Skip to content

Forward headers received from remote auth call #527

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Aug 15, 2024
Merged

Forward headers received from remote auth call #527

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
6189e98
Forward headers received from remote auth call
AndrewBennet Jul 30, 2024
5b223df
Reduce code duplication
AndrewBennet Aug 9, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 11 additions & 8 deletions ...tCore.SystemWebAdapters.CoreServices/Authentication/RemoteAppAuthenticationAuthHandler.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,16 @@ private async Task<RemoteAppAuthenticationResult> GetRemoteAppAuthenticationResu
await processor.ProcessAsync(_remoteAppAuthResult, Context);
}

// Different authentication schemes may challenge in different ways in the remote
// app, so make a best effort to forward the effects of these challenges by forwarding
// configured headers (like Location, perhaps). Additionally, the act of authentication may
// reissue an authentication cookie, for example, so headers (i.e. Set-Cookie) will need
// to be propagated for authenticate calls too.
foreach (var header in _remoteAppAuthResult.ResponseHeaders)
{
Context.Response.Headers.Append(header.Key, header.Value);
}

if (_remoteAppAuthResult.StatusCode == 400)
{
LogInvalidApiKey();
Expand Down Expand Up @@ -84,15 +94,8 @@ protected override async Task HandleChallengeAsync(AuthenticationProperties prop
{
var authResult = await GetRemoteAppAuthenticationResultAsync();

// Propagate headers and status code back to the caller
// Different authentication schemes may challenge in different ways in the remote
// app, so make a best effort to forward the effects of these challenges by forwarding
// configured headers (like Location, perhaps) and status code (like 302 or 401, for example).
// Propagate status code back to the caller to forward the effect of the challenge as best we can.
Context.Response.StatusCode = authResult.StatusCode;
foreach (var header in authResult.ResponseHeaders)
{
Context.Response.Headers.Append(header.Key, header.Value);
}
}

[LoggerMessage(EventId = 0, Level = LogLevel.Error, Message = "Failed to authenticate using the remote app due to invalid or missing API key")]
Expand Down