101 lines
4.0 KiB
C#
101 lines
4.0 KiB
C#
// Copyright (c) .NET Foundation. All rights reserved.
|
|
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
|
|
|
using System;
|
|
using System.Net.Http;
|
|
using Microsoft.AspNet.Builder;
|
|
using Microsoft.Framework.Logging;
|
|
using Microsoft.Framework.WebEncoders;
|
|
using Microsoft.IdentityModel.Protocols;
|
|
using Microsoft.IdentityModel.Protocols.OpenIdConnect;
|
|
|
|
namespace Microsoft.AspNet.Authentication.JwtBearer
|
|
{
|
|
/// <summary>
|
|
/// Bearer authentication middleware component which is added to an HTTP pipeline. This class is not
|
|
/// created by application code directly, instead it is added by calling the the IAppBuilder UseJwtBearerAuthentication
|
|
/// extension method.
|
|
/// </summary>
|
|
public class JwtBearerMiddleware : AuthenticationMiddleware<JwtBearerOptions>
|
|
{
|
|
/// <summary>
|
|
/// Bearer authentication component which is added to an HTTP pipeline. This constructor is not
|
|
/// called by application code directly, instead it is added by calling the the IAppBuilder UseJwtBearerAuthentication
|
|
/// extension method.
|
|
/// </summary>
|
|
public JwtBearerMiddleware(
|
|
RequestDelegate next,
|
|
ILoggerFactory loggerFactory,
|
|
IUrlEncoder encoder,
|
|
JwtBearerOptions options)
|
|
: base(next, options, loggerFactory, encoder)
|
|
{
|
|
if (next == null)
|
|
{
|
|
throw new ArgumentNullException(nameof(next));
|
|
}
|
|
|
|
if (loggerFactory == null)
|
|
{
|
|
throw new ArgumentNullException(nameof(loggerFactory));
|
|
}
|
|
|
|
if (encoder == null)
|
|
{
|
|
throw new ArgumentNullException(nameof(encoder));
|
|
}
|
|
|
|
if (options == null)
|
|
{
|
|
throw new ArgumentNullException(nameof(options));
|
|
}
|
|
|
|
if (Options.Events == null)
|
|
{
|
|
Options.Events = new JwtBearerEvents();
|
|
}
|
|
|
|
if (string.IsNullOrEmpty(Options.TokenValidationParameters.ValidAudience) && !string.IsNullOrEmpty(Options.Audience))
|
|
{
|
|
Options.TokenValidationParameters.ValidAudience = Options.Audience;
|
|
}
|
|
|
|
if (Options.ConfigurationManager == null)
|
|
{
|
|
if (Options.Configuration != null)
|
|
{
|
|
Options.ConfigurationManager = new StaticConfigurationManager<OpenIdConnectConfiguration>(Options.Configuration);
|
|
}
|
|
else if (!(string.IsNullOrEmpty(Options.MetadataAddress) && string.IsNullOrEmpty(Options.Authority)))
|
|
{
|
|
if (string.IsNullOrEmpty(Options.MetadataAddress) && !string.IsNullOrEmpty(Options.Authority))
|
|
{
|
|
Options.MetadataAddress = Options.Authority;
|
|
if (!Options.MetadataAddress.EndsWith("/", StringComparison.Ordinal))
|
|
{
|
|
Options.MetadataAddress += "/";
|
|
}
|
|
|
|
Options.MetadataAddress += ".well-known/openid-configuration";
|
|
}
|
|
|
|
var httpClient = new HttpClient(Options.BackchannelHttpHandler ?? new HttpClientHandler());
|
|
httpClient.Timeout = Options.BackchannelTimeout;
|
|
httpClient.MaxResponseContentBufferSize = 1024 * 1024 * 10; // 10 MB
|
|
|
|
Options.ConfigurationManager = new ConfigurationManager<OpenIdConnectConfiguration>(Options.MetadataAddress, new OpenIdConnectConfigurationRetriever(), httpClient);
|
|
}
|
|
}
|
|
}
|
|
|
|
/// <summary>
|
|
/// Called by the AuthenticationMiddleware base class to create a per-request handler.
|
|
/// </summary>
|
|
/// <returns>A new instance of the request handler</returns>
|
|
protected override AuthenticationHandler<JwtBearerOptions> CreateHandler()
|
|
{
|
|
return new JwtBearerHandler();
|
|
}
|
|
}
|
|
}
|