I’m implementing authorization on top of NServiceBus + RabbitMQ. We are using TLS.
For the actual authorization we are using ClaimsPrincipal/ClaimsIdentity. It’s stored in the contex.Extensions bag (we have an extension method to easily access it).
To transport the principal to our micro services I’m using transport behaviors where I serialize the principal into a JWT token that are stored in an extra NSB message header. The secret used to generate the JWT token is stored in a protected location (haven’t decided on ProtectedStorage or just a shared folder with limited access).
To make sure that someone haven’t just copied that header and injected it into other messages I’m also calculating a HMAC checksum using the message body + the OriginatingEndpoint.
Is the OriginatingEndpoint header easily spoofed? Are there a better way to make sure that the message is from a trusted source?