Merge branch 'release/1.0.0' of github.com:ONLYOFFICE/AppServer into release/1.0.0
This commit is contained in:
commit
61949a4346
@ -6,6 +6,7 @@ using System.Threading.Tasks;
|
||||
using ASC.Common;
|
||||
using ASC.Core;
|
||||
using ASC.Web.Core;
|
||||
using ASC.Web.Core.Helpers;
|
||||
|
||||
using Microsoft.AspNetCore.Authentication;
|
||||
using Microsoft.Extensions.Logging;
|
||||
@ -16,6 +17,7 @@ namespace ASC.Api.Core.Auth
|
||||
[Scope]
|
||||
public class CookieAuthHandler : AuthenticationHandler<AuthenticationSchemeOptions>
|
||||
{
|
||||
private AuthorizationHelper AuthorizationHelper { get; }
|
||||
private SecurityContext SecurityContext { get; }
|
||||
private CookiesManager CookiesManager { get; }
|
||||
|
||||
@ -23,17 +25,20 @@ namespace ASC.Api.Core.Auth
|
||||
{
|
||||
}
|
||||
//
|
||||
public CookieAuthHandler(IOptionsMonitor<AuthenticationSchemeOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock, SecurityContext securityContext, CookiesManager cookiesManager)
|
||||
public CookieAuthHandler(IOptionsMonitor<AuthenticationSchemeOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock,
|
||||
AuthorizationHelper authorizationHelper,
|
||||
SecurityContext securityContext,
|
||||
CookiesManager cookiesManager)
|
||||
: this(options, logger, encoder, clock)
|
||||
{
|
||||
AuthorizationHelper = authorizationHelper;
|
||||
SecurityContext = securityContext;
|
||||
CookiesManager = cookiesManager;
|
||||
}
|
||||
|
||||
protected override Task<AuthenticateResult> HandleAuthenticateAsync()
|
||||
{
|
||||
var token = Context.Request.Cookies["asc_auth_key"] ?? Context.Request.Headers["Authorization"];
|
||||
var result = SecurityContext.AuthenticateMe(token);
|
||||
var result = AuthorizationHelper.ProcessBasicAuthorization(out _);
|
||||
|
||||
if (!result)
|
||||
{
|
||||
|
@ -27,6 +27,7 @@
|
||||
using System;
|
||||
using System.Text;
|
||||
|
||||
using ASC.Common;
|
||||
using ASC.Core;
|
||||
using ASC.Security.Cryptography;
|
||||
|
||||
@ -34,6 +35,7 @@ using Microsoft.AspNetCore.Http;
|
||||
|
||||
namespace ASC.Web.Core.Helpers
|
||||
{
|
||||
[Scope]
|
||||
public class AuthorizationHelper
|
||||
{
|
||||
private IHttpContextAccessor HttpContextAccessor { get; }
|
||||
@ -59,7 +61,7 @@ namespace ASC.Web.Core.Helpers
|
||||
try
|
||||
{
|
||||
//Try basic
|
||||
var authorization = HttpContextAccessor.HttpContext.Request.Headers["Authorization"].ToString();
|
||||
var authorization = HttpContextAccessor.HttpContext.Request.Cookies["asc_auth_key"] ?? HttpContextAccessor.HttpContext.Request.Headers["Authorization"].ToString();
|
||||
if (string.IsNullOrEmpty(authorization))
|
||||
{
|
||||
return false;
|
||||
|
Loading…
Reference in New Issue
Block a user