tk/Ocelot
1
0
Fork 0
mirror of https://github.com/nsnail/Ocelot.git synced 2025-06-19 14:58:16 +08:00
Code Issues Packages Projects Releases Wiki Activity

#633 ignore OPTIONS requests on AuthenticationMiddleware (#634)

Browse Source
This commit is contained in:
Ariel Moraes
2018-09-24 03:55:52 -03:00
committed by Tom Pallister
parent 1e5a20c2f2
commit 54cdc74293
2 changed files with 25 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/Ocelot/Authentication/Middleware/AuthenticationMiddleware.cs
View File

@ -22,12 +22,12 @@ namespace Ocelot.Authentication.Middleware
public async Task Invoke(DownstreamContext context)
{
if (IsAuthenticatedRoute(context.DownstreamReRoute))
if (context.HttpContext.Request.Method.ToUpper() != "OPTIONS" && IsAuthenticatedRoute(context.DownstreamReRoute))
{
Logger.LogInformation($"{context.HttpContext.Request.Path} is an authenticated route. {MiddlewareName} checking if client is authenticated");
var result = await context.HttpContext.AuthenticateAsync(context.DownstreamReRoute.AuthenticationOptions.AuthenticationProviderKey);
context.HttpContext.User = result.Principal;
if (context.HttpContext.User.Identity.IsAuthenticated)
@ -41,7 +41,7 @@ namespace Ocelot.Authentication.Middleware
$"Request for authenticated route {context.HttpContext.Request.Path} by {context.HttpContext.User.Identity.Name} was unauthenticated");
Logger.LogWarning($"Client has NOT been authenticated for {context.HttpContext.Request.Path} and pipeline error set. {error}");
SetPipelineError(context, error);
}
}