Last active
August 29, 2015 14:02
-
-
Save philjones88/0e818ebcbcf08318b61f to your computer and use it in GitHub Desktop.
SignalR token authentication middleware (crappy quick coding)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
public static class QueryStringTokenConverterExtension | |
{ | |
public static IAppBuilder QueryStringTokenConverter(this IAppBuilder app, string queryStringParameterName = "authorization", string requestHeaderName = "Authorization") | |
{ | |
return app.Use<QueryStringTokenConverter>(queryStringParameterName, requestHeaderName); | |
} | |
} | |
public class QueryStringTokenConverter | |
{ | |
private readonly string _queryStringParameterName; | |
private readonly string _requestHeaderName; | |
private readonly string _signalrPath; | |
private readonly Func<IDictionary<string, object>, Task> _nextFunc; | |
public QueryStringTokenConverter(Func<IDictionary<string, object>, Task> nextFunc, string queryStringParameterName, string requestHeaderName) | |
{ | |
_nextFunc = nextFunc; | |
_queryStringParameterName = queryStringParameterName; | |
_requestHeaderName = requestHeaderName; | |
} | |
public Task Invoke(IDictionary<string, object> environment) | |
{ | |
if (!environment.ContainsKey("owin.RequestPath")) | |
{ | |
throw new ApplicationException("Invalid OWIN request. Expected owin.RequestPath, but not present."); | |
} | |
var querystring = (string) environment["owin.RequestQueryString"]; | |
// No query string authorization value is set, nothing we can do | |
if (!querystring.ToLowerInvariant().Contains(_queryStringParameterName.ToLowerInvariant())) | |
{ | |
return _nextFunc(environment); | |
} | |
var token = ParseQueryString(querystring); | |
var requestHeaders = (IDictionary<string, string[]>) environment["owin.RequestHeaders"]; | |
if (requestHeaders.All(x => x.Key != _requestHeaderName)) | |
{ | |
requestHeaders.Add(_requestHeaderName, new []{ token["Authorization"] }); | |
} | |
return _nextFunc(environment); | |
} | |
// Taken from StackOverflow. Do not want to use System.Web! | |
// http://stackoverflow.com/a/1322960 | |
private NameValueCollection ParseQueryString(string s) | |
{ | |
NameValueCollection nvc = new NameValueCollection(); | |
// remove anything other than query string from url | |
if (s.Contains("?")) | |
{ | |
s = s.Substring(s.IndexOf('?') + 1); | |
} | |
foreach (string vp in Regex.Split(s, "&")) | |
{ | |
string[] singlePair = Regex.Split(vp, "="); | |
if (singlePair.Length == 2) | |
{ | |
nvc.Add(singlePair[0], singlePair[1]); | |
} | |
else | |
{ | |
// only one key with no value specified in query string | |
nvc.Add(singlePair[0], string.Empty); | |
} | |
} | |
return nvc; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment