public AuthenticateResult Authenticate(HttpContextBase contextBase)
{
if (contextBase == null)
{
throw new ArgumentNullException(nameof(contextBase));
}
string authorizationHeader = contextBase.Request.Headers["Authorization"];
if (string.IsNullOrEmpty(authorizationHeader))
{
return(AuthenticateResult.NoResult());
}
if (!authorizationHeader.StartsWith($"{AuthConstants.SPNEGO_DEFAULT_SCHEME} ", StringComparison.OrdinalIgnoreCase))
{
return(AuthenticateResult.NoResult());
}
var base64Token = authorizationHeader.Substring(AuthConstants.SPNEGO_DEFAULT_SCHEME.Length).Trim();
if (string.IsNullOrEmpty(base64Token))
{
const string noCredentialsMessage = "No credentials";
logger.LogWarning(noCredentialsMessage);
return(AuthenticateResult.Fail(noCredentialsMessage));
}
try
{
try
{
logger.LogTrace($"SPNEGO Token: {base64Token}");
var ticket = issuer.Authenticate(base64Token);
logger.LogDebug($"Authenticated successfully, kerberos ticket recieved...");
return(AuthenticateResult.Success(ticket));
}
catch (KerberosValidationException e)
{
return(AuthenticateResult.Fail(e));
}
}
catch
{
return(AuthenticateResult.Fail("Access denied!"));
}
}
