public override void Execute(IHttpRequest req, IHttpResponse res, object requestDto)
{
if (AuthService.AuthProviders == null)
{
throw new InvalidOperationException("The AuthService must be initialized by calling "
+ "AuthService.Init to use an authenticate attribute");
}
var matchingOAuthConfigs = AuthService.AuthProviders.Where(x =>
this.Provider.IsNullOrEmpty() ||
x.Provider == this.Provider).ToList();
if (matchingOAuthConfigs.Count == 0)
{
res.WriteError(req, requestDto, "No OAuth Configs found matching {0} provider"
.Fmt(this.Provider ?? "any"));
res.Close();
return;
}
AuthenticateIfBasicAuth(req, res);
using (var cache = req.GetCacheClient())
{
var sessionId = req.GetSessionId();
var session = sessionId != null?cache.GetSession(sessionId) : null;
if (session == null || !matchingOAuthConfigs.Any(x => session.IsAuthorized(x.Provider)))
{
AuthProvider.HandleFailedAuth(matchingOAuthConfigs[0], session, req, res);
}
}
}
public static IAuthSession GetSession(this IHttpRequest httpReq, bool reload = false)
{
if (httpReq == null)
{
return(null);
}
object oSession = null;
if (!reload)
{
httpReq.Items.TryGetValue(RequestItemsSessionKey, out oSession);
}
if (oSession != null)
{
return((IAuthSession)oSession);
}
using (var cache = httpReq.GetCacheClient())
{
var session = GetSession(cache, httpReq.GetSessionId());
if (session != null)
{
httpReq.Items.Add(RequestItemsSessionKey, session);
}
return(session);
}
}
public static IAuthSession GetSession(this IHttpRequest httpReq, bool reload = false)
{
if (httpReq == null)
{
return(null);
}
object oSession = null;
if (!reload)
{
httpReq.Items.TryGetValue(RequestItemsSessionKey, out oSession);
}
if (oSession != null)
{
return((IAuthSession)oSession);
}
using (var cache = httpReq.GetCacheClient())
{
var sessionId = httpReq.GetSessionId();
var session = cache.Get <IAuthSession>(SessionFeature.GetSessionKey(sessionId));
if (session == null)
{
session = AuthService.CurrentSessionFactory();
session.Id = sessionId;
session.CreatedAt = session.LastModified = DateTime.UtcNow;
session.OnCreated(httpReq);
}
httpReq.Items.Add(RequestItemsSessionKey, session);
return(session);
}
}
public static void RemoveSession(this IHttpRequest httpReq)
{
if (httpReq == null) return;
using (var cache = httpReq.GetCacheClient())
{
var sessionKey = SessionFeature.GetSessionKey(httpReq.GetSessionId());
cache.Remove(sessionKey);
}
httpReq.Items.Remove(RequestItemsSessionKey);
}
public static void SaveSession(this IHttpRequest httpReq, IAuthSession session, TimeSpan? expiresIn = null)
{
if (httpReq == null) return;
using (var cache = httpReq.GetCacheClient())
{
var sessionKey = SessionFeature.GetSessionKey(httpReq.GetSessionId());
cache.CacheSet(sessionKey, session, expiresIn ?? AuthFeature.GetDefaultSessionExpiry());
}
httpReq.Items[RequestItemsSessionKey] = session;
}
public override void Execute(IHttpRequest req, IHttpResponse res, object requestDto)
{
if (AuthService.AuthProviders == null)
{
throw new InvalidOperationException("The AuthService must be initialized by calling "
+ "AuthService.Init to use an authenticate attribute");
}
var matchingOAuthConfigs = AuthService.AuthProviders.Where(x =>
this.Provider.IsNullOrEmpty() ||
x.Provider == this.Provider).ToList();
if (matchingOAuthConfigs.Count == 0)
{
res.WriteError(req, requestDto, "No OAuth Configs found matching {0} provider"
.Fmt(this.Provider ?? "any"));
res.EndServiceStackRequest();
return;
}
if (matchingOAuthConfigs.Any(x => x.Provider == DigestAuthProvider.Name))
{
AuthenticateIfDigestAuth(req, res);
}
if (matchingOAuthConfigs.Any(x => x.Provider == BasicAuthProvider.Name))
{
AuthenticateIfBasicAuth(req, res);
}
using (var cache = req.GetCacheClient())
{
var session = req.GetSession();
if (session == null || !matchingOAuthConfigs.Any(x => session.IsAuthorized(x.Provider)))
{
var htmlRedirect = HtmlRedirect ?? AuthService.HtmlRedirect;
if (htmlRedirect != null && req.ResponseContentType.MatchesContentType(ContentType.Html))
{
var url = htmlRedirect;
if (url.SafeSubstring(0, 2) == "~/")
{
url = req.GetBaseUrl().CombineWith(url.Substring(2));
}
url = url.AddQueryParam("redirect", req.AbsoluteUri);
res.RedirectToUrl(url);
return;
}
AuthProvider.HandleFailedAuth(matchingOAuthConfigs[0], session, req, res);
}
}
}
public override void Execute(IHttpRequest req, IHttpResponse res, object requestDto)
{
if (AuthService.AuthConfigs == null)
{
throw new InvalidOperationException("The AuthService must be initialized by calling "
+ "AuthService.Init to use an authenticate attribute");
}
var matchingOAuthConfigs = AuthService.AuthConfigs.Where(x =>
this.Provider.IsNullOrEmpty() ||
x.Provider == this.Provider).ToList();
if (matchingOAuthConfigs.Count == 0)
{
res.WriteError(req, requestDto, "No OAuth Configs found matching {0} provider"
.Fmt(this.Provider ?? "any"));
res.Close();
return;
}
var userPass = req.GetBasicAuthUserAndPassword();
if (userPass != null)
{
var authService = req.TryResolve <AuthService>();
authService.RequestContext = new HttpRequestContext(req, res, requestDto);
var response = authService.Post(new Auth.Auth {
provider = BasicAuthConfig.Name,
UserName = userPass.Value.Key,
Password = userPass.Value.Value
});
}
using (var cache = req.GetCacheClient())
{
var sessionId = req.GetPermanentSessionId();
var session = sessionId != null?cache.GetSession(sessionId) : null;
if (session == null || !matchingOAuthConfigs.Any(x => session.IsAuthorized(x.Provider)))
{
res.StatusCode = (int)HttpStatusCode.Unauthorized;
res.AddHeader(HttpHeaders.WwwAuthenticate, "{0} realm=\"{1}\""
.Fmt(matchingOAuthConfigs[0].Provider, matchingOAuthConfigs[0].AuthRealm));
res.Close();
}
}
}
public override void Execute(IHttpRequest req, IHttpResponse res, object requestDto)
{
if (AuthService.AuthProviders == null) throw new InvalidOperationException("The AuthService must be initialized by calling "
+ "AuthService.Init to use an authenticate attribute");
var matchingOAuthConfigs = AuthService.AuthProviders.Where(x =>
this.Provider.IsNullOrEmpty()
|| x.Provider == this.Provider).ToList();
if (matchingOAuthConfigs.Count == 0)
{
res.WriteError(req, requestDto, "No OAuth Configs found matching {0} provider"
.Fmt(this.Provider ?? "any"));
res.EndServiceStackRequest();
return;
}
if (matchingOAuthConfigs.Any(x => x.Provider == DigestAuthProvider.Name))
AuthenticateIfDigestAuth(req, res);
if (matchingOAuthConfigs.Any(x => x.Provider == BasicAuthProvider.Name))
AuthenticateIfBasicAuth(req, res);
using (var cache = req.GetCacheClient())
{
var session = req.GetSession();
if (session == null || !matchingOAuthConfigs.Any(x => session.IsAuthorized(x.Provider)))
{
var htmlRedirect = HtmlRedirect ?? AuthService.HtmlRedirect;
if (htmlRedirect != null && req.ResponseContentType.MatchesContentType(ContentType.Html))
{
var url = htmlRedirect;
if (url.SafeSubstring(0, 2) == "~/")
{
url = req.GetBaseUrl().CombineWith(url.Substring(2));
}
url = url.AddQueryParam("redirect", req.AbsoluteUri);
res.RedirectToUrl(url);
return;
}
AuthProvider.HandleFailedAuth(matchingOAuthConfigs[0], session, req, res);
}
}
}
public override void Execute(IHttpRequest req, IHttpResponse res, object requestDto)
{
if (AuthService.AuthProviders == null) throw new InvalidOperationException("The AuthService must be initialized by calling "
+ "AuthService.Init to use an authenticate attribute");
var matchingOAuthConfigs = AuthService.AuthProviders.Where(x =>
this.Provider.IsNullOrEmpty()
|| x.Provider == this.Provider).ToList();
if (matchingOAuthConfigs.Count == 0)
{
res.WriteError(req, requestDto, "No OAuth Configs found matching {0} provider"
.Fmt(this.Provider ?? "any"));
res.Close();
return;
}
AuthenticateIfDigestAuth(req, res);
AuthenticateIfBasicAuth(req, res);
using (var cache = req.GetCacheClient())
{
var sessionId = req.GetSessionId();
var session = sessionId != null ? cache.GetSession(sessionId) : null;
if (session == null || !matchingOAuthConfigs.Any(x => session.IsAuthorized(x.Provider)))
{
AuthProvider.HandleFailedAuth(matchingOAuthConfigs[0], session, req, res);
}
}
}
public override void Execute(IHttpRequest req, IHttpResponse res, object requestDto)
{
if (AuthService.AuthConfigs == null) throw new InvalidOperationException("The AuthService must be initialized by calling "
+ "AuthService.Init to use an authenticate attribute");
var matchingOAuthConfigs = AuthService.AuthConfigs.Where(x =>
this.Provider.IsNullOrEmpty()
|| x.Provider == this.Provider).ToList();
if (matchingOAuthConfigs.Count == 0)
{
res.WriteError(req, requestDto, "No OAuth Configs found matching {0} provider"
.Fmt(this.Provider ?? "any"));
res.Close();
return;
}
var userPass = req.GetBasicAuthUserAndPassword();
if (userPass != null)
{
var authService = req.TryResolve<AuthService>();
authService.RequestContext = new HttpRequestContext(req, res, requestDto);
var response = authService.Post(new Auth.Auth {
provider = BasicAuthConfig.Name,
UserName = userPass.Value.Key,
Password = userPass.Value.Value
});
}
using (var cache = req.GetCacheClient())
{
var sessionId = req.GetPermanentSessionId();
var session = sessionId != null ? cache.GetSession(sessionId) : null;
if (session == null || !matchingOAuthConfigs.Any(x => session.IsAuthorized(x.Provider)))
{
res.StatusCode = (int)HttpStatusCode.Unauthorized;
res.AddHeader(HttpHeaders.WwwAuthenticate, "{0} realm=\"{1}\""
.Fmt(matchingOAuthConfigs[0].Provider, matchingOAuthConfigs[0].AuthRealm));
res.Close();
}
}
}
