public override void OnAuthorization(HttpActionContext actionContext)
{
Domain.Abstract.IUserRepository userRepository = actionContext.Request.GetDependencyScope()
.GetService(typeof(Domain.Abstract.IUserRepository)) as Domain.Abstract.IUserRepository;
if (actionContext.Request.Headers.Authorization == null)
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);
}
else
{
string[] usernamePasswordArray = Helpers.SecurityHelper
.GetDecodedUserNameAndPassordFromAuthorizationHeader(actionContext.Request.Headers.Authorization.Parameter);
if (userRepository.ClientKeyIsValid(usernamePasswordArray[0], usernamePasswordArray[1]))
{
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity(usernamePasswordArray[0]), null);
}
else
{
actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized)
{
Content = new StringContent("[{\"Error\":\"Unauthorized\"}]", Encoding.UTF8, "application/json"),
ReasonPhrase = "Authentication failed"
};
}
}
}
public HttpResponseMessage IsClientKeyValid()
{
if (Request.Headers.Authorization == null)
{
var respEx = new HttpResponseMessage(HttpStatusCode.Unauthorized)
{
Content = new StringContent("[{\"Error\":\"No authorization parameter found in request header.\"}]", Encoding.UTF8, "application/json"),
ReasonPhrase = "Invalid parameter"
};
return(respEx);
}
string[] usernamePasswordArray = Helpers.SecurityHelper.GetDecodedUserNameAndPassordFromAuthorizationHeader(Request.Headers.Authorization.Parameter);
var isValid = _userRepository.ClientKeyIsValid(usernamePasswordArray[0], usernamePasswordArray[1]);
var response = Request.CreateResponse(HttpStatusCode.OK, isValid);
response.Headers.Location = new Uri(Request.RequestUri.ToString());
return(response);
}
