setup to receive & process event postings

src/Api/Middleware/CurrentContextMiddleware.cs

@@ -1,95 +0,0 @@
-using Bit.Core;
-using Microsoft.AspNetCore.Http;
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Security.Claims;
-using System.Threading.Tasks;
-
-namespace Bit.Api.Middleware
-{
-    public class CurrentContextMiddleware
-    {
-        private readonly RequestDelegate _next;
-
-        public CurrentContextMiddleware(RequestDelegate next)
-        {
-            _next = next;
-        }
-
-        public async Task Invoke(HttpContext httpContext, CurrentContext currentContext)
-        {
-            if(httpContext.User != null)
-            {
-                var claimsDict = httpContext.User.Claims
-                    .GroupBy(c => c.Type)
-                    .ToDictionary(c => c.Key, c => c.Select(v => v));
-
-                var subject = GetClaimValue(claimsDict, "sub");
-                if(Guid.TryParse(subject, out var subIdGuid))
-                {
-                    currentContext.UserId = subIdGuid;
-                }
-
-                var clientId = GetClaimValue(claimsDict, "client_id");
-                var clientSubject = GetClaimValue(claimsDict, "client_sub");
-                if((clientId?.StartsWith("installation.") ?? false) && clientSubject != null)
-                {
-                    if(Guid.TryParse(clientSubject, out var idGuid))
-                    {
-                        currentContext.InstallationId = idGuid;
-                    }
-                }
-
-                currentContext.DeviceIdentifier = GetClaimValue(claimsDict, "device");
-
-                if(claimsDict.ContainsKey("orgowner"))
-                {
-                    currentContext.Organizations.AddRange(claimsDict["orgowner"].Select(c =>
-                        new CurrentContext.CurrentContentOrganization
-                        {
-                            Id = new Guid(c.Value),
-                            Type = Core.Enums.OrganizationUserType.Owner
-                        }));
-                }
-
-                if(claimsDict.ContainsKey("orgadmin"))
-                {
-                    currentContext.Organizations.AddRange(claimsDict["orgadmin"].Select(c =>
-                        new CurrentContext.CurrentContentOrganization
-                        {
-                            Id = new Guid(c.Value),
-                            Type = Core.Enums.OrganizationUserType.Admin
-                        }));
-                }
-
-                if(claimsDict.ContainsKey("orguser"))
-                {
-                    currentContext.Organizations.AddRange(claimsDict["orguser"].Select(c =>
-                        new CurrentContext.CurrentContentOrganization
-                        {
-                            Id = new Guid(c.Value),
-                            Type = Core.Enums.OrganizationUserType.User
-                        }));
-                }
-            }
-
-            if(currentContext.DeviceIdentifier == null && httpContext.Request.Headers.ContainsKey("Device-Identifier"))
-            {
-                currentContext.DeviceIdentifier = httpContext.Request.Headers["Device-Identifier"];
-            }
-
-            await _next.Invoke(httpContext);
-        }
-
-        private string GetClaimValue(Dictionary<string, IEnumerable<Claim>> claims, string type)
-        {
-            if(!claims.ContainsKey(type))
-            {
-                return null;
-            }
-
-            return claims[type].FirstOrDefault()?.Value;
-        }
-    }
-}

src/Api/Startup.cs

@@ -14,13 +14,13 @@ using Microsoft.AspNetCore.Mvc.Formatters;
 using Microsoft.Net.Http.Headers;
 using Newtonsoft.Json.Serialization;
 using AspNetCoreRateLimit;
-using Bit.Api.Middleware;
 using Serilog.Events;
 using Stripe;
 using Bit.Core.Utilities;
 using IdentityModel;
 using IdentityServer4.AccessTokenValidation;
 using jsreport.AspNetCore;
+using Bit.Core.IdentityServer;
 
 namespace Bit.Api
 {

src/Api/Utilities/TokenRetrieval.cs

@@ -1,42 +0,0 @@
-using Microsoft.AspNetCore.Http;
-using System;
-using System.Linq;
-
-namespace Bit.Api.Utilities
-{
-    public static class TokenRetrieval
-    {
-        public static Func<HttpRequest, string> FromAuthorizationHeaderOrQueryString(string[] authHeaderSchemes)
-        {
-            return (request) =>
-            {
-                var authorization = request.Headers["Authorization"].FirstOrDefault();
-
-                if(string.IsNullOrWhiteSpace(authorization))
-                {
-                    // Bearer token could exist in the 'Content-Language' header on clients that want to avoid pre-flights.
-                    var languageAuth = request.Headers["Content-Language"].FirstOrDefault();
-                    if(string.IsNullOrWhiteSpace(languageAuth) ||
-                        !languageAuth.StartsWith("Bearer ", StringComparison.OrdinalIgnoreCase))
-                    {
-                        return request.Query["access_token"].FirstOrDefault();
-                    }
-                    else
-                    {
-                        authorization = languageAuth.Split(',')[0];
-                    }
-                }
-
-                foreach(var headerScheme in authHeaderSchemes)
-                {
-                    if(authorization.StartsWith($"{headerScheme} ", StringComparison.OrdinalIgnoreCase))
-                    {
-                        return authorization.Substring(headerScheme.Length + 1).Trim();
-                    }
-                }
-
-                return null;
-            };
-        }
-    }
-}