/// <summary> /// Handles all request comming into server /// </summary> /// <param name="request">request being sent to server</param> /// <param name="cancellationToken">operation </param> /// <returns>success</returns> protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { try { //get token from request string token = new RequestTransformer().GetToken(request); if (token == null) { return(base.SendAsync(request, cancellationToken)); } // check if token is valid. returns principals var incommingprincipal = new VerifyJWT().VerifyToken(token); // Authenticates principals and gets user claims fromd db ClaimsPrincipal AuthenticatedPrincipal = new ClaimsTransformer().Authenticate(incommingprincipal); // create IPrincipal IPrincipal principal = AuthenticatedPrincipal; // run thread in principal Thread.CurrentPrincipal = principal; HttpContext.Current.User = principal; return(base.SendAsync(request, cancellationToken)); } catch (Exception) { // send to unauthenticated return(UnAuthenticated()); } }
public void ValidTokenWithoutScheme() { HttpRequestMessage request = mockData.NoSchemeValidTokenRequestMessage(); RequestTransformer test = new RequestTransformer(); string token = test.GetToken(request); Assert.Null(token); }
public void NoTokenInParam() { HttpRequestMessage request = mockData.EmptyAuthorizationParam(); RequestTransformer test = new RequestTransformer(); string token = test.GetToken(request); Assert.Null(token); }
public void ValidToken() { HttpRequestMessage request = mockData.validRequestMessage(); RequestTransformer test = new RequestTransformer(); string mockToken = mockData.VALID_TOKEN_WITHOUT_SCHEME; string tokenFromRequest = test.GetToken(request); Assert.Equal(mockToken, tokenFromRequest); }
/// <summary> /// Sso Authenticate Handler /// </summary> /// <param name="request">request being sent to server</param> /// <param name="cancellationToken">operation </param> /// <returns>success</returns> protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { try { var token = new RequestTransformer().GetToken(request); if (token == null) { return(base.SendAsync(request, cancellationToken)); } var incommingPrincipal = new VerifyJWT().SsoVerifyToken(token); Thread.CurrentPrincipal = incommingPrincipal; HttpContext.Current.User = incommingPrincipal; return(base.SendAsync(request, cancellationToken)); } catch (NullReferenceException) { // send to unauthenticated return(UnAuthenticated()); } }