- Fixed BasicAuthenticationAttribute.
- All attributes now reside in Microsoft.AspNetCore.Mvc.Filters namespace.
This commit is contained in:
@@ -5,29 +5,16 @@ using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
using AMWD.Common.AspNetCore.BasicAuthentication;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Mvc.Filters;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using Microsoft.Extensions.Logging;
|
||||
|
||||
namespace AMWD.Common.AspNetCore.Attributes
|
||||
namespace Microsoft.AspNetCore.Mvc.Filters
|
||||
{
|
||||
/// <summary>
|
||||
/// A basic authentication as attribute to use for specific actions.
|
||||
/// </summary>
|
||||
public class BasicAuthenticationAttribute : ActionFilterAttribute
|
||||
{
|
||||
private readonly IServiceScopeFactory serviceScopeFactory;
|
||||
|
||||
/// <summary>
|
||||
/// Initializes a new instance of the <see cref="BasicAuthenticationAttribute"/> class.
|
||||
/// </summary>
|
||||
/// <param name="serviceScopeFactory">A service scope factory.</param>
|
||||
public BasicAuthenticationAttribute(IServiceScopeFactory serviceScopeFactory)
|
||||
{
|
||||
this.serviceScopeFactory = serviceScopeFactory;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Gets or sets a username to validate.
|
||||
/// </summary>
|
||||
@@ -61,9 +48,7 @@ namespace AMWD.Common.AspNetCore.Attributes
|
||||
return;
|
||||
}
|
||||
|
||||
using var scope = serviceScopeFactory.CreateScope();
|
||||
var logger = scope.ServiceProvider.GetService<ILogger<BasicAuthenticationAttribute>>();
|
||||
|
||||
var logger = context.HttpContext.RequestServices.GetService<ILogger<BasicAuthenticationAttribute>>();
|
||||
try
|
||||
{
|
||||
var authHeader = AuthenticationHeaderValue.Parse(context.HttpContext.Request.Headers["Authorization"]);
|
||||
@@ -77,7 +62,7 @@ namespace AMWD.Common.AspNetCore.Attributes
|
||||
return;
|
||||
}
|
||||
|
||||
var validator = scope.ServiceProvider.GetService<IBasicAuthenticationValidator>();
|
||||
var validator = context.HttpContext.RequestServices.GetService<IBasicAuthenticationValidator>();
|
||||
var principal = await validator?.ValidateAsync(credentials.First(), credentials.Last(), context.HttpContext.GetRemoteIpAddress());
|
||||
if (principal == null)
|
||||
SetAuthenticateRequest(context);
|
||||
|
||||
@@ -3,14 +3,34 @@ using System.Collections.Generic;
|
||||
using System.Net.Http;
|
||||
using System.Threading.Tasks;
|
||||
using Microsoft.Extensions.Configuration;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using Newtonsoft.Json;
|
||||
|
||||
namespace Microsoft.AspNetCore.Mvc.Filters
|
||||
{
|
||||
/// <summary>
|
||||
/// Custom filter attribute to use Google's reCaptcha (v3).
|
||||
/// <br/>
|
||||
/// Usage: [ServiceFilter(typeof(GoogleReCaptchaAttribute))]
|
||||
/// </summary>
|
||||
/// <remarks>
|
||||
/// appsettings.json:
|
||||
/// <br/>
|
||||
/// <code>
|
||||
/// {<br/>
|
||||
/// [...]<br/>
|
||||
/// "Google": {<br/>
|
||||
/// "ReCaptcha": {<br/>
|
||||
/// "PrivateKey": "__private reCaptcha key__",<br/>
|
||||
/// "PublicKey": "__public reCaptcha key__"<br/>
|
||||
/// }<br/>
|
||||
/// }<br/>
|
||||
/// }
|
||||
/// </code>
|
||||
/// <br/>
|
||||
/// The score from google can be found on HttpContext.Items[GoogleReCaptchaAttribute.ScoreKey].
|
||||
/// </remarks>
|
||||
|
||||
public class GoogleReCaptchaAttribute : ActionFilterAttribute
|
||||
{
|
||||
/// <summary>
|
||||
@@ -30,33 +50,7 @@ namespace Microsoft.AspNetCore.Mvc.Filters
|
||||
|
||||
private const string VerificationUrl = "https://www.google.com/recaptcha/api/siteverify";
|
||||
|
||||
private readonly string privateKey;
|
||||
|
||||
/// <summary>
|
||||
/// Initializes a new instance of the <see cref="GoogleReCaptchaAttribute"/> class.
|
||||
/// </summary>
|
||||
/// <remarks>
|
||||
/// appsettings.json:
|
||||
/// <br/>
|
||||
/// <code>
|
||||
/// {<br/>
|
||||
/// [...]<br/>
|
||||
/// "Google": {<br/>
|
||||
/// "ReCaptcha": {<br/>
|
||||
/// "PrivateKey": "__private reCaptcha key__",<br/>
|
||||
/// "PublicKey": "__public reCaptcha key__"<br/>
|
||||
/// }<br/>
|
||||
/// }<br/>
|
||||
/// }
|
||||
/// </code>
|
||||
/// <br/>
|
||||
/// The score from google can be found on HttpContext.Items[GoogleReCaptchaAttribute.ScoreKey].
|
||||
/// </remarks>
|
||||
/// <param name="configuration">The application configuration.</param>
|
||||
public GoogleReCaptchaAttribute(IConfiguration configuration)
|
||||
{
|
||||
privateKey = configuration.GetValue<string>("Google:ReCaptcha:PrivateKey");
|
||||
}
|
||||
private string privateKey;
|
||||
|
||||
/// <summary>
|
||||
/// Executes the validattion in background.
|
||||
@@ -66,15 +60,18 @@ namespace Microsoft.AspNetCore.Mvc.Filters
|
||||
/// <returns>An awaitable task.</returns>
|
||||
public override async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
|
||||
{
|
||||
var configuration = context.HttpContext.RequestServices.GetService<IConfiguration>();
|
||||
privateKey = configuration?.GetValue<string>("Google:ReCaptcha:PrivateKey");
|
||||
|
||||
if (string.IsNullOrWhiteSpace(privateKey))
|
||||
return;
|
||||
|
||||
await DoValidation(context);
|
||||
await base.OnActionExecutionAsync(context, next);
|
||||
}
|
||||
|
||||
private async Task DoValidation(ActionExecutingContext context)
|
||||
{
|
||||
if (string.IsNullOrWhiteSpace(privateKey))
|
||||
return;
|
||||
|
||||
if (!context.HttpContext.Request.HasFormContentType)
|
||||
return;
|
||||
|
||||
|
||||
@@ -2,12 +2,10 @@
|
||||
using System.Net;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.HttpOverrides;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Mvc.Filters;
|
||||
using Microsoft.Extensions.Configuration;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
|
||||
namespace AMWD.Common.AspNetCore.Attributes
|
||||
namespace Microsoft.AspNetCore.Mvc.Filters
|
||||
{
|
||||
/// <summary>
|
||||
/// Implements an IP filter. The defined addresses are blocked.
|
||||
@@ -43,6 +41,7 @@ namespace AMWD.Common.AspNetCore.Attributes
|
||||
public override void OnActionExecuting(ActionExecutingContext context)
|
||||
{
|
||||
base.OnActionExecuting(context);
|
||||
context.HttpContext.Items["RemoteAddress"] = context.HttpContext.GetRemoteIpAddress();
|
||||
|
||||
if (!RestrictLocalAccess && context.HttpContext.IsLocalRequest())
|
||||
return;
|
||||
|
||||
@@ -2,12 +2,10 @@
|
||||
using System.Net;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.HttpOverrides;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Mvc.Filters;
|
||||
using Microsoft.Extensions.Configuration;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
|
||||
namespace AMWD.Common.AspNetCore.Attributes
|
||||
namespace Microsoft.AspNetCore.Mvc.Filters
|
||||
{
|
||||
/// <summary>
|
||||
/// Implements an IP filter. Only defined addresses are allowed to access.
|
||||
@@ -43,6 +41,7 @@ namespace AMWD.Common.AspNetCore.Attributes
|
||||
public override void OnActionExecuting(ActionExecutingContext context)
|
||||
{
|
||||
base.OnActionExecuting(context);
|
||||
context.HttpContext.Items["RemoteAddress"] = context.HttpContext.GetRemoteIpAddress();
|
||||
|
||||
if (AllowLocalAccess && context.HttpContext.IsLocalRequest())
|
||||
return;
|
||||
|
||||
Reference in New Issue
Block a user