protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
if (!Request.Headers.TryGetValue(ApiKeyHeaderName, out var apiKeyHeaderValues))
{
return(AuthenticateResult.NoResult());
}
var providedApiKey = apiKeyHeaderValues.FirstOrDefault();
if (apiKeyHeaderValues.Count == 0 || string.IsNullOrWhiteSpace(providedApiKey))
{
return(AuthenticateResult.NoResult());
}
var existingApiKey = await getApiKeyQuery.Execute(providedApiKey, Options.Scheme);
if (existingApiKey != null)
{
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, existingApiKey.Key)
};
var identity = new ClaimsIdentity(claims, Options.AuthenticationType);
var identities = new List <ClaimsIdentity> {
identity
};
var principal = new ClaimsPrincipal(identities);
var ticket = new AuthenticationTicket(principal, Options.Scheme);
ticket.Properties.SetString("##APIKEY", "true");
return(AuthenticateResult.Success(ticket));
}
return(AuthenticateResult.Fail("Invalid API Key provided."));
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
// return AuthenticateResult.Fail("API Key Auth disabled due to heavy load.");
if (!Request.Headers.TryGetValue(ApiKeyHeaderName, out var apiKeyHeaderValues))
{
return(AuthenticateResult.NoResult());
}
var providedApiKey = apiKeyHeaderValues.FirstOrDefault();
if (apiKeyHeaderValues.Count == 0 || string.IsNullOrWhiteSpace(providedApiKey))
{
return(AuthenticateResult.NoResult());
}
var appUser = await _getApiKeyQuery.Execute(providedApiKey);
if (appUser != null)
{
var claims = new[] {
new Claim("id", appUser.Id.ToString()),
new Claim(ClaimTypes.NameIdentifier, appUser.Id.ToString()),
new Claim(ClaimTypes.Name, appUser.UserName),
};
var identity = new ClaimsIdentity(claims, Scheme.Name);
var principal = new ClaimsPrincipal(identity);
var ticket = new AuthenticationTicket(principal, Scheme.Name);
return(AuthenticateResult.Success(ticket));
}
return(AuthenticateResult.Fail("Invalid API Key provided."));
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
string providedApiKey = GetApyKey();
if (string.IsNullOrWhiteSpace(providedApiKey))
{
return(AuthenticateResult.NoResult());
}
var existingApiKey = await _getApiKeyQuery.Execute(providedApiKey);
if (existingApiKey != null)
{
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, existingApiKey.Owner)
};
claims.AddRange(existingApiKey.Roles.Select(role => new Claim(ClaimTypes.Role, role)));
var identity = new ClaimsIdentity(claims, Options.AuthenticationType);
var identities = new List <ClaimsIdentity> {
identity
};
var principal = new ClaimsPrincipal(identities);
var ticket = new AuthenticationTicket(principal, Options.Scheme);
return(AuthenticateResult.Success(ticket));
}
return(AuthenticateResult.Fail("Invalid API Key provided."));
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
//if (!Request.Headers.TryGetValue(ApiKeyConstants.HeaderName, out var apiKeyHeaderValues))
//{
// return AuthenticateResult.NoResult();
//}
//string providedApiKey = apiKeyHeaderValues.FirstOrDefault();
//if (apiKeyHeaderValues.Count == 0 || string.IsNullOrWhiteSpace(providedApiKey))
//{
// return AuthenticateResult.NoResult();
//}
string providedApiKey = GetApyKey();
if (string.IsNullOrWhiteSpace(providedApiKey))
{
return(AuthenticateResult.NoResult());
}
var existingApiKey = await _getApiKeyQuery.Execute(providedApiKey);
if (existingApiKey != null)
{
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, existingApiKey.Owner)
};
claims.AddRange(existingApiKey.Roles.Select(role => new Claim(ClaimTypes.Role, role)));
var identity = new ClaimsIdentity(claims, Options.AuthenticationType);
var identities = new List <ClaimsIdentity> {
identity
};
var principal = new ClaimsPrincipal(identities);
var ticket = new AuthenticationTicket(principal, Options.Scheme);
return(AuthenticateResult.Success(ticket));
}
return(AuthenticateResult.Fail("Invalid API Key provided."));
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
//请求头中是否包含X-Api-Key
if (!Request.Headers.TryGetValue(ApiKeyConstants.HeaderName, out var apiKeyHeaderValues))
{
return(AuthenticateResult.NoResult());
}
//获取到X-Api-Key的值
var providedApiKey = apiKeyHeaderValues.FirstOrDefault();
if (apiKeyHeaderValues.Count == 0 || string.IsNullOrWhiteSpace(providedApiKey))
{
return(AuthenticateResult.NoResult());
}
//和数据库中或内存中的比对
var existingApiKey = await _getApiKeyQuery.Execute(providedApiKey);
if (existingApiKey != null)
{
var claims = new List <Claim>
{
//把用户的Name放入Claim
new Claim(ClaimTypes.Name, existingApiKey.Owner)//Owner代表唯一性的编号
};
//把用户的Role(可能不止一个)放入Claim
claims.AddRange(existingApiKey.Roles.Select(role => new Claim(ClaimTypes.Role, role)));
//ClaimIdentity
var identity = new ClaimsIdentity(claims, Options.AuthenticationType);
//ClaimIdentity的集合
var identities = new List <ClaimsIdentity> {
identity
};
//ClaimsPrincipal
var principal = new ClaimsPrincipal(identities);
//AuthenticationTicket
var ticket = new AuthenticationTicket(principal, Options.Scheme);
return(AuthenticateResult.Success(ticket));
}
return(AuthenticateResult.Fail("Invalid API Key provided."));
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
//try to get api-key from headers and use querystring as fallback.
if (!Request.Headers.TryGetValue(ApiKeyHeaderName, out var apiKeyHeaderValues) &&
!Request.Query.TryGetValue(ApiKeyHeaderName, out apiKeyHeaderValues))
{
return(AuthenticateResult.NoResult());
}
string providedApiKey = apiKeyHeaderValues.FirstOrDefault();
if (apiKeyHeaderValues.Count == 0 || string.IsNullOrWhiteSpace(providedApiKey))
{
return(AuthenticateResult.NoResult());
}
var existingApiKey = await getApiKeyQuery.Execute(providedApiKey);
if (existingApiKey is object)
{
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, existingApiKey.Owner)
};
claims.AddRange(existingApiKey.Roles.Select(role => new Claim(ClaimTypes.Role, role)));
var identity = new ClaimsIdentity(claims, Options.AuthenticationType);
var identities = new List <ClaimsIdentity> {
identity
};
var principal = new ClaimsPrincipal(identities);
var ticket = new AuthenticationTicket(principal, Options.AuthenticationScheme);
return(AuthenticateResult.Success(ticket));
}
return(AuthenticateResult.Fail("Invalid API Key provided."));
}
