public bool Authenticated(out object delegateResponse) { AuthenticationSettings settings = _context.AuthenticationSettings; ChannelAuthenticationSchemes scheme = settings.Schema; bool authenticated = false; delegateResponse = null; if (scheme == ChannelAuthenticationSchemes.Basic) { IPrincipal principal = GetBasicPrincipal(out string username, out string password); if (principal == null) { throw new ChannelCredentialsException("Missing or malformed basic authentication header"); } PropertyInfo basicDelegate = GetNotNullDelegate(); delegateResponse = ResolveBasicDelegate(basicDelegate, username, password, out authenticated); } else { IPrincipal principal = GetTokenPrincipal(out string token); if (principal == null) { throw new ChannelCredentialsException("Missing or malformed token authentication header"); } PropertyInfo tokenDelegate = GetNotNullDelegate(); delegateResponse = ResolveTokenDelegate(tokenDelegate, token, out authenticated); } return(authenticated); }
/// <summary> /// Function that will do Authentication and Authenticationorization /// </summary> /// <param name="context">Current HttpListenerContext </param> /// <param name="Schemes">AuthenticationSchemes</param> /// <exception cref="ChannelCredentialsException"></exception> /// <returns>True if user is Authenticationenticated and Authenticationorized , False if not</returns> public bool AuthenticatedAndAuthorized(HttpListenerContext context, ChannelAuthenticationSchemes Schemes) { if (Schemes == ChannelAuthenticationSchemes.Token) { string token = string.Empty; bool isToken = HttpListenerIdentityMiddleware.IsTokenHeader(context.Request, out token); if (isToken) { IPrincipal tokenIdentity = HttpListenerIdentityMiddleware.ParseTokenAuthentication(token); return(AuthenticateRequest(tokenIdentity.Identity, Schemes)); } else { throw new ChannelCredentialsException("Malformed or missing header for the token Authentication"); } } else { string username = string.Empty; string password = string.Empty; bool isBasic = HttpListenerIdentityMiddleware.IsBasicHeader(context.Request, out username, out password); if (isBasic) { IPrincipal basicIdentity = HttpListenerIdentityMiddleware.ParseBasicAuthentication(username, password); return(AuthenticateRequest(basicIdentity.Identity, ChannelAuthenticationSchemes.Basic)); } throw new ChannelCredentialsException("Malformed or missing header for the basic Authentication"); } }
public void FailedAuthenticationResponse(ChannelAuthenticationSchemes ChannelSchema, HttpListenerResponse response) { LogChannel.Write(LogSeverity.Info, "Authentication failed...Exiting"); IChannelMessage msg = new ChannelMessage() { Success = false, Message = $"You need to provide {ChannelSchema.ToString()} authentication" }; string outputString = JsonConvert.SerializeObject(msg, Formatting.Indented); using (StreamWriter writer = new StreamWriter(response.OutputStream)) { writer.WriteLine(outputString); } }
internal bool AuthenticateRequest(IIdentity identity, ChannelAuthenticationSchemes AuthenticationSchema) { if (identity == null) { throw new ChannelCredentialsException("Credentials are not provided"); } else { if (AuthenticationSchema == ChannelAuthenticationSchemes.Basic) { KeyValuePair <string, string> userCredentials = GetCredentialsForBasicAuthentication(identity); return(BasicAuthenticationMethod.Invoke(userCredentials.Key, userCredentials.Value)); } else { string token = GetCredentialsForTokenAuthentication(identity); return(TokenAuthenticationMethod.Invoke(token)); } } }
/// <summary> /// Method to be used and Auth Type /// </summary> /// <param name="Schemes">Specified Auth Type for ChannelMethod</param> /// <param name="HttpMethod">Http Method</param> /// <param name="Description">Description to be used in documentation tool</param> public ChannelMethodAttribute(ChannelAuthenticationSchemes Schemes, ChannelHttpMethod HttpMethod, string Description = null) { Schema = Schemes; this.HttpMethod = HttpMethod; this.Description = Description; }
/// <summary> /// Auth Type /// </summary> /// <param name="Schemes">Specified Auth Type for ChannelMethod</param> /// <param name="Description">Description to be used in documentation tool</param> public ChannelMethodAttribute(ChannelAuthenticationSchemes Schemes, string Description = null) { Schema = Schemes; HttpMethod = ChannelHttpMethod.Unknown; this.Description = Description; }
public ChannelConfigurationInfo Configure(HttpListener httpChannel, Type channel, MethodInfo method, string baseURL) { ChannelEndpoint endpoint = new ChannelEndpoint(); ChannelAttribute channelAttr = channel.GetCustomAttribute <ChannelAttribute>(); if (!String.IsNullOrEmpty(channelAttr.Name)) { endpoint.URL = "/channels/" + channelAttr.Name + "/" + method.Name + "/"; } else { endpoint.URL = "/channels/" + channel.Name + "/" + method.Name + "/"; } endpoint.Name = channel.Name + "." + method.Name; ChannelMethodAttribute channelMethod = method.GetCustomAttribute <ChannelMethodAttribute>(); AuthorizeChannelAttribute authAttr = channel.GetCustomAttribute <AuthorizeChannelAttribute>(); ChannelAuthenticationSchemes channelSchema = channelMethod.Schema; ChannelHttpMethod httpMethod = channelMethod.HttpMethod; string methodURL = string.Empty; if (baseURL == null) { methodURL = "http://localhost:4200" + endpoint.URL; } else { methodURL = baseURL + endpoint.URL; } bool httpAuthRequired = false; //Start hosting httpChannel.Prefixes.Add(methodURL); if (authAttr != null) { if (authAttr.Schema != ChannelAuthenticationSchemes.Anonymous) { httpAuthRequired = true; } } //ChannelMethod can override ChannelAttribute Authentication Schemes if (channelSchema != ChannelAuthenticationSchemes.Anonymous) { httpAuthRequired = true; } else { if (authAttr != null) { channelSchema = authAttr.Schema; } } return(new ChannelConfigurationInfo { ChannelAttribute = channelAttr, MethodAttribute = channelMethod, MethodUrl = methodURL, HttpMethod = httpMethod, AuthScheme = channelSchema, AuthorizeAttribute = authAttr, AuthenticationRequired = httpAuthRequired, Endpoint = endpoint }); }
/// <summary> /// Get the Auth type for the channel /// </summary> /// <param name="schemes">Specified Auth Schemes</param> /// <param name="Claim">Claim used for authorization</param> public AuthorizeChannelAttribute(ChannelAuthenticationSchemes schemes, string Claim = null, string claimValue = null) { Schema = schemes; ClaimName = Claim; ClaimValue = claimValue; }