private async Task <AuthenticationResult> Authenticate(HttpContext httpContext, Common.IanvsContext ianvsContext, IIanvsConfigurationStore ianvsConfiguration, AuthenticatorFactory authenticatorFactory) { // If multiple schemes are defined on the operation, only one can apply to the request; check which one foreach (Ianvs::SecurityRequirement securityRequirement in ianvsContext.Security) { Ianvs::SecurityScheme schemeDefinition = ianvsConfiguration.SecuritySchemes? .Find(s => s.Name == securityRequirement.SchemeName); if (schemeDefinition != null) { ianvsContext.SecurityScheme = schemeDefinition; IAuthenticationHandler authenticator = authenticatorFactory.GetAuthenticator(ianvsContext.SecurityScheme); if (authenticator.CanAuthenticate(httpContext, ianvsContext)) { ianvsContext.SecurityRequirement = securityRequirement; return(await authenticator.Authenticate(httpContext, ianvsContext)); } ianvsContext.SecurityScheme = null; } } // Couldn't apply security requirements return(new AuthenticationResult() { Authenticated = false, Error = "No Matching Security Scheme" }); }
public async Task <IActionResult> Authenticate([FromBody] AuthenticationRequest authenticationRequest) { try { return(Ok(await _authenticationHandler.Authenticate(authenticationRequest))); } catch (AuthenticationException) { return(Unauthorized()); } }
/// <summary> /// Authenticates the message. /// </summary> /// <param name="request">The current request instance.</param> /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The response for the request. /// </returns> protected async override Task <HttpResponseMessage> SendAsync( HttpRequestMessage request, CancellationToken cancellationToken) { IAuthenticationHandler authenticationHandler = null; AuthenticationResult authenticationResult = null; if (request.Headers.Authorization != null && this.IsAuthenticationHandlerAvailableForScheme(request.Headers.Authorization.Scheme)) { authenticationHandler = this.authenticationHandlerDictionary[request.Headers.Authorization.Scheme]; authenticationResult = authenticationHandler.Authenticate(request); this.LogAuthenticationResult(authenticationResult); if (authenticationResult.IsAuthenticated) { this.SetPrincipal(request, authenticationResult.Principal); } } HttpResponseMessage response = await base.SendAsync(request, cancellationToken); // Try to suppress response content when the cancellation token has fired; ASP.NET will log to the Application event log if there's content in this case. if (cancellationToken.IsCancellationRequested) { response = new HttpResponseMessage(response.StatusCode); } // if the authentication result contains an explicit return status then create the response based on that if (authenticationResult != null && authenticationResult.ReturnStatus.HasValue) { response = new HttpResponseMessage(authenticationResult.ReturnStatus.Value); response.Content = new StringContent(authenticationResult.ErrorMessage); } if (authenticationHandler != null) { authenticationHandler.HandleResponse(request, response, authenticationResult.Principal); } return(response); }
public async Task Authenticate( string[] authenticationTypes, AuthenticateCallback callback, object state) { if (authenticationTypes == null) { callback(null, null, _handler.Description.Properties, state); } else if (authenticationTypes.Contains(_handler.AuthenticationType, StringComparer.Ordinal)) { AuthenticationTicket ticket = await _handler.Authenticate(); if (ticket != null) { callback(ticket.Identity, ticket.Extra.Properties, _handler.Description.Properties, state); } } if (Chained != null) { await Chained(authenticationTypes, callback, state); } }