Example #1
0
        private void FileWebDAVModule_Authentication(object sender, AuthenticationArgs e)
        {
            e.Realm = "File WebDAV Module Example";

            //For this example, always process requests...
            e.ProcessAuthorization = true;
        }
Example #2
0
		private void FileWebDAVModule_Authentication(object sender, AuthenticationArgs e)
		{
            String solutionName = SolutionFromUri(e.RequestUri);
            if(!String.IsNullOrEmpty(solutionName))
            {
                e.ProcessAuthorization = true;
                e.Realm = solutionName;
            }
            else
                e.ProcessAuthorization = false;
		}
Example #3
0
		/// <summary>
		/// Authorization event arguments
		/// </summary>
		/// <param name="authArgs"></param>
		public AuthorizationArgs(AuthenticationArgs authArgs)
		{
			this.AuthenticationInfo = authArgs;
		}
Example #4
0
 /// <summary>
 /// Authorization event arguments
 /// </summary>
 /// <param name="authArgs"></param>
 internal AuthorizationArgs(AuthenticationArgs authArgs)
 {
     this.AuthenticationInfo = authArgs;
 }
Example #5
0
 /// <summary>
 /// Raises the Authenticate event
 /// </summary>
 private void OnAuthenticateRequest(AuthenticationArgs e)
 {
     if (this.AuthenticateRequest != null)
         this.AuthenticateRequest(this, e);
 }
Example #6
0
        private void context_AuthenticateRequest(object sender, EventArgs e)
        {
            bool _requestAuthorized = true;
            var _httpApp = (HttpApplication)sender;

            //Since we are processing all wildcards...
            //	The web project will not load if we intercept its request.
            //	Therefore... if the User-Agent is the studio... do nothing
            if (_httpApp.Request.Headers["User-Agent"] != null && !_httpApp.Request.Headers["User-Agent"].StartsWith("Microsoft-Visual-Studio.NET"))
            {
                //Check to see if the request needs to be authenticated
                if (this.ModuleAuthentication != Authentication.None)
                {
                    var _authArgs = new AuthenticationArgs(_httpApp.Request.Url, "", this.ModuleAuthentication);
                    var _authorizationArgs = new AuthorizationArgs(_authArgs);

                    //Fire the event
                    this.OnAuthenticateRequest(_authArgs);

                    if (_authArgs.ProcessAuthorization)
                    {
                        _httpApp.Context.Items["WebDAVModule_AuthArgs"] = _authArgs;

                        string _authStr = _httpApp.Request.Headers["Authorization"];
                        switch (this.ModuleAuthentication)
                        {
                            case Authentication.Basic:
                                //By default the request is not authorized
                                _requestAuthorized = false;
                                if (!string.IsNullOrEmpty(_authStr) && _authStr.StartsWith("Basic"))
                                {
                                    byte[] _decodedBytes = Convert.FromBase64String(_authStr.Substring(6));
                                    string[] _authInfo = System.Text.Encoding.ASCII.GetString(_decodedBytes).Split(':');

                                    var _basicAuthArgs = new BasicAuthorizationArgs(_authInfo[0], _authInfo[1], _authArgs.Realm);

                                    //Set the authorization username
                                    _authorizationArgs.UserName = _basicAuthArgs.UserName;

                                    //Fire the event
                                    this.OnBasicAuthorization(_basicAuthArgs);

                                    if (_basicAuthArgs.Authorized)
                                    {
                                        _requestAuthorized = true;
                                        _httpApp.Context.User = new GenericPrincipal(new GenericIdentity(_basicAuthArgs.UserName, "Basic"), null);
                                    }

                                    _authorizationArgs.RequestAuthorized = _requestAuthorized;

                                    //Fire the event
                                    this.OnAuthorizationComplete(_authorizationArgs);
                                }
                                break;

                            case Authentication.Digest:
                                //By default the request is not authorized
                                _requestAuthorized = false;
                                if (!string.IsNullOrEmpty(_authStr) && _authStr.StartsWith("Digest"))
                                {
                                    _authStr = _authStr.Substring(7);

                                    var _authItems = new SortedList<string, string>();
                                    foreach (string _authItem in _authStr.Split(','))
                                    {
                                        string[] _authItemArray = _authItem.Split('=');
                                        string _authKey = _authItemArray[0].Trim(new char[] { ' ', '\"' });
                                        string _authValue = _authItemArray[1].Trim(new char[] { ' ', '\"' });

                                        _authItems[_authKey] = _authValue;
                                    }

                                    var _digestAuthArgs = new DigestAuthorizationArgs(_authItems["username"], _authItems["realm"]);

                                    //Set the authorization username
                                    _authorizationArgs.UserName = _digestAuthArgs.UserName;

                                    //Fire the event
                                    this.OnDigestAuthorization(_digestAuthArgs);

                                    //Validate password
                                    string _userInfo = String.Format("{0}:{1}:{2}", _authItems["username"], _authArgs.Realm, _digestAuthArgs.Password);
                                    string _hashedUserInfo = GetMD5HashBinHex(_userInfo);

                                    string _uriInfo = String.Format("{0}:{1}", _httpApp.Request.HttpMethod, _authItems["uri"]);
                                    string _hashedUriInfo = GetMD5HashBinHex(_uriInfo);

                                    string _nonceInfo = null;
                                    if (_authItems.ContainsKey("qop"))
                                    {
                                        _nonceInfo = String.Format
                                                        (
                                                            "{0}:{1}:{2}:{3}:{4}:{5}",
                                                            new object[] {
                                                                _hashedUserInfo,
                                                                _authItems["nonce"],
                                                                _authItems["nc"],
                                                                _authItems["cnonce"],
                                                                _authItems["qop"],
                                                                _hashedUriInfo
                                                            }
                                                        );
                                    }
                                    else
                                    {
                                        _nonceInfo = String.Format
                                                        (
                                                            "{0}:{1}:{2}",
                                                            _hashedUserInfo,
                                                            _authItems["nonce"],
                                                            _hashedUriInfo
                                                        );
                                    }

                                    string _hashedNonceInfo = GetMD5HashBinHex(_nonceInfo);

                                    bool _staleNonce = !this.IsValidNonce(_authItems["nonce"]);
                                    _httpApp.Context.Items["WebDAVModule_DigestStaleNonce"] = _staleNonce;

                                    if (_authItems["response"] == _hashedNonceInfo && !_staleNonce)
                                    {
                                        _requestAuthorized = true;
                                        _httpApp.Context.User = new GenericPrincipal(new GenericIdentity(_digestAuthArgs.UserName, "Digest"), null);
                                    }

                                    _authorizationArgs.RequestAuthorized = _requestAuthorized;

                                    //Fire the event
                                    this.OnAuthorizationComplete(_authorizationArgs);
                                }
                                break;
                        }
                    }
                }

                if (!_requestAuthorized)
                    DenyAccess(_httpApp);
                else
                {
                    //Check to see if we should process the request
                    var _processRequestArgs = new DavProcessRequestArgs(_httpApp.Context, this.IsWebDAVRequest);

                    //Fire the event
                    this.OnProcessRequest(_processRequestArgs);

                    if (_processRequestArgs.ProcessRequest)
                    {
                        if (!string.IsNullOrEmpty(this.DebugFilePath))
                            WebDavProcessor.DebugFilePath = this.DebugFilePath;

                        this.WebDavProcessor.ProcessRequest(_httpApp);
                    }

                    //Fire the event
                    this.OnRequestProcessed();
                }
            }
        }
Example #7
0
 /// <summary>
 /// Authorization event arguments
 /// </summary>
 /// <param name="authArgs"></param>
 public AuthorizationArgs(AuthenticationArgs authArgs)
 {
     this.AuthenticationInfo = authArgs;
 }