e326370b5f
* Forgotten v12 obsoletions * V13 obsoletions * Remove LegacyStaticServiceProvider and fix using statements of StaticServiceProvider * Remove obsolete ctors for v13 * More v13 obsoletions * UmbracoMapper obsoletion * UmbracoPipelineFilter obsoletion --------- Co-authored-by: nikolajlauridsen <nikolajlauridsen@protonmail.ch>
50 lines
1.6 KiB
C#
50 lines
1.6 KiB
C#
using System.Net;
|
|
using Microsoft.Extensions.Options;
|
|
using Microsoft.Extensions.Primitives;
|
|
using Umbraco.Cms.Core.Configuration.Models;
|
|
|
|
namespace Umbraco.Cms.Core.Services.Implement;
|
|
|
|
public class BasicAuthService : IBasicAuthService
|
|
{
|
|
private readonly IIpAddressUtilities _ipAddressUtilities;
|
|
private BasicAuthSettings _basicAuthSettings;
|
|
|
|
public BasicAuthService(IOptionsMonitor<BasicAuthSettings> optionsMonitor, IIpAddressUtilities ipAddressUtilities)
|
|
{
|
|
_ipAddressUtilities = ipAddressUtilities;
|
|
_basicAuthSettings = optionsMonitor.CurrentValue;
|
|
|
|
optionsMonitor.OnChange(basicAuthSettings => _basicAuthSettings = basicAuthSettings);
|
|
}
|
|
|
|
public bool IsBasicAuthEnabled() => _basicAuthSettings.Enabled;
|
|
public bool IsRedirectToLoginPageEnabled() => _basicAuthSettings.RedirectToLoginPage;
|
|
|
|
public bool IsIpAllowListed(IPAddress clientIpAddress)
|
|
{
|
|
foreach (var allowedIpString in _basicAuthSettings.AllowedIPs)
|
|
{
|
|
if (_ipAddressUtilities.IsAllowListed(clientIpAddress, allowedIpString))
|
|
{
|
|
return true;
|
|
}
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
public bool HasCorrectSharedSecret(IDictionary<string, StringValues> headers)
|
|
{
|
|
var headerName = _basicAuthSettings.SharedSecret.HeaderName;
|
|
var sharedSecret = _basicAuthSettings.SharedSecret.Value;
|
|
|
|
if (string.IsNullOrWhiteSpace(headerName) || string.IsNullOrWhiteSpace(sharedSecret))
|
|
{
|
|
return false;
|
|
}
|
|
|
|
return headers.TryGetValue(headerName, out StringValues value) && value.Equals(sharedSecret);
|
|
}
|
|
}
|