Using AuthProvider to secure Proxy Feature

bradbrowne · October 3, 2022, 10:26am

I would like to pre-authenticate requests that are made to a Proxy Feature destination, but I do not know how to return the response from the ProxyRequestFilter:

async void ProxyRequestFilter(IHttpRequest request, HttpWebRequest webRequest)
{
    if (!await request.IsAuthenticatedAsync())
    {
        // Return HttpStatusCode 401 Unauthorized
    }
}

Plugins.Add(new ProxyFeature(
    matchingRequests: req => req.PathInfo.StartsWith("/proxy"),
    resolveUrl: req => $"http://destination")
{
    ProxyRequestFilter = ProxyRequestFilter
});

Is it possible to check if the request.IsAuthenticated and return a HttpStatusCode 401 Unauthorized in the ProxyRequestFilter?

mythz · October 3, 2022, 12:21pm

The ProxyRequest doesn’t support short-circuiting responses, but you should be able to intercept it with a PreRequestFilter, e.g:

PreRequestFilters.Add((req, res) => {
    if (req.PathInfo.StartsWith("/proxy-path"))
    {
        if (!req.IsAuthenticated())
        {
            req.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
            req.Response.StatusDescription = nameof(HttpStatusCode.Unauthorized);
            req.Response.EndRequest();
        }
    }
});

bradbrowne · October 3, 2022, 12:23pm

That works perfectly – thank you!