Skip to content

Commit

Permalink
test jwt header
Browse files Browse the repository at this point in the history
  • Loading branch information
area363 committed Dec 3, 2024
1 parent 23e9524 commit 2488615
Show file tree
Hide file tree
Showing 2 changed files with 23 additions and 2 deletions.
1 change: 1 addition & 0 deletions NineChronicles.Headless.Executable/Program.cs
Original file line number Diff line number Diff line change
Expand Up @@ -331,6 +331,7 @@ public async Task Run(
try
{
IHostBuilder hostBuilder = Host.CreateDefaultBuilder();
hostBuilder.ConfigureAppConfiguration(builder => builder.AddConfiguration(configuration));

var standaloneContext = new StandaloneContext
{
Expand Down
24 changes: 22 additions & 2 deletions NineChronicles.Headless/Middleware/CustomRateLimitMiddleware.cs
Original file line number Diff line number Diff line change
Expand Up @@ -9,22 +9,34 @@

namespace NineChronicles.Headless.Middleware
{
using System.Linq;
using Microsoft.Extensions.Configuration;

public class CustomRateLimitMiddleware : RateLimitMiddleware<CustomIpRateLimitProcessor>
{
private readonly ILogger _logger;
private readonly IRateLimitConfiguration _config;
private readonly IOptions<CustomIpRateLimitOptions> _options;
private readonly string _whitelistedIp;
private readonly string _jwtKey;

public CustomRateLimitMiddleware(RequestDelegate next,
IProcessingStrategy processingStrategy,
IOptions<CustomIpRateLimitOptions> options,
IIpPolicyStore policyStore,
IRateLimitConfiguration config)
IRateLimitConfiguration config,
Microsoft.Extensions.Configuration.IConfiguration configuration)
: base(next, options?.Value, new CustomIpRateLimitProcessor(options?.Value!, policyStore, processingStrategy), config)
{
_config = config;
_options = options!;
_logger = Log.Logger.ForContext<CustomRateLimitMiddleware>();

// Cache the JWT key
_jwtKey = configuration["Jwt:Key"] ?? string.Empty;

// Retrieve the first IP from the IpWhitelist array, fallback to "127.0.0.1" if null or empty
_whitelistedIp = configuration.GetSection("IpRateLimiting:IpWhitelist")?.Get<string[]>()?.FirstOrDefault() ?? "127.0.0.1";
}

protected override void LogBlockedRequest(HttpContext httpContext, ClientRequestIdentity identity, RateLimitCounter counter, RateLimitRule rule)
Expand All @@ -43,16 +55,24 @@ public override async Task<ClientRequestIdentity> ResolveIdentityAsync(HttpConte
{
var identity = await base.ResolveIdentityAsync(httpContext);

// Check if the protocol is HTTP/1.1
if (httpContext.Request.Protocol == "HTTP/1.1")
{
// Read the body to check for stageTransaction
var body = await new StreamReader(httpContext.Request.Body).ReadToEndAsync();
httpContext.Request.Body.Seek(0, SeekOrigin.Begin);
if (body.Contains("stageTransaction"))
{
identity.Path = "/graphql/stagetransaction";
}
}

return identity;
// Check for JWT secret key in headers
if (httpContext.Request.Headers.TryGetValue("Authorization", out var authHeaderValue) &&
!string.IsNullOrEmpty(_jwtKey) &&
authHeaderValue.ToString().Equals($"Bearer {_jwtKey}", System.StringComparison.OrdinalIgnoreCase))
{
identity.ClientIp = _whitelistedIp; // Set ClientIp to the first value in IpWhitelist or fallback to "127.0.0.1"
}

return identity;
Expand Down

0 comments on commit 2488615

Please sign in to comment.