protected override async Task <AuthenticationTicket> AuthenticateCoreAsync()
{
var properties = new AuthenticationProperties();
if (!Request.Headers.TryGetValue(DigestAuthImplementation.AuthorizationHeaderName, out var headerValue))
{
return(new AuthenticationTicket(null, properties));
}
if (!DigestChallengeResponse.TryParse(headerValue.FirstOrDefault(), out var challengeResponse))
{
return(new AuthenticationTicket(null, properties));
}
string validatedUsername = await _digestAuth.ValidateChallangeAsync(challengeResponse, Request.Method);
if (validatedUsername == null)
{
return(new AuthenticationTicket(null, properties));
}
var identity = new ClaimsIdentity("Digest");
identity.AddClaim(new Claim(DigestAuthImplementation.DigestAuthenticationClaimName, validatedUsername));
if (_digestAuth.UseAuthenticationInfoHeader)
{
Response.Headers[DigestAuthImplementation.AuthenticationInfoHeaderName] = await _digestAuth.BuildAuthInfoHeaderAsync(challengeResponse);
}
return(new AuthenticationTicket(identity, properties));
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
if (!Request.Headers.TryGetValue(DigestAuthImplementation.AuthorizationHeaderName, out var headerValue))
{
return(AuthenticateResult.NoResult());
}
if (!DigestChallengeResponse.TryParse(headerValue, out var challengeResponse))
{
return(AuthenticateResult.NoResult());
}
string validatedUsername = await _digestAuth.ValidateChallangeAsync(challengeResponse, Request.Method);
if (validatedUsername == null)
{
return(AuthenticateResult.NoResult());
}
var identity = new ClaimsIdentity(Scheme.Name);
identity.AddClaim(new Claim(DigestAuthImplementation.DigestAuthenticationClaimName, validatedUsername));
var principal = new ClaimsPrincipal(identity);
if (_digestAuth.UseAuthenticationInfoHeader)
{
Response.Headers[DigestAuthImplementation.AuthenticationInfoHeaderName] = await _digestAuth.BuildAuthInfoHeaderAsync(challengeResponse);
}
return(AuthenticateResult.Success(new AuthenticationTicket(principal, new AuthenticationProperties(), Scheme.Name)));
}
