Override the ClaimsToHeadersMiddleware by the OcelotPipelineConfiguration settings

docs/features/middlewareinjection.rst

@@ -29,7 +29,8 @@ The user can set functions against the following (see more in the `OcelotPipelin
 * ``AuthenticationMiddleware`` overrides Ocelot authentication middleware. [#f1]_
 * ``PreAuthorizationMiddleware`` injection allows the user to run pre authorization logic and then call Ocelot authorization middleware.
 * ``AuthorizationMiddleware`` overrides Ocelots authorization middleware. [#f1]_
-* ``PreQueryStringBuilderMiddleware`` injection allows the user to manipulate the query string on the http request before it is passed to Ocelot request creator.
+* ``ClaimsToHeadersMiddleware`` injection overrides Ocelots claims to headers middleware.
+* ``PreQueryStringBuilderMiddleware`` injection allows the user to manipulate the query string on the http request before it is passed to Ocelots request creator.
 
 Obviously you can just add mentioned Ocelot middleware overridings as normal before the call to ``app.UseOcelot()``.
 It cannot be added after as Ocelot does not call the next Ocelot middleware overridings based on specified middleware configuration.

src/Ocelot/Middleware/OcelotPipelineConfiguration.cs

@@ -47,6 +47,10 @@ public class OcelotPipelineConfiguration
         /// </value>
         public Func<HttpContext, Func<Task>, Task> AuthorizationMiddleware { get; set; }
 
+        /// <summary>This allows the user to completely override the Ocelot's <see cref="Headers.Middleware.ClaimsToHeadersMiddleware" />.</summary>
+        /// <value>A <see cref="Func{HttpContext, TFunc, Task}"/> delegate object.</value>
+        public Func<HttpContext, Func<Task>, Task> ClaimsToHeadersMiddleware { get; set; }
+
         /// <summary>
         /// This allows the user to implement there own query string manipulation logic.
         /// </summary>

src/Ocelot/Middleware/OcelotPipelineExtensions.cs

@@ -24,8 +24,7 @@ namespace Ocelot.Middleware
 {
     public static class OcelotPipelineExtensions
     {
-        public static RequestDelegate BuildOcelotPipeline(this IApplicationBuilder app,
-            OcelotPipelineConfiguration pipelineConfiguration)
+        public static RequestDelegate BuildOcelotPipeline(this IApplicationBuilder app, OcelotPipelineConfiguration pipelineConfiguration)
         {
             // this sets up the downstream context and gets the config
             app.UseDownstreamContextMiddleware();
@@ -89,38 +88,21 @@ public static RequestDelegate BuildOcelotPipeline(this IApplicationBuilder app,
             app.UseIfNotNull(pipelineConfiguration.PreAuthenticationMiddleware);
 
             // Now we know where the client is going to go we can authenticate them.
-            // We allow the ocelot middleware to be overriden by whatever the
-            // user wants
-            if (pipelineConfiguration.AuthenticationMiddleware == null)
-            {
-                app.UseAuthenticationMiddleware();
-            }
-            else
-            {
-                app.Use(pipelineConfiguration.AuthenticationMiddleware);
-            }
+            // We allow the Ocelot middleware to be overriden by whatever the user wants.
+            app.UseIfNotNull<AuthenticationMiddleware>(pipelineConfiguration.AuthenticationMiddleware);
 
             // The next thing we do is look at any claims transforms in case this is important for authorization
             app.UseClaimsToClaimsMiddleware();
 
             // Allow pre authorization logic. The idea being people might want to run something custom before what is built in.
             app.UseIfNotNull(pipelineConfiguration.PreAuthorizationMiddleware);
 
-            // Now we have authenticated and done any claims transformation we
-            // can authorize the request
-            // We allow the ocelot middleware to be overriden by whatever the
-            // user wants
-            if (pipelineConfiguration.AuthorizationMiddleware == null)
-            {
-                app.UseAuthorizationMiddleware();
-            }
-            else
-            {
-                app.Use(pipelineConfiguration.AuthorizationMiddleware);
-            }
+            // Now we have authenticated and done any claims transformation, we can authorize the request by AuthorizationMiddleware.
+            // We allow the Ocelot middleware to be overriden by whatever the user wants.
+            app.UseIfNotNull<AuthorizationMiddleware>(pipelineConfiguration.AuthorizationMiddleware);
 
-            // Now we can run the claims to headers transformation middleware
-            app.UseClaimsToHeadersMiddleware();
+            // Now we can run the ClaimsToHeadersMiddleware: we allow the Ocelot middleware to be overriden by whatever the user wants.
+            app.UseIfNotNull<ClaimsToHeadersMiddleware>(pipelineConfiguration.ClaimsToHeadersMiddleware);
 
             // Allow the user to implement their own query string manipulation logic
             app.UseIfNotNull(pipelineConfiguration.PreQueryStringBuilderMiddleware);
@@ -146,13 +128,12 @@ public static RequestDelegate BuildOcelotPipeline(this IApplicationBuilder app,
             return app.Build();
         }
 
-        private static void UseIfNotNull(this IApplicationBuilder builder,
-            Func<HttpContext, Func<Task>, Task> middleware)
-        {
-            if (middleware != null)
-            {
-                builder.Use(middleware);
-            }
-        }
+        private static IApplicationBuilder UseIfNotNull(this IApplicationBuilder builder, Func<HttpContext, Func<Task>, Task> middleware)
+            => middleware != null ? builder.Use(middleware) : builder;
+
+        private static IApplicationBuilder UseIfNotNull<TMiddleware>(this IApplicationBuilder builder, Func<HttpContext, Func<Task>, Task> middleware)
+            where TMiddleware : OcelotMiddleware => middleware != null
+                ? builder.Use(middleware)
+                : builder.UseMiddleware<TMiddleware>();
     }
 }