public bool Authenticated(out object delegateResponse)
{
AuthenticationSettings settings = _context.AuthenticationSettings;
ChannelAuthenticationSchemes scheme = settings.Schema;
bool authenticated = false;
delegateResponse = null;
if (scheme == ChannelAuthenticationSchemes.Basic)
{
IPrincipal principal = GetBasicPrincipal(out string username, out string password);
if (principal == null)
{
throw new ChannelCredentialsException("Missing or malformed basic authentication header");
}
PropertyInfo basicDelegate = GetNotNullDelegate();
delegateResponse = ResolveBasicDelegate(basicDelegate, username, password, out authenticated);
}
else
{
IPrincipal principal = GetTokenPrincipal(out string token);
if (principal == null)
{
throw new ChannelCredentialsException("Missing or malformed token authentication header");
}
PropertyInfo tokenDelegate = GetNotNullDelegate();
delegateResponse = ResolveTokenDelegate(tokenDelegate, token, out authenticated);
}
return(authenticated);
}
/// <summary>
/// Function that will do Authentication and Authenticationorization
/// </summary>
/// <param name="context">Current HttpListenerContext </param>
/// <param name="Schemes">AuthenticationSchemes</param>
/// <exception cref="ChannelCredentialsException"></exception>
/// <returns>True if user is Authenticationenticated and Authenticationorized , False if not</returns>
public bool AuthenticatedAndAuthorized(HttpListenerContext context, ChannelAuthenticationSchemes Schemes)
{
if (Schemes == ChannelAuthenticationSchemes.Token)
{
string token = string.Empty;
bool isToken = HttpListenerIdentityMiddleware.IsTokenHeader(context.Request, out token);
if (isToken)
{
IPrincipal tokenIdentity = HttpListenerIdentityMiddleware.ParseTokenAuthentication(token);
return(AuthenticateRequest(tokenIdentity.Identity, Schemes));
}
else
{
throw new ChannelCredentialsException("Malformed or missing header for the token Authentication");
}
}
else
{
string username = string.Empty;
string password = string.Empty;
bool isBasic = HttpListenerIdentityMiddleware.IsBasicHeader(context.Request, out username, out password);
if (isBasic)
{
IPrincipal basicIdentity = HttpListenerIdentityMiddleware.ParseBasicAuthentication(username, password);
return(AuthenticateRequest(basicIdentity.Identity, ChannelAuthenticationSchemes.Basic));
}
throw new ChannelCredentialsException("Malformed or missing header for the basic Authentication");
}
}
public void FailedAuthenticationResponse(ChannelAuthenticationSchemes ChannelSchema, HttpListenerResponse response)
{
LogChannel.Write(LogSeverity.Info, "Authentication failed...Exiting");
IChannelMessage msg = new ChannelMessage()
{
Success = false,
Message = $"You need to provide {ChannelSchema.ToString()} authentication"
};
string outputString = JsonConvert.SerializeObject(msg, Formatting.Indented);
using (StreamWriter writer = new StreamWriter(response.OutputStream))
{
writer.WriteLine(outputString);
}
}
internal bool AuthenticateRequest(IIdentity identity, ChannelAuthenticationSchemes AuthenticationSchema)
{
if (identity == null)
{
throw new ChannelCredentialsException("Credentials are not provided");
}
else
{
if (AuthenticationSchema == ChannelAuthenticationSchemes.Basic)
{
KeyValuePair <string, string> userCredentials = GetCredentialsForBasicAuthentication(identity);
return(BasicAuthenticationMethod.Invoke(userCredentials.Key, userCredentials.Value));
}
else
{
string token = GetCredentialsForTokenAuthentication(identity);
return(TokenAuthenticationMethod.Invoke(token));
}
}
}
/// <summary>
/// Method to be used and Auth Type
/// </summary>
/// <param name="Schemes">Specified Auth Type for ChannelMethod</param>
/// <param name="HttpMethod">Http Method</param>
/// <param name="Description">Description to be used in documentation tool</param>
public ChannelMethodAttribute(ChannelAuthenticationSchemes Schemes, ChannelHttpMethod HttpMethod, string Description = null)
{
Schema = Schemes;
this.HttpMethod = HttpMethod;
this.Description = Description;
}
/// <summary>
/// Auth Type
/// </summary>
/// <param name="Schemes">Specified Auth Type for ChannelMethod</param>
/// <param name="Description">Description to be used in documentation tool</param>
public ChannelMethodAttribute(ChannelAuthenticationSchemes Schemes, string Description = null)
{
Schema = Schemes;
HttpMethod = ChannelHttpMethod.Unknown;
this.Description = Description;
}
public ChannelConfigurationInfo Configure(HttpListener httpChannel, Type channel, MethodInfo method, string baseURL)
{
ChannelEndpoint endpoint = new ChannelEndpoint();
ChannelAttribute channelAttr = channel.GetCustomAttribute <ChannelAttribute>();
if (!String.IsNullOrEmpty(channelAttr.Name))
{
endpoint.URL = "/channels/" + channelAttr.Name + "/" + method.Name + "/";
}
else
{
endpoint.URL = "/channels/" + channel.Name + "/" + method.Name + "/";
}
endpoint.Name = channel.Name + "." + method.Name;
ChannelMethodAttribute channelMethod = method.GetCustomAttribute <ChannelMethodAttribute>();
AuthorizeChannelAttribute authAttr = channel.GetCustomAttribute <AuthorizeChannelAttribute>();
ChannelAuthenticationSchemes channelSchema = channelMethod.Schema;
ChannelHttpMethod httpMethod = channelMethod.HttpMethod;
string methodURL = string.Empty;
if (baseURL == null)
{
methodURL = "http://localhost:4200" + endpoint.URL;
}
else
{
methodURL = baseURL + endpoint.URL;
}
bool httpAuthRequired = false;
//Start hosting
httpChannel.Prefixes.Add(methodURL);
if (authAttr != null)
{
if (authAttr.Schema != ChannelAuthenticationSchemes.Anonymous)
{
httpAuthRequired = true;
}
}
//ChannelMethod can override ChannelAttribute Authentication Schemes
if (channelSchema != ChannelAuthenticationSchemes.Anonymous)
{
httpAuthRequired = true;
}
else
{
if (authAttr != null)
{
channelSchema = authAttr.Schema;
}
}
return(new ChannelConfigurationInfo
{
ChannelAttribute = channelAttr,
MethodAttribute = channelMethod,
MethodUrl = methodURL,
HttpMethod = httpMethod,
AuthScheme = channelSchema,
AuthorizeAttribute = authAttr,
AuthenticationRequired = httpAuthRequired,
Endpoint = endpoint
});
}
/// <summary>
/// Get the Auth type for the channel
/// </summary>
/// <param name="schemes">Specified Auth Schemes</param>
/// <param name="Claim">Claim used for authorization</param>
public AuthorizeChannelAttribute(ChannelAuthenticationSchemes schemes, string Claim = null, string claimValue = null)
{
Schema = schemes;
ClaimName = Claim;
ClaimValue = claimValue;
}
