update master to allow IW5 to pass validation

include version set on manual parser selection
update projects to .NET Core 2.2
add middleware to support ip whitelisting
(EnableWebfrontConnectionWhitelist and WebfrontConnectionWhitelist)
issue #59

WebfrontCore/Middleware/IPWhitelist.cs

@@ -0,0 +1,46 @@
+using Microsoft.AspNetCore.Http;
+using Microsoft.Extensions.Logging;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace WebfrontCore.Middleware
+{
+    /// <summary>
+    /// Defines the middleware functioning to whitelist connection from 
+    /// a set of IP Addresses
+    /// </summary>
+    internal sealed class IPWhitelist
+    {
+        private readonly List<byte[]> whitelistedIps;
+        private readonly RequestDelegate nextRequest;
+
+        /// <summary>
+        /// constructor
+        /// </summary>
+        /// <param name="nextRequest"></param>
+        /// <param name="logger"></param>
+        /// <param name="whitelistedIps">list of textual ip addresses</param>
+        public IPWhitelist(RequestDelegate nextRequest, ILogger<IPWhitelist> logger, List<string> whitelistedIps)
+        {
+            this.whitelistedIps = whitelistedIps.Select(_ip => System.Net.IPAddress.Parse(_ip).GetAddressBytes()).ToList();
+            this.nextRequest = nextRequest;
+        }
+
+        public async Task Invoke(HttpContext context)
+        {
+            bool isAlllowed = whitelistedIps.Any(_ip => _ip.SequenceEqual(context.Connection.RemoteIpAddress.GetAddressBytes()));
+
+            if (isAlllowed)
+            {
+                await nextRequest.Invoke(context);
+            }
+
+            else
+            {
+                context.Abort();
+            }
+        }
+    }
+}

WebfrontCore/Startup.cs

@@ -6,6 +6,8 @@ using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Logging;
 using SharedLibraryCore.Database;
+using System.Linq;
+using WebfrontCore.Middleware;
 
 namespace WebfrontCore
 {
@@ -47,16 +49,20 @@ namespace WebfrontCore
                     options.AccessDeniedPath = "/";
                     options.LoginPath = "/";
                 });
+
+#if DEBUG
+            services.AddLogging(_builder =>
+            {
+                _builder.AddDebug();
+            });
+#endif
         }
 
         // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
         public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
         {
-            //loggerFactory.AddConsole(Configuration.GetSection("Logging"));
-
             if (env.IsDevelopment())
             {
-                loggerFactory.AddDebug();
                 app.UseDeveloperExceptionPage();
             }
 
@@ -65,6 +71,11 @@ namespace WebfrontCore
                 app.UseExceptionHandler("/Home/Error");
             }
 
+            if (Program.Manager.GetApplicationSettings().Configuration().EnableWebfrontConnectionWhitelist)
+            {
+                app.UseMiddleware<IPWhitelist>(Program.Manager.GetApplicationSettings().Configuration().WebfrontConnectionWhitelist);
+            }
+
             app.UseStaticFiles();
             app.UseAuthentication();
 

WebfrontCore/WebfrontCore.csproj

@@ -1,8 +1,8 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
 
   <PropertyGroup>
-    <TargetFramework>netcoreapp2.1</TargetFramework>
-    <RuntimeFrameworkVersion>2.1.5</RuntimeFrameworkVersion>
+    <TargetFramework>netcoreapp2.2</TargetFramework>
+    <RuntimeFrameworkVersion>2.2.1</RuntimeFrameworkVersion>
     <RazorCompileOnBuild>false</RazorCompileOnBuild>
     <RazorCompileOnPublish>false</RazorCompileOnPublish>
     <PreserveCompilationContext>true</PreserveCompilationContext>
@@ -56,16 +56,16 @@
   <ItemGroup>
     <PackageReference Include="Bower" Version="1.3.11" />
     <PackageReference Include="BuildBundlerMinifier" Version="2.8.391" />
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.Cookies" Version="2.1.1" />
-    <PackageReference Include="Microsoft.AspNetCore.Diagnostics" Version="2.1.1" />
-    <PackageReference Include="Microsoft.AspNetCore.Hosting" Version="2.1.1" />
-    <PackageReference Include="Microsoft.AspNetCore.Http.Abstractions" Version="2.1.1" />
-    <PackageReference Include="Microsoft.AspNetCore.Mvc" Version="2.1.1" />
-    <PackageReference Include="Microsoft.AspNetCore.Mvc.Core" Version="2.1.1" />
-    <PackageReference Include="Microsoft.AspNetCore.Server.Kestrel" Version="2.1.2" />
-    <PackageReference Include="Microsoft.AspNetCore.StaticFiles" Version="2.1.1" />
-    <PackageReference Update="Microsoft.NETCore.App" Version="2.1.5" />
-    <PackageReference Update="Microsoft.AspNetCore" Version="2.1.2" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.Cookies" Version="2.2.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Diagnostics" Version="2.2.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Hosting" Version="2.2.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Http.Abstractions" Version="2.2.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Mvc" Version="2.2.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Mvc.Core" Version="2.2.2" />
+    <PackageReference Include="Microsoft.AspNetCore.Server.Kestrel" Version="2.2.0" />
+    <PackageReference Include="Microsoft.AspNetCore.StaticFiles" Version="2.2.0" />
+    <PackageReference Update="Microsoft.NETCore.App" Version="2.2.2" />
+    <PackageReference Update="Microsoft.AspNetCore" Version="2.2.2" />
   </ItemGroup>
 
   <ItemGroup>