protected override Task <AuthenticateResult> HandleAuthenticateAsync()
{
var config = Context.Items.Get <StormpathConfiguration>(OwinKeys.StormpathConfiguration);
var scheme = Context.Items.Get <string>(OwinKeys.StormpathUserScheme);
var account = Context.Items.Get <IAccount>(OwinKeys.StormpathUser);
var deleteCookieAction = new Action <WebCookieConfiguration>(cookie =>
{
Response.Cookies.Delete(cookie.Name, new CookieOptions()
{
Domain = cookie.Domain,
Path = cookie.Path
});
});
var setStatusCodeAction = new Action <int>(code => Response.StatusCode = code);
var redirectAction = new Action <string>(location => Response.Redirect(location));
this.handler = new RouteProtector(
config.Web,
deleteCookieAction,
setStatusCodeAction,
redirectAction,
this.stormpathLogger);
if (!this.handler.IsAuthenticated(scheme, Options.AuthenticationScheme, account))
{
return(Task.FromResult(AuthenticateResult.Fail("Request is not properly authenticated.")));
}
var principal = AccountIdentityTransformer.CreatePrincipal(account, scheme);
var ticket = new AuthenticationTicket(principal, new AuthenticationProperties(), scheme);
return(Task.FromResult(AuthenticateResult.Success(ticket)));
}
private static void GetUserIdentity(HttpContext httpContext, ILogger logger)
{
var config = httpContext.Items.Get <StormpathConfiguration>(OwinKeys.StormpathConfiguration);
var scheme = httpContext.Items.Get <string>(OwinKeys.StormpathUserScheme);
var account = httpContext.Items.Get <IAccount>(OwinKeys.StormpathUser);
var handler = new RouteProtector(config.Web, null, null, null, logger);
var isAuthenticatedRequest = handler.IsAuthenticated(scheme, scheme, account);
if (isAuthenticatedRequest)
{
httpContext.User = AccountIdentityTransformer.CreatePrincipal(account, scheme);
}
if (httpContext.User == null)
{
httpContext.User = new GenericPrincipal(new GenericIdentity(""), new string[0]);
}
}
