Hello,
I am trying to achieve MQ authentication with JWT.
I am not sure weather this is possible as I understand there is no session persistence with JWT, but maybe there is a way to convert JWT into a session?
I have done following code:
DTO:
[Route("/Deposit", "POST")]
public class InsertDeposit : Deposit, IHasBearerToken, IReturn<InsertDepositResponse>
{
public string BearerToken { get; set; }
}
MQ Handler:
mqServer.RegisterHandler<InsertDeposit>(m =>
{
var req = new BasicRequest { Verb = HttpMethods.Post };
req.Headers["X-ss-id"] = m.GetBody().BearerToken;
var response = ((AppHostBase)appHost).ExecuteMessage(m, req);
return response;
});
Publish MQ
...
var replyTo = mqClient.GetTempQueueName();
var insertDepositMQ = deposit.ConvertTo<InsertDeposit>();
insertDepositMQ.BearerToken = Request.GetSessionId();
mqClient.Publish(new Message<InsertDeposit>(insertDepositMQ)
{
ReplyTo = replyTo
});
var msgResponse = mqClient.Get<InsertDepositResponse>(replyTo);
...
MQ Endpoint
[Authenticate]
public object Post(InsertDeposit request)
{
//Here I should see user and Roles (I am trying this code:)
if (!request.BearerToken.IsNullOrEmpty()) {
Request.SetSessionId(request.BearerToken);
var session = base.SessionAs<AuthUserSession>();
}
var deposit = request.ConvertTo<Deposit>();
InTransaction(db => Logic.Add(deposit));
return WithDb(db => new InsertDepositResponse { Result = Logic.GetById(deposit.Id) });
}
Currently if I add [Authenticate] as shown above, I cannot get into that function, if I remove [Authenticate] then I can get into it.
I also tried with X-ss-tok instead of X-ss-id.
Thank you.