[✨] API Header 점검하는 로직 추가 중2

2025-03-18 18:00:22 +09:00 · 2025-03-18 18:00:22 +09:00 · 643708627a
commit 643708627a
parent 1f8ac2cff7
2 changed files with 33 additions and 13 deletions
--- a/Program.cs
+++ b/Program.cs
@ -179,7 +179,8 @@ else
 // app.UseHttpsRedirection();
 // 헤더 미들웨어 부분
-app.UseMiddleware<APIHeaderMiddle>("HEAD-CHECK");
+app.UseMiddleware<APIHeaderMiddleware>(new string[] { "X-MyHeader1", "X-MyHeader2", "X-MyHeader3" });
 // 이부분 봐야 합니다.
 // app.UseMiddleware<CustomHeaderMiddleware>("X-MyHeader");
--- a/Program/Common/Auth/APIHeaderMiddle.cs
+++ b/Program/Common/Auth/APIHeaderMiddle.cs
@ -28,38 +28,57 @@ public class HeaderConfigRepository : IHeaderConfig
 }
-public class APIHeaderMiddle
+public class APIHeaderMiddleware
 {
    private readonly RequestDelegate _next;
-    private readonly string _headerName;
+    private readonly string[] _headerNames;
    private readonly IHeaderConfig _headerConfig;
-    public APIHeaderMiddle(RequestDelegate next, string headerName, IHeaderConfig headerConfig)
+    public APIHeaderMiddleware(RequestDelegate next, string[] headerNames, IHeaderConfig headerConfig)
    {
        _next = next;
-        _headerName = headerName;
+        _headerNames = headerNames;
        _headerConfig = headerConfig;
    }
    public async Task Invoke(HttpContext context)
    {
-        var expectedValue = await _headerConfig.GetExpectedHeaderValueAsync(_headerName);
+        bool valid = false;
-        if (!context.Request.Headers.TryGetValue(_headerName,out var headerValue) || string.IsNullOrWhiteSpace(headerValue)) 
+        foreach (var header in _headerNames)
        {
            if (!context.Request.Headers.TryGetValue(header, out var headerValue) &&
                !string.IsNullOrWhiteSpace(headerValue))
                // if (!context.Request.Headers.ContainsKey(_headerName) || string.IsNullOrWhiteSpace(context.Request.Headers[_headerName]))
            {
-            context.Response.StatusCode = StatusCodes.Status400BadRequest;
+                var expectedValue = await _headerConfig.GetExpectedHeaderValueAsync(header);
-            await context.Response.WriteAsync($"Missing or empty header: {_headerName}");
+                if (headerValue == expectedValue)
-            return;
+                {
                    valid = true;
                    break;
                }
                // context.Response.StatusCode = StatusCodes.Status400BadRequest;
                // await context.Response.WriteAsync($"Missing or empty header: {headerName}");
                // return;
            }
        }
-        if (headerValue != expectedValue)
+        if (!valid)
        {
            context.Response.StatusCode = StatusCodes.Status401Unauthorized;
            await context.Response.WriteAsync($"Invalid header value");
            return;
        }
        // if (headerValue != expectedValue)
        //     {
        //         context.Response.StatusCode = StatusCodes.Status401Unauthorized;
        //         await context.Response.WriteAsync($"Invalid header value");
        //         return;
        //     }
        // 
        // }
        await _next(context);
    }
 }