From 643708627acee737d3da7edcea241ab1a71b52e3 Mon Sep 17 00:00:00 2001 From: Seonkyu_Kim Date: Tue, 18 Mar 2025 18:00:22 +0900 Subject: [PATCH] =?UTF-8?q?[=E2=9C=A8]=20API=20Header=20=EC=A0=90=EA=B2=80?= =?UTF-8?q?=ED=95=98=EB=8A=94=20=EB=A1=9C=EC=A7=81=20=EC=B6=94=EA=B0=80=20?= =?UTF-8?q?=EC=A4=912?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Program.cs | 3 +- Program/Common/Auth/APIHeaderMiddle.cs | 43 +++++++++++++++++++------- 2 files changed, 33 insertions(+), 13 deletions(-) diff --git a/Program.cs b/Program.cs index 3399e82..3fea917 100644 --- a/Program.cs +++ b/Program.cs @@ -179,7 +179,8 @@ else // app.UseHttpsRedirection(); // 헤더 미들웨어 부분 -app.UseMiddleware("HEAD-CHECK"); +app.UseMiddleware(new string[] { "X-MyHeader1", "X-MyHeader2", "X-MyHeader3" }); + // 이부분 봐야 합니다. // app.UseMiddleware("X-MyHeader"); diff --git a/Program/Common/Auth/APIHeaderMiddle.cs b/Program/Common/Auth/APIHeaderMiddle.cs index 7d5fcc2..7d757f1 100644 --- a/Program/Common/Auth/APIHeaderMiddle.cs +++ b/Program/Common/Auth/APIHeaderMiddle.cs @@ -28,38 +28,57 @@ public class HeaderConfigRepository : IHeaderConfig } -public class APIHeaderMiddle +public class APIHeaderMiddleware { private readonly RequestDelegate _next; - private readonly string _headerName; + private readonly string[] _headerNames; private readonly IHeaderConfig _headerConfig; - public APIHeaderMiddle(RequestDelegate next, string headerName, IHeaderConfig headerConfig) + public APIHeaderMiddleware(RequestDelegate next, string[] headerNames, IHeaderConfig headerConfig) { _next = next; - _headerName = headerName; + _headerNames = headerNames; _headerConfig = headerConfig; } public async Task Invoke(HttpContext context) { - var expectedValue = await _headerConfig.GetExpectedHeaderValueAsync(_headerName); + bool valid = false; - if (!context.Request.Headers.TryGetValue(_headerName,out var headerValue) || string.IsNullOrWhiteSpace(headerValue)) - // if (!context.Request.Headers.ContainsKey(_headerName) || string.IsNullOrWhiteSpace(context.Request.Headers[_headerName])) + foreach (var header in _headerNames) { - context.Response.StatusCode = StatusCodes.Status400BadRequest; - await context.Response.WriteAsync($"Missing or empty header: {_headerName}"); - return; + + if (!context.Request.Headers.TryGetValue(header, out var headerValue) && + !string.IsNullOrWhiteSpace(headerValue)) + // if (!context.Request.Headers.ContainsKey(_headerName) || string.IsNullOrWhiteSpace(context.Request.Headers[_headerName])) + { + var expectedValue = await _headerConfig.GetExpectedHeaderValueAsync(header); + if (headerValue == expectedValue) + { + valid = true; + break; + } + // context.Response.StatusCode = StatusCodes.Status400BadRequest; + // await context.Response.WriteAsync($"Missing or empty header: {headerName}"); + // return; + } } - - if (headerValue != expectedValue) + + if (!valid) { context.Response.StatusCode = StatusCodes.Status401Unauthorized; await context.Response.WriteAsync($"Invalid header value"); return; } + // if (headerValue != expectedValue) + // { + // context.Response.StatusCode = StatusCodes.Status401Unauthorized; + // await context.Response.WriteAsync($"Invalid header value"); + // return; + // } + // + // } await _next(context); } } \ No newline at end of file