Allow unauthenticated access to path defined in options.authendpoint (#5)

hftl-kalle · kirkone · commit b0bf3b0e4896 · 2018-10-09T12:31:55.000+02:00
diff --git a/src/KK.AspNetCore.EasyAuthAuthentication/EasyAuthAuthenticationHandler.cs b/src/KK.AspNetCore.EasyAuthAuthentication/EasyAuthAuthenticationHandler.cs
@@ -31,10 +31,9 @@ protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
             Logger.LogInformation("starting authentication handler for app service authentication");
 
             if (
-                this.Context.User == null ||
+                (this.Context.User == null ||
                 this.Context.User.Identity == null ||
-                this.Context.User.Identity.IsAuthenticated == false
-            )
+                this.Context.User.Identity.IsAuthenticated == false ) && this.Context.Request.Path != "/" + $"{Options.AuthEndpoint}")
             {
                 var cookieContainer = new CookieContainer();
                 HttpClientHandler handler = createHandler(ref cookieContainer);
@@ -50,7 +49,7 @@ protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
                     return AuthenticateResult.Fail(ex.Message);
                 }
 
-                //build up identity from json...
+                // build up identity from json...
                 AuthenticationTicket ticket = BuildIdentityFromJsonPayload((JObject)payload[0]);
 
                 Logger.LogInformation("Set identity to user context object.");
@@ -116,7 +115,7 @@ private HttpRequestMessage CreateAuthRequest(ref CookieContainer cookieContainer
                 Logger.LogDebug(cookie.Key);
             }
 
-            //fetch value from endpoint
+            // fetch value from endpoint
             var request = new HttpRequestMessage(HttpMethod.Get, $"{uriString}/{Options.AuthEndpoint}");
             foreach (var header in Context.Request.Headers)
             {
@@ -125,6 +124,7 @@ private HttpRequestMessage CreateAuthRequest(ref CookieContainer cookieContainer
                     request.Headers.Add(header.Key, header.Value[0]);
                 }
             }
+
             return request;
         }
 
@@ -158,8 +158,8 @@ private async Task<JArray> getAuthMe(HttpClientHandler handler, HttpRequestMessa
                 {
                     throw new JsonSerializationException("Could not retreive json from /me endpoint.");
                 }
+            }
 
-            };
             return payload;
         }
     }

Original file line number	Diff line number	Diff line change
`@@ -31,10 +31,9 @@ protected override async Task<AuthenticateResult> HandleAuthenticateAsync()`
`31`	`31`	`Logger.LogInformation("starting authentication handler for app service authentication");`
`32`	`32`
`33`	`33`	`if (`
`34`		`- this.Context.User == null \|\|`
	`34`	`+ (this.Context.User == null \|\|`
`35`	`35`	`this.Context.User.Identity == null \|\|`
`36`		`- this.Context.User.Identity.IsAuthenticated == false`
`37`		`- )`
	`36`	`+ this.Context.User.Identity.IsAuthenticated == false ) && this.Context.Request.Path != "/" + $"{Options.AuthEndpoint}")`
`38`	`37`	`{`
`39`	`38`	`var cookieContainer = new CookieContainer();`
`40`	`39`	`HttpClientHandler handler = createHandler(ref cookieContainer);`
`@@ -50,7 +49,7 @@ protected override async Task<AuthenticateResult> HandleAuthenticateAsync()`
`50`	`49`	`return AuthenticateResult.Fail(ex.Message);`
`51`	`50`	`}`
`52`	`51`
`53`		`- //build up identity from json...`
	`52`	`+ // build up identity from json...`
`54`	`53`	`AuthenticationTicket ticket = BuildIdentityFromJsonPayload((JObject)payload[0]);`
`55`	`54`
`56`	`55`	`Logger.LogInformation("Set identity to user context object.");`
`@@ -116,7 +115,7 @@ private HttpRequestMessage CreateAuthRequest(ref CookieContainer cookieContainer`
`116`	`115`	`Logger.LogDebug(cookie.Key);`
`117`	`116`	`}`
`118`	`117`
`119`		`- //fetch value from endpoint`
	`118`	`+ // fetch value from endpoint`
`120`	`119`	`var request = new HttpRequestMessage(HttpMethod.Get, $"{uriString}/{Options.AuthEndpoint}");`
`121`	`120`	`foreach (var header in Context.Request.Headers)`
`122`	`121`	`{`
`@@ -125,6 +124,7 @@ private HttpRequestMessage CreateAuthRequest(ref CookieContainer cookieContainer`
`125`	`124`	`request.Headers.Add(header.Key, header.Value[0]);`
`126`	`125`	`}`
`127`	`126`	`}`
	`127`	`+`
`128`	`128`	`return request;`
`129`	`129`	`}`
`130`	`130`
`@@ -158,8 +158,8 @@ private async Task<JArray> getAuthMe(HttpClientHandler handler, HttpRequestMessa`
`158`	`158`	`{`
`159`	`159`	`throw new JsonSerializationException("Could not retreive json from /me endpoint.");`
`160`	`160`	`}`
	`161`	`+ }`
`161`	`162`
`162`		`- };`
`163`	`163`	`return payload;`
`164`	`164`	`}`
`165`	`165`	`}`