private string?GetIdToken()
{
string?idToken = Context.Request.Headers[AppServicesAuthIdTokenHeader];
#if DEBUG
if (string.IsNullOrEmpty(idToken))
{
idToken = AppServicesAuthenticationInformation.SimulateGetttingHeaderFromDebugEnvironmentVariable(AppServicesAuthIdTokenHeader);
}
#endif
return(idToken);
}
/// <inheritdoc/>
protected override Task <AuthenticateResult> HandleAuthenticateAsync()
{
if (AppServicesAuthenticationInformation.IsAppServicesAadAuthenticationEnabled)
{
ClaimsPrincipal?claimsPrincipal = AppServicesAuthenticationInformation.GetUser(Context.Request.Headers);
if (claimsPrincipal != null)
{
AuthenticationTicket ticket = new AuthenticationTicket(claimsPrincipal, AppServicesAuthenticationDefaults.AuthenticationScheme);
AuthenticateResult success = AuthenticateResult.Success(ticket);
return(Task <AuthenticateResult> .FromResult <AuthenticateResult>(success));
}
}
// Try another handler
return(Task.FromResult(AuthenticateResult.NoResult()));
}
/// <summary>
/// Get the IDP from the headers sent by App services authentication.
/// </summary>
/// <param name="headers">Headers.</param>
/// <returns>The IDP.</returns>
internal static string?GetIdp(IDictionary <string, StringValues> headers)
{
if (headers is null)
{
throw new ArgumentNullException(nameof(headers));
}
string?idp = null;
if (headers.ContainsKey(AppServicesAuthIdTokenHeader))
{
idp = headers[AppServicesAuthIdpTokenHeader];
}
#if DEBUG
if (string.IsNullOrEmpty(idp))
{
idp = AppServicesAuthenticationInformation.SimulateGetttingHeaderFromDebugEnvironmentVariable(AppServicesAuthIdpTokenHeader);
}
#endif
return(idp);
}
private string GetAccessToken(IHeaderDictionary?headers)
{
const string AppServicesAuthAccessTokenHeader = "X-MS-TOKEN-AAD-ACCESS-TOKEN";
string?accessToken = null;
if (headers != null)
{
accessToken = headers[AppServicesAuthAccessTokenHeader];
}
#if DEBUG
if (string.IsNullOrEmpty(accessToken))
{
accessToken = AppServicesAuthenticationInformation.SimulateGetttingHeaderFromDebugEnvironmentVariable(AppServicesAuthAccessTokenHeader);
}
#endif
if (!string.IsNullOrEmpty(accessToken))
{
return(accessToken);
}
return(string.Empty);
}
/// <summary>
/// Get the user claims from the headers and environment variables.
/// </summary>
/// <param name="headers">Headers.</param>
/// <returns>User claims.</returns>
internal static ClaimsPrincipal?GetUser(IDictionary <string, StringValues> headers)
{
ClaimsPrincipal?claimsPrincipal;
string? idToken = AppServicesAuthenticationInformation.GetIdToken(headers);
string? idp = AppServicesAuthenticationInformation.GetIdp(headers);
if (idToken != null && idp != null)
{
JsonWebToken jsonWebToken = new JsonWebToken(idToken);
bool isAadV1Token = jsonWebToken.Claims
.Any(c => c.Type == Constants.Version && c.Value == Constants.V1);
claimsPrincipal = new ClaimsPrincipal(new ClaimsIdentity(
jsonWebToken.Claims,
idp,
isAadV1Token ? Constants.NameClaim : Constants.PreferredUserName,
ClaimsIdentity.DefaultRoleClaimType));
}
else
{
claimsPrincipal = null;
}
return(claimsPrincipal);
}
