Created
August 5, 2022 04:45
-
-
Save mt-akar/b591b48ebc067fcc4f32ea5a14814413 to your computer and use it in GitHub Desktop.
This code checks key from url and secret from auth header password for basic auth againts the Client.ClientId as key and ClientSecret.Value as secret-hash.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| try | |
| { | |
| var authHeader = Request.Headers.Authorization.ToString(); | |
| if (!authHeader.StartsWith("Basic ")) | |
| return Unauthorized(); | |
| var apiSecretHash = Encoding.ASCII.GetString(Convert.FromBase64String(authHeader[6..])) | |
| .Split(':')[1] | |
| .ToSha256(); | |
| var secretValid = await _configDb.Clients | |
| .Include(c => c.ClientSecrets) | |
| .Where(c => c.ClientId == apiKey) | |
| .Select(c => c.ClientSecrets.Any(cs => cs.Value == apiSecretHash)) | |
| .FirstOrDefaultAsync(); | |
| if (!secretValid) | |
| return Unauthorized(); | |
| } | |
| catch | |
| { | |
| return Unauthorized(); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment