public async Task AuthorizeAsync(WebJobAuthorizationContext context)
{
if (context is null)
{
throw new ArgumentNullException(nameof(context));
}
if (context.HttpContext.Items.ContainsKey(AuthInvokedKey))
{
return;
}
var effectivePolicy = await this.ComputePolicyAsync();
if (effectivePolicy is null)
{
return;
}
var httpContext = context.HttpContext;
await this.AuthenticateRequestAsync(context);
var evaluator = httpContext.RequestServices.GetRequiredService <IPolicyEvaluator>();
var authenticateResult = await evaluator.AuthenticateAsync(effectivePolicy, context.HttpContext);
var authorizeResult = await evaluator.AuthorizeAsync(effectivePolicy, authenticateResult, context.HttpContext, context);
if (authorizeResult.Challenged)
{
context.Result = new ChallengeResult(effectivePolicy.AuthenticationSchemes.ToArray());
}
else if (authorizeResult.Forbidden)
{
context.Result = new ForbidResult(effectivePolicy.AuthenticationSchemes.ToArray());
}
}
private async Task <AuthenticateResult> AuthenticateRequestAsync(WebJobAuthorizationContext context)
{
var httpContext = context.HttpContext;
var handlers = httpContext.RequestServices.GetService <IAuthenticationHandlerProvider>();
foreach (var scheme in await this.SchemeProvider.GetRequestHandlerSchemesAsync())
{
var handler = await handlers.GetHandlerAsync(httpContext, scheme.Name) as IAuthenticationRequestHandler;
if (handler != null)
{
var result = await handler.AuthenticateAsync();
if (result.Succeeded)
{
httpContext.User = result.Principal;
return(result);
}
}
}
var defaultAuthenticate = await this.SchemeProvider.GetDefaultAuthenticateSchemeAsync();
if (defaultAuthenticate != null)
{
var result = await httpContext.AuthenticateAsync(defaultAuthenticate.Name);
if (result?.Principal != null)
{
httpContext.User = result.Principal;
return(result);
}
}
return(AuthenticateResult.NoResult());
}
