IlyaSobolev/DocSpace-buildtools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'release/1.0.0' of github.com:ONLYOFFICE/AppServer into release/1.0.0

Browse Source
This commit is contained in:
Nikita Gopienko 2021-09-24 12:28:15 +03:00
commit 61949a4346
2 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
common/ASC.Api.Core/Auth/CookieAuthHandler.cs
View File

@ -6,6 +6,7 @@ using System.Threading.Tasks;
using ASC.Common;
using ASC.Core;
using ASC.Web.Core;
using ASC.Web.Core.Helpers;
using Microsoft.AspNetCore.Authentication;
using Microsoft.Extensions.Logging;
@ -16,6 +17,7 @@ namespace ASC.Api.Core.Auth
[Scope]
public class CookieAuthHandler : AuthenticationHandler<AuthenticationSchemeOptions>
{
private AuthorizationHelper AuthorizationHelper { get; }
private SecurityContext SecurityContext { get; }
private CookiesManager CookiesManager { get; }
@ -23,17 +25,20 @@ namespace ASC.Api.Core.Auth
{
}
//
public CookieAuthHandler(IOptionsMonitor<AuthenticationSchemeOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock, SecurityContext securityContext, CookiesManager cookiesManager)
public CookieAuthHandler(IOptionsMonitor<AuthenticationSchemeOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock,
AuthorizationHelper authorizationHelper,
SecurityContext securityContext,
CookiesManager cookiesManager)
: this(options, logger, encoder, clock)
{
AuthorizationHelper = authorizationHelper;
SecurityContext = securityContext;
CookiesManager = cookiesManager;
}
protected override Task<AuthenticateResult> HandleAuthenticateAsync()
{
var token = Context.Request.Cookies["asc_auth_key"] ?? Context.Request.Headers["Authorization"];
var result = SecurityContext.AuthenticateMe(token);
var result = AuthorizationHelper.ProcessBasicAuthorization(out _);
if (!result)
{

4
web/ASC.Web.Core/Helpers/AuthorizationHelper.cs
View File

@ -27,6 +27,7 @@
using System;
using System.Text;
using ASC.Common;
using ASC.Core;
using ASC.Security.Cryptography;
@ -34,6 +35,7 @@ using Microsoft.AspNetCore.Http;
namespace ASC.Web.Core.Helpers
{
[Scope]
public class AuthorizationHelper
{
private IHttpContextAccessor HttpContextAccessor { get; }
@ -59,7 +61,7 @@ namespace ASC.Web.Core.Helpers
try
{
//Try basic
var authorization = HttpContextAccessor.HttpContext.Request.Headers["Authorization"].ToString();
var authorization = HttpContextAccessor.HttpContext.Request.Cookies["asc_auth_key"] ?? HttpContextAccessor.HttpContext.Request.Headers["Authorization"].ToString();
if (string.IsNullOrEmpty(authorization))
{
return false;