Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
A
ApiCommons
Manage
Activity
Members
Labels
Plan
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Locked files
Deploy
Releases
Package registry
Container Registry
Model registry
Operate
Environments
Terraform modules
Analyze
Value stream analytics
Contributor analytics
Repository analytics
Code review analytics
Insights
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Terms and privacy
Keyboard shortcuts
?
Snippets
Groups
Projects
This is an archived project. Repository and other project resources are read-only.
Show more breadcrumbs
Coscine
backend
libraries
ApiCommons
Commits
4032591c
Commit
4032591c
authored
3 years ago
by
Marcel Nellesen
Browse files
Options
Downloads
Patches
Plain Diff
Fix: Changed Statuscode on invalid authorization
parent
3daf071a
No related branches found
No related tags found
1 merge request
!65
Sprint/2021 08
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
src/ApiCommons/Middleware/LoggingMiddleware.cs
+37
-17
37 additions, 17 deletions
src/ApiCommons/Middleware/LoggingMiddleware.cs
with
37 additions
and
17 deletions
src/ApiCommons/Middleware/LoggingMiddleware.cs
+
37
−
17
View file @
4032591c
using
Coscine.Configuration
;
using
Coscine.Configuration
;
using
Coscine.JwtHandler
;
using
Coscine.Logging
;
using
Microsoft.AspNetCore.Http
;
...
...
@@ -23,6 +23,7 @@ namespace Coscine.ApiCommons.Middleware
public
async
Task
Invoke
(
HttpContext
context
)
{
bool
_authorized
=
false
;
if
(
context
.
Request
.
Path
.
Value
.
Contains
(
"TOS"
))
{
await
_next
(
context
);
...
...
@@ -61,25 +62,33 @@ namespace Coscine.ApiCommons.Middleware
CoscineLoggerMetadata
.
SetUri
(
_uri
);
// Get the User Id
var
authorization
=
context
.
Request
.
Headers
[
"Authorization"
].
ToArray
();
string
bearer
=
null
;
foreach
(
var
line
in
authorization
)
try
{
if
(
line
.
Contains
(
"Bearer"
))
var
authorization
=
context
.
Request
.
Headers
[
"Authorization"
].
ToArray
();
string
bearer
=
null
;
foreach
(
var
line
in
authorization
)
{
bearer
=
line
;
if
(
line
.
Contains
(
"Bearer"
))
{
bearer
=
line
;
}
}
}
if
(!
string
.
IsNullOrWhiteSpace
(
bearer
))
{
bearer
=
bearer
.
Replace
(
"Bearer"
,
""
).
Trim
();
JWTHandler
jwtHandler
=
new
JWTHandler
(
new
ConsulConfiguration
());
var
claims
=
jwtHandler
.
GetContents
(
bearer
);
var
userId
=
Authenticator
.
GetUserId
(
claims
);
if
(
userId
!=
null
)
if
(!
string
.
IsNullOrWhiteSpace
(
bearer
))
{
CoscineLoggerMetadata
.
SetUserId
(
userId
);
bearer
=
bearer
.
Replace
(
"Bearer"
,
""
).
Trim
();
JWTHandler
jwtHandler
=
new
JWTHandler
(
new
ConsulConfiguration
());
var
claims
=
jwtHandler
.
GetContents
(
bearer
);
var
userId
=
Authenticator
.
GetUserId
(
claims
);
if
(
userId
!=
null
)
{
CoscineLoggerMetadata
.
SetUserId
(
userId
);
}
}
_authorized
=
true
;
}
catch
(
Exception
ex
)
{
_authorized
=
false
;
}
// Get the corrolation Id
...
...
@@ -180,8 +189,19 @@ namespace Coscine.ApiCommons.Middleware
if
(!
context
.
Response
.
HasStarted
)
{
context
.
Response
.
StatusCode
=
StatusCodes
.
Status500InternalServerError
;
byte
[]
data
=
System
.
Text
.
Encoding
.
UTF8
.
GetBytes
(
"Unhandled Error occured. Please, try again in a while."
);
byte
[]
data
;
if
(!
_authorized
)
{
context
.
Response
.
StatusCode
=
StatusCodes
.
Status401Unauthorized
;
data
=
System
.
Text
.
Encoding
.
UTF8
.
GetBytes
(
"Invalid authentication. Please try again."
);
}
else
{
context
.
Response
.
StatusCode
=
StatusCodes
.
Status500InternalServerError
;
data
=
System
.
Text
.
Encoding
.
UTF8
.
GetBytes
(
"Unhandled Error occured. Please, try again in a while."
);
}
context
.
Response
.
ContentLength
=
data
.
Length
;
originalResponseBody
.
Write
(
data
,
0
,
data
.
Length
);
}
...
...
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment