tsai
/
squidex
mirror of https://github.com/Squidex/squidex.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Headless CMS and Content Managment Hub
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1447 Commits
10 Branches
150 Tags
122 MiB
 
 
 
 
 
Tree: 0bc5ff137b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '0bc5ff137b'
${ noResults }
squidex/src/Squidex/Pipeline/CommandMiddlewares/EnrichWithActorCommandMiddl...

64 lines
2.1 KiB
Raw Blame History

// ==========================================================================
// Squidex Headless CMS
// ==========================================================================
// Copyright (c) Squidex UG (haftungsbeschränkt)
// All rights reserved. Licensed under the MIT license.
// ==========================================================================
using System;
using System.Security;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Http;
using Squidex.Domain.Apps.Entities;
using Squidex.Infrastructure;
using Squidex.Infrastructure.Commands;
using Squidex.Infrastructure.Security;
namespace Squidex.Pipeline.CommandMiddlewares
{
public class EnrichWithActorCommandMiddleware : ICommandMiddleware
{
private readonly IHttpContextAccessor httpContextAccessor;
public EnrichWithActorCommandMiddleware(IHttpContextAccessor httpContextAccessor)
{
this.httpContextAccessor = httpContextAccessor;
}
public Task HandleAsync(CommandContext context, Func<Task> next)
{
if (context.Command is SquidexCommand squidexCommand)
{
if (squidexCommand.Actor == null)
{
var actorToken =
FindActorFromSubject() ??
FindActorFromClient();
squidexCommand.Actor = actorToken ?? throw new SecurityException("No actor with subject or client id available.");
}
if (squidexCommand.User == null)
{
squidexCommand.User = httpContextAccessor.HttpContext.User;
}
}
return next();
}
private RefToken FindActorFromSubject()
{
var subjectId = httpContextAccessor.HttpContext.User.OpenIdSubject();
return subjectId == null ? null : new RefToken("subject", subjectId);
}
private RefToken FindActorFromClient()
{
var clientId = httpContextAccessor.HttpContext.User.OpenIdClientId();
return clientId == null ? null : new RefToken("client", clientId);
}
}
}