//We always make a new in-memory ephemeral session which gets collected right after this request protected override WaveSession MakeNewSessionInstance(WorkContext work) { const string BASIC = WebConsts.AUTH_SCHEME_BASIC + " "; const string BEARER = WebConsts.AUTH_SCHEME_BEARER + " "; //Always create new session var session = base.MakeNewSessionInstance(work); //try to inject session.DataContextName var dch = DataContextHeader; if (dch.IsNotNullOrWhiteSpace()) { var dcn = work.Request.Headers[dch]; if (dcn.IsNotNullOrWhiteSpace()) { dcn = dcn.Trim().TakeFirstChars(1024);//hard limit safeguard session.DataContextName = dcn; } } var hdr = work.Request.Headers[WebConsts.HTTP_HDR_AUTHORIZATION]?.TrimStart(' '); if (hdr.IsNullOrWhiteSpace()) { return(session); //unauthorized } Credentials credentials = null; try { if (hdr.StartsWith(BASIC, StringComparison.OrdinalIgnoreCase)) { var basic = hdr.Substring(BASIC.Length).Trim(); credentials = IDPasswordCredentials.FromBasicAuth(basic); } else if (hdr.StartsWith(BEARER, StringComparison.OrdinalIgnoreCase)) { var bearer = hdr.Substring(BEARER.Length).Trim(); credentials = new BearerCredentials(bearer); } } catch { } if (credentials == null) { throw HTTPStatusException.BadRequest_400("Bad [Authorization] header"); } session.User = App.SecurityManager.Authenticate(credentials);//authenticate the user work.SetAuthenticated(session.User.IsAuthenticated); return(session); }
public async Task <ActionResult> Details(string id) { var position = id; var accessToken = GetAccessToken(); var credentials = new BearerCredentials(accessToken); using (var journalClient = new HttpMessageJournalClient(ApiBaseUri, credentials)) { var readResult = await journalClient.Read(position, 1); return(View(readResult.Entries.FirstOrDefault())); } }
public async Task <ActionResult> Index(MessageJournalIndexModel model) { var updatedModel = await InitIndexModel(); updatedModel.Start = model.Start; updatedModel.Count = model.Count; updatedModel.FilterCategories = model.FilterCategories; updatedModel.FilterTopics = model.FilterTopics; updatedModel.FilterFrom = model.FilterFrom; updatedModel.FilterTo = model.FilterTo; updatedModel.FilterOrigination = model.FilterOrigination; updatedModel.FilterDestination = model.FilterDestination; updatedModel.FilterRelatedTo = model.FilterRelatedTo; updatedModel.FilterMessageName = model.FilterMessageName; updatedModel.ReadAttempted = true; var accessToken = GetAccessToken(); var credentials = new BearerCredentials(accessToken); using (var journalClient = new HttpMessageJournalClient(ApiBaseUri, credentials)) { var filter = new MessageJournalFilter { Topics = model.FilterTopics.Select(t => (TopicName)t).ToList(), Categories = model.FilterCategories.Select(c => (MessageJournalCategory)c).ToList(), From = model.FilterFrom, To = model.FilterTo, Origination = model.FilterOrigination, Destination = model.FilterDestination, MessageName = model.FilterMessageName, RelatedTo = model.FilterRelatedTo }; var readResult = await journalClient.Read(model.Start, model.Count, filter); updatedModel.Result = readResult; } return(View(updatedModel)); }
public void Visit(BearerCredentials credentials) { var authorization = new AuthenticationHeaderValue("Bearer", credentials.Credentials); _client.DefaultRequestHeaders.Authorization = authorization; }
protected override void ProcessRecord() { var creds = new BearerCredentials(Token); WriteObject(creds); }
//We always make a new in-memory ephemeral session which gets collected right after this request protected override WaveSession MakeNewSessionInstance(WorkContext work) { //Always create new session var session = base.MakeNewSessionInstance(work); //try to inject session.DataContextName var dch = DataContextHeader; if (dch.IsNotNullOrWhiteSpace()) { var dcn = work.Request.Headers[dch]; if (dcn.IsNotNullOrWhiteSpace()) { dcn = dcn.Trim().TakeFirstChars(1024);//hard limit safeguard session.DataContextName = dcn; } } string hdr = null; var altHdrName = AltAuthorizationHeader; if (altHdrName.IsNotNullOrWhiteSpace()) { hdr = work.Request.Headers[altHdrName]?.TrimStart(' '); } if (hdr.IsNullOrWhiteSpace()) { //real AUTHORIZATION header hdr = work.Request.Headers[WebConsts.HTTP_HDR_AUTHORIZATION]?.TrimStart(' '); if (hdr.IsNullOrWhiteSpace()) { var mockHdrName = DefaultImpersonationAuthorizationHeaderValue; if (mockHdrName.IsNotNullOrEmpty()) { hdr = mockHdrName; } else { return(session);//unauthorized } } } User user; if (EnableSystemTokens && hdr.StartsWith(SYSTOKEN, StringComparison.OrdinalIgnoreCase)) { var sysTokenContent = hdr.Substring(SYSTOKEN.Length).Trim(); if (sysTokenContent.IsNullOrWhiteSpace() || // empty or null tokens treated as empty !SysAuthToken.TryParse(sysTokenContent, out var sysToken)) { throw HTTPStatusException.BadRequest_400("Bad [Authorization] header systoken"); } user = App.SecurityManager.Authenticate(sysToken);//authenticate the user using Systoken } else//credentials { Credentials credentials = null; try { if (hdr.StartsWith(BASIC, StringComparison.OrdinalIgnoreCase)) { var basic = hdr.Substring(BASIC.Length).Trim(); credentials = IDPasswordCredentials.FromBasicAuth(basic); } else if (hdr.StartsWith(BEARER, StringComparison.OrdinalIgnoreCase)) { var pfxBasic = BearerBasicPrefix; var bearer = hdr.Substring(BEARER.Length).Trim(); if (pfxBasic.IsNotNullOrWhiteSpace() && bearer.IsNotNullOrWhiteSpace() && bearer.StartsWith(pfxBasic)) { var basicContent = bearer.Substring(pfxBasic.Length).Trim(); credentials = IDPasswordCredentials.FromBasicAuth(basicContent); } else { credentials = new BearerCredentials(bearer); } } } catch { } if (credentials == null) { throw HTTPStatusException.BadRequest_400("Bad [Authorization] header"); } user = App.SecurityManager.Authenticate(credentials);//authenticate the user } session.User = user;//<===========================================================I work.SetAuthenticated(user.IsAuthenticated); //gate bad traffic var gate = NetGate; if (!user.IsAuthenticated && gate != null && gate.Enabled) { var vname = GateBadAuthVar; if (vname.IsNotNullOrWhiteSpace()) { gate.IncreaseVariable(IO.Net.Gate.TrafficDirection.Incoming, work.EffectiveCallerIPEndPoint.Address.ToString(), vname, 1); } } return(session); }