Added style guidance and performed enforcement
This commit is contained in:
@ -44,12 +44,13 @@ namespace IO.Swagger.Security
|
||||
{
|
||||
return AuthenticateResult.Fail("Missing Authorization Header");
|
||||
}
|
||||
|
||||
try
|
||||
{
|
||||
var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
|
||||
AuthenticationHeaderValue authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
|
||||
|
||||
var tokenHandler = new JwtSecurityTokenHandler();
|
||||
var validationParameters = new TokenValidationParameters
|
||||
JwtSecurityTokenHandler tokenHandler = new();
|
||||
TokenValidationParameters validationParameters = new()
|
||||
{
|
||||
ValidateIssuerSigningKey = true,
|
||||
IssuerSigningKey = new SymmetricSecurityKey(secretBytes),
|
||||
@ -59,15 +60,15 @@ namespace IO.Swagger.Security
|
||||
|
||||
try
|
||||
{
|
||||
var claimsPrincipal = tokenHandler.ValidateToken(authHeader.Parameter, validationParameters, out _);
|
||||
var userIdClaim = claimsPrincipal.FindFirst(ClaimTypes.NameIdentifier);
|
||||
ClaimsPrincipal claimsPrincipal = tokenHandler.ValidateToken(authHeader.Parameter, validationParameters, out _);
|
||||
Claim userIdClaim = claimsPrincipal.FindFirst(ClaimTypes.NameIdentifier);
|
||||
|
||||
if (userIdClaim != null && int.TryParse(userIdClaim.Value, out int userId))
|
||||
{
|
||||
var claims = new[] { new Claim(ClaimTypes.NameIdentifier, userId.ToString()) };
|
||||
var identity = new ClaimsIdentity(claims, SchemeName);
|
||||
var principal = new ClaimsPrincipal(identity);
|
||||
var ticket = new AuthenticationTicket(principal, Scheme.Name);
|
||||
Claim[] claims = new[] { new Claim(ClaimTypes.NameIdentifier, userId.ToString()) };
|
||||
ClaimsIdentity identity = new(claims, SchemeName);
|
||||
ClaimsPrincipal principal = new(identity);
|
||||
AuthenticationTicket ticket = new(principal, Scheme.Name);
|
||||
|
||||
return AuthenticateResult.Success(ticket);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user