public override Task MatchEndpoint(OAuthMatchEndpointContext context)
{
// TODO
context.OwinContext.Response.Headers.Add(new KeyValuePair <string, string[]>("Access-Control-Allow-Origin", new[] { "*" }));
return(base.MatchEndpoint(context));
}
public override Task MatchEndpoint(OAuthMatchEndpointContext context)
{
if (context.Request.Path.ToUriComponent().ToLower() == "/1/user/signin")
{
context.MatchesTokenEndpoint();
}
return(base.MatchEndpoint(context));
}
public override Task MatchEndpoint(OAuthMatchEndpointContext context)
{
//setCorsPolicy(context.OwinContext);
//if (context.Request.Method == "OPTIONS")
//{
// context.RequestCompleted();
// return Task.FromResult(0);
//}
return(base.MatchEndpoint(context));
}
public override Task MatchEndpoint(OAuthMatchEndpointContext context)
{
if (context.IsTokenEndpoint && context.Request.Method == "OPTIONS")
{
context.RequestCompleted();
return(Task.FromResult(0));
}
return(base.MatchEndpoint(context));
}
public override Task MatchEndpoint(OAuthMatchEndpointContext context)
{
if (context.Request.Path.StartsWithSegments(context.Options.AuthorizeEndpointPath) &&
context.Request.QueryString.HasValue)
{
context.Request.QueryString = new QueryString(
context.Request.QueryString.Value.Replace("%23", "__fragment__"));
}
return(base.MatchEndpoint(context));
}
public override Task MatchEndpoint(OAuthMatchEndpointContext context)
{
SetCORSPolicy(context.OwinContext);
if (context.Request.Method == "OPTIONS")
{
context.RequestCompleted();
return(Task.FromResult(0));
}
return(base.MatchEndpoint(context));
}
public override Task MatchEndpoint(OAuthMatchEndpointContext context)
{
if (context.IsTokenEndpoint && context.Request.Method == "OPTIONS")
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Headers", new[] { "access", "authorization", "content-type" });
context.RequestCompleted();
return(Task.FromResult(0));
}
return(base.MatchEndpoint(context));
}
public override Task MatchEndpoint(OAuthMatchEndpointContext context)
{
if (context.IsTokenEndpoint && context.Request.Method == "OPTIONS")
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] {"*"});
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Headers", new[] {"authorization"});
context.RequestCompleted();
return Task.FromResult(0);
}
return base.MatchEndpoint(context);
}
public override Task MatchEndpoint(OAuthMatchEndpointContext context)
{
SetCorsPolicy(context.OwinContext);
if (context.Request.Method == "OPTIONS")
{
context.RequestCompleted();
return Task.FromResult(0);
}
return base.MatchEndpoint(context);
}
/// <summary>
/// Match endpoint is called before Validate Client Authentication.
/// We need to allow the clients based on domain to enable requests the header
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public override Task MatchEndpoint(OAuthMatchEndpointContext context)
{
// TODO: After implementing client-based allow origin, not sure if this is needed anymore.
// Because we are already setting the CORS headers while granting access token.
//SetCorsPolicy(context.OwinContext);
//if (context.Request.Method == "OPTIONS")
//{
// context.RequestCompleted();
// return Task.FromResult(0);
//}
return(base.MatchEndpoint(context));
}
public override Task MatchEndpoint(OAuthMatchEndpointContext context)
{
if (context.OwinContext.Request.Method == "OPTIONS" /*&& context.IsTokenEndpoint*/)
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Methods", new[] { "POST", "GET", "PUT" });
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Headers", new[] { "accept", "authorization", "content-type", "Content-Type" });
context.OwinContext.Response.StatusCode = 200;
context.RequestCompleted();
return(Task.FromResult <object>(null));
}
return(base.MatchEndpoint(context));
}
public override Task MatchEndpoint(OAuthMatchEndpointContext context)
{
if (context.OwinContext.Request.Method == "OPTIONS" && context.IsTokenEndpoint)
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Methods", new[] { "POST" });
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Headers", new[] { "accept", "authorization", "content-type" });
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
context.OwinContext.Response.StatusCode = 200;
context.RequestCompleted();
return Task.FromResult<object>(null);
}
return base.MatchEndpoint(context);
}
public override Task MatchEndpoint(OAuthMatchEndpointContext context)
{
if (context.OwinContext.Request.Method == "OPTIONS" && context.IsTokenEndpoint)
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Methods", new[] { "POST, GET, OPTIONS, PUT, DELETE" });
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Headers", new[] { "accept, authorization, content-type, access-control-allow-origin" });
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
context.OwinContext.Response.StatusCode = 200;
context.RequestCompleted();
return(Task.FromResult <object>(null));
}
return(base.MatchEndpoint(context));
}
public override Task MatchEndpoint(OAuthMatchEndpointContext context)
{
if (context.IsTokenEndpoint)
{
// Allows cors for the /token endpoint this is different from webapi endpoints.
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Headers", new[] { "*" });
if (context.Request.Method == "OPTIONS")
{
context.RequestCompleted();
}
return(Task.FromResult(0));
}
return(base.MatchEndpoint(context));
}
public void AddingAuthorizationHeader(OAuthMatchEndpointContext context)
{
var cookieToken = HttpContext.Current.Request.Cookies["token"];
if (cookieToken == null)
{
return;
}
var t = EncryptionHelper.Decrypt(HttpUtility.UrlDecode(cookieToken.Value));
var s = new string[1];
s[0] = "Bearer " + t;
if (!context.Request.Headers.ContainsKey("Authorization"))
{
context.Request.Headers.Add("Authorization", s);
}
}
public override Task MatchEndpoint(OAuthMatchEndpointContext context)
{
// Handle the pre-flight options. Taken from http://stackoverflow.com/a/27083151/37725.
if (context.OwinContext.Request.Method == "OPTIONS" && context.IsTokenEndpoint)
{
context.OwinContext.Response.Headers.AppendCommaSeparatedValues(
"Access-Control-Allow-Methods", "POST");
// Note: Also update Web.config
context.OwinContext.Response.Headers.AppendCommaSeparatedValues(
"Access-Control-Allow-Headers", "accept", "authorization", "content-type", Core.Constants.DeveloperNameRequestHeaderKey, Membership.RequesterContext.ImpersonateHeaderKey);
context.OwinContext.Response.Headers.AppendCommaSeparatedValues(
"Access-Control-Allow-Origin", Core.Constants.DefaultAllowedOrigin);
context.OwinContext.Response.StatusCode = 200;
context.RequestCompleted();
return(Task.FromResult <object>(null));
}
return(base.MatchEndpoint(context));
}
/// <summary>
/// Called to determine if an incoming request is treated as an Authorize or Token
/// endpoint. If Options.AuthorizeEndpointPath or Options.TokenEndpointPath
/// are assigned values, then handling this event is optional and context.IsAuthorizeEndpoint and context.IsTokenEndpoint
/// will already be true if the request path matches.
/// </summary>
/// <param name="context">The context of the event carries information in and results out.</param>
/// <returns>Task to enable asynchronous execution</returns>
public virtual Task MatchEndpoint(OAuthMatchEndpointContext context)
{
return OnMatchEndpoint.Invoke(context);
}
public override Task MatchEndpoint(OAuthMatchEndpointContext context)
{
return(base.MatchEndpoint(context));
}
public Task MatchEndpoint(OAuthMatchEndpointContext context)
{
throw new NotImplementedException();
}
private Task EndPointWatcher(OAuthMatchEndpointContext context)
{
return Task.FromResult(0);
}
public override Task MatchEndpoint(OAuthMatchEndpointContext context)
{
AddingAuthorizationHeader(context);
return(base.MatchEndpoint(context));
}
public Task MatchEndpoint(OAuthMatchEndpointContext context)
{
throw new NotImplementedException();
}
public override Task MatchEndpoint(OAuthMatchEndpointContext context)
{
IHeaderDictionary headers = context.Request.Headers;
string input = headers.Get("Authorization");
if (!string.IsNullOrEmpty(input))
{
AuthenticationHeaderValue authenticationHeaderValue = AuthenticationHeaderValue.Parse(input);
if (authenticationHeaderValue != null && authenticationHeaderValue.Scheme == "Cliamx")
{
string result = ClientApiProvider.GetAccessToken(authenticationHeaderValue, context.Request).Result;
if (!string.IsNullOrEmpty(result))
{
string str = new AuthenticationHeaderValue("Bearer", result).ToString();
context.Request.Headers.Set("Authorization", str);
}
}
else if (authenticationHeaderValue != null && authenticationHeaderValue.Scheme == "Bearer")
{
string username = headers.Get("userName");
string userClientId = headers.Get("cscode");
string realAccessToken;
if (AppAuthorizeAttribute.ValidateOAuthAuthorizationHeader(username, authenticationHeaderValue.Parameter, out realAccessToken, userClientId))
{
string str = new AuthenticationHeaderValue(authenticationHeaderValue.Scheme, realAccessToken).ToString();
context.Request.Headers.Set("Authorization", str);
}
else
context.Request.Headers.Remove("Authorization");
}
}
return base.MatchEndpoint(context);
}
public override Task MatchEndpoint(OAuthMatchEndpointContext context)
{//Llamado por cada request
//context.is
return(base.MatchEndpoint(context));
}
