Extensions.Primitives; |
| | | 5 | | |
| | | 6 | | namespace SVETA.Api.Helpers.Authorize |
| | | 7 | | { |
| | | 8 | | public class CustomTokenRetriever |
| | | 9 | | { |
| | | 10 | | internal const string TokenItemsKey = "idsrv4:tokenvalidation:token"; |
| | | 11 | | // custom token key change it to the one you use for sending the access_token to the server |
| | | 12 | | // during websocket handshake |
| | | 13 | | internal const string SignalRTokenKey = "access_token"; |
| | | 14 | | |
| | 0 | 15 | | static Func<HttpRequest, string> AuthHeaderTokenRetriever { get; set; } |
| | 0 | 16 | | static Func<HttpRequest, string> QueryStringTokenRetriever { get; set; } |
| | | 17 | | |
| | | 18 | | static CustomTokenRetriever() |
| | 0 | 19 | | { |
| | 0 | 20 | | AuthHeaderTokenRetriever = TokenRetrieval.FromAuthorizationHeader(); |
| | 0 | 21 | | QueryStringTokenRetriever = TokenRetrieval.FromQueryString(); |
| | 0 | 22 | | } |
| | | 23 | | |
| | | 24 | | public static string FromHeaderAndQueryString(HttpRequest request) |
| | 0 | 25 | | { |
| | 0 | 26 | | var token = AuthHeaderTokenRetriever(request); |
| | | 27 | | |
| | 0 | 28 | | if (string.IsNullOrEmpty(token)) |
| | 0 | 29 | | { |
| | 0 | 30 | | token = QueryStringTokenRetriever(request); |
| | 0 | 31 | | } |
| | | 32 | | |
| | 0 | 33 | | if (string.IsNullOrEmpty(token)) |
| | 0 | 34 | | { |
| | 0 | 35 | | token = request.HttpContext.Items[TokenItemsKey] as string; |
| | 0 | 36 | | } |
| | | 37 | | |
| | 0 | 38 | | if (string.IsNullOrEmpty(token) && request.Query.TryGetValue(SignalRTokenKey, out StringValues extract)) |
| | 0 | 39 | | { |
| | 0 | 40 | | token = extract.ToString(); |
| | 0 | 41 | | } |
| | | 42 | | |
| | 0 | 43 | | return token; |
| | 0 | 44 | | } |
| | | 45 | | } |
| | | 46 | | } |