btcpayserver/BTCPayServer/Security/SecurityExtensions.cs

using System;
using System.Linq;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Routing;

namespace BTCPayServer.Security
{
    public static class SecurityExtensions
    {
        public static bool HasScopes(this AuthorizationHandlerContext context, params string[] scopes)
        {
            return scopes.All(s => context.User.HasClaim(c => c.Type.Equals("scope", StringComparison.InvariantCultureIgnoreCase) && c.Value.Split(' ').Contains(s)));
        }

        public static string GetImplicitStoreId(this HttpContext httpContext)
        {
            // 1. Check in the routeData
            var routeData = httpContext.GetRouteData();
            string storeId = null;
            if (routeData != null)
            {
                if (routeData.Values.TryGetValue("storeId", out var v))
                    storeId = v as string;
            }

            if (storeId == null)
            {
                if (httpContext.Request.Query.TryGetValue("storeId", out var sv))
                {
                    storeId = sv.FirstOrDefault();
                }
            }

            // 2. Check in forms
            if (storeId == null)
            {
                if (httpContext.Request.HasFormContentType &&
                    httpContext.Request.Form != null &&
                    httpContext.Request.Form.TryGetValue("storeId", out var sv))
                {
                    storeId = sv.FirstOrDefault();
                }
            }

            // 3. Checks in walletId
            if (storeId == null && routeData != null)
            {
                if (routeData.Values.TryGetValue("walletId", out var walletId) &&
                    WalletId.TryParse((string)walletId, out var w))
                {
                    storeId = w.StoreId;
                }
            }

            return storeId;
        }
    }
}
Cleaning up bom from cs files 2020-06-29 04:44:35 +02:00			`using System;`
Refactor authorizations 2019-10-12 13:35:30 +02:00			`using System.Linq;`
			`using Microsoft.AspNetCore.Authorization;`
			`using Microsoft.AspNetCore.Http;`
Run dotnet format 2020-06-28 10:55:27 +02:00			`using Microsoft.AspNetCore.Routing;`
Refactor authorizations 2019-10-12 13:35:30 +02:00
			`namespace BTCPayServer.Security`
			`{`
			`public static class SecurityExtensions`
			`{`
			`public static bool HasScopes(this AuthorizationHandlerContext context, params string[] scopes)`
			`{`
Remove OpenIddict (#1244) 2020-02-24 16:40:04 +01:00			`return scopes.All(s => context.User.HasClaim(c => c.Type.Equals("scope", StringComparison.InvariantCultureIgnoreCase) && c.Value.Split(' ').Contains(s)));`
Refactor authorizations 2019-10-12 13:35:30 +02:00			`}`
Run dotnet format (#3244) 2021-12-31 08:59:02 +01:00
Refactor authorizations 2019-10-12 13:35:30 +02:00			`public static string GetImplicitStoreId(this HttpContext httpContext)`
			`{`
			`// 1. Check in the routeData`
			`var routeData = httpContext.GetRouteData();`
			`string storeId = null;`
			`if (routeData != null)`
			`{`
			`if (routeData.Values.TryGetValue("storeId", out var v))`
			`storeId = v as string;`
			`}`

			`if (storeId == null)`
			`{`
			`if (httpContext.Request.Query.TryGetValue("storeId", out var sv))`
			`{`
			`storeId = sv.FirstOrDefault();`
			`}`
			`}`

			`// 2. Check in forms`
			`if (storeId == null)`
			`{`
			`if (httpContext.Request.HasFormContentType &&`
			`httpContext.Request.Form != null &&`
			`httpContext.Request.Form.TryGetValue("storeId", out var sv))`
			`{`
			`storeId = sv.FirstOrDefault();`
			`}`
			`}`

			`// 3. Checks in walletId`
			`if (storeId == null && routeData != null)`
			`{`
			`if (routeData.Values.TryGetValue("walletId", out var walletId) &&`
			`WalletId.TryParse((string)walletId, out var w))`
			`{`
			`storeId = w.StoreId;`
			`}`
			`}`

			`return storeId;`
			`}`
			`}`
			`}`