Let API Token also authorize for ExpiringTokenFilter.

immense · Apr 14, 2021 · 255f57c · 255f57c
1 parent 1b5bc77
commit 255f57c
Showing 1 changed file with 24 additions and 2 deletions.
diff --git a/Server/Auth/ExpiringTokenFilter.cs b/Server/Auth/ExpiringTokenFilter.cs
@@ -14,12 +14,15 @@ namespace Remotely.Server.Auth
 {
     public class ExpiringTokenFilter : ActionFilterAttribute, IAuthorizationFilter
     {
+        private readonly IDataService _dataService;
         private readonly IExpiringTokenService _expiringTokenService;
         private readonly ILogger<ExpiringTokenFilter> _logger;
 
         public ExpiringTokenFilter(IExpiringTokenService expiringTokenService,
+            IDataService dataService,
             ILogger<ExpiringTokenFilter> logger)
         {
+            _dataService = dataService;
             _expiringTokenService = expiringTokenService;
             _logger = logger;
         }
@@ -31,8 +34,27 @@ public void OnAuthorization(AuthorizationFilterContext context)
                 return;
             }
 
-            if (context.HttpContext.Request.Headers.TryGetValue("Authorization", out var authorization) &&
-                _expiringTokenService.TryGetExpiration(authorization.ToString(), out var expiration) &&
+            if (!context.HttpContext.Request.Headers.TryGetValue("Authorization", out var authorization))
+            {
+                context.Result = new UnauthorizedResult();
+                return;
+            }
+
+            if (authorization.ToString().Contains(":"))
+            {
+                var keyId = authorization.ToString().Split(":")[0]?.Trim();
+                var apiSecret = authorization.ToString().Split(":")[1]?.Trim();
+
+                if (_dataService.ValidateApiKey(keyId, apiSecret, context.HttpContext.Request.Path, context.HttpContext.Connection.RemoteIpAddress.ToString()))
+                {
+                    var orgID = _dataService.GetApiKey(keyId)?.OrganizationID;
+                    context.HttpContext.Request.Headers["OrganizationID"] = orgID;
+                    return;
+                }
+            }
+
+
+            if (_expiringTokenService.TryGetExpiration(authorization.ToString(), out var expiration) &&
                 expiration > DateTimeOffset.Now)
             {
                 _logger.LogDebug("Expiring token authorized.  Token: {token}.  Expiration: {expiration}", authorization, expiration);