open source Notesnook API

2026-02-12 19:22:45 +00:00 · 2022-12-28 16:20:25 +05:00
parent cf406454cd
commit d2217adce7
85 changed files with 4137 additions and 0 deletions
--- a/Notesnook.API/Extensions/AuthorizationResultTransformer.cs
+++ b/Notesnook.API/Extensions/AuthorizationResultTransformer.cs
@@ -0,0 +1,54 @@
+using System.Linq;
+using System.Net;
+using System.Text.Json;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Authorization.Policy;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+using Notesnook.API.Authorization;
+
+namespace Notesnook.API.Extensions
+{
+    public class AuthorizationResultTransformer : IAuthorizationMiddlewareResultHandler
+    {
+        private readonly IAuthorizationMiddlewareResultHandler _handler;
+
+        public AuthorizationResultTransformer()
+        {
+            _handler = new AuthorizationMiddlewareResultHandler();
+        }
+
+        public async Task HandleAsync(
+            RequestDelegate requestDelegate,
+            HttpContext httpContext,
+            AuthorizationPolicy authorizationPolicy,
+            PolicyAuthorizationResult policyAuthorizationResult)
+        {
+            var isWebsocket = httpContext.Request.Headers.Upgrade == "websocket";
+
+            if (!isWebsocket && policyAuthorizationResult.Forbidden && policyAuthorizationResult.AuthorizationFailure != null)
+            {
+                var error = string.Join("\n", policyAuthorizationResult.AuthorizationFailure.FailureReasons.Select((r) => r.Message));
+
+                if (!string.IsNullOrEmpty(error) && !isWebsocket)
+                {
+                    httpContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
+                    httpContext.Response.ContentType = "application/json";
+                    await httpContext.Response.WriteAsync(JsonSerializer.Serialize(new { error }));
+                    return;
+                }
+
+                await _handler.HandleAsync(requestDelegate, httpContext, authorizationPolicy, policyAuthorizationResult);
+            }
+            else if (isWebsocket)
+            {
+                await _handler.HandleAsync(requestDelegate, httpContext, authorizationPolicy, PolicyAuthorizationResult.Success());
+            }
+            else
+            {
+                await _handler.HandleAsync(requestDelegate, httpContext, authorizationPolicy, policyAuthorizationResult);
+            }
+        }
+    }
+}