public override async Task OnActionExecutingAsync(HttpActionContext actionContext, CancellationToken cancellationToken)
{
var provider = this.GetCredentialProvider();
var botAuthenticator = new BotAuthenticator(provider, GetOpenIdConfigurationUrl(), DisableEmulatorTokens);
try
{
var identityToken = await botAuthenticator.AuthenticateAsync(actionContext.Request, GetActivities(actionContext), cancellationToken);
// the request is not authenticated, fail with 401.
if (!identityToken.Authenticated)
{
actionContext.Response = BotAuthenticator.GenerateUnauthorizedResponse(actionContext.Request, "BotAuthenticator failed to authenticate incoming request!");
return;
}
}
catch (Exception e)
{
actionContext.Response = BotAuthenticator.GenerateUnauthorizedResponse(actionContext.Request, $"Failed authenticating incoming request: {e.ToString()}");
return;
}
await base.OnActionExecutingAsync(actionContext, cancellationToken);
}
public async override Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
{
var provider = this.GetCredentialProvider();
var botAuthenticator = new BotAuthenticator(provider, GetOpenIdConfigurationUrl(), DisableEmulatorTokens);
try
{
var identityToken = await botAuthenticator.AuthenticateAsync(context.HttpContext.Request,
GetActivities(context), context.HttpContext.RequestAborted);
// the request is not authenticated, fail with 401.
if (!identityToken.Authenticated)
{
context.Result = BotAuthenticator.GenerateUnauthorizedResponse(context.HttpContext, "BotAuthenticator failed to authenticate incoming request!");
return;
}
}
catch (Exception e)
{
context.Result = BotAuthenticator.GenerateUnauthorizedResponse(context.HttpContext, $"Failed authenticating incoming request: {e.ToString()}");
return;
}
await next();
}