public async Task <bool> HandleRequestAsync()
{
var result = await _inner.HandleRequestAsync();
if (result && _context.GetSignOutCalled() && _context.Response.StatusCode == 200)
{
await ProcessFederatedSignOutRequestAsync();
}
return(result);
}
public async Task <bool> HandleRequestAsync()
{
var result = await _inner.HandleRequestAsync();
if (result && _context.GetSignOutCalled() && _context.Response.StatusCode == 200)
{
// given that this runs prior to the authentication middleware running
// we need to explicitly trigger authentication so we can have our
// session service populated with the current user info
await _context.AuthenticateAsync();
// now we can do our processing to render the iframe (if needed)
await ProcessFederatedSignOutRequestAsync();
}
return(result);
}
public async Task Invoke(HttpContext context)
{
context.Features.Set <IAuthenticationFeature>((IAuthenticationFeature) new AuthenticationFeature()
{
OriginalPath = context.Request.Path,
OriginalPathBase = context.Request.PathBase
});
IAuthenticationHandlerProvider handlers = context.RequestServices.GetRequiredService <IAuthenticationHandlerProvider>();
foreach (AuthenticationScheme authenticationScheme in await this.Schemes.GetRequestHandlerSchemesAsync())
{
IAuthenticationRequestHandler handlerAsync = await handlers.GetHandlerAsync(context, authenticationScheme.Name) as IAuthenticationRequestHandler;
bool flag = handlerAsync != null;
if (flag)
{
flag = await handlerAsync.HandleRequestAsync();
}
if (flag)
{
return;
}
}
AuthenticationScheme authenticateSchemeAsync = await this.Schemes.GetDefaultAuthenticateSchemeAsync();
if (authenticateSchemeAsync != null)
{
AuthenticateResult authenticateResult = await context.AuthenticateAsync(authenticateSchemeAsync.Name);
if (authenticateResult?.Principal != null)
{
context.User = authenticateResult.Principal;
}
}
await this._next(context);
}
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, DefaultRequirement requirement)
{
AuthorizationFilterContext authorizationFilterContext = context.Resource as AuthorizationFilterContext;
HttpContext httpContext = authorizationFilterContext.HttpContext;
IAuthenticationHandlerProvider handlers = httpContext.RequestServices.GetRequiredService <IAuthenticationHandlerProvider>();
foreach (AuthenticationScheme scheme in await _schemes.GetRequestHandlerSchemesAsync())
{
IAuthenticationRequestHandler handler = await handlers.GetHandlerAsync(httpContext, scheme.Name) as IAuthenticationRequestHandler;
if (handler != null && await handler.HandleRequestAsync())
{
context.Fail();
return;
}
}
AuthenticationScheme defaultAuthenticate = await _schemes.GetDefaultAuthenticateSchemeAsync();
if (defaultAuthenticate != null)
{
AuthenticateResult result = await httpContext.AuthenticateAsync(defaultAuthenticate.Name);
if (result?.Principal != null)
{
if (long.Parse(result.Principal.Claims.SingleOrDefault(s => s.Type == "exp").Value) < DateTime.Now.ToIntS())
{
authorizationFilterContext.Result = new JsonResult(new MessageResult
{
Msg = ConifgMessage.TIMEOUT,
Status = false
})
{
StatusCode = 401
};
}
else
{
httpContext.User = result.Principal;
if (requirement.Validation != null)
{
AuthResult validMsg = requirement.Validation(httpContext);
if (!validMsg.IsValid)
{
authorizationFilterContext.Result = new JsonResult(new MessageResult
{
Msg = validMsg.Msg,
Status = false
})
{
StatusCode = 401
};
}
}
}
}
else
{
authorizationFilterContext.Result = new JsonResult(new MessageResult
{
Msg = ConifgMessage.NOTRIGHT,
Status = false
})
{
StatusCode = 401
};
}
}
else
{
context.Fail();
return;
}
context.Succeed(requirement);
}