using System.Net; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Options; using Microsoft.Extensions.Primitives; using Umbraco.Cms.Core.Configuration.Models; using Umbraco.Cms.Core.DependencyInjection; namespace Umbraco.Cms.Core.Services.Implement; public class BasicAuthService : IBasicAuthService { private readonly IIpAddressUtilities _ipAddressUtilities; private BasicAuthSettings _basicAuthSettings; // Scheduled for removal in v12 [Obsolete("Please use the contructor that takes an IIpadressUtilities instead")] public BasicAuthService(IOptionsMonitor optionsMonitor) : this(optionsMonitor, StaticServiceProvider.Instance.GetRequiredService()) { _basicAuthSettings = optionsMonitor.CurrentValue; optionsMonitor.OnChange(basicAuthSettings => _basicAuthSettings = basicAuthSettings); } public BasicAuthService(IOptionsMonitor optionsMonitor, IIpAddressUtilities ipAddressUtilities) { _ipAddressUtilities = ipAddressUtilities; _basicAuthSettings = optionsMonitor.CurrentValue; optionsMonitor.OnChange(basicAuthSettings => _basicAuthSettings = basicAuthSettings); } public bool IsBasicAuthEnabled() => _basicAuthSettings.Enabled; public bool IsRedirectToLoginPageEnabled() => _basicAuthSettings.RedirectToLoginPage; public bool IsIpAllowListed(IPAddress clientIpAddress) { foreach (var allowedIpString in _basicAuthSettings.AllowedIPs) { if (_ipAddressUtilities.IsAllowListed(clientIpAddress, allowedIpString)) { return true; } } return false; } public bool HasCorrectSharedSecret(IDictionary headers) { var headerName = _basicAuthSettings.SharedSecret.HeaderName; var sharedSecret = _basicAuthSettings.SharedSecret.Value; if (string.IsNullOrWhiteSpace(headerName) || string.IsNullOrWhiteSpace(sharedSecret)) { return false; } return headers.TryGetValue(headerName, out StringValues value) && value.Equals(sharedSecret); } }