protected virtual BaseAuthenticationParameters FindAuthenticationParameters(HttpActionContext actionContext) { BaseAuthenticationParameters authenticationParameters = null; CollectionUtils.ForEachBreak(actionContext.ActionArguments.Values, delegate(object obj) { authenticationParameters = obj as BaseAuthenticationParameters; return (authenticationParameters == null); }); return authenticationParameters; }
protected virtual NamedOrAuthEndpointVisit GetNamedOrAuthEndpointVisit(BaseAuthenticationParameters baseAuthenticationParameters) { // NOTE: The NAASCredentialsRequiredAttribute (on base class) ensures that either (in this order): // 1) baseAuthenticationParameters.HasUsernameAndPasswordOrToken returns true // OR // 2) HttpBasicAuthorizationParameters.HasUsernameAndPasswordOrToken returns true ExceptionUtils.ThrowIfNull(baseAuthenticationParameters); if (!baseAuthenticationParameters.HasUsernameAndPasswordOrToken) { ExceptionUtils.ThrowIfNull(HttpBasicAuthorizationParameters); ExceptionUtils.ThrowIfFalse(HttpBasicAuthorizationParameters.HasUsernameAndPasswordOrToken); baseAuthenticationParameters = HttpBasicAuthorizationParameters; } NamedOrAuthEndpointVisit visit = ServiceProvider.VisitProvider.GetVisit(baseAuthenticationParameters.Token, baseAuthenticationParameters.Username, baseAuthenticationParameters.Password); return(visit); }
public override void OnActionExecuting(HttpActionContext actionContext) { base.OnActionExecuting(actionContext); var naasCredentialsRequiredController = actionContext.ControllerContext.Controller as NAASCredentialsRequiredController; if (naasCredentialsRequiredController == null) { actionContext.CreateBadRequestResponse("The NAASCredentialsRequiredAttribute requires a controller of type NAASCredentialsRequiredController"); return; } // Check to see if BaseAuthenticationParameters instance parameter was specified to the controller action BaseAuthenticationParameters authenticationParameters = FindAuthenticationParameters(actionContext); if (authenticationParameters == null) { actionContext.CreateBadRequestResponse("Base authentication parameters are required and were not found"); return; } UseBasicAuthenticationCredentials_Cached = !authenticationParameters.HasUsernameAndPasswordOrToken; if (UseBasicAuthenticationCredentials_Cached) { // The BaseAuthenticationParameters instance parameter did not specify any credentials, next // check for http basic authorization string username, password; if (!actionContext.Request.ParseAuthorizationHeader(out username, out password)) { actionContext.CreateUnauthorizedResponse(); actionContext.CacheFirstAccessedTime(); return; } naasCredentialsRequiredController.HttpBasicAuthorizationParameters = new BaseAuthenticationParameters(username, password); } }