Beispiel #1
0
        protected virtual BaseAuthenticationParameters FindAuthenticationParameters(HttpActionContext actionContext)
        {
            BaseAuthenticationParameters authenticationParameters = null;

            CollectionUtils.ForEachBreak(actionContext.ActionArguments.Values, delegate(object obj)
            {
                authenticationParameters = obj as BaseAuthenticationParameters;
                return (authenticationParameters == null);
            });

            return authenticationParameters;
        }
Beispiel #2
0
        protected virtual NamedOrAuthEndpointVisit GetNamedOrAuthEndpointVisit(BaseAuthenticationParameters baseAuthenticationParameters)
        {
            // NOTE: The NAASCredentialsRequiredAttribute (on base class) ensures that either (in this order):
            // 1) baseAuthenticationParameters.HasUsernameAndPasswordOrToken returns true
            // OR
            // 2) HttpBasicAuthorizationParameters.HasUsernameAndPasswordOrToken returns true
            ExceptionUtils.ThrowIfNull(baseAuthenticationParameters);
            if (!baseAuthenticationParameters.HasUsernameAndPasswordOrToken)
            {
                ExceptionUtils.ThrowIfNull(HttpBasicAuthorizationParameters);
                ExceptionUtils.ThrowIfFalse(HttpBasicAuthorizationParameters.HasUsernameAndPasswordOrToken);
                baseAuthenticationParameters = HttpBasicAuthorizationParameters;
            }
            NamedOrAuthEndpointVisit visit =
                ServiceProvider.VisitProvider.GetVisit(baseAuthenticationParameters.Token, baseAuthenticationParameters.Username,
                                                       baseAuthenticationParameters.Password);

            return(visit);
        }
Beispiel #3
0
        public override void OnActionExecuting(HttpActionContext actionContext)
        {
            base.OnActionExecuting(actionContext);

            var naasCredentialsRequiredController = actionContext.ControllerContext.Controller as NAASCredentialsRequiredController;

            if (naasCredentialsRequiredController == null)
            {
                actionContext.CreateBadRequestResponse("The NAASCredentialsRequiredAttribute requires a controller of type NAASCredentialsRequiredController");
                return;
            }

            // Check to see if BaseAuthenticationParameters instance parameter was specified to the controller action
            BaseAuthenticationParameters authenticationParameters = FindAuthenticationParameters(actionContext);

            if (authenticationParameters == null)
            {
                actionContext.CreateBadRequestResponse("Base authentication parameters are required and were not found");
                return;
            }

            UseBasicAuthenticationCredentials_Cached = !authenticationParameters.HasUsernameAndPasswordOrToken;

            if (UseBasicAuthenticationCredentials_Cached)
            {
                // The BaseAuthenticationParameters instance parameter did not specify any credentials, next
                // check for http basic authorization
                string username, password;
                if (!actionContext.Request.ParseAuthorizationHeader(out username, out password))
                {
                    actionContext.CreateUnauthorizedResponse();
                    actionContext.CacheFirstAccessedTime();
                    return;
                }
                naasCredentialsRequiredController.HttpBasicAuthorizationParameters = new BaseAuthenticationParameters(username, password);
            }
        }