internal static AuthenticationInternalResult ExecuteCAS(HttpContext httpContext)
{
lock (CASLocker)
{
if (casAuthenticatorData == null)
{
IAuthenticatorMethodCache cache = httpContext.RequestServices.GetRequiredService <IAuthenticatorMethodCache>();
casAuthenticatorData = cache.Get(typeof(CASAuthenticator));
}
return(ExecuteAuthenticator(httpContext, casAuthenticatorData));
}
}
internal AuthenticationInternalResult Authenticate(HttpContext httpContext)
{
if (authenticators.Length <= 0)
{
return(null);
}
IAuthenticatorMethodCache cache = httpContext.RequestServices.GetRequiredService <IAuthenticatorMethodCache>();
foreach (Type authenticator in authenticators)
{
if (AuthenticationHelper.IsValidAuthenticator(cache, authenticator, out AuthenticatorMetadata metadata))
{
AuthenticationInternalResult result = AuthenticationHelper.ExecuteAuthenticator(httpContext, metadata);
if (result != null)
{
return(result);
}
}
}
return(null);
}
internal static bool IsValidAuthenticator(IAuthenticatorMethodCache cache, Type authenticator, out AuthenticatorMetadata authenticateMethod)
{
authenticateMethod = cache.Get(authenticator);
return(authenticateMethod != null);
}
// if casResult == null, the url does not contain ticket
private static void CheckRequestUrl(HttpContext httpContext, out AuthenticationInternalResult casResult)
{
HttpRequest request = httpContext.Request;
ICASOption option = httpContext.RequestServices.GetRequiredService <ICASOption>();
IQueryCollection query = request.Query;
string rawurl = request.GetDisplayUrl();
if (query.TryGetValue("ticket", out StringValues ticketValue))
{
string ticket = ticketValue.ToArray()[0];
string url = request.GetDisplayUrl();
// remove ticket
url = Regex.Replace(url, @"ticket\=[^\&]+\&?", "");
while (url[url.Length - 1] == '&' || url[url.Length - 1] == '?')
{
url = url.Substring(0, url.Length - 1);
}
string querystr = request.QueryString.Value;
querystr = Regex.Replace(querystr, @"ticket\=[^\&]+\&?", "");
while (querystr.Length > 0 && (querystr[querystr.Length - 1] == '&' || querystr[querystr.Length - 1] == '?'))
{
querystr = querystr.Substring(0, querystr.Length - 1);
}
string url_not_escaped = url;
url = url.EscapeAll();
string target = $"{option.ValidateUrl}?service={url}&ticket={ticket}";
request.QueryString = new QueryString(querystr);
// validate
// if true, set session
try
{
HttpClient client = new HttpClient();
HttpRequestMessage validateRequest = new HttpRequestMessage()
{
Method = HttpMethod.Get,
RequestUri = new Uri(target)
};
validateRequest.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue(option.ResponseAccept));
using (HttpResponseMessage response = client.SendAsync(validateRequest).GetAwaiter().GetResult())
{
if (response.StatusCode == System.Net.HttpStatusCode.OK)
{
string message = response.Content.ReadAsStringAsync().GetAwaiter().GetResult();
Type handlerType = option.ResponseHandler;
ICASResponseHandler handler = (ICASResponseHandler)ActivatorUtilities.CreateInstance(httpContext.RequestServices, handlerType);
IUser user = handler.Invoke(httpContext, message, url_not_escaped, out string redirect_url);
if (redirect_url != null)
{
casResult = new AuthenticationInternalResult(false, redirect_url, null, null);
return;
}
if (user == null)
{
casResult = new AuthenticationInternalResult(true, null, null, null);
return;
}
else
{
lock (CASLocker)
{
if (casAuthenticatorData == null)
{
IAuthenticatorMethodCache cache = httpContext.RequestServices.GetRequiredService <IAuthenticatorMethodCache>();
casAuthenticatorData = cache.Get(typeof(CASAuthenticator));
}
}
casResult = new AuthenticationInternalResult(false, null, user, casAuthenticatorData);
return;
}
}
}
}
catch
{
casResult = null;
}
}
casResult = null;
}
