Beispiel #1
0
 public virtual Task SignatureValidated(SignatureValidatedContext context) => OnSignatureValidated(context);
        /// <summary>
        /// Searches the 'Authorization' header for a 'appsec' signature. If the 'appsec' signature is found.
        /// </summary>
        /// <returns></returns>
        protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
        {
            string signature = null;

            try
            {
                // Give application opportunity to find from a different location, adjust, or reject signature
                var messageReceivedContext = new MessageReceivedContext(Context, Scheme, Options);

                //// event can set the signature
                await Events.MessageReceived(messageReceivedContext);

                if (messageReceivedContext.Result != null)
                {
                    return(messageReceivedContext.Result);
                }

                // If application retrieved signature from somewhere else, use that.
                signature = messageReceivedContext.Signature;

                if (string.IsNullOrEmpty(signature))
                {
                    string authorization = Request.Headers["Authorization"];

                    // If no authorization header found, nothing to process further
                    if (string.IsNullOrEmpty(authorization))
                    {
                        return(AuthenticateResult.NoResult());
                    }

                    if (authorization.StartsWith("appsec ", StringComparison.OrdinalIgnoreCase))
                    {
                        string   fullAuth = authorization.Substring("appsec ".Length).Trim();
                        string[] Auth     = fullAuth.Replace("appsec ", "").Split(':');
                        AccessID  = Auth[0];
                        signature = Auth[1];
                        if (string.IsNullOrEmpty(signature))
                        {
                            return(AuthenticateResult.NoResult());
                        }
                        Options.PublicKey = AccessID;
                        Signature         = signature;
                    }

                    // If no token found, no further work possible
                    if (string.IsNullOrEmpty(signature))
                    {
                        return(AuthenticateResult.NoResult());
                    }
                }

                List <Exception> validationFailures = null;
                if (Authorize(Request, AccessID, Signature))
                {
                    var          signatureValidatedContext = new SignatureValidatedContext(Context, Scheme, Options);
                    HmacIdentity identityUser = null;
                    if (identityUser == null)
                    {
                        identityUser = new HmacIdentity(AccessID);
                    }
                    var principal = new ClaimsPrincipal(identityUser);
                    var ticket    = new AuthenticationTicket(principal, new AuthenticationProperties(), HmacDefaults.AuthenticationScheme);
                    return(AuthenticateResult.Success(ticket));
                }

                if (validationFailures != null)
                {
                    var authenticationFailedContext = new AuthenticationFailedContext(Context, Scheme, Options)
                    {
                        Exception = (validationFailures.Count == 1) ? validationFailures[0] : new AggregateException(validationFailures)
                    };

                    await Events.AuthenticationFailed(authenticationFailedContext);

                    if (authenticationFailedContext.Result != null)
                    {
                        return(authenticationFailedContext.Result);
                    }
                    System.IO.File.WriteAllLines(@"Error1.txt", new string[] { "um.." });
                    return(AuthenticateResult.Fail(authenticationFailedContext.Exception));
                }
                System.IO.File.WriteAllLines(@"Failed.txt", new string[] { "I don't know." });
                return(AuthenticateResult.Fail("No SignatureValidator available for signature: " + signature ?? "[null]"));
            }
            catch (Exception ex)
            {
                System.IO.File.WriteAllLines(@"Error.txt", new string[] { ex.Message });
                var authenticationFailedContext = new AuthenticationFailedContext(Context, Scheme, Options)
                {
                    Exception = ex
                };

                await Events.AuthenticationFailed(authenticationFailedContext);

                if (authenticationFailedContext.Result != null)
                {
                    return(authenticationFailedContext.Result);
                }

                throw;
            }
        }