/// <summary>
/// Deals with 401 challenge concerns.
/// </summary>
/// <returns>return null</returns>
protected override Task ApplyResponseChallengeAsync()
{
if (Response.StatusCode == MixedAuthConstants.FakeStatusCode)
{
// fake status code to be handled by HttpApplication.EndRequest Event.
return(Task.FromResult <object>(null));
}
if (Response.StatusCode != 401)
{
// Not a challege, move on.
return(Task.FromResult <object>(null));
}
AuthenticationResponseChallenge challenge = Helper.LookupChallenge(Options.AuthenticationType, Options.AuthenticationMode);
if (challenge != null)
{
//update redirect uri if not set.
var state = challenge.Properties;
if (String.IsNullOrEmpty(state.RedirectUri))
{
state.RedirectUri = Request.Scheme + Uri.SchemeDelimiter + Request.Host + Request.PathBase + Request.Path + Request.QueryString;
}
//if (Context.Request.User.Identity.IsAuthenticated)
var logonUserIdentity = Options.Provider.GetLogonUserIdentity(Context);
// If not authenticated or already authenticated using cookies, current identity will be the IIS App Pool, must re-authenticate.
if (logonUserIdentity.AuthenticationType == Options.CookieOptions.AuthenticationType || !logonUserIdentity.IsAuthenticated)
{
//replace cookie if already authenticated, must re-authenticate.
ReplaceCookie();
}
string redirectUri = Request.Scheme +
Uri.SchemeDelimiter +
Request.Host +
RequestPathBase +
Options.CallbackPath + "?state=" + Uri.EscapeDataString(Options.StateDataFormat.Protect(state));
var redirectContext = new MixedAuthApplyRedirectContext(Context, Options, state, redirectUri);
Options.Provider.ApplyRedirect(redirectContext);
}
return(Task.FromResult <object>(null));
}
/// <summary>
/// Called when a Challenge causes a redirect to authorize endpoint in the MixedAuth middleware
/// </summary>
/// <param name="context">Contains redirect URI and <see cref="AuthenticationProperties"/> of the challenge </param>
public virtual void ApplyRedirect(MixedAuthApplyRedirectContext context)
{
OnApplyRedirect(context);
}
