public virtual Task ValidateCredentials(ValidateCredentialsContext context) => OnValidateCredentials(context);
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
string authorizationHeader = Request.Headers["Authorization"];
if (string.IsNullOrEmpty(authorizationHeader))
{
return(AuthenticateResult.NoResult());
}
if (!authorizationHeader.StartsWith(_Scheme + ' ', StringComparison.OrdinalIgnoreCase))
{
return(AuthenticateResult.NoResult());
}
string encodedCredentials = authorizationHeader.Substring(_Scheme.Length).Trim();
if (string.IsNullOrEmpty(encodedCredentials))
{
const string noCredentialsMessage = "No credentials";
Logger.LogInformation(noCredentialsMessage);
return(AuthenticateResult.Fail(noCredentialsMessage));
}
try
{
string decodedCredentials = string.Empty;
try
{
decodedCredentials = Encoding.UTF8.GetString(Convert.FromBase64String(encodedCredentials));
}
catch (Exception ex)
{
throw new Exception($"Failed to decode credentials : {encodedCredentials}", ex);
}
var delimiterIndex = decodedCredentials.IndexOf(':');
if (delimiterIndex == -1)
{
const string missingDelimiterMessage = "Invalid credentials, missing delimiter.";
Logger.LogInformation(missingDelimiterMessage);
return(AuthenticateResult.Fail(missingDelimiterMessage));
}
var username = decodedCredentials.Substring(0, delimiterIndex);
var password = decodedCredentials.Substring(delimiterIndex + 1);
var validateCredentialsContext = new ValidateCredentialsContext(Context, Scheme, Options)
{
Username = username,
Password = password
};
await Options.Events.ValidateCredentials(validateCredentialsContext);
if (validateCredentialsContext.Result != null)
{
var ticket = new AuthenticationTicket(validateCredentialsContext.Principal, Scheme.Name);
return(AuthenticateResult.Success(ticket));
}
return(AuthenticateResult.NoResult());
}
catch (Exception ex)
{
var authenticationFailedContext = new AuthenticationFailedContext(Context, Scheme, Options)
{
Exception = ex
};
await Options.Events.AuthenticationFailed(authenticationFailedContext);
if (authenticationFailedContext.Result.Succeeded)
{
return(AuthenticateResult.Success(authenticationFailedContext.Result.Ticket));
}
if (authenticationFailedContext.Result.None)
{
return(AuthenticateResult.NoResult());
}
throw;
}
}