Skip to content

Commit

Permalink
Revert "Check referer before checking X-MS-CLIENT-PRINCIPAL-NAME (#2218
Browse files Browse the repository at this point in the history 
…)"

This reverts commit 300746c.
  • Loading branch information
@ehamai
ehamai committed Jan 19, 2018
1 parent 81a106c commit 481a96b
Showing 1 changed file with 7 additions and 7 deletions.
14 changes: 7 additions & 7 deletions AzureFunctions/Authentication/FrontEndAuthProvider.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,14 +36,14 @@ public bool TryAuthenticateRequest(HttpContextBase context)
var principalName = request.Headers[Constants.FrontEndPrincipalNameHeader];
var portalToken = request.Headers[Constants.PortalTokenHeader] ?? request.Headers[Constants.Authorization];

if(request.UrlReferrer != null
&& this._noAuthReferrers.Any(r => request.UrlReferrer.Host.EndsWith(r, StringComparison.OrdinalIgnoreCase)))
if (string.Equals(principalName, Constants.AnonymousUserName, StringComparison.OrdinalIgnoreCase))
{
principal = new AzureFunctionsPrincipal(new AzureFunctionsIdentity(Constants.PortalAnonymousUser));
}
else if (string.Equals(principalName, Constants.AnonymousUserName, StringComparison.OrdinalIgnoreCase))
{
if (string.IsNullOrEmpty(portalToken))
if(request.UrlReferrer != null
&& this._noAuthReferrers.FirstOrDefault(r => request.UrlReferrer.Host.EndsWith(r, StringComparison.OrdinalIgnoreCase)) != null)
{
principal = new AzureFunctionsPrincipal(new AzureFunctionsIdentity(Constants.PortalAnonymousUser));
}
else if (string.IsNullOrEmpty(portalToken))
{
principal = new AzureFunctionsPrincipal(new AzureFunctionsIdentity(Constants.AnonymousUserName));
}
Expand Down

0 comments on commit 481a96b

Please sign in to comment.