Skip to content

Commit 64b54d0

Browse files
thangchungthangchung
committed
fix bug on authn for gRPC
1 parent 80f9a09 commit 64b54d0

File tree

2 files changed

+30
-11
lines changed

2 files changed

+30
-11
lines changed

src/NetCoreKit.Infrastructure.GrpcHost/AuthInterceptor.cs

Lines changed: 23 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,8 @@ public override async Task<TResponse> UnaryServerHandler<TRequest, TResponse>(TR
3737
{
3838
try
3939
{
40-
var attribute = (CheckPolicyAttribute)continuation.Method.GetCustomAttributes(typeof(CheckPolicyAttribute), false).FirstOrDefault();
40+
var attribute = (CheckPolicyAttribute)continuation.Method
41+
.GetCustomAttributes(typeof(CheckPolicyAttribute), false).FirstOrDefault();
4142
if (attribute == null)
4243
{
4344
return await continuation(request, context);
@@ -54,10 +55,27 @@ public override async Task<TResponse> UnaryServerHandler<TRequest, TResponse>(TR
5455
}
5556

5657
var client = new HttpClient();
58+
5759
var idpConfig = _config.GetSection("Idp");
58-
var disco = await client.GetDiscoveryDocumentAsync(idpConfig.GetValue<string>("Authority"));
59-
var keys = new List<SecurityKey>();
60+
var discoveryRequest = new DiscoveryDocumentRequest
61+
{
62+
Address = idpConfig.GetValue<string>("Authority"),
63+
Policy =
64+
{
65+
Authority = idpConfig.GetValue<string>("Authority"),
66+
RequireHttps = false, // TODO: for demo only
67+
ValidateIssuerName = false, // TODO: for demo only
68+
}
69+
};
6070

71+
var disco = await client.GetDiscoveryDocumentAsync(discoveryRequest);
72+
if (disco?.KeySet == null)
73+
{
74+
throw new Exception(
75+
$"Cannot discover IdpServer with Authority={idpConfig.GetValue<string>("Authority")} and Audience={idpConfig.GetValue<string>("Audience")}.");
76+
}
77+
78+
var keys = new List<SecurityKey>();
6179
foreach (var webKey in disco.KeySet.Keys)
6280
{
6381
var e = Base64Url.Decode(webKey.E);
@@ -94,7 +112,8 @@ public override async Task<TResponse> UnaryServerHandler<TRequest, TResponse>(TR
94112
throw new AuthenticationException("Cannot get authorization on the header.");
95113
}
96114

97-
var user = handler.ValidateToken(userToken.TrimStart("Bearer").TrimStart("bearer").TrimStart(" "), parameters, out _);
115+
var user = handler.ValidateToken(userToken.TrimStart("Bearer").TrimStart("bearer").TrimStart(" "),
116+
parameters, out _);
98117

99118
if (user == null)
100119
{

templates/NetCoreKit.GrpcTemplate.MongoDb/HostBuilderExtensions.cs

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -23,19 +23,19 @@ public static IHost ConfigureDefaultSettings(this HostBuilder hostBuilder,
2323
{
2424
return hostBuilder
2525
.ConfigureHostConfiguration(configHost =>
26-
{
27-
configHost.SetBasePath(Directory.GetCurrentDirectory());
28-
configHost.AddJsonFile("hostsettings.json", optional: true);
29-
configHost.AddEnvironmentVariables();
30-
configHost.AddCommandLine(args);
31-
})
26+
{
27+
configHost.SetBasePath(Directory.GetCurrentDirectory());
28+
configHost.AddJsonFile("hostsettings.json", optional: true);
29+
configHost.AddEnvironmentVariables();
30+
configHost.AddCommandLine(args);
31+
})
3232
.ConfigureAppConfiguration((hostContext, configApp) =>
3333
{
34+
configApp.AddEnvironmentVariables();
3435
configApp.AddJsonFile("appsettings.json", optional: true);
3536
configApp.AddJsonFile(
3637
$"appsettings.{hostContext.HostingEnvironment.EnvironmentName}.json",
3738
optional: true);
38-
configApp.AddEnvironmentVariables();
3939
configApp.AddCommandLine(args);
4040
})
4141
.ConfigureServices((hostContext, services) =>

0 commit comments

Comments
 (0)