File tree Expand file tree Collapse file tree
Features/Blockcore.Features.NodeHost Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -20,5 +20,7 @@ public class ApiKey
2020 //public DateTime ValidTo { get; set; } // TODO: Add support for time-activated API keys.
2121
2222 public IReadOnlyCollection < string > Roles { get ; set ; }
23+
24+ public IReadOnlyCollection < string > Paths { get ; set ; }
2325 }
2426}
Original file line number Diff line number Diff line change @@ -51,6 +51,19 @@ protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
5151
5252 if ( existingApiKey != null )
5353 {
54+ // First verify the path access is enabled, if so we'll perform a validation here.
55+ if ( this . Request . Path . HasValue && existingApiKey . Paths != null && existingApiKey . Paths . Count > 0 )
56+ {
57+ string path = this . Request . Path . Value ;
58+ bool hasAccess = existingApiKey . Paths . Any ( p => path . StartsWith ( p ) ) ;
59+
60+ if ( ! hasAccess )
61+ {
62+ // Return NoResult and return standard 401 Unauthorized result.
63+ return AuthenticateResult . NoResult ( ) ;
64+ }
65+ }
66+
5467 var claims = new List < Claim >
5568 {
5669 new Claim ( ClaimTypes . Name , existingApiKey . Owner )
Original file line number Diff line number Diff line change @@ -49,6 +49,9 @@ public void ConfigureServices(IServiceCollection services)
4949 {
5050 NodeHostSettings hostSettings = fullNode . Services . ServiceProvider . GetService < NodeHostSettings > ( ) ;
5151
52+ // Make the configuration available to custom features.
53+ services . AddSingleton ( this . Configuration ) ;
54+
5255 services . AddLogging ( loggingBuilder =>
5356 {
5457 loggingBuilder . AddConfiguration ( this . Configuration . GetSection ( "Logging" ) ) ;
Original file line number Diff line number Diff line change 66 "System" : " Information" ,
77 "Microsoft" : " Information"
88 }
9- },
10- "Blockcore" : {
11- "API" : {
12- "Keys" : [
13- {
14- "Id" : 1 ,
15- "Enabled" : false ,
16- "Owner" : " Admin" ,
17- "Key" : " 1ca8f906-a23e-48b2-8b83-e95290986d0e" ,
18- "Roles" : [ " User" , " Admin" ]
19- }
20- ]
21- }
229 }
2310}
Original file line number Diff line number Diff line change 1+ {
2+ "Logging" : {
3+ "IncludeScopes" : false ,
4+ "LogLevel" : {
5+ "Default" : " Information" ,
6+ "System" : " Information" ,
7+ "Microsoft" : " Information"
8+ }
9+ },
10+ "Blockcore" : {
11+ "API" : {
12+ "Keys" : [
13+ {
14+ "Id" : 1 ,
15+ "Enabled" : false ,
16+ "Owner" : " Admin" ,
17+ "Key" : " 1ca8f906-a23e-48b2-8b83-e95290986d0e" ,
18+ "Roles" : [ " User" , " Admin" ]
19+ },
20+ {
21+ "Id" : 2 ,
22+ "Enabled" : false ,
23+ "Owner" : " Registry" ,
24+ "Key" : " 132525f1-46d2-45eb-bfe5-8a354b63ce36" ,
25+ "Roles" : [ " User" ],
26+ "Paths" : [ " /api/identity" , " /api/storage" , " /.well-known" ]
27+ }
28+ ]
29+ }
30+ }
31+ }
You can’t perform that action at this time.
0 commit comments