[✨] API Header 점검하는 로직 추가 중2

Program.cs

@@ -179,7 +179,8 @@ else
 // app.UseHttpsRedirection();
 
 // 헤더 미들웨어 부분
-app.UseMiddleware<APIHeaderMiddle>("HEAD-CHECK");
+app.UseMiddleware<APIHeaderMiddleware>(new string[] { "X-MyHeader1", "X-MyHeader2", "X-MyHeader3" });
+
 
 // 이부분 봐야 합니다.
 // app.UseMiddleware<CustomHeaderMiddleware>("X-MyHeader");

Program/Common/Auth/APIHeaderMiddle.cs

@@ -28,38 +28,57 @@ public class HeaderConfigRepository : IHeaderConfig
 }
 
 
-public class APIHeaderMiddle
+public class APIHeaderMiddleware
 {
     
     private readonly RequestDelegate _next;
-    private readonly string _headerName;
+    private readonly string[] _headerNames;
     private readonly IHeaderConfig _headerConfig;
 
-    public APIHeaderMiddle(RequestDelegate next, string headerName, IHeaderConfig headerConfig)
+    public APIHeaderMiddleware(RequestDelegate next, string[] headerNames, IHeaderConfig headerConfig)
     {
         _next = next;
-        _headerName = headerName;
+        _headerNames = headerNames;
         _headerConfig = headerConfig;
     }
 
     public async Task Invoke(HttpContext context)
     {
-        var expectedValue = await _headerConfig.GetExpectedHeaderValueAsync(_headerName);
+        bool valid = false;
 
-        if (!context.Request.Headers.TryGetValue(_headerName,out var headerValue) || string.IsNullOrWhiteSpace(headerValue)) 
+        foreach (var header in _headerNames)
-            // if (!context.Request.Headers.ContainsKey(_headerName) || string.IsNullOrWhiteSpace(context.Request.Headers[_headerName]))
         {
-            context.Response.StatusCode = StatusCodes.Status400BadRequest;
+
-            await context.Response.WriteAsync($"Missing or empty header: {_headerName}");
+            if (!context.Request.Headers.TryGetValue(header, out var headerValue) &&
-            return;
+                !string.IsNullOrWhiteSpace(headerValue))
+                // if (!context.Request.Headers.ContainsKey(_headerName) || string.IsNullOrWhiteSpace(context.Request.Headers[_headerName]))
+            {
+                var expectedValue = await _headerConfig.GetExpectedHeaderValueAsync(header);
+                if (headerValue == expectedValue)
+                {
+                    valid = true;
+                    break;
+                }
+                // context.Response.StatusCode = StatusCodes.Status400BadRequest;
+                // await context.Response.WriteAsync($"Missing or empty header: {headerName}");
+                // return;
+            }
         }
-        
+
-        if (headerValue != expectedValue)
+        if (!valid)
         {
             context.Response.StatusCode = StatusCodes.Status401Unauthorized;
             await context.Response.WriteAsync($"Invalid header value");
             return;
         }
+        // if (headerValue != expectedValue)
+        //     {
+        //         context.Response.StatusCode = StatusCodes.Status401Unauthorized;
+        //         await context.Response.WriteAsync($"Invalid header value");
+        //         return;
+        //     }
+        // 
+        // }
         await _next(context);
     }
 }