public override void OnAuthorization(HttpActionContext actionContext)
{
//如果当前为HTTPS请求,授权通过
if (actionContext.Request.RequestUri.Scheme == Uri.UriSchemeHttps)
{
base.OnAuthorization(actionContext);
return;
}
//对于HTTP-GET请求,将Scheme替换成https进行重定向
if (actionContext.Request.Method == HttpMethod.Get)
{
Uri requestUri = actionContext.Request.RequestUri;
string location = string.Format("https://{0}/{1}", requestUri.Host, requestUri.LocalPath.TrimStart('/'));
IHttpActionResult actionResult = new RedirectResult(new Uri(location), actionContext.Request);
actionContext.Response = actionResult.ExecuteAsync(new CancellationToken()).Result;
return;
}
//采用其他HTTP方法的请求被视为Bad Request
actionContext.Response = new HttpResponseMessage(HttpStatusCode.BadRequest)
{
ReasonPhrase = "SSL Required"
};
}
/// <summary>
///
/// </summary>
/// <param name="controller"></param>
/// <param name="url"></param>
/// <returns></returns>
public static RedirectResult ApiRedirectResult(this ApiController controller, string url)
{
Uri tempUri = new Uri(url);
var result = new System.Web.Http.Results.RedirectResult(tempUri, controller);
return(result);
}
/// <summary>
/// Generate the reponse async
/// </summary>
/// <param name="message">The request input message</param>
/// <param name="result">The validation result</param>
/// <param name="request">The original http request</param>
/// <returns></returns>
public async Task<IHttpActionResult> GenerateResponseAsync(SignInRequestMessage message, SignInValidationResult result,HttpRequestMessage request)
{
Logger.Info("Creating SiteFinity signin response");
var principal = new ClaimsPrincipal(result.Subject);
var identity = ClaimsPrincipal.PrimaryIdentitySelector(principal.Identities);
var token = CreateToken(identity.Name, identity.Claims, result);
NameValueCollection queryString;
if (!String.IsNullOrEmpty(result.ReplyUrl))
{
string path;
var idx = result.ReplyUrl.IndexOf('?');
if (idx != -1)
{
path = result.ReplyUrl.Substring(0, idx);
queryString = ParseQueryString(result.ReplyUrl.Substring(idx + 1));
}
else
{
path = result.ReplyUrl;
queryString = new NameValueCollection();
}
WrapSWT(queryString, token, message.Deflate);
path = String.Concat(path, ToQueryString(queryString));
var uri = new Uri(new Uri(result.Realm), path);
var redirectResult = new RedirectResult(uri,request);
return redirectResult;
}
queryString = new NameValueCollection();
WrapSWT(queryString, token, message.Deflate);
var content = new StringContent(ToQueryString(queryString, false), Encoding.UTF8,"application/x-www-form-urlencoded");
var responseMessage = request.CreateResponse(HttpStatusCode.OK,content);
return new ResponseMessageResult(responseMessage);
}
