private NuGetAuthenticationResult Fail(string message, bool includeRealm) { var realm = includeRealm ? $"{_settings.ServerName} Package Registry" : null; _logger.LogWarning($"Failed login from {Connection.RemoteIpAddress} (Realm: {realm})\n{message}"); return(NuGetAuthenticationResult.Fail(message, _settings.ServerName, realm)); }
protected override async Task <NuGetAuthenticationResult> IsAuthorized(IPackageAuthenticationService authenticationService) { GetUserCredentials(out var username, out var password); var result = await authenticationService.AuthenticateAsync(username, password, default); if (!result.Succeeded && string.IsNullOrEmpty(result.Realm)) { return(NuGetAuthenticationResult.Fail(result.Message, result.Server, "AvantiPoint Package Feed")); } return(result); }
private void SetFailedResponse(ActionExecutingContext context, NuGetAuthenticationResult result) { if (!string.IsNullOrEmpty(result.Realm)) { context.HttpContext.Response.Headers.Add("Www-Authenticate", GetRealm(result.Realm)); } context.HttpContext.Response.Headers.Add("X-Frame-Options", "Deny"); context.HttpContext.Response.Headers.Add("X-Nuget-Warning", result.Message); context.HttpContext.Response.Headers.Add("Server", result.Server); context.HttpContext.Response.StatusCode = 401; }
private NuGetAuthenticationResult Authenticate(string apiKey) { // No authentication is necessary if there is no required API key. if (string.IsNullOrEmpty(_apiKey)) { return(NuGetAuthenticationResult.Success()); } if (string.IsNullOrEmpty(apiKey)) { return(NuGetAuthenticationResult.Fail("No Api Token provided.", "AvantiPoint Package Server")); } return(_apiKey == apiKey?NuGetAuthenticationResult.Success() : NuGetAuthenticationResult.Fail("Invalid Api Token provided.", "AvantiPoint Package Server")); }
private NuGetAuthenticationResult CreateResult(AuthToken token, bool includeRealm) { if (token is null || !token.IsValid()) { return(Fail("Invalid Token or Credentials", includeRealm)); } var identity = new ClaimsIdentity("GitHub Auth"); identity.AddClaim(new Claim(ClaimTypes.Name, token.User.Name)); identity.AddClaim(new Claim(ClaimTypes.Email, token.User.Email)); identity.AddClaim(new Claim(FeedClaims.Token, token.Key)); identity.AddClaim(new Claim(FeedClaims.TokenDescription, token.Description)); identity.AddClaim(new Claim(ClaimTypes.Role, FeedRoles.Consumer)); if (token.User.PackagePublisher) { identity.AddClaim(new Claim(ClaimTypes.Role, FeedRoles.Publisher)); } _logger.LogInformation($"Authenticated user: {token.User.Name} from {Connection.RemoteIpAddress}."); return(NuGetAuthenticationResult.Success(new ClaimsPrincipal(identity))); }
public Task <NuGetAuthenticationResult> AuthenticateAsync(string username, string token, CancellationToken cancellationToken) => Task.FromResult(NuGetAuthenticationResult.Success());
public Task <NuGetAuthenticationResult> AuthenticateAsync(string username, string token, CancellationToken cancellationToken) { var result = username == "skroob" && token == "12345" ? NuGetAuthenticationResult.Success(DemoUser) : NuGetAuthenticationResult.Fail("Invalid username or token", "Demo Authenticated Feed"); return(Task.FromResult(result)); }
public Task <NuGetAuthenticationResult> AuthenticateAsync(string apiKey, CancellationToken cancellationToken) { var result = apiKey == "12345" ? NuGetAuthenticationResult.Success(DemoUser) : NuGetAuthenticationResult.Fail("Unauthorized apiKey", "Demo Authenticated Feed"); return(Task.FromResult(result)); }