in Source/FranceConnect.DataProvider/Middleware/DataProviderMiddleware.cs [42:92]
public async Task Invoke(HttpContext context)
{
if (!context.Request.Path.Value.StartsWith("/api"))
{
await _next(context);
return;
}
string authorization = context.Request.Headers["Authorization"];
string token = string.Empty;
if (string.IsNullOrEmpty(authorization))
{
await InvalidAuthorizationHeader(context);
return;
}
if (authorization.StartsWith("Bearer ", StringComparison.OrdinalIgnoreCase))
{
token = authorization.Substring("Bearer ".Length).Trim();
}
if (string.IsNullOrEmpty(token))
{
await AccessTokenNotFound(context);
return;
}
var client = new HttpClient();
var httpContent = new
{
token = token
};
var response = await client.PostAsync(Options.ChecktokenEndpoint, new StringContent(JsonSerializer.Serialize(httpContent), Encoding.UTF8, "application/json"));
if (response.IsSuccessStatusCode)
{
var json = response.Content.ReadAsStringAsync().Result;
var checktokenResponse = JsonSerializer.Deserialize<ChecktokenResponse>(json, new JsonSerializerOptions { PropertyNameCaseInsensitive = true });
context.Items["scope"] = checktokenResponse.Scope;
context.Items["email"] = checktokenResponse.Identity.Email;
}
else
{
await SendFranceConnectError(context, response.StatusCode, response.Content.ReadAsStringAsync().Result);
return;
}
if (!context.Response.HasStarted)
{
await _next(context);
}
}