protected void Authenticated(IncomingHttpRequestMessage message, IPrincipal user)
{
var authenticatedEntity = message.Entity.SetUser(user);
message.NextStagePublisher.Publish(
new AuthenticatedHttpRequestMessage(message.HttpService, authenticatedEntity));
}
public HttpBasicAuthenticationRequest(
BasicHttpAuthenticationProvider basicHttpAuthenticationProvider, IncomingHttpRequestMessage message,
string name, string suppliedPassword)
: base(name, suppliedPassword)
{
_basicHttpAuthenticationProvider = basicHttpAuthenticationProvider;
_message = message;
}
public HttpBasicAuthenticationRequest(
BasicHttpAuthenticationProvider basicHttpAuthenticationProvider, IncomingHttpRequestMessage message,
string name, string suppliedPassword)
: base($"(HTTP) {message.Entity.Request?.RemoteEndPoint}", name, suppliedPassword)
{
_basicHttpAuthenticationProvider = basicHttpAuthenticationProvider;
_message = message;
}
public override bool Authenticate(IncomingHttpRequestMessage message)
{
var entity = message.Entity;
if (entity.User == null)
{
Authenticated(message, user: null);
return(true);
}
return(false);
}
public override bool Authenticate(IncomingHttpRequestMessage message)
{
switch (message.Entity.User)
{
case ClaimsPrincipal claimsPrincipal when !claimsPrincipal.Identity.IsAuthenticated:
case null:
Authenticated(message, user: null);
return(true);
default:
return(false);
}
}
public override bool Authenticate(IncomingHttpRequestMessage message)
{
var header = message.Entity.Request.Headers[SystemHeaders.TrustedAuth];
if (!string.IsNullOrEmpty(header))
{
var principal = CreatePrincipal(header);
if (principal != null)
Authenticated(message, principal);
else
ReplyUnauthorized(message.Entity);
return true;
}
return false;
}
public override bool Authenticate(IncomingHttpRequestMessage message)
{
//NOTE: this method can be invoked on multiple threads - needs to be thread safe
var entity = message.Entity;
var basicIdentity = entity.User != null ? entity.User.Identity as HttpListenerBasicIdentity : null;
if (basicIdentity != null)
{
string name = basicIdentity.Name;
string suppliedPassword = basicIdentity.Password;
var authenticationRequest = new HttpBasicAuthenticationRequest(this, message, name, suppliedPassword);
_internalAuthenticationProvider.Authenticate(authenticationRequest);
return(true);
}
return(false);
}
public override bool Authenticate(IncomingHttpRequestMessage message)
{
//NOTE: this method can be invoked on multiple threads - needs to be thread safe
var entity = message.Entity;
if (!AuthenticationHeaderValue.TryParse(
entity.Request.GetHeaderValues("authorization"),
out var authenticationHeader) ||
authenticationHeader.Scheme != "Basic" ||
!TryDecodeCredential(authenticationHeader.Parameter, out var username, out var password))
{
return(false);
}
var authenticationRequest = new HttpBasicAuthenticationRequest(this, message, username, password);
_internalAuthenticationProvider.Authenticate(authenticationRequest);
return(true);
}
public override bool Authenticate(IncomingHttpRequestMessage message)
{
var header = message.Entity.Request.GetHeaderValues(SystemHeaders.TrustedAuth);
if (!string.IsNullOrEmpty(header))
{
var principal = CreatePrincipal(header);
if (principal != null)
{
Authenticated(message, principal);
}
else
{
ReplyUnauthorized(message.Entity);
}
return(true);
}
return(false);
}
public abstract bool Authenticate(IncomingHttpRequestMessage message);
