protected override Task <AuthenticateResult> HandleAuthenticateAsync()
{
var headerName = AuthenticationHeaderHelper.GetHeaderName(Scheme.Name);
StringValues authHeaderString;
var existAuthorizationHeader =
Context.Request.Headers.TryGetValue(headerName, out authHeaderString);
if (existAuthorizationHeader == false)
{
Logger.LogInformation("{Scheme} No {HeaderName} header present", Scheme.Name, headerName);
return(Task.FromResult(AuthenticateResult.Fail("No Authorization header present")));
}
AuthenticationHeaderValue authHeader;
var canParse = AuthenticationHeaderValue.TryParse(authHeaderString[0], out authHeader);
if (canParse == false)
{
Logger.LogInformation("{Scheme} {HeaderName} header not valid", Scheme.Name, headerName);
return(Task.FromResult(AuthenticateResult.Fail("Authorization header not valid")));
}
var headerClaims = DefautClaimsEncoder.Decode(authHeader.Parameter).ToArray();
if (headerClaims.Length == 0)
{
Logger.LogInformation("{Scheme} Invalid claims", Scheme.Name);
return(Task.FromResult(AuthenticateResult.Fail("Invalid claims")));
}
var identity = new ClaimsIdentity(
claims: Options.CommonClaims.Union(headerClaims),
authenticationType: Scheme.Name,
nameType: Options.NameClaimType,
roleType: Options.RoleClaimType);
var ticket = new AuthenticationTicket(
new ClaimsPrincipal(identity),
new AuthenticationProperties(),
Scheme.Name);
Logger.LogInformation("{Scheme} Authenticated", Scheme.Name);
return(Task.FromResult(AuthenticateResult.Success(ticket)));
}
protected override Task <AuthenticateResult> HandleAuthenticateAsync()
{
StringValues authHeaderString;
var existAuthorizationHeader =
Context.Request.Headers.TryGetValue(Constants.AuthenticationHeaderName, out authHeaderString);
if (existAuthorizationHeader == false)
{
return(Task.FromResult(AuthenticateResult.Fail("No Authorization header present")));
}
AuthenticationHeaderValue authHeader;
var canParse = AuthenticationHeaderValue.TryParse(authHeaderString[0], out authHeader);
if (canParse == false || authHeader.Scheme != TestServerAuthenticationDefaults.AuthenticationScheme)
{
return(Task.FromResult(AuthenticateResult.Fail("Authorization header not valid")));
}
var headerClaims = DefautClaimsEncoder.Decode(authHeader.Parameter).ToArray();
if (headerClaims.Length == 0)
{
return(Task.FromResult(AuthenticateResult.Fail("Authorization header with no claims")));
}
var identity = new ClaimsIdentity(
claims: Options.CommonClaims.Union(headerClaims),
authenticationType: Scheme.Name,
nameType: Options.NameClaimType,
roleType: Options.RoleClaimType);
var ticket = new AuthenticationTicket(
new ClaimsPrincipal(identity),
new AuthenticationProperties(),
Scheme.Name);
return(Task.FromResult(AuthenticateResult.Success(ticket)));
}
