private async Task OnChallengeAsync(JwtBearerChallengeContext context) { _logger.LogDebug(string.Format(CultureInfo.InvariantCulture, LogMessages.MethodBegin, nameof(OnChallengeAsync))); await s_onChallenge(context).ConfigureAwait(false); _logger.LogDebug(string.Format(CultureInfo.InvariantCulture, LogMessages.MethodEnd, nameof(OnChallengeAsync))); }
private static async Task OnChallengeAsync(JwtBearerChallengeContext context) { Debug.WriteLine($"55. Begin {nameof(OnChallengeAsync)}"); await s_onChallenge(context).ConfigureAwait(false); Debug.WriteLine($"55. End - {nameof(OnChallengeAsync)}"); }
static async Task OnChallenge(JwtBearerChallengeContext context) { Debug.WriteLine($"55. Begin {nameof(OnChallenge)}"); await onChallenge(context); Debug.WriteLine($"55. End - {nameof(OnChallenge)}"); }
static async Task OnChallenge(JwtBearerChallengeContext context) { Debug.WriteLine($"55. Begin {nameof(JwtBearerMiddlewareDiagnostics.OnChallenge)}"); await JwtBearerMiddlewareDiagnostics.onChallenge(context); Debug.WriteLine($"55. End - {nameof(JwtBearerMiddlewareDiagnostics.OnChallenge)}"); }
/// <summary> /// Returns an error message if the jwt token is missing or the token validation failed. /// </summary> /// <param name="arg"></param> /// <returns></returns> public static async Task ChallengeFailedResponse(JwtBearerChallengeContext arg) { // Important: Skip default error handling! arg.HandleResponse(); // Check first if response was already handled in AuthenticationFailed() if (!arg.Response.HasStarted) { var error = new MyProblemDetails(arg.HttpContext) { Title = "Authentication Error", Status = StatusCodes.Status401Unauthorized, Type = "https://www.my-error-portal.com/myproject/401", ErrorCode = "401" }; if (string.IsNullOrWhiteSpace(arg.Error)) { error.Detail = "Authorization header is missing."; } else { var logger = arg.HttpContext.RequestServices.GetRequiredService <ILogger <JwtEventHelper> >(); logger.LogError($"Authentication failed with error: {arg.Error}."); error.Detail = $"Authentication failed with error: {arg.Error}."; } // Add error message to response await WriteResponse(error, arg.Response, StatusCodes.Status401Unauthorized); } }
/// <summary> /// Detalle del contexto. /// </summary> /// <param name="context">Contexto.</param> /// <returns>string.</returns> public static string ToDetails(this JwtBearerChallengeContext context) { var sb = new StringBuilder(); if (!string.IsNullOrWhiteSpace(context.Error)) { sb.Append($"AuthError: {context.Error} |"); } if (!string.IsNullOrWhiteSpace(context.ErrorDescription)) { sb.Append($" AuthErrorDescription: {context.ErrorDescription} |"); } if (!string.IsNullOrWhiteSpace(context.ErrorUri)) { sb.Append($" AuthErrorUri: {context.ErrorUri} |"); } if (!string.IsNullOrWhiteSpace(context.Options.Challenge)) { sb.Append($" WWWAuthenticate: {context.Options.Challenge} |"); } if (context.AuthenticateFailure != null) { sb.Append($" AuthExceptionType: {context.AuthenticateFailure.GetBaseException().GetType().Name} | "); sb.Append($" AuthExceptionMessage: {context.AuthenticateFailure.Message}"); } return(sb.ToString()); }
private async Task OnChallengeAsync(JwtBearerChallengeContext context) { _logger.LogDebug($"55. Begin {nameof(OnChallengeAsync)}"); await s_onChallenge(context).ConfigureAwait(false); _logger.LogDebug($"55. End - {nameof(OnChallengeAsync)}"); }
protected override async Task HandleChallengeAsync(AuthenticationProperties properties) { AuthenticateResult authenticateResult = await HandleAuthenticateOnceSafeAsync(); JwtBearerChallengeContext eventContext = new JwtBearerChallengeContext(base.Context, base.Scheme, base.Options, properties) { AuthenticateFailure = authenticateResult?.Failure }; if (base.Options.IncludeErrorDetails && eventContext.AuthenticateFailure != null) { eventContext.Error = "invalid_token"; eventContext.ErrorDescription = CreateErrorDescription(eventContext.AuthenticateFailure); } await Events.Challenge(eventContext); if (eventContext.Handled) { return; } base.Response.StatusCode = 401; if (string.IsNullOrEmpty(eventContext.Error) && string.IsNullOrEmpty(eventContext.ErrorDescription) && string.IsNullOrEmpty(eventContext.ErrorUri)) { base.Response.Headers.Append(HeaderNames.WWWAuthenticate, base.Options.Challenge); return; } StringBuilder stringBuilder = new StringBuilder(base.Options.Challenge); if (base.Options.Challenge.IndexOf(' ') > 0) { stringBuilder.Append(','); } if (!string.IsNullOrEmpty(eventContext.Error)) { stringBuilder.Append(" error=\""); stringBuilder.Append(eventContext.Error); stringBuilder.Append("\""); } if (!string.IsNullOrEmpty(eventContext.ErrorDescription)) { if (!string.IsNullOrEmpty(eventContext.Error)) { stringBuilder.Append(","); } stringBuilder.Append(" error_description=\""); stringBuilder.Append(eventContext.ErrorDescription); stringBuilder.Append('"'); } if (!string.IsNullOrEmpty(eventContext.ErrorUri)) { if (!string.IsNullOrEmpty(eventContext.Error) || !string.IsNullOrEmpty(eventContext.ErrorDescription)) { stringBuilder.Append(","); } stringBuilder.Append(" error_uri=\""); stringBuilder.Append(eventContext.ErrorUri); stringBuilder.Append('"'); } base.Response.Headers.Append(HeaderNames.WWWAuthenticate, stringBuilder.ToString()); }
public Task Challenge(JwtBearerChallengeContext context) { context.Error = "Token not exists"; context.ErrorDescription = "You have to send the token"; context.ErrorUri = context.Request.Path.ToString(); return(Task.FromResult(0)); }
public override Task Challenge(JwtBearerChallengeContext context) { if (context.AuthenticateFailure != null) { WriteExceptionToHttpResponse(context.HttpContext.Response, ErrorStatusCode.AuthorizationFailed); context.HandleResponse(); } return(Task.CompletedTask); }
/// <summary> /// Challenges the specified context. /// </summary> /// <param name="context">The context.</param> /// <returns>A task.</returns> public override Task Challenge(JwtBearerChallengeContext context) { this._logger .ForContext("JWTDebugEvent", "Challenge") .ForContext("Context", context) .Debug("JWT Challenge"); return(base.Challenge(context)); }
public override Task Challenge(JwtBearerChallengeContext context) { context.Response.StatusCode = StatusCodes.Status200OK; context.Response.ContentType = "application/json"; var response = Responses.TokenError(); var text = JsonSerializer.Serialize(response, JsonUtils.DefaultOptions()); context.Response.WriteAsync(text); return(base.Challenge(context)); }
public override Task Challenge(JwtBearerChallengeContext context) { if (context.AuthenticateFailure != null) { var json = Newtonsoft.Json.JsonConvert.SerializeObject(ErrorStatusCode.AuthorizationFailed.StatusCode); byte[] bytes = Encoding.UTF8.GetBytes(json); context.HttpContext.Response.StatusCode = 401; context.HttpContext.Response.Headers.Add("Content-Type", "application/json"); context.HttpContext.Response.Body.Write(bytes, 0, bytes.Length); context.HandleResponse(); } return(Task.CompletedTask); }
/// <summary> /// 未授权时调用 /// </summary> /// <param name="context"></param> /// <returns></returns> public static Task OnChallenge(JwtBearerChallengeContext context) { context.Response.OnStarting(() => { if (context.Response.StatusCode != (int)HttpStatusCode.OK) { context.Response.ContentType = "application/json"; context.Response.WriteAsync(JsonConvert.SerializeObject(new { Code = context.Response.StatusCode, Data = false, Message = "无法访问的资源" })); } return(Task.CompletedTask); }); return(Task.CompletedTask); }
public override Task Challenge(JwtBearerChallengeContext context) { if (context.AuthenticateFailure == null && context.Error == "invalid_token") { context.Response.StatusCode = StatusCodes.Status401Unauthorized; context.Response.ContentType = "application/json"; context.Response.WriteAsync( Newtonsoft.Json.JsonConvert.SerializeObject( new CommandResponse(statusCode: StatusCodes.Status401Unauthorized, message: "Unauthorized", null, false) ) ); } return(base.Challenge(context)); }
public override Task Challenge(JwtBearerChallengeContext context) { context.HandleResponse(); var payload = new JObject { ["error"] = context.Error, ["error_description"] = context.ErrorDescription, ["error_uri"] = context.ErrorUri }; context.Response.ContentType = "application/json"; context.Response.StatusCode = 401; return(context.Response.WriteAsync(payload.ToString())); }
/// <summary> /// 没有JwtToken时触发 /// </summary> /// <param name="context"></param> /// <returns></returns> public override Task Challenge(JwtBearerChallengeContext context) { context.Response.Clear(); context.Response.StatusCode = 200; context.Response.ContentType = "application/json"; BaseResponse response = new BaseResponse() { success = false, errorCode = nameof(ExceptionCode.EC107).GetCode().ToString(), errorMessage = ExceptionCode.EC107 }; context.Response.WriteAsync(JsonConvert.SerializeObject(response)); context.HandleResponse(); return(base.Challenge(context)); }
///// <summary> ///// 接收时 ///// </summary> ///// <param name="context"></param> ///// <returns></returns> //public override Task MessageReceived(MessageReceivedContext context) //{ // context.Token = context.Request.Headers["Authorization"]; // return Task.CompletedTask; //} ///// <summary> ///// TokenValidated:在Token验证通过后调用。 ///// </summary> ///// <param name="context"></param> ///// <returns></returns> //public override Task TokenValidated(TokenValidatedContext context) //{ // return Task.CompletedTask; //} #endregion /**注释原因:token过期AuthenticationFailed执行完后 Challenge方法会报System.InvalidOperationException: StatusCode cannot be set because the response has already started**/ ///// <summary> ///// AuthenticationFailed: 认证失败时调用。触发场景:1.token过期(一定) 使用时一定要在 Controller或方法名上加[Authorize] ///// </summary> ///// <param name="context"></param> ///// <returns></returns> //public override async Task AuthenticationFailed(AuthenticationFailedContext context) //{ // context.Response.StatusCode = StatusCodes.Status200OK; // context.Response.ContentType = "application/json"; // var response = new HResponse() // { // Success = false, // ErrorCode = nameof(ErrorInfo.E100001).GetErrorCode(), // ErrorMsg = ErrorInfo.E100001 // }; // await context.Response.WriteAsync(H_JsonSerializer.Serialize(response)); //} /// <summary> /// Challenge: 服务器可以用来针对客户端的请求发送质询(challenge)。 触发场景:1.token值为空(一定) 2.token过期(一定) 2.token值有误 (一定)。 使用时一定要在 Controller或方法名上加[Authorize] /// </summary> /// <param name="context"></param> /// <returns></returns> public override async Task Challenge(JwtBearerChallengeContext context) { context.HandleResponse(); //此处代码为终止.Net Core默认的返回类型和数据结果,这个很重要哦,必须,不加的话 控制台里会报异常System.InvalidOperationException: StatusCode cannot be set because the response has already started context.Response.StatusCode = StatusCodes.Status200OK; context.Response.ContentType = "application/json"; var response = new H_Response() { Success = false, ErrorCode = H_Error.E100001.Key, ErrorMsg = H_Error.E100001.Value }; var options = new JsonSerializerOptions { Encoder = JavaScriptEncoder.UnsafeRelaxedJsonEscaping, //解决中文乱码 PropertyNamingPolicy = null //PropertyNamingPolicy = JsonNamingPolicy.CamelCase //开头字母小写 默认 }; await context.Response.WriteAsync(JsonSerializer.Serialize(response, options)); }
public override Task Challenge(JwtBearerChallengeContext context) { if (!context.Response.HasStarted) { context.Response.StatusCode = 401; context.Response.ContentType = "application/json"; var resp = new { ErrorCode = 401, message = "Missing Token" }; var options = new JsonSerializerSettings { ContractResolver = new CamelCasePropertyNamesContractResolver() }; context.Response.WriteAsync(JsonConvert.SerializeObject(resp, options)).Wait(); } return(Task.CompletedTask); }
private static Task OnChallenge(JwtBearerChallengeContext context, string[] areas) { if (context.AuthenticateFailure != null) { string location = CreateReturnLocation(context, areas); context.Response.Headers.Append(HeaderNames.Location, location); context.Response.Headers.Append(HeaderNames.WWWAuthenticate, context.Options.Challenge); if (context.Request.AcceptsJsonResponse()) { return(Task.Factory.StartNew(() => { context.Response.StatusCode = 401; context.HandleResponse(); })); } } return(Task.Factory.StartNew(() => context.HandleResponse())); }
private static string CreateReturnLocation(JwtBearerChallengeContext context, string[] areas) { string locationHeader = context.Request.Headers[HeaderNames.Location]; Uri referrer = new Uri(context.Request.Headers[HeaderNames.Referer]); Uri location = new Uri(locationHeader ?? referrer.ToString()); string returnUrl = CreateReturnUrl(referrer, areas); string locationUri = QueryHelpers.AddQueryString("Login", "returnUrl", returnUrl); if (!string.IsNullOrEmpty(context.Error)) { locationUri = QueryHelpers.AddQueryString(locationUri, "errorCode", context.Error); } if (!string.IsNullOrEmpty(context.AuthenticateFailure.Message)) { locationUri = QueryHelpers.AddQueryString(locationUri, "errorDesc", context.ErrorDescription); } return(locationUri); }
protected override async Task HandleChallengeAsync(AuthenticationProperties properties) { var authResult = await HandleAuthenticateOnceSafeAsync(); var eventContext = new JwtBearerChallengeContext(Context, Scheme, Options, properties) { AuthenticateFailure = authResult?.Failure }; // 避免返回错误 = invalid_token 如果错误不是由身份验证失败引起的 (例如, 缺少令牌)。 if (Options.IncludeErrorDetails && eventContext.AuthenticateFailure != null) { eventContext.Error = "invalid_token"; eventContext.ErrorDescription = CreateErrorDescription(eventContext.AuthenticateFailure); } await Events.Challenge(eventContext); if (eventContext.Handled) { return; } // 无论如何保证请求成功,用status表示具体api结果 Response.StatusCode = 200; if (string.IsNullOrEmpty(eventContext.Error) && string.IsNullOrEmpty(eventContext.ErrorDescription) && string.IsNullOrEmpty(eventContext.ErrorUri)) { Response.Headers.Append(HeaderNames.WWWAuthenticate, Options.Challenge); } else { // https://tools.ietf.org/html/rfc6750#section-3.1 //WWW 认证: 无记名领域 = "示例", 错误 = "invalid_token", error_description = "访问令牌过期" var builder = new StringBuilder(Options.Challenge); if (Options.Challenge.IndexOf(" ", StringComparison.Ordinal) > 0) { // 仅在第一个参数之后添加逗号 (如果有) builder.Append(','); } if (!string.IsNullOrEmpty(eventContext.Error)) { builder.Append(" error=\""); builder.Append(eventContext.Error); builder.Append("\""); } if (!string.IsNullOrEmpty(eventContext.ErrorDescription)) { if (!string.IsNullOrEmpty(eventContext.Error)) { builder.Append(","); } builder.Append(" error_description=\""); builder.Append(eventContext.ErrorDescription); builder.Append('\"'); } if (!string.IsNullOrEmpty(eventContext.ErrorUri)) { if (!string.IsNullOrEmpty(eventContext.Error) || !string.IsNullOrEmpty(eventContext.ErrorDescription)) { builder.Append(","); } builder.Append(" error_uri=\""); builder.Append(eventContext.ErrorUri); builder.Append('\"'); } Response.Headers.Append(HeaderNames.WWWAuthenticate, builder.ToString()); } await Response.WriteAsync(JsonConvert.SerializeObject(new JsonBase { Status = JsonStatus.BearerCheckFailed, Message = JsonErrorMaps.TryGet(JsonStatus.BearerCheckFailed) }, new JsonSerializerSettings { ContractResolver = new LowercaseContractResolver(), ReferenceLoopHandling = ReferenceLoopHandling.Ignore, Formatting = Formatting.Indented })); }
public async Task Challenge(JwtBearerChallengeContext context) { context.Response.StatusCode = 401; context.Response.ContentType = "application/json;"; await context.Response.WriteAsync("Error Has Occured."); }
internal static Task OnChallenge(JwtBearerChallengeContext arg) { Debug.WriteLine("Not authentication, challenge triggered"); return(Task.CompletedTask); }
private Task JwtBearerChallenge(JwtBearerChallengeContext arg) { _logger.LogDebug("JwtBearerChallenge!"); return(Task.FromResult(0)); }
private Task Challenge(JwtBearerChallengeContext arg) { return(Task.CompletedTask); }
public override Task Challenge(JwtBearerChallengeContext context) { return(base.Challenge(context)); }
public static Task OnChallenge(JwtBearerChallengeContext context) { return(Task.CompletedTask); }
protected override async Task HandleChallengeAsync(Microsoft.AspNetCore.Authentication.AuthenticationProperties properties) { var authResult = await HandleAuthenticateOnceSafeAsync(); var eventContext = new JwtBearerChallengeContext(Context, Scheme, Options, properties) { AuthenticateFailure = authResult?.Failure }; await Events.Challenge(eventContext); if (eventContext.Handled) { return; } Response.StatusCode = 401; if (string.IsNullOrEmpty(eventContext.Error) && string.IsNullOrEmpty(eventContext.ErrorDescription) && string.IsNullOrEmpty(eventContext.ErrorUri)) { Response.Headers.Append(HeaderNames.WWWAuthenticate, Options.Challenge); } else { // https://tools.ietf.org/html/rfc6750#section-3.1 // WWW-Authenticate: Bearer realm="example", error="invalid_token", error_description="The access token expired" var builder = new StringBuilder(Options.Challenge); if (Options.Challenge.IndexOf(" ", StringComparison.Ordinal) > 0) { // Only add a comma after the first param, if any builder.Append(','); } if (!string.IsNullOrEmpty(eventContext.Error)) { builder.Append(" error=\""); builder.Append(eventContext.Error); builder.Append("\""); } if (!string.IsNullOrEmpty(eventContext.ErrorDescription)) { if (!string.IsNullOrEmpty(eventContext.Error)) { builder.Append(","); } builder.Append(" error_description=\""); builder.Append(eventContext.ErrorDescription); builder.Append('\"'); } if (!string.IsNullOrEmpty(eventContext.ErrorUri)) { if (!string.IsNullOrEmpty(eventContext.Error) || !string.IsNullOrEmpty(eventContext.ErrorDescription)) { builder.Append(","); } builder.Append(" error_uri=\""); builder.Append(eventContext.ErrorUri); builder.Append('\"'); } Response.Headers.Append(HeaderNames.WWWAuthenticate, builder.ToString()); } }
public async Task OnAuthChallenge(JwtBearerChallengeContext ctx) { await ctx.Response.WriteAsJsonAsync(new ApiResponse <string>(false, 401, "Token is invalid")); ctx.HandleResponse(); }