Created
March 18, 2024 11:51
-
-
Save bjoerntx/acf424ebbf529194b894c005b3a10be9 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
namespace TXTextControl | |
{ | |
public class TXSecurityMiddleware | |
{ | |
private RequestDelegate m_next; | |
// stored access token usually retrieved from any storage | |
// implemented thought OAuth or any other identity protocol | |
private const string access_token = "821e2f35-86e3-4917-a963-b0c4228d1315"; | |
public TXSecurityMiddleware(RequestDelegate next) | |
{ | |
m_next = next; | |
} | |
public async Task Invoke(HttpContext context) | |
{ | |
// Check if the request is a TX Text Control request | |
if (context.WebSockets.IsWebSocketRequest && | |
context.WebSockets.WebSocketRequestedProtocols.Contains("TXTextControl.Web") || | |
(context.Request.Query.ContainsKey("access_token") && | |
context.GetEndpoint()?.DisplayName?.Contains("TXTextControl.Web.MVC.DocumentViewer") == true)) | |
{ | |
// Retrieve access token from the query string | |
var accessToken = context.Request.Query["access_token"]; | |
// Showcase only: Easy comparison of tokens | |
if (accessToken != access_token) | |
{ | |
throw new UnauthorizedAccessException(); | |
} | |
else | |
{ | |
await m_next.Invoke(context); | |
} | |
} | |
else if (m_next != null) | |
{ | |
await m_next.Invoke(context); | |
} | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment