Ejemplo n.º 1
0
        /// <summary>
        /// Deals with 401 challenge concerns.
        /// </summary>
        /// <returns>return null</returns>
        protected override Task ApplyResponseChallengeAsync()
        {
            if (Response.StatusCode == MixedAuthConstants.FakeStatusCode)
            {
                // fake status code to be handled by HttpApplication.EndRequest Event.

                return(Task.FromResult <object>(null));
            }

            if (Response.StatusCode != 401)
            {
                // Not a challege, move on.

                return(Task.FromResult <object>(null));
            }

            AuthenticationResponseChallenge challenge = Helper.LookupChallenge(Options.AuthenticationType, Options.AuthenticationMode);

            if (challenge != null)
            {
                //update redirect uri if not set.
                var state = challenge.Properties;
                if (String.IsNullOrEmpty(state.RedirectUri))
                {
                    state.RedirectUri = Request.Scheme + Uri.SchemeDelimiter + Request.Host + Request.PathBase + Request.Path + Request.QueryString;
                }

                //if (Context.Request.User.Identity.IsAuthenticated)

                var logonUserIdentity = Options.Provider.GetLogonUserIdentity(Context);
                // If not authenticated or already authenticated using cookies, current identity will be the IIS App Pool, must re-authenticate.
                if (logonUserIdentity.AuthenticationType == Options.CookieOptions.AuthenticationType || !logonUserIdentity.IsAuthenticated)
                {
                    //replace cookie if already authenticated, must re-authenticate.
                    ReplaceCookie();
                }

                string redirectUri = Request.Scheme +
                                     Uri.SchemeDelimiter +
                                     Request.Host +
                                     RequestPathBase +
                                     Options.CallbackPath + "?state=" + Uri.EscapeDataString(Options.StateDataFormat.Protect(state));


                var redirectContext = new MixedAuthApplyRedirectContext(Context, Options, state, redirectUri);
                Options.Provider.ApplyRedirect(redirectContext);
            }
            return(Task.FromResult <object>(null));
        }
Ejemplo n.º 2
0
 /// <summary>
 /// Called when a Challenge causes a redirect to authorize endpoint in the MixedAuth middleware
 /// </summary>
 /// <param name="context">Contains redirect URI and <see cref="AuthenticationProperties"/> of the challenge </param>
 public virtual void ApplyRedirect(MixedAuthApplyRedirectContext context)
 {
     OnApplyRedirect(context);
 }