/// <summary> /// Authorize a request. /// </summary> /// <param name="request">Request being authenticated</param> /// <returns>Authenticated user if successful; otherwise null.</returns> public IAuthenticationUser Authenticate(IRequest request) { var authHeader = request.Headers["Authorize"]; if (authHeader == null) { return(null); } /* * To receive authorization, the client sends the userid and password, * separated by a single colon (":") character, within a base64 [7] * encoded string in the credentials.*/ var decoded = Encoding.UTF8.GetString(Convert.FromBase64String(authHeader.Value)); var pos = decoded.IndexOf(':'); if (pos == -1) { throw new BadRequestException("Invalid basic authentication header, failed to find colon. Got: " + authHeader.Value); } var password = decoded.Substring(pos + 1, decoded.Length - pos - 1); var userName = decoded.Substring(0, pos); var user = _userService.Lookup(userName, request.Uri); if (user == null) { return(null); } if (user.Password == null) { var ha1 = DigestAuthenticator.GetHa1(request.Uri.Host, userName, password); if (ha1 != user.HA1) { throw new HttpException(HttpStatusCode.Unauthorized, "Incorrect username or password"); } } else { if (password != user.Password) { throw new HttpException(HttpStatusCode.Unauthorized, "Incorrect username or password"); } } return(user); }