protected override async Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { if (HeimdallConfig.ByPassWebApiCorsAndImplementOptions && request.Method.ToString().ToUpper() == "OPTIONS") { var response = request.CreateResponse(HttpStatusCode.OK, string.Empty); AddHeadersToResponse(response); return(response); } if (HeimdallConfig.IgnorePath(request)) { var response = await base.SendAsync(request, cancellationToken); AddHeadersToResponse(response); return(response); } if (HeimdallConfig.IgnoreVerb(request)) { var response = await base.SendAsync(request, cancellationToken); AddHeadersToResponse(response); return(response); } if (HeimdallConfig.IgnoreVerbAndPath(request)) { var response = await base.SendAsync(request, cancellationToken); AddHeadersToResponse(response); return(response); } var isAuthenticated = await AuthenticateRequest.IsAuthenticated(request); if (!isAuthenticated) { var response = request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Unauthorized API call"); AddHeadersToResponse(response); return(response); } var authorisedResponse = await base.SendAsync(request, cancellationToken); AddHeadersToResponse(authorisedResponse); return(authorisedResponse); }
protected async override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { if (HeimdallConfig.IgnorePath(request)) { return(await base.SendAsync(request, cancellationToken)); } var isAuthenticated = await AuthenticateRequest.IsAuthenticated(request); if (!isAuthenticated) { var response = request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Unauthorized API call"); response.Headers.WwwAuthenticate.Add(new AuthenticationHeaderValue(HeaderNames.AuthenticationScheme)); return(await Task.FromResult(response)); } return(await base.SendAsync(request, cancellationToken)); }