public async Task AuthorizeAsync(WebJobAuthorizationContext context) { if (context is null) { throw new ArgumentNullException(nameof(context)); } if (context.HttpContext.Items.ContainsKey(AuthInvokedKey)) { return; } var effectivePolicy = await this.ComputePolicyAsync(); if (effectivePolicy is null) { return; } var httpContext = context.HttpContext; await this.AuthenticateRequestAsync(context); var evaluator = httpContext.RequestServices.GetRequiredService <IPolicyEvaluator>(); var authenticateResult = await evaluator.AuthenticateAsync(effectivePolicy, context.HttpContext); var authorizeResult = await evaluator.AuthorizeAsync(effectivePolicy, authenticateResult, context.HttpContext, context); if (authorizeResult.Challenged) { context.Result = new ChallengeResult(effectivePolicy.AuthenticationSchemes.ToArray()); } else if (authorizeResult.Forbidden) { context.Result = new ForbidResult(effectivePolicy.AuthenticationSchemes.ToArray()); } }
private async Task <AuthenticateResult> AuthenticateRequestAsync(WebJobAuthorizationContext context) { var httpContext = context.HttpContext; var handlers = httpContext.RequestServices.GetService <IAuthenticationHandlerProvider>(); foreach (var scheme in await this.SchemeProvider.GetRequestHandlerSchemesAsync()) { var handler = await handlers.GetHandlerAsync(httpContext, scheme.Name) as IAuthenticationRequestHandler; if (handler != null) { var result = await handler.AuthenticateAsync(); if (result.Succeeded) { httpContext.User = result.Principal; return(result); } } } var defaultAuthenticate = await this.SchemeProvider.GetDefaultAuthenticateSchemeAsync(); if (defaultAuthenticate != null) { var result = await httpContext.AuthenticateAsync(defaultAuthenticate.Name); if (result?.Principal != null) { httpContext.User = result.Principal; return(result); } } return(AuthenticateResult.NoResult()); }