/// <summary>
/// Returns whether or not the current HTTP rquest is allowed to proceeed
/// </summary>
/// <param name="request">The current HTTP request</param>
/// <returns>True if the current HTTP request is allowed; false, otherwise</returns>
protected override bool IsRequestAllowed(HttpRequestMessage request)
{
request.NotNull(nameof(request));
string securityToken;
if (!TryRetrieveToken(request, out securityToken))
return !ForceAuthentication;
return ValidateToken(request, securityToken);
}
/// <summary>
/// Returns whether or not the current HTTP request is allowed to proceeed
/// </summary>
/// <param name="request">The current HTTP request</param>
/// <returns>True if the current HTTP request is allowed; false, otherwise</returns>
protected override bool IsRequestAllowed(
HttpRequestMessage request)
{
request.NotNull(nameof(request));
AclClientCredentials credentials;
if (!TryRetrieveApiCredentials(request, out credentials))
return !ForceAuthentication;
return ValidateApiCredentials(request, credentials);
}
/// <summary>
/// Tries to convert the authorization header from the request (if any)
/// into an instance of AclClientCredentials
/// </summary>
/// <param name="request">The request</param>
/// <param name="credentials">The credentials</param>
/// <returns>True when a valid base-64 basic authorization is found; false, otherwise</returns>
public bool TryParse(
HttpRequestMessage request,
out AclClientCredentials credentials)
{
request.NotNull(nameof(request));
credentials = null;
var authorization =
ExtractCredentials(request.Headers.Authorization);
if (authorization.Length != 2)
return false;
credentials = new AclClientCredentials(
authorization[0],
authorization[1]);
return true;
}
