public Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken)
{
var queryParams = context.Request.GetQueryNameValuePairs();
string antiforgeryToken = null;
foreach (var queryParam in queryParams)
{
if (queryParam.Key == "antiforgeryToken")
{
antiforgeryToken = queryParam.Value;
}
}
if (antiforgeryToken == null)
{
context.ErrorResult = new AuthenticationFailureResult(Strings.AntiforgeryTokenIsMissing, context.ActionContext.Request);
return(Task.FromResult(0));
}
if (!Antiforgery.ValidateToken("antiforgeryTokenGet", antiforgeryToken))
{
context.ErrorResult = new AuthenticationFailureResult(Strings.AntiforgeryTokenIsMissing, context.ActionContext.Request);
return(Task.FromResult(0));
}
return(Task.FromResult(antiforgeryToken));
}
public Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken)
{
var serializedRequest = context.Request.Content.ReadAsStringAsync().Result;
string antiforgeryToken = Serialization.Deserialize <dynamic>(serializedRequest).antiforgeryToken;
if (antiforgeryToken == null)
{
context.ErrorResult = new AuthenticationFailureResult(Strings.AntiforgeryTokenIsMissing, context.ActionContext.Request);
return(Task.FromResult(0));
}
if (!Antiforgery.ValidateToken("antiforgeryTokenPost", antiforgeryToken))
{
context.ErrorResult = new AuthenticationFailureResult(Strings.AntiforgeryTokenIsMissing, context.ActionContext.Request);
return(Task.FromResult(0));
}
return(Task.FromResult(antiforgeryToken));
}
