tk/Ocelot
1
0
Fork 0
mirror of https://github.com/nsnail/Ocelot.git synced 2025-04-22 20:12:51 +08:00
Code Issues Packages Projects Releases Wiki Activity

#633 ignore OPTIONS requests on AuthenticationMiddleware (#634)

Browse Source
This commit is contained in:
Ariel Moraes 2018-09-24 03:55:52 -03:00 committed by Tom Pallister
parent 1e5a20c2f2
commit 54cdc74293
2 changed files with 25 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Ocelot/Authentication/Middleware/AuthenticationMiddleware.cs
View File

@ -22,7 +22,7 @@ namespace Ocelot.Authentication.Middleware
public async Task Invoke(DownstreamContext context) public async Task Invoke(DownstreamContext context)
{ {
if (IsAuthenticatedRoute(context.DownstreamReRoute)) if (context.HttpContext.Request.Method.ToUpper() != "OPTIONS" && IsAuthenticatedRoute(context.DownstreamReRoute))
{ {
Logger.LogInformation($"{context.HttpContext.Request.Path} is an authenticated route. {MiddlewareName} checking if client is authenticated"); Logger.LogInformation($"{context.HttpContext.Request.Path} is an authenticated route. {MiddlewareName} checking if client is authenticated");

21
test/Ocelot.UnitTests/Authentication/AuthenticationMiddlewareTests.cs
View File

@ -46,6 +46,20 @@ namespace Ocelot.UnitTests.Authentication
.BDDfy(); .BDDfy();
} }
[Fact]
public void should_call_next_middleware_if_route_is_using_options_method()
{
this.Given(x => GivenTheDownStreamRouteIs(
new DownstreamReRouteBuilder()
.WithUpstreamHttpMethod(new List<string> { "Options" })
.WithIsAuthenticated(true)
.Build()))
.And(x => GivenTheRequestIsUsingOptionsMethod())
.When(x => WhenICallTheMiddleware())
.Then(x => ThenTheUserIsAuthenticated())
.BDDfy();
}
private void WhenICallTheMiddleware() private void WhenICallTheMiddleware()
{ {
_next = (context) => { _next = (context) => {
@ -68,6 +82,11 @@ namespace Ocelot.UnitTests.Authentication
}; };
} }
private void GivenTheRequestIsUsingOptionsMethod()
{
_downstreamContext.HttpContext.Request.Method = "OPTIONS";
}
private void ThenTheUserIsAuthenticated() private void ThenTheUserIsAuthenticated()
{ {
var content = _downstreamContext.HttpContext.Response.Body.AsString(); var content = _downstreamContext.HttpContext.Response.Body.AsString();
@ -84,7 +103,7 @@ namespace Ocelot.UnitTests.Authentication
{ {
public static string AsString(this Stream stream) public static string AsString(this Stream stream)
{ {
using(var reader = new StreamReader(stream)) using (var reader = new StreamReader(stream))
{ {
string text = reader.ReadToEnd(); string text = reader.ReadToEnd();
return text; return text;