public ClientCertificateAuthenticationHandler(IClientCertificateValidator clientCertificateValidator)
{
if (clientCertificateValidator == null)
{
throw new ArgumentNullException("ClientCertificateValidator");
}
_clientCertificateValidator = clientCertificateValidator;
}
public ClientCertificateAuthMiddleware(OwinMiddleware nextMiddleware, ClientCertificateAuthenticationOptions authOptions,
IClientCertificateValidator clientCertificateValidator)
: base(nextMiddleware, authOptions)
{
if (clientCertificateValidator == null)
{
throw new ArgumentNullException("ClientCertificateValidator");
}
_clientCertificateValidator = clientCertificateValidator;
}
public static AppFunc Middleware(AppFunc next, IClientCertificateValidator clientCertificateValidator)
{
return(async env =>
{
var owinContext = new OwinContext(env);
string _owinClientCertKey = "ssl.ClientCertificate";
var clientCert = owinContext.Get <X509Certificate2>(_owinClientCertKey);
var result = clientCertificateValidator.Validate(clientCert);
if (result.CertificateValid)
{
await next(env);
}
else
{
owinContext.Response.StatusCode = 401;
await Task.FromResult(0);
}
});
}
public static void UseClientCertificateAuthentication(this IAppBuilder appBuilder, IClientCertificateValidator clientCertificateValidator)
{
appBuilder.Use <ClientCertificateAuthMiddleware>(new ClientCertificateAuthenticationOptions(), clientCertificateValidator);
}
public static BuildFunc UseClientCertValidation(this BuildFunc buildFunc, IClientCertificateValidator clientCertificateValidator)
{
buildFunc(next => ClientCertValidatorMiddleware.Middleware(next, clientCertificateValidator));
return(buildFunc);
}
public CertificateAuthorizeAttribute()
{
Validator = new DefaultClientCertificateValidator(CertificateHelper.FindCertificates(Thumbprints));
}
