public override void OnActionExecuting(ActionExecutingContext actionContext)
{
var secretToken = actionContext.HttpContext.Request.Headers["USER_TOKEN_KEY"];
if (secretToken != null)
{
if (String.IsNullOrWhiteSpace(secretToken))
{
throw new Exception("USER_TOKEN_KEY was not found in the HTTP request headers.");
}
// TODO: Get rid of this when we have a better way of doing it
//var cacheProvider = ObjectFactory.GetInstance<ICacheProvider>();
var accessToken = AccessToken.ReadFromCache(secretToken);//, null);
if (accessToken == null)
{
throw new SecurityException("Application Not Authorised.");
}
var identity = new CloudCoreApiIdentity();
identity.AddClaim(new Claim("ApplicationId", accessToken.ApplicationId.ToString()));
identity.AddClaim(new Claim("UserId", accessToken.UserId.ToString()));
var principal = new ClaimsPrincipal(identity);
Thread.CurrentPrincipal = principal;
HttpContext.Current.User = principal;
}
else
{
throw new SecurityException("Valid USER_TOKEN_KEY not found.");
}
}
private void FakeIdentity(int applicationId, int userId)
{
var identity = new CloudCoreApiIdentity();
identity.AddClaim(new Claim("ApplicationId", applicationId.ToString(CultureInfo.InvariantCulture)));
identity.AddClaim(new Claim("UserId", userId.ToString(CultureInfo.InvariantCulture)));
var principal = new ClaimsPrincipal(identity);
Thread.CurrentPrincipal = principal;
//MockHttpContext.CreateNewHttpContext();
HttpContext.Current.User = principal;
}
