Add custom 401 http delegation handler

Altinn · Nov 23, 2023 · 2033fcb · 2033fcb
1 parent 4d9b60f
commit 2033fcb
Show file tree

Hide file tree

Showing 4 changed files with 51 additions and 13 deletions.
diff --git a/backend/src/Designer/TypedHttpClients/DelegatingHandlers/Custom401Handler.cs b/backend/src/Designer/TypedHttpClients/DelegatingHandlers/Custom401Handler.cs
@@ -0,0 +1,34 @@
+using System;
+using System.Net;
+using System.Net.Http;
+using System.Threading;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Http;
+
+namespace Altinn.Studio.Designer.TypedHttpClients.DelegatingHandlers;
+
+public class Custom401Handler : DelegatingHandler
+{
+    private readonly IHttpContextAccessor _httpContextAccessor;
+
+    public Custom401Handler(IHttpContextAccessor httpContextAccessor, HttpClientHandler innerHandler) : base(innerHandler)
+    {
+        _httpContextAccessor = httpContextAccessor;
+    }
+
+    protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
+    {
+        var response = await base.SendAsync(request, cancellationToken);
+
+        if (response.StatusCode == HttpStatusCode.Unauthorized)
+        {
+            foreach (var cookie in _httpContextAccessor.HttpContext.Request.Cookies.Keys)
+            {
+                _httpContextAccessor.HttpContext.Response.Cookies.Delete(cookie);
+                _httpContextAccessor.HttpContext.Response.StatusCode = 401;
+            }
+        }
+
+        return response;
+    }
+}
diff --git a/backend/src/Designer/TypedHttpClients/TypedHttpClientRegistration.cs b/backend/src/Designer/TypedHttpClients/TypedHttpClientRegistration.cs
@@ -71,22 +71,26 @@ private static IHttpClientBuilder AddKubernetesWrapperTypedHttpClient(this IServ
             return services.AddHttpClient<IKubernetesWrapperClient, KubernetesWrapperClient>();
         }
 
-        private static IHttpClientBuilder AddGiteaTypedHttpClient(this IServiceCollection services, IConfiguration config)
+        private static IHttpClientBuilder AddGiteaTypedHttpClient(this IServiceCollection services,
+            IConfiguration config)
             => services.AddHttpClient<IGitea, GiteaAPIWrapper>((sp, httpClient) =>
                 {
                     IHttpContextAccessor httpContextAccessor = sp.GetRequiredService<IHttpContextAccessor>();
-                    ServiceRepositorySettings serviceRepSettings = config.GetSection("ServiceRepositorySettings").Get<ServiceRepositorySettings>();
-                    Uri uri = new Uri(serviceRepSettings.ApiEndPoint);
+                    ServiceRepositorySettings serviceRepoSettings =
+                        config.GetSection("ServiceRepositorySettings").Get<ServiceRepositorySettings>();
+                    Uri uri = new Uri(serviceRepoSettings.ApiEndPoint);
                     httpClient.BaseAddress = uri;
                     httpClient.DefaultRequestHeaders.Add(
                         General.AuthorizationTokenHeaderName,
                         AuthenticationHelper.GetDeveloperTokenHeaderValue(httpContextAccessor.HttpContext));
                 })
-                .ConfigurePrimaryHttpMessageHandler(() =>
-                    new HttpClientHandler
-                    {
-                        AllowAutoRedirect = true
-                    });
+                .ConfigurePrimaryHttpMessageHandler((sp) =>
+                {
+                    var handler = new HttpClientHandler { AllowAutoRedirect = true };
+
+                    return new Custom401Handler(sp.GetRequiredService<IHttpContextAccessor>(), handler);
+                });
+
 
         private static IHttpClientBuilder AddAltinnAuthenticationTypedHttpClient(this IServiceCollection services, IConfiguration config)
             => services.AddHttpClient<IAltinnAuthenticationClient, AltinnAuthenticationClient>((sp, httpClient) =>

diff --git a/backend/tests/Designer.Tests/Fixtures/GiteaAuthDelegatingHandler.cs b/backend/tests/Designer.Tests/Fixtures/GiteaAuthDelegatingHandler.cs
@@ -82,14 +82,14 @@ private async Task<HttpResponseMessage> LoginToDesignerAndProxyRequest(HttpRespo
             if (loginResponse.Headers.Contains("Set-Cookie"))
             {
                 cookies = loginResponse.Headers.GetValues("Set-Cookie");
-                AuthenticationUtil.SetAltinnStudiCookieFromResponseHeader(httpRequestMessageXsrf, cookies);
+                AuthenticationUtil.SetAltinnStudioCookieFromResponseHeader(httpRequestMessageXsrf, cookies);
             }
 
             var xsrfResponse = await base.SendAsync(httpRequestMessageXsrf, cancellationToken);
 
             var xsrfcookies = xsrfResponse.Headers.GetValues("Set-Cookie");
             string xsrfToken = AuthenticationUtil.GetXsrfTokenFromCookie(xsrfcookies);
-            AuthenticationUtil.SetAltinnStudiCookieFromResponseHeader(request, cookies, xsrfToken);
+            AuthenticationUtil.SetAltinnStudioCookieFromResponseHeader(request, cookies, xsrfToken);
             SetCookies(request, GetGiteaAuthCookiesFromResponseMessage(xsrfResponse));
 
             return await base.SendAsync(request, cancellationToken);

diff --git a/backend/tests/Designer.Tests/Utils/AuthenticationUtil.cs b/backend/tests/Designer.Tests/Utils/AuthenticationUtil.cs
@@ -27,14 +27,14 @@ public static async Task AddAuthenticateAndAuthAndXsrFCookieToRequest(HttpClient
             if (loginResponse.Headers.Contains("Set-Cookie"))
             {
                 cookies = loginResponse.Headers.GetValues("Set-Cookie");
-                SetAltinnStudiCookieFromResponseHeader(httpRequestMessageXsrf, cookies);
+                SetAltinnStudioCookieFromResponseHeader(httpRequestMessageXsrf, cookies);
             }
 
             HttpResponseMessage xsrfResponse = await client.SendAsync(httpRequestMessageXsrf);
 
             IEnumerable<string> xsrfcookies = xsrfResponse.Headers.GetValues("Set-Cookie");
             string xsrfToken = GetXsrfTokenFromCookie(xsrfcookies);
-            SetAltinnStudiCookieFromResponseHeader(message, cookies, xsrfToken);
+            SetAltinnStudioCookieFromResponseHeader(message, cookies, xsrfToken);
         }
 
         internal static string GetXsrfTokenFromCookie(IEnumerable<string> setCookieHeader)
@@ -57,7 +57,7 @@ internal static string GetXsrfTokenFromCookie(IEnumerable<string> setCookieHeade
             return null;
         }
 
-        internal static void SetAltinnStudiCookieFromResponseHeader(HttpRequestMessage requestMessage, IEnumerable<string> setCookieHeader, string xsrfToken = null)
+        internal static void SetAltinnStudioCookieFromResponseHeader(HttpRequestMessage requestMessage, IEnumerable<string> setCookieHeader, string xsrfToken = null)
         {
             if (setCookieHeader != null)
             {