detect if the requests come from Office process
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| Workaround below to detect Office request comes from the user smichtch in | |
| https://github.com/aspnet/AspNetKatana/issues/78 | |
| */ | |
| using System; | |
| using System.Collections.Generic; | |
| using System.Configuration; | |
| using System.Globalization; | |
| using System.Linq; | |
| using System.Web; | |
| using Owin; | |
| using Microsoft.Owin.Security; | |
| using Microsoft.Owin.Security.Cookies; | |
| using Microsoft.Owin.Security.OpenIdConnect; | |
| using Microsoft.Owin; | |
| using System.Threading.Tasks; | |
| using System.Net.Http; | |
| using System.Text.RegularExpressions; | |
| using System.Net; | |
| public void ConfigureAuth(IAppBuilder app) | |
| { | |
| app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType); | |
| app.UseCookieAuthentication(new CookieAuthenticationOptions()); | |
| app.Use<MsOfficeLinkPrefetchMiddleware>(); | |
| app.UseOpenIdConnectAuthentication( | |
| new OpenIdConnectAuthenticationOptions | |
| { | |
| ClientId = clientId, | |
| Authority = authority, | |
| PostLogoutRedirectUri = postLogoutRedirectUri, | |
| // RedirectUri = "https://bbb.hoangbac.com" | |
| RedirectUri = "https://testnonce.azurewebsites.net" | |
| }); | |
| Microsoft.IdentityModel.Logging.IdentityModelEventSource.ShowPII = true; | |
| } | |
| public class MsOfficeLinkPrefetchMiddleware : OwinMiddleware | |
| { | |
| public MsOfficeLinkPrefetchMiddleware(OwinMiddleware next) : base(next) { } | |
| public override Task Invoke(IOwinContext context) | |
| { | |
| if (Is(context, HttpMethod.Get, HttpMethod.Head) && IsMsOffice(context)) | |
| { | |
| // Mitigate by preempting auth challenges to MS Office apps' preflight requests and | |
| // let the real browser start at the original URL and handle all redirects and cookies. | |
| // Success response indicates to Office that the link is OK. | |
| context.Response.StatusCode = (int)HttpStatusCode.OK; | |
| context.Response.Headers["Cache-Control"] = "no-cache, no-store, must-revalidate"; | |
| context.Response.Headers["Pragma"] = "no-cache"; | |
| context.Response.Headers["Expires"] = "0"; | |
| } | |
| else if (Next != null) | |
| { | |
| return Next.Invoke(context); | |
| } | |
| return Task.CompletedTask; | |
| } | |
| private static bool Is(IOwinContext context, params HttpMethod[] methods) | |
| { | |
| var requestMethod = context.Request.Method; | |
| return methods.Any(method => StringComparer.OrdinalIgnoreCase.Equals(requestMethod, method.Method)); | |
| } | |
| private static readonly Regex _msOfficeUserAgent = new Regex( | |
| @"(^Microsoft Office\b)|([\(;]\s*ms-office\s*[;\)])", | |
| RegexOptions.CultureInvariant | RegexOptions.IgnoreCase | RegexOptions.Singleline | RegexOptions.Compiled); | |
| private static bool IsMsOffice(IOwinContext context) | |
| { | |
| var headers = context.Request.Headers; | |
| var userAgent = headers["User-Agent"] ?? string.Empty; | |
| return _msOfficeUserAgent.IsMatch(userAgent) | |
| || !string.IsNullOrWhiteSpace(headers["X-Office-Major-Version"]); | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment