public Task <IAuthenticationHandler> GetHandlerAsync(HttpContext context, string authenticationScheme) { var activeApplication = _applicationService.GetActiveApplication(); if (!ProxyAuthComponents.IsSchemeForApplication(authenticationScheme, activeApplication)) { return(Task.FromResult <IAuthenticationHandler>(null)); } return(_provider.GetHandlerAsync(context, authenticationScheme)); }
public async Task Invoke(HttpContext context, IProxyApplicationService applicationService, IPolicyEvaluator policyEvaluator) { var activeApplication = applicationService.GetActiveApplication(); var mode = context.Request.PathBase == ProxyMetaEndpoints.PathBase ? PathAuthOptions.AuthMode.Web : activeApplication.GetPathMode(context.Request.Path); if (!mode.HasValue) { context.Response.StatusCode = (int)HttpStatusCode.Forbidden; context.SetErrorDetail(Errors.Code.UnconfiguredPath, "Path has no authentication method configured."); return; } if (mode == PathAuthOptions.AuthMode.None) { await _next(context); return; } var policyName = mode == PathAuthOptions.AuthMode.Web ? ProxyAuthComponents.GetWebPolicyName(activeApplication) : ProxyAuthComponents.GetApiPolicyName(activeApplication); var policy = await _policyProvider.GetPolicyAsync(policyName); var authenticateResult = await policyEvaluator.AuthenticateAsync(policy, context); var authorizeResult = await policyEvaluator.AuthorizeAsync(policy, authenticateResult, context, null); var telemetry = context.Features.Get <RequestTelemetry>(); if (telemetry != null && authenticateResult.Succeeded) { telemetry.Context.User.Id = context.User.Identity.Name; } if (authorizeResult.Challenged) { await context.ChallengeAsync(policy.AuthenticationSchemes.First()); } else if (authorizeResult.Forbidden) { await context.ForbidAsync(policy.AuthenticationSchemes.First()); } else { await _next(context); } }