/* This file is part of the Notesnook Sync Server project (https://notesnook.com/) Copyright (C) 2023 Streetwriters (Private) Limited This program is free software: you can redistribute it and/or modify it under the terms of the Affero GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the Affero GNU General Public License for more details. You should have received a copy of the Affero GNU General Public License along with this program. If not, see . */ using System.Linq; using IdentityModel; using IdentityServer4.Validation; using Microsoft.AspNetCore.Http; namespace Streetwriters.Identity.Validation { public class BearerTokenValidator { /// /// Validates the authorization header. /// /// The context. /// public static BearerTokenUsageValidationResult ValidateAuthorizationHeader(HttpContext context) { var authorizationHeader = context.Request.Headers["Authorization"].FirstOrDefault(); if (!string.IsNullOrEmpty(authorizationHeader)) { var header = authorizationHeader.Trim(); if (header.StartsWith(OidcConstants.AuthenticationSchemes.AuthorizationHeaderBearer)) { var value = header.Substring(OidcConstants.AuthenticationSchemes.AuthorizationHeaderBearer.Length).Trim(); if (!string.IsNullOrEmpty(value)) { return new BearerTokenUsageValidationResult { TokenFound = true, Token = value, UsageType = BearerTokenUsageType.AuthorizationHeader }; } } else { } } return new BearerTokenUsageValidationResult(); } } }