Beispiel #1
0
        protected override Task <AuthenticateResult> HandleAuthenticateAsync()
        {
            var headerName = AuthenticationHeaderHelper.GetHeaderName(Scheme.Name);

            StringValues authHeaderString;
            var          existAuthorizationHeader =
                Context.Request.Headers.TryGetValue(headerName, out authHeaderString);

            if (existAuthorizationHeader == false)
            {
                Logger.LogInformation("{Scheme} No {HeaderName} header present", Scheme.Name, headerName);
                return(Task.FromResult(AuthenticateResult.Fail("No Authorization header present")));
            }

            AuthenticationHeaderValue authHeader;
            var canParse = AuthenticationHeaderValue.TryParse(authHeaderString[0], out authHeader);

            if (canParse == false)
            {
                Logger.LogInformation("{Scheme} {HeaderName} header not valid", Scheme.Name, headerName);
                return(Task.FromResult(AuthenticateResult.Fail("Authorization header not valid")));
            }

            var headerClaims = DefautClaimsEncoder.Decode(authHeader.Parameter).ToArray();

            if (headerClaims.Length == 0)
            {
                Logger.LogInformation("{Scheme} Invalid claims", Scheme.Name);
                return(Task.FromResult(AuthenticateResult.Fail("Invalid claims")));
            }

            var identity = new ClaimsIdentity(
                claims: Options.CommonClaims.Union(headerClaims),
                authenticationType: Scheme.Name,
                nameType: Options.NameClaimType,
                roleType: Options.RoleClaimType);

            var ticket = new AuthenticationTicket(
                new ClaimsPrincipal(identity),
                new AuthenticationProperties(),
                Scheme.Name);

            Logger.LogInformation("{Scheme} Authenticated", Scheme.Name);
            return(Task.FromResult(AuthenticateResult.Success(ticket)));
        }
Beispiel #2
0
        protected override Task <AuthenticateResult> HandleAuthenticateAsync()
        {
            StringValues authHeaderString;
            var          existAuthorizationHeader =
                Context.Request.Headers.TryGetValue(Constants.AuthenticationHeaderName, out authHeaderString);

            if (existAuthorizationHeader == false)
            {
                return(Task.FromResult(AuthenticateResult.Fail("No Authorization header present")));
            }

            AuthenticationHeaderValue authHeader;
            var canParse = AuthenticationHeaderValue.TryParse(authHeaderString[0], out authHeader);

            if (canParse == false || authHeader.Scheme != TestServerAuthenticationDefaults.AuthenticationScheme)
            {
                return(Task.FromResult(AuthenticateResult.Fail("Authorization header not valid")));
            }

            var headerClaims = DefautClaimsEncoder.Decode(authHeader.Parameter).ToArray();

            if (headerClaims.Length == 0)
            {
                return(Task.FromResult(AuthenticateResult.Fail("Authorization header with no claims")));
            }

            var identity = new ClaimsIdentity(
                claims: Options.CommonClaims.Union(headerClaims),
                authenticationType: Scheme.Name,
                nameType: Options.NameClaimType,
                roleType: Options.RoleClaimType);

            var ticket = new AuthenticationTicket(
                new ClaimsPrincipal(identity),
                new AuthenticationProperties(),
                Scheme.Name);

            return(Task.FromResult(AuthenticateResult.Success(ticket)));
        }