From f41dd93028bb1f8741ec65dab42e6d88c3ca085b Mon Sep 17 00:00:00 2001 From: Jindrich Susen Date: Fri, 8 Sep 2023 19:45:06 +0200 Subject: [PATCH 1/3] Token authentication removed from the work queue api --- backend/Origam.Server/IApplicationBuilderExtensions.cs | 1 - 1 file changed, 1 deletion(-) diff --git a/backend/Origam.Server/IApplicationBuilderExtensions.cs b/backend/Origam.Server/IApplicationBuilderExtensions.cs index 27aa97e745..b0e164f95e 100644 --- a/backend/Origam.Server/IApplicationBuilderExtensions.cs +++ b/backend/Origam.Server/IApplicationBuilderExtensions.cs @@ -114,7 +114,6 @@ public static void UseWorkQueueApi(this IApplicationBuilder app) context => context.Request.Path.ToString().StartsWith("/workQueue"), apiBranch => { - apiBranch.UseMiddleware(); apiBranch.UseMvc(routes => { routes.MapRoute("default", "{controller}/{action=Index}/{id?}"); From 445c65e8341b5661063bd495105bd2b6eb1cbf5a Mon Sep 17 00:00:00 2001 From: Jindrich Susen Date: Sun, 10 Sep 2023 11:01:17 +0200 Subject: [PATCH 2/3] Revert "Token authentication removed from the work queue api" This reverts commit f41dd93028bb1f8741ec65dab42e6d88c3ca085b. --- backend/Origam.Server/IApplicationBuilderExtensions.cs | 1 + 1 file changed, 1 insertion(+) diff --git a/backend/Origam.Server/IApplicationBuilderExtensions.cs b/backend/Origam.Server/IApplicationBuilderExtensions.cs index b0e164f95e..27aa97e745 100644 --- a/backend/Origam.Server/IApplicationBuilderExtensions.cs +++ b/backend/Origam.Server/IApplicationBuilderExtensions.cs @@ -114,6 +114,7 @@ public static void UseWorkQueueApi(this IApplicationBuilder app) context => context.Request.Path.ToString().StartsWith("/workQueue"), apiBranch => { + apiBranch.UseMiddleware(); apiBranch.UseMvc(routes => { routes.MapRoute("default", "{controller}/{action=Index}/{id?}"); From 5c7c945ed187e82509181096e4ec0ac97afdfeef Mon Sep 17 00:00:00 2001 From: Jindrich Susen Date: Sun, 10 Sep 2023 11:10:49 +0200 Subject: [PATCH 3/3] Work queue api returned 401 if the request was not authorized authorization should be optional --- .../IApplicationBuilderExtensions.cs | 2 +- .../OptionalTokenAuthenticationMiddleware.cs | 40 +++++++++++++++++++ .../UserApiTokenAuthenticationMiddleware.cs | 10 ++++- 3 files changed, 49 insertions(+), 3 deletions(-) create mode 100644 backend/Origam.Server/Middleware/OptionalTokenAuthenticationMiddleware.cs diff --git a/backend/Origam.Server/IApplicationBuilderExtensions.cs b/backend/Origam.Server/IApplicationBuilderExtensions.cs index 27aa97e745..7affbd7161 100644 --- a/backend/Origam.Server/IApplicationBuilderExtensions.cs +++ b/backend/Origam.Server/IApplicationBuilderExtensions.cs @@ -114,7 +114,7 @@ public static void UseWorkQueueApi(this IApplicationBuilder app) context => context.Request.Path.ToString().StartsWith("/workQueue"), apiBranch => { - apiBranch.UseMiddleware(); + apiBranch.UseMiddleware(); apiBranch.UseMvc(routes => { routes.MapRoute("default", "{controller}/{action=Index}/{id?}"); diff --git a/backend/Origam.Server/Middleware/OptionalTokenAuthenticationMiddleware.cs b/backend/Origam.Server/Middleware/OptionalTokenAuthenticationMiddleware.cs new file mode 100644 index 0000000000..d5e9cc9333 --- /dev/null +++ b/backend/Origam.Server/Middleware/OptionalTokenAuthenticationMiddleware.cs @@ -0,0 +1,40 @@ +#region license +/* +Copyright 2005 - 2023 Advantage Solutions, s. r. o. + +This file is part of ORIGAM (http://www.origam.org). + +ORIGAM is free software: you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation, either version 3 of the License, or +(at your option) any later version. + +ORIGAM is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with ORIGAM. If not, see . +*/ +#endregion + +using System.Threading.Tasks; +using Microsoft.AspNetCore.Authentication; +using Microsoft.AspNetCore.Http; + +namespace Origam.Server.Middleware; + + +// Request will continue if not authenticated +class OptionalTokenAuthenticationMiddleware : UserApiTokenAuthenticationMiddleware +{ + public OptionalTokenAuthenticationMiddleware(RequestDelegate next, IAuthenticationSchemeProvider schemes) : base(next, schemes) + { + } + + protected override async Task HandleUnauthorizedRequest(HttpContext context) + { + await _next(context); + } +} \ No newline at end of file diff --git a/backend/Origam.Server/Middleware/UserApiTokenAuthenticationMiddleware.cs b/backend/Origam.Server/Middleware/UserApiTokenAuthenticationMiddleware.cs index 3fc2f17e9c..2d1c40d31b 100644 --- a/backend/Origam.Server/Middleware/UserApiTokenAuthenticationMiddleware.cs +++ b/backend/Origam.Server/Middleware/UserApiTokenAuthenticationMiddleware.cs @@ -37,7 +37,7 @@ namespace Origam.Server.Middleware; /// public class UserApiTokenAuthenticationMiddleware { - private readonly RequestDelegate _next; + protected readonly RequestDelegate _next; public UserApiTokenAuthenticationMiddleware(RequestDelegate next, IAuthenticationSchemeProvider schemes) @@ -86,11 +86,17 @@ public async Task Invoke(HttpContext context) } else { - context.Response.StatusCode = 401; + await HandleUnauthorizedRequest(context); return; } await _next(context); } + + protected virtual Task HandleUnauthorizedRequest(HttpContext context) + { + context.Response.StatusCode = 401; + return Task.CompletedTask; + } } class OrigamAuthenticationFeatures : IAuthenticateResultFeature, IHttpAuthenticationFeature