/// <summary> /// Parses request for account data. /// </summary> /// <param name="request">The HTTP Request.</param> /// <returns>user-password KeyValuePair from request.</returns> /// <exception> /// if request isn't authorized. /// </exception> private static KeyValuePair <string, string> GetAccountData(IHttpBase request) { var authHeader = request.Headers["Authorization"]; if (authHeader == null) { throw new ArgumentException("Authorization header not found"); } var authHeaderParts = authHeader.Split(' '); // RFC 2617 sec 1.2, "scheme" name is case-insensitive // header contains name and parameter separated by space. If it equals just "basic" - it's empty if (!authHeaderParts[0].Equals("basic", StringComparison.OrdinalIgnoreCase)) { throw new ArgumentException("Authorization header not found"); } var credentials = Encoding.GetEncoding("iso-8859-1").GetString(Convert.FromBase64String(authHeaderParts[1])); var separator = credentials.IndexOf(':'); var name = credentials.Substring(0, separator); var password = credentials.Substring(separator + 1); return(new KeyValuePair <string, string>(name, password)); }
public AuthController(IConfiguration configuration, IHttpBase httpBase) { Configuration = configuration; _httpBase = httpBase; }