protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
BasicAuthIdentity identity = null;
switch (ServiceConfig.GetAuthenticationMode())
{
case ServiceConfig.AuthenticationMode.ActiveDirectory:
identity = ServiceConfig.ParseAuthorizationHeader(request);
break;
case ServiceConfig.AuthenticationMode.ActiveDirectorySingleUser:
case ServiceConfig.AuthenticationMode.ThirdPartyProvider:
identity = ServiceConfig.ParseUserCredential();
break;
}
if (identity == null || !ServiceConfig.OnAuthorizeUser(identity))
{
return(Task.Factory.StartNew(() =>
{
return request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Missing or invalid authentication credential");
}));
}
Thread.CurrentPrincipal = new GenericPrincipal(identity, null);
return(base.SendAsync(request, cancellationToken));
}
public static TClass CreateContext <TClass>() where TClass : new()
{
try
{
dynamic context = new TClass();
var company = HttpContext.Current.Request.QueryString.Get("company");
if (!String.IsNullOrEmpty(company))
{
context.Company = company;
}
if (ServiceConfig.GetAuthenticationMode() == ServiceConfig.AuthenticationMode.ThirdPartyProvider)
{
context.LogonAsUser = String.Format("{0}\\{1}",
HttpContext.Current.User.Identity.AuthenticationType,
HttpContext.Current.User.Identity.Name);
}
return(context);
}
catch (Exception e)
{
throw e;
}
}
public static TClass CreateContext <TClass>() where TClass : new()
{
try
{
dynamic context = new TClass();
var company = HttpContext.Current.Request.QueryString.Get("company");
if (!String.IsNullOrEmpty(company))
{
context.Company = company;
}
if (ServiceConfig.GetAuthenticationMode() == ServiceConfig.AuthenticationMode.ThirdPartyProvider)
{
context.LogonAsUser = String.Format("{0}\\{1}",
HttpContext.Current.User.Identity.AuthenticationType,
HttpContext.Current.User.Identity.Name);
}
else if (ServiceConfig.GetAuthenticationMode() == ServiceConfig.AuthenticationMode.Impersonate)
{
string domain = HttpContext.Current.User.Identity.AuthenticationType;
string username = "";
ClaimsPrincipal claimsPrincipal = HttpContext.Current.User as ClaimsPrincipal;
string email = claimsPrincipal.FindFirst(ClaimTypes.Upn) != null?claimsPrincipal.FindFirst(ClaimTypes.Upn).Value : claimsPrincipal.FindFirst(ClaimTypes.Email).Value;
//aad is Azure Active Directory - if aad is used then use the internal network domain name from the app settings
//Other possible values are Google, Facebook, Twitter - for those we will pass direct to AX as a claims user
if (String.Equals(domain, "aad"))
{
domain = ConfigurationManager.AppSettings["API_AUTH_USER_DOMAIN"];
MailAddress addr = new MailAddress(email); //takes [email protected]
username = addr.User; //returns username
}
context.LogonAsUser = String.Format("{0}\\{1}", domain, username);
}
return(context);
}
catch (Exception e)
{
throw e;
}
}
