Beispiel #1
0
        public override void OnAuthorization(HttpActionContext actionContext)
        {
            string authHeader = (from h in actionContext.Request.Headers
                                 where h.Key == "Authorization"
                                 select h.Value.First()).FirstOrDefault();

            if (authHeader == null)
            {
                HandleUnauthorizedRequest(actionContext);
            }
            else
            {
                string[] tokens = authHeader.Split(' ');
                if (tokens[0] == "Bearer")
                {
                    string jwt = tokens[1];
                    if (isValidRequest(jwt) == false)
                    {
                        HandleUnauthorizedRequest(actionContext);
                    }

                    var controller = actionContext.ControllerContext.Controller as ApiController;
                    if (controller != null)
                    {
                        var jwtToken = new JwtSecurityToken(tokens[1]);
                        var claims   = jwtToken.Claims;

                        var name = claims.Where(x => x.Type == "nameid")
                                   .Select(x => x.Value)
                                   .FirstOrDefault();

                        TlvIdentity identity = new TlvIdentity()
                        {
                            Name            = name,
                            IsAuthenticated = true
                        };

                        controller.User = new TlvPrincipal(identity, claims);
                    }

                    return;
                }
            }
        }
Beispiel #2
0
 public TlvPrincipal(TlvIdentity identity, IEnumerable <Claim> claims)
 {
     this.Identity = identity;
     this.Claims   = claims;
 }