public bool Authorize(IHttpContext context)
{
var requestUrl = context.GetRequestUrl();
if (NeverSecret.Urls.Contains(requestUrl))
{
return(true);
}
//CORS pre-flight (ignore creds if using cors).
if (!String.IsNullOrEmpty(Settings.AccessControlAllowOrigin) && context.Request.HttpMethod == "OPTIONS")
{
return(true);
}
var oneTimeToken = context.Request.Headers["Single-Use-Auth-Token"];
if (string.IsNullOrEmpty(oneTimeToken) == false)
{
return(AuthorizeUsingleUseAuthToken(context, oneTimeToken));
}
var authHeader = context.Request.Headers["Authorization"];
var hasApiKey = "True".Equals(context.Request.Headers["Has-Api-Key"], StringComparison.CurrentCultureIgnoreCase);
var hasOAuthTokenInCookie = context.Request.HasCookie("OAuth-Token");
if (hasApiKey || hasOAuthTokenInCookie ||
string.IsNullOrEmpty(authHeader) == false && authHeader.StartsWith("Bearer "))
{
return(oAuthRequestAuthorizer.Authorize(context, hasApiKey, IgnoreDb.Urls.Contains(requestUrl)));
}
return(windowsRequestAuthorizer.Authorize(context, IgnoreDb.Urls.Contains(requestUrl)));
}
public bool Authorize(IHttpContext context)
{
var requestUrl = context.GetRequestUrl();
if (NeverSecret.Urls.Contains(requestUrl))
{
return(true);
}
var oneTimeToken = context.Request.Headers["Single-Use-Auth-Token"];
if (string.IsNullOrEmpty(oneTimeToken) == false)
{
return(AuthorizeOSingleUseAuthToken(context, oneTimeToken));
}
var authHeader = context.Request.Headers["Authorization"];
var hasApiKey = "True".Equals(context.Request.Headers["Has-Api-Key"], StringComparison.CurrentCultureIgnoreCase);
var hasOAuthTokenInCookie = context.Request.HasCookie("OAuth-Token");
if (hasApiKey || hasOAuthTokenInCookie ||
string.IsNullOrEmpty(authHeader) == false && authHeader.StartsWith("Bearer "))
{
return(oAuthRequestAuthorizer.Authorize(context, hasApiKey, IgnoreDb.Urls.Contains(requestUrl)));
}
return(windowsRequestAuthorizer.Authorize(context, IgnoreDb.Urls.Contains(requestUrl)));
}
public override bool Authorize(IHttpContext context)
{
var requestUrl = context.GetRequestUrl();
if (NeverSecret.Urls.Contains(requestUrl))
{
return(true);
}
var authHeader = context.Request.Headers["Authorization"];
if (string.IsNullOrEmpty(authHeader) == false && authHeader.StartsWith("Bearer "))
{
return(oAuthRequestAuthorizer.Authorize(context));
}
return(windowsRequestAuthorizer.Authorize(context));
}
public bool Authorize(IHttpContext context)
{
var requestUrl = context.GetRequestUrl();
if (NeverSecret.Urls.Contains(requestUrl))
{
return(true);
}
var hasApiKey = "true".Equals(context.Request.Headers["Has-Api-Key"], StringComparison.CurrentCultureIgnoreCase);
var authHeader = context.Request.Headers["Authorization"];
if (hasApiKey || string.IsNullOrEmpty(authHeader) == false && authHeader.StartsWith("Bearer "))
{
return(oAuthRequestAuthorizer.Authorize(context, hasApiKey));
}
return(windowsRequestAuthorizer.Authorize(context));
}
