-
Notifications
You must be signed in to change notification settings - Fork 15
Expand file tree
/
Copy pathOrderCloudWebhookAuth.cs
More file actions
48 lines (43 loc) · 1.48 KB
/
OrderCloudWebhookAuth.cs
File metadata and controls
48 lines (43 loc) · 1.48 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
using System.Security.Claims;
using System.Text.Encodings.Web;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authorization;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;
namespace OrderCloud.Catalyst
{
/// <summary>
/// Apply to controllers or actions to authenticate the webhook by validating the hash key passed in the X-oc-hash header.
/// </summary>
public class OrderCloudWebhookAuthAttribute : AuthorizeAttribute
{
public OrderCloudWebhookAuthAttribute() {
AuthenticationSchemes = "OrderCloudWebhook";
}
}
public class OrderCloudWebhookAuthHandler : AuthenticationHandler<OrderCloudWebhookAuthOptions>
{
private readonly IRequestAuthenticationService _auth;
public OrderCloudWebhookAuthHandler(
IOptionsMonitor<OrderCloudWebhookAuthOptions> options,
ILoggerFactory logger,
UrlEncoder encoder,
ISystemClock clock,
IRequestAuthenticationService auth
) : base(options, logger, encoder, clock)
{
_auth = auth;
}
protected override async Task<AuthenticateResult> HandleAuthenticateAsync() {
await _auth.VerifyWebhookHashAsync(Request, Options); // Will throw error if fails
var cid = new ClaimsIdentity("OcWebhook");
var ticket = new AuthenticationTicket(new ClaimsPrincipal(cid), "OcWebhook");
return AuthenticateResult.Success(ticket);
}
}
public class OrderCloudWebhookAuthOptions : AuthenticationSchemeOptions
{
public string HashKey { get; set; }
}
}