Example #1
0
        public async Task InvokeAsync(HttpContext httpContext, Ianvs::IanvsContext ianvsContext,
                                      IIanvsConfigurationStore ianvsConfiguration, AuthenticatorFactory authenticatorFactory)
        {
            // TODO: Implement Security
            // https://github.com/onyx-ws/ianvs/issues/8

            // Any security requirements?
            ianvsContext.Security = GetSecurityRequirements(ianvsContext);
            // Yes
            if (ianvsContext.Security?.Count > 0)
            {
                _logger.LogInformation($"{Environment.MachineName} {ianvsContext.RequestId} Authenticating request");
                AuthenticationResult authResult = await Authenticate(httpContext, ianvsContext, ianvsConfiguration, authenticatorFactory);

                if (!authResult.Authenticated)
                {
                    _logger.LogWarning($"{Environment.MachineName} {ianvsContext.RequestId} Request authentication failed");
                    _logger.LogWarning($"{Environment.MachineName} {ianvsContext.RequestId} Authentication Error: {authResult.Error}");
                    SetUnAuthorizedResponse(ianvsContext);
                    return;
                }
                else
                {
                    _logger.LogInformation($"{Environment.MachineName} {ianvsContext.RequestId} Request authenticated successfully");
                    ianvsContext.Principal = authResult.Principal;

                    _logger.LogInformation($"{Environment.MachineName} {ianvsContext.RequestId} Authorizing request");
                    authResult = await Authorize(httpContext, ianvsContext);

                    if (!authResult.Authenticated)
                    {
                        _logger.LogWarning($"{Environment.MachineName} {ianvsContext.RequestId} Request authorization failed");
                        _logger.LogWarning($"{Environment.MachineName} {ianvsContext.RequestId} Authorization Error: {authResult.Error}");
                        SetForbiddenResponse(ianvsContext);
                        return;
                    }
                    else
                    {
                        _logger.LogInformation($"{Environment.MachineName} {ianvsContext.RequestId} Request authorized successfully");
                    }
                }
            }
            // request authenticated or no security requirement
            await _next(httpContext);
        }
Example #2
0
        private async Task <AuthenticationResult> Authenticate(HttpContext httpContext, Common.IanvsContext ianvsContext,
                                                               IIanvsConfigurationStore ianvsConfiguration, AuthenticatorFactory authenticatorFactory)
        {
            // If multiple schemes are defined on the operation, only one can apply to the request; check which one
            foreach (Ianvs::SecurityRequirement securityRequirement in ianvsContext.Security)
            {
                Ianvs::SecurityScheme schemeDefinition = ianvsConfiguration.SecuritySchemes?
                                                         .Find(s => s.Name == securityRequirement.SchemeName);
                if (schemeDefinition != null)
                {
                    ianvsContext.SecurityScheme = schemeDefinition;
                    IAuthenticationHandler authenticator = authenticatorFactory.GetAuthenticator(ianvsContext.SecurityScheme);
                    if (authenticator.CanAuthenticate(httpContext, ianvsContext))
                    {
                        ianvsContext.SecurityRequirement = securityRequirement;
                        return(await authenticator.Authenticate(httpContext, ianvsContext));
                    }
                    ianvsContext.SecurityScheme = null;
                }
            }

            // Couldn't apply security requirements
            return(new AuthenticationResult()
            {
                Authenticated = false,
                Error = "No Matching Security Scheme"
            });
        }