protected override Task <AuthenticateResult> HandleAuthenticateAsync()
{
if (!Request.Headers.TryGetValue(HeaderNames.Authorization, out var authorization))
{
return(Task.FromResult(AuthenticateResult.Fail("Cannot read authorization header.")));
}
string[] parts = authorization.ToArray()[0].Split(" ");
if (parts.Length != 2)
{
return(Task.FromResult(AuthenticateResult.Fail("Invalid JWT security token.")));
}
string tokenString = parts[1];
try
{
JsonWebToken.Authenticate(tokenString, Options.Issuer, Options.Audience, Options.SigningKey);
}
catch (Exception ex)
{
Trace.TraceError(ex.Message);
return(Task.FromResult(AuthenticateResult.Fail("Not authenticated.")));
}
var ticket = new AuthenticationTicket((ClaimsPrincipal)Thread.CurrentPrincipal, Options.Scheme);
return(Task.FromResult <AuthenticateResult>(AuthenticateResult.Success(ticket)));
}
