protected override async Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
if (HeimdallConfig.ByPassWebApiCorsAndImplementOptions && request.Method.ToString().ToUpper() == "OPTIONS")
{
var response = request.CreateResponse(HttpStatusCode.OK, string.Empty);
AddHeadersToResponse(response);
return(response);
}
if (HeimdallConfig.IgnorePath(request))
{
var response = await base.SendAsync(request, cancellationToken);
AddHeadersToResponse(response);
return(response);
}
if (HeimdallConfig.IgnoreVerb(request))
{
var response = await base.SendAsync(request, cancellationToken);
AddHeadersToResponse(response);
return(response);
}
if (HeimdallConfig.IgnoreVerbAndPath(request))
{
var response = await base.SendAsync(request, cancellationToken);
AddHeadersToResponse(response);
return(response);
}
var isAuthenticated = await AuthenticateRequest.IsAuthenticated(request);
if (!isAuthenticated)
{
var response = request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Unauthorized API call");
AddHeadersToResponse(response);
return(response);
}
var authorisedResponse = await base.SendAsync(request, cancellationToken);
AddHeadersToResponse(authorisedResponse);
return(authorisedResponse);
}
protected async override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
if (HeimdallConfig.IgnorePath(request))
{
return(await base.SendAsync(request, cancellationToken));
}
var isAuthenticated = await AuthenticateRequest.IsAuthenticated(request);
if (!isAuthenticated)
{
var response = request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Unauthorized API call");
response.Headers.WwwAuthenticate.Add(new AuthenticationHeaderValue(HeaderNames.AuthenticationScheme));
return(await Task.FromResult(response));
}
return(await base.SendAsync(request, cancellationToken));
}
