DocSpace-buildtools/web/ASC.Web.Core/Helpers/AuthorizationHelper.cs

namespace ASC.Web.Core.Helpers
{
    [Scope]
    public class AuthorizationHelper
    {
        private IHttpContextAccessor HttpContextAccessor { get; }
        private UserManager UserManager { get; }
        private SecurityContext SecurityContext { get; }
        private PasswordHasher PasswordHasher { get; }

        public AuthorizationHelper(
            IHttpContextAccessor httpContextAccessor,
            UserManager userManager,
            SecurityContext securityContext,
            PasswordHasher passwordHasher)
        {
            HttpContextAccessor = httpContextAccessor;
            UserManager = userManager;
            SecurityContext = securityContext;
            PasswordHasher = passwordHasher;
        }

        public bool ProcessBasicAuthorization(out string authCookie)
        {
            authCookie = null;
            try
            {
                //Try basic
                var authorization = HttpContextAccessor.HttpContext.Request.Cookies["asc_auth_key"] ?? HttpContextAccessor.HttpContext.Request.Headers["Authorization"].ToString();
                if (string.IsNullOrEmpty(authorization))
                {
                    return false;
                }

                authorization = authorization.Trim();
                if (0 <= authorization.IndexOf("Basic", 0))
                {
                    var arr = Encoding.ASCII.GetString(Convert.FromBase64String(authorization.Substring(6))).Split(new[] { ':' });
                    var username = arr[0];
                    var password = arr[1];
                    var u = UserManager.GetUserByEmail(username);
                    if (u != null && u.Id != ASC.Core.Users.Constants.LostUser.Id)
                    {
                        var passwordHash = PasswordHasher.GetClientPassword(password);
                        authCookie = SecurityContext.AuthenticateMe(u.Email, passwordHash);
                    }
                }
                else if (0 <= authorization.IndexOf("Bearer", 0))
                {
                    authorization = authorization.Substring("Bearer ".Length);
                    if (SecurityContext.AuthenticateMe(authorization))
                    {
                        authCookie = authorization;
                    }
                }
                else
                {
                    if (SecurityContext.AuthenticateMe(authorization))
                    {
                        authCookie = authorization;
                    }
                }
            }
            catch (Exception) { }
            return SecurityContext.IsAuthenticated;
        }
    }
}
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`namespace ASC.Web.Core.Helpers`
			`{`
fixed bearer 2021-09-24 09:08:10 +00:00			`[Scope]`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`public class AuthorizationHelper`
			`{`
moved from release/11 4414f77b 2020-09-18 07:59:23 +00:00			`private IHttpContextAccessor HttpContextAccessor { get; }`
			`private UserManager UserManager { get; }`
			`private SecurityContext SecurityContext { get; }`
			`private PasswordHasher PasswordHasher { get; }`

			`public AuthorizationHelper(`
			`IHttpContextAccessor httpContextAccessor,`
			`UserManager userManager,`
			`SecurityContext securityContext,`
			`PasswordHasher passwordHasher)`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`HttpContextAccessor = httpContextAccessor;`
			`UserManager = userManager;`
			`SecurityContext = securityContext;`
moved from release/11 4414f77b 2020-09-18 07:59:23 +00:00			`PasswordHasher = passwordHasher;`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`

Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`public bool ProcessBasicAuthorization(out string authCookie)`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
			`authCookie = null;`
			`try`
			`{`
			`//Try basic`
fixed bearer 2021-09-24 09:08:10 +00:00			`var authorization = HttpContextAccessor.HttpContext.Request.Cookies["asc_auth_key"] ?? HttpContextAccessor.HttpContext.Request.Headers["Authorization"].ToString();`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`if (string.IsNullOrEmpty(authorization))`
			`{`
			`return false;`
			`}`

			`authorization = authorization.Trim();`
			`if (0 <= authorization.IndexOf("Basic", 0))`
			`{`
			`var arr = Encoding.ASCII.GetString(Convert.FromBase64String(authorization.Substring(6))).Split(new[] { ':' });`
			`var username = arr[0];`
			`var password = arr[1];`
revert f85711b7362a22ea46e243f34632c80b16840462 2019-09-12 11:34:58 +00:00			`var u = UserManager.GetUserByEmail(username);`
Core: resolve properties for mapping, add mapping/projection 2022-02-15 10:30:05 +00:00			`if (u != null && u.Id != ASC.Core.Users.Constants.LostUser.Id)`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
moved from release/11 4414f77b 2020-09-18 07:59:23 +00:00			`var passwordHash = PasswordHasher.GetClientPassword(password);`
			`authCookie = SecurityContext.AuthenticateMe(u.Email, passwordHash);`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`
			`}`
			`else if (0 <= authorization.IndexOf("Bearer", 0))`
			`{`
			`authorization = authorization.Substring("Bearer ".Length);`
			`if (SecurityContext.AuthenticateMe(authorization))`
			`{`
			`authCookie = authorization;`
			`}`
			`}`
			`else`
			`{`
			`if (SecurityContext.AuthenticateMe(authorization))`
			`{`
			`authCookie = authorization;`
			`}`
			`}`
			`}`
			`catch (Exception) { }`
			`return SecurityContext.IsAuthenticated;`
			`}`
			`}`
			`}`