public virtual Task SignatureValidated(SignatureValidatedContext context) => OnSignatureValidated(context);
/// <summary>
/// Searches the 'Authorization' header for a 'appsec' signature. If the 'appsec' signature is found.
/// </summary>
/// <returns></returns>
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
string signature = null;
try
{
// Give application opportunity to find from a different location, adjust, or reject signature
var messageReceivedContext = new MessageReceivedContext(Context, Scheme, Options);
//// event can set the signature
await Events.MessageReceived(messageReceivedContext);
if (messageReceivedContext.Result != null)
{
return(messageReceivedContext.Result);
}
// If application retrieved signature from somewhere else, use that.
signature = messageReceivedContext.Signature;
if (string.IsNullOrEmpty(signature))
{
string authorization = Request.Headers["Authorization"];
// If no authorization header found, nothing to process further
if (string.IsNullOrEmpty(authorization))
{
return(AuthenticateResult.NoResult());
}
if (authorization.StartsWith("appsec ", StringComparison.OrdinalIgnoreCase))
{
string fullAuth = authorization.Substring("appsec ".Length).Trim();
string[] Auth = fullAuth.Replace("appsec ", "").Split(':');
AccessID = Auth[0];
signature = Auth[1];
if (string.IsNullOrEmpty(signature))
{
return(AuthenticateResult.NoResult());
}
Options.PublicKey = AccessID;
Signature = signature;
}
// If no token found, no further work possible
if (string.IsNullOrEmpty(signature))
{
return(AuthenticateResult.NoResult());
}
}
List <Exception> validationFailures = null;
if (Authorize(Request, AccessID, Signature))
{
var signatureValidatedContext = new SignatureValidatedContext(Context, Scheme, Options);
HmacIdentity identityUser = null;
if (identityUser == null)
{
identityUser = new HmacIdentity(AccessID);
}
var principal = new ClaimsPrincipal(identityUser);
var ticket = new AuthenticationTicket(principal, new AuthenticationProperties(), HmacDefaults.AuthenticationScheme);
return(AuthenticateResult.Success(ticket));
}
if (validationFailures != null)
{
var authenticationFailedContext = new AuthenticationFailedContext(Context, Scheme, Options)
{
Exception = (validationFailures.Count == 1) ? validationFailures[0] : new AggregateException(validationFailures)
};
await Events.AuthenticationFailed(authenticationFailedContext);
if (authenticationFailedContext.Result != null)
{
return(authenticationFailedContext.Result);
}
System.IO.File.WriteAllLines(@"Error1.txt", new string[] { "um.." });
return(AuthenticateResult.Fail(authenticationFailedContext.Exception));
}
System.IO.File.WriteAllLines(@"Failed.txt", new string[] { "I don't know." });
return(AuthenticateResult.Fail("No SignatureValidator available for signature: " + signature ?? "[null]"));
}
catch (Exception ex)
{
System.IO.File.WriteAllLines(@"Error.txt", new string[] { ex.Message });
var authenticationFailedContext = new AuthenticationFailedContext(Context, Scheme, Options)
{
Exception = ex
};
await Events.AuthenticationFailed(authenticationFailedContext);
if (authenticationFailedContext.Result != null)
{
return(authenticationFailedContext.Result);
}
throw;
}
}