-
Notifications
You must be signed in to change notification settings - Fork 2.7k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
OpenIddict should only handle /umbraco/ requests (#16549)
- Loading branch information
Showing
2 changed files
with
69 additions
and
0 deletions.
There are no files selected for viewing
53 changes: 53 additions & 0 deletions
53
src/Umbraco.Cms.Api.Common/DependencyInjection/ProcessRequestContextHandler.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
using Microsoft.AspNetCore.Http; | ||
using OpenIddict.Server; | ||
using OpenIddict.Validation; | ||
using Umbraco.Cms.Core; | ||
using Umbraco.Extensions; | ||
|
||
namespace Umbraco.Cms.Api.Common.DependencyInjection; | ||
|
||
public class ProcessRequestContextHandler | ||
: IOpenIddictServerHandler<OpenIddictServerEvents.ProcessRequestContext>, IOpenIddictValidationHandler<OpenIddictValidationEvents.ProcessRequestContext> | ||
{ | ||
private readonly IHttpContextAccessor _httpContextAccessor; | ||
private readonly string _backOfficePathSegment; | ||
|
||
public ProcessRequestContextHandler(IHttpContextAccessor httpContextAccessor) | ||
{ | ||
_httpContextAccessor = httpContextAccessor; | ||
_backOfficePathSegment = Constants.System.DefaultUmbracoPath.TrimStart(Constants.CharArrays.Tilde) | ||
.EnsureStartsWith('/') | ||
.EnsureEndsWith('/'); | ||
} | ||
|
||
public ValueTask HandleAsync(OpenIddictServerEvents.ProcessRequestContext context) | ||
{ | ||
if (SkipOpenIddictHandlingForRequest()) | ||
{ | ||
context.SkipRequest(); | ||
} | ||
|
||
return ValueTask.CompletedTask; | ||
} | ||
|
||
public ValueTask HandleAsync(OpenIddictValidationEvents.ProcessRequestContext context) | ||
{ | ||
if (SkipOpenIddictHandlingForRequest()) | ||
{ | ||
context.SkipRequest(); | ||
} | ||
|
||
return ValueTask.CompletedTask; | ||
} | ||
|
||
private bool SkipOpenIddictHandlingForRequest() | ||
{ | ||
var requestPath = _httpContextAccessor.HttpContext?.Request.Path.Value; | ||
if (requestPath.IsNullOrWhiteSpace()) | ||
{ | ||
return false; | ||
} | ||
|
||
return requestPath.StartsWith(_backOfficePathSegment) is false; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters