Skip to content
Snippets Groups Projects
Commit 4032591c authored by Marcel Nellesen's avatar Marcel Nellesen
Browse files

Fix: Changed Statuscode on invalid authorization

parent 3daf071a
No related branches found
No related tags found
1 merge request!65Sprint/2021 08
using Coscine.Configuration;
using Coscine.Configuration;
using Coscine.JwtHandler;
using Coscine.Logging;
using Microsoft.AspNetCore.Http;
......@@ -23,6 +23,7 @@ namespace Coscine.ApiCommons.Middleware
public async Task Invoke(HttpContext context)
{
bool _authorized = false;
if (context.Request.Path.Value.Contains("TOS"))
{
await _next(context);
......@@ -61,25 +62,33 @@ namespace Coscine.ApiCommons.Middleware
CoscineLoggerMetadata.SetUri(_uri);
// Get the User Id
var authorization = context.Request.Headers["Authorization"].ToArray();
string bearer = null;
foreach (var line in authorization)
try
{
if (line.Contains("Bearer"))
var authorization = context.Request.Headers["Authorization"].ToArray();
string bearer = null;
foreach (var line in authorization)
{
bearer = line;
if (line.Contains("Bearer"))
{
bearer = line;
}
}
}
if (!string.IsNullOrWhiteSpace(bearer))
{
bearer = bearer.Replace("Bearer", "").Trim();
JWTHandler jwtHandler = new JWTHandler(new ConsulConfiguration());
var claims = jwtHandler.GetContents(bearer);
var userId = Authenticator.GetUserId(claims);
if (userId != null)
if (!string.IsNullOrWhiteSpace(bearer))
{
CoscineLoggerMetadata.SetUserId(userId);
bearer = bearer.Replace("Bearer", "").Trim();
JWTHandler jwtHandler = new JWTHandler(new ConsulConfiguration());
var claims = jwtHandler.GetContents(bearer);
var userId = Authenticator.GetUserId(claims);
if (userId != null)
{
CoscineLoggerMetadata.SetUserId(userId);
}
}
_authorized = true;
}
catch (Exception ex)
{
_authorized = false;
}
// Get the corrolation Id
......@@ -180,8 +189,19 @@ namespace Coscine.ApiCommons.Middleware
if (!context.Response.HasStarted)
{
context.Response.StatusCode = StatusCodes.Status500InternalServerError;
byte[] data = System.Text.Encoding.UTF8.GetBytes("Unhandled Error occured. Please, try again in a while.");
byte[] data;
if (!_authorized)
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
data = System.Text.Encoding.UTF8.GetBytes("Invalid authentication. Please try again.");
}
else
{
context.Response.StatusCode = StatusCodes.Status500InternalServerError;
data = System.Text.Encoding.UTF8.GetBytes("Unhandled Error occured. Please, try again in a while.");
}
context.Response.ContentLength = data.Length;
originalResponseBody.Write(data, 0, data.Length);
}
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment