public static bool TryExtract(BindingParameterCollection collection, out AuthenticationSchemes authenticationSchemes) { Fx.Assert(collection != null, "collection != null"); authenticationSchemes = AuthenticationSchemes.None; AuthenticationSchemesBindingParameter instance = collection.Find <AuthenticationSchemesBindingParameter>(); if (instance != null) { authenticationSchemes = instance.AuthenticationSchemes; return(true); } return(false); }
internal static AuthenticationSchemes GetEffectiveAuthenticationSchemes(AuthenticationSchemes currentAuthenticationSchemes, BindingParameterCollection bindingParameters) { if (bindingParameters == null) { return(currentAuthenticationSchemes); } AuthenticationSchemes hostSupportedAuthenticationSchemes; if (!AuthenticationSchemesBindingParameter.TryExtract(bindingParameters, out hostSupportedAuthenticationSchemes)) { return(currentAuthenticationSchemes); } if (currentAuthenticationSchemes == AuthenticationSchemes.None || (AspNetEnvironment.Current.IsMetadataListener(bindingParameters) && currentAuthenticationSchemes == AuthenticationSchemes.Anonymous && hostSupportedAuthenticationSchemes.IsNotSet(AuthenticationSchemes.Anonymous))) { //Inherit authentication schemes from host. //This logic of inheriting from the host for anonymous MEX endpoints was previously implemented in HostedAspNetEnvironment.ValidateHttpSettings. //We moved it here to maintain the pre-multi-auth behavior. (see CSDMain 183553) if (!hostSupportedAuthenticationSchemes.IsSingleton() && hostSupportedAuthenticationSchemes.IsSet(AuthenticationSchemes.Anonymous) && AspNetEnvironment.Current.AspNetCompatibilityEnabled && AspNetEnvironment.Current.IsSimpleApplicationHost && AspNetEnvironment.Current.IsWindowsAuthenticationConfigured()) { // Remove Anonymous if ASP.Net authentication mode is Windows (Asp.Net would not allow anonymous requests in this case anyway) hostSupportedAuthenticationSchemes ^= AuthenticationSchemes.Anonymous; } return(hostSupportedAuthenticationSchemes); } else { //build intersection between AuthenticationSchemes supported on the HttpTransportbidningELement and ServiceHost/IIS return(currentAuthenticationSchemes & hostSupportedAuthenticationSchemes); } }
protected void UpdateAuthenticationSchemes(BindingContext context) { if (context == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context"); } AuthenticationSchemes effectiveAutheSchemes = HttpTransportBindingElement.GetEffectiveAuthenticationSchemes(this.AuthenticationScheme, context.BindingParameters); if (effectiveAutheSchemes == AuthenticationSchemes.None) { #pragma warning suppress 56506 // Microsoft, context.Binding will never be null. string bindingName = context.Binding.Name; if (this.AuthenticationScheme == AuthenticationSchemes.None) { //can't inherit from host because none were configured. //We are throwing a "NotSupportedException" to be consistent with the type of exception that was thrown in this scenario, //before the multi-auth feature, in HostedAspNetEnvironment.ValidateHttpSettings. throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException(SR.GetString(SR.AuthenticationSchemesCannotBeInheritedFromHost, bindingName))); } else { //settings configured on the host and binding conflict. AuthenticationSchemes hostSchemes; if (!AuthenticationSchemesBindingParameter.TryExtract(context.BindingParameters, out hostSchemes)) { //The host/binding settings can only conflict if host has settings specified, so we should never //hit this line of code DiagnosticUtility.DebugAssert("Failed to find AuthenticationSchemesBindingParameter"); } //We are throwing a "NotSupportedException" to be consistent with the type of exception that was thrown in this scenario, //before the multi-auth feature, in HostedAspNetEnvironment.ValidateHttpSettings. throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException(SR.GetString(SR.AuthenticationSchemes_BindingAndHostConflict, hostSchemes, bindingName, this.AuthenticationScheme))); } } this.AuthenticationScheme = effectiveAutheSchemes; }