/// <summary>
/// Method to be invoked on the pipeline.
/// </summary>
/// <param name="context">The current owin context</param>
/// <returns></returns>
public override Task Invoke(IOwinContext context)
{
IOwinRequest owinRequest = context.Request;
IOwinResponse owinResponse = context.Response;
if (owinRequest != null)
{
string[] values;
if (owinRequest.Headers.TryGetValue("Content-Length", out values))
{
long receivedSize;
long.TryParse(values.FirstOrDefault(), out receivedSize);
if (receivedSize > _limit)
{
string message = $"Payload limit is {_limit}";
owinResponse.OnSendingHeaders(state =>
{
OwinResponse owinResponseState = (OwinResponse)state;
owinResponseState.StatusCode = 413;
owinResponseState.ReasonPhrase = message;
}, owinResponse);
return(context.Response.WriteAsync(message));//Short-circuit pipeline
}
}
}
return(Next.Invoke(context));
}
public static void SetAuthenticationFailed(
this IOwinResponse response,
AccessTokenType type,
string error,
string errorDescription = null,
string requiredScope = null)
{
if (error == null)
{
throw new ArgumentNullException(nameof(error));
}
if (error == AuthenticationErrorCodes.InvalidRequest)
{
response.StatusCode = 400;
}
if (error == AuthenticationErrorCodes.InvalidToken)
{
response.StatusCode = 401;
}
if (error == AuthenticationErrorCodes.InsufficentScope)
{
response.StatusCode = 403;
}
response.OnSendingHeaders(rsp =>
{
var sb = new StringBuilder($@"{AccessTokenTypeParser.ToString(type)} error=""{error}""");
if (!string.IsNullOrEmpty(errorDescription))
{
sb.Append($@",error_description=""{errorDescription}""");
}
if (!string.IsNullOrEmpty(requiredScope))
{
sb.Append($@",scope=""{requiredScope}""");
}
((IOwinResponse)rsp).Headers.Set(
"WWW-Authenticate",
sb.ToString()
);
}, response);
}
public void OnSendingHeaders(Action <object> callback, object state)
{
_response.OnSendingHeaders(callback, state);
}