Fix: Authorization error

1f5467be · Petar Hristov · d946f3c0 · 1f5467be
Commit 1f5467be authored 3 years ago by Petar Hristov
--- a/src/ApiCommons/Middleware/LoggingMiddleware.cs
+++ b/src/ApiCommons/Middleware/LoggingMiddleware.cs
@@ -23,6 +23,7 @@ namespace Coscine.ApiCommons.Middleware

        public async Task Invoke(HttpContext context)
        {
+            bool _authorized = false;
            if (context.Request.Path.Value.Contains("TOS"))
            {
                await _next(context);
@@ -61,25 +62,33 @@ namespace Coscine.ApiCommons.Middleware
                            CoscineLoggerMetadata.SetUri(_uri);

                            // Get the User Id
-                            var authorization = context.Request.Headers["Authorization"].ToArray();
-                            string bearer = null;
-                            foreach (var line in authorization) 
+                            try
                            {
-                                if (line.Contains("Bearer"))
+                                var authorization = context.Request.Headers["Authorization"].ToArray();
+                                string bearer = null;
+                                foreach (var line in authorization)
                                {
-                                    bearer = line;
+                                    if (line.Contains("Bearer"))
+                                    {
+                                        bearer = line;
+                                    }
                                }
-                            }
-                            if (!string.IsNullOrWhiteSpace(bearer))
-                            {
-                                bearer = bearer.Replace("Bearer", "").Trim();
-                                JWTHandler jwtHandler = new JWTHandler(new ConsulConfiguration());
-                                var claims = jwtHandler.GetContents(bearer);
-                                var userId = Authenticator.GetUserId(claims);
-                                if (userId != null)
+                                if (!string.IsNullOrWhiteSpace(bearer))
                                {
-                                    CoscineLoggerMetadata.SetUserId(userId);
+                                    bearer = bearer.Replace("Bearer", "").Trim();
+                                    JWTHandler jwtHandler = new JWTHandler(new ConsulConfiguration());
+                                    var claims = jwtHandler.GetContents(bearer);
+                                    var userId = Authenticator.GetUserId(claims);
+                                    if (userId != null)
+                                    {
+                                        CoscineLoggerMetadata.SetUserId(userId);
+                                    }
                                }
+                                _authorized = true;
+                            }
+                            catch (Exception ex)
+                            {
+                                _authorized = false;
                            }

                            // Get the corrolation Id
@@ -182,11 +191,10 @@ namespace Coscine.ApiCommons.Middleware
                            {
                                byte[] data;

-                                if (true)  // ex.GetType() == typeof(...)
+                                if (!_authorized)
                                {
 									context.Response.StatusCode = StatusCodes.Status401Unauthorized;
-                                    data = System.Text.Encoding.UTF8.GetBytes($"{ex.GetType()}");
-                                    //byte[] data = System.Text.Encoding.UTF8.GetBytes("Invalid authentication. Please try again.");
+                                    data = System.Text.Encoding.UTF8.GetBytes("Invalid authentication. Please try again.");
 								}
 								else
 								{