public async Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken)
{
HttpRequestMessage request = context.Request;
var authorization = context.Request.Headers.Authorization;
if (authorization == null)
{
return;
}
if (authorization.Scheme != "Basic")
{
return;
}
if (String.IsNullOrEmpty(authorization.Parameter))
{
context.ErrorResult = new AuthenticationFailureResult("Missing credentials", request);
return;
}
Tuple <string, string> tokens = ExtractUserNameAndPassword(authorization.Parameter);
if (tokens == null)
{
context.ErrorResult = new AuthenticationFailureResult("Invalid credentials", request);
return;
}
if (!OnAuthorizeUser(tokens.Item1, tokens.Item2))
{
context.ErrorResult = new AuthenticationFailureResult("Invalid username or password", request);
}
else
{
IIdentity identity = new BasicAuthenticationIdentity(tokens.Item1, tokens.Item2);
var principal = new GenericPrincipal(identity, null);
SetPrincipal(principal);
}
}
public override void OnAuthorization(HttpActionContext actionContext)
{
var request = actionContext.Request;
var authorization = actionContext.Request.Headers.Authorization;
if (authorization == null)
{
return;
}
if (authorization.Scheme != "Basic")
{
return;
}
if (String.IsNullOrEmpty(authorization.Parameter))
{
Challenge(actionContext);
return;
}
Tuple <string, string> tokens = ExtractUserNameAndPassword(authorization.Parameter);
if (!OnAuthorizeUser(tokens.Item1, tokens.Item2))
{
Challenge(actionContext);
}
else
{
IIdentity identity = new BasicAuthenticationIdentity(tokens.Item1, tokens.Item2);
var principal = new GenericPrincipal(identity, null);
SetPrincipal(principal);
}
base.OnAuthorization(actionContext);
}
//public bool AllowMultiple
//{
// get
// {
// return false;
// }
//}
public async Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken)
{
HttpRequestMessage request = context.Request;
AuthenticationHeaderValue authorization = context.Request.Headers.Authorization;
if (authorization == null)
{
return;
}
if (authorization.Scheme != "Basic")
{
return;
}
if (string.IsNullOrEmpty(authorization.Parameter))
{
context.ErrorResult = new AuthenticationFailureResult("Missing credentials", request);
return;
}
// ..
var result = ExtractLoginAndPassword(authorization.Parameter);
if (!OnAuthorizeUser(result.login, result.password))
{
context.ErrorResult = new AuthenticationFailureResult("Invalid username or password", request);
return;
}
else
{
IIdentity identity = new BasicAuthenticationIdentity(result.login, result.password);
IPrincipal principal = new GenericPrincipal(identity, null);
SetPrincipal(principal);
}
}
