protected override void RequestStartup(Nancy.TinyIoc.TinyIoCContainer container, Nancy.Bootstrapper.IPipelines pipelines, NancyContext context)
{
base.RequestStartup(container, pipelines, context);
var configuration =
new StatelessAuthenticationConfiguration(GetLoadAuthenticationHook);
StatelessAuthentication.Enable(pipelines, configuration);
pipelines.AfterRequest.AddItemToEndOfPipeline(
(ctx) =>
{
var session = container.Resolve<IDocumentSession>();
if (session == null)
return;
session.SaveChanges();
session.Dispose();
});
//pipelines.BeforeRequest.AddItemToStartOfPipeline(GetLoadAuthenticationHook(configuration));
pipelines.AfterRequest.AddItemToEndOfPipeline(GetRedirectToLoginHook());
}
protected override void RequestStartup(TinyIoCContainer requestContainer, IPipelines pipelines, NancyContext context)
{
base.RequestStartup(requestContainer, pipelines, context);
// At request startup we modify the request pipelines to
// include forms authentication - passing in our now request
// scoped user name mapper.
//
// The pipelines passed in here are specific to this request,
// so we can add/remove/update items in them as we please.
var loginService = requestContainer.Resolve<LoginService>();
var authConfiguration =
new StatelessAuthenticationConfiguration(c =>
{
var apiKeyFromRequest = ((DynamicDictionaryValue)c.Request.Query.ApiKey).Value as ApiKey
?? ((DynamicDictionaryValue)c.Request.Form.ApiKey).Value as ApiKey;
if (apiKeyFromRequest == null) return null;
if (loginService.IsApiKeyValid(apiKeyFromRequest))
{
return new UserIdentity(apiKeyFromRequest.Username, new List<string>());
}
return null;
});
StatelessAuthentication.Enable(pipelines, authConfiguration);
}
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines)
{
base.ApplicationStartup(container, pipelines);
var configuration = new BasicAuthenticationConfiguration(container.Resolve<IUserValidator>(), "test-realm");
BasicAuthentication.Enable(pipelines,configuration);
var stateless = new StatelessAuthenticationConfiguration(c =>
{
const string key = "X-Auth-Token";
string token = null;
if (c.Request.Headers.Authorization == null || !c.Request.Headers.Authorization.Any())
{
_log.ErrorFormat("No request headers are present in the request {0}", c);
return null;
}
if (c.Request.Headers.FirstOrDefault(f => f.Key == key).Value == null ||
string.IsNullOrEmpty(c.Request.Headers.FirstOrDefault(f => f.Key == key).Value.First()))
{
_log.ErrorFormat("No Key present in the request headers");
return null;
}
token = c.Request.Headers.FirstOrDefault(f => f.Key == key).Value.First();
_log.InfoFormat("Token used {0}", token);
var user = container.Resolve<IUserApiMapper>();
return user.GetUserFromToken(token);
});
StatelessAuthentication.Enable(pipelines, stateless);
}
public static IPipelines EnableStatelessAuthentication(this IPipelines pipelines, IAuthenticateUser authenticator)
{
var configuration = new StatelessAuthenticationConfiguration(context =>
{
var token = context.AuthorizationHeaderToken();
return String.IsNullOrWhiteSpace(token) ? null : authenticator != null ? authenticator.GetUserIdentity(token) : null;
});
StatelessAuthentication.Enable(pipelines, configuration);
return pipelines;
}
/// <summary>
/// Gets the pre request hook for loading the authenticated user's details
/// from apikey given in request.
/// </summary>
/// <param name="configuration">Stateless authentication configuration to use</param>
/// <returns>Pre request hook delegate</returns>
private static Func<NancyContext, Response> GetLoadAuthenticationHook(StatelessAuthenticationConfiguration configuration)
{
if (configuration == null)
{
throw new ArgumentNullException("configuration");
}
return context =>
{
context.CurrentUser = configuration.GetUserIdentity(context);
return null;
};
}
protected override void RequestStartup(TinyIoCContainer container, IPipelines pipelines, NancyContext context)
{
var config = new StatelessAuthenticationConfiguration(nancyContext =>
{
var apiKey = nancyContext.Request.Headers["x-ApiKey"].FirstOrDefault();
if (apiKey == null) { return null; }
// In case the ApiKey is passed as a query parameter.
//if (!nancyContext.Request.Query.apiKey.HasValue) { return null; }
//var apiKey = (string)nancyContext.Request.Query.apiKey.Value;
return DataBaseMock.GetUserFromApiKey(apiKey);
});
AllowAccessToConsumingSite(pipelines);
StatelessAuthentication.Enable(pipelines, config);
}
public UserModuleTests()
{
_provider = A.Fake<IAuthenticationProvider>();
_repository = A.Fake<IRepository>();
_browser = new Browser(config =>
{
config.Module<UserModule>();
config.Dependency(_repository);
config.Dependency(_provider);
config.ApplicationStartup((ioc, pipelines) =>
{
var statelessAuthConfiguration = new StatelessAuthenticationConfiguration(ctx => ioc.Resolve<NancyContextAuthenticator>().Authenticate(ctx));
StatelessAuthentication.Enable(pipelines, statelessAuthConfiguration);
});
});
}
/// <summary>
/// This method exists for the purpose of enabling Nancy's Stateless authentication (http://goo.gl/Dtxhve)
/// </summary>
protected override void RequestStartup(TinyIoCContainer requestContainer, IPipelines pipelines, NancyContext context)
{
// At request startup we modify the request pipelines to
// include stateless authentication
//
// Configuring stateless authentication is simple. Just use the
// NancyContext to get the apiKey. Then, use the authorization code to get
// your user's identity from Azure Active Directory via ADAL.
//
// If the authorization code required to do this is missing, NancyModules
// secured via RequiresAuthentication() cannot be invoked...
var configuration =
new StatelessAuthenticationConfiguration(nancyContext =>
{
// the only way a user will be authenticated is if a request contains an authentication code
// attached to it...
if (!nancyContext.Request.Query.code.HasValue)
{
return null;
}
try
{
//for now, we will pull the apiKey from the querystring,
//but you can pull it from any part of the NancyContext
var authorizationCode = (string)nancyContext.Request.Query.code;
//get the user identity however you choose to (for now, using a static class/method)
return ActiveDirectoryAuthenticationHelper.GetAuthenticatedUserIDentity(authorizationCode);
}
// exceptions during ADAL authentication will block user authentication
catch (ArgumentNullException)
{
return null;
}
catch (Exception)
{
return null;
}
});
StatelessAuthentication.Enable(pipelines, configuration);
}
/// <summary>
/// Enables stateless authentication for the application
/// </summary>
/// <param name="pipelines">Pipelines to add handlers to (usually "this")</param>
/// <param name="configuration">Stateless authentication configuration</param>
public static void Enable(IPipelines pipelines, StatelessAuthenticationConfiguration configuration)
{
if (pipelines == null)
{
throw new ArgumentNullException("pipelines");
}
if (configuration == null)
{
throw new ArgumentNullException("configuration");
}
if (!configuration.IsValid)
{
throw new ArgumentException("Configuration is invalid", "configuration");
}
pipelines.BeforeRequest.AddItemToStartOfPipeline(GetLoadAuthenticationHook(configuration));
}
/// <summary>
/// Enables stateless authentication for a module
/// </summary>
/// <param name="module">Module to add handlers to (usually "this")</param>
/// <param name="configuration">Stateless authentication configuration</param>
public static void Enable(INancyModule module, StatelessAuthenticationConfiguration configuration)
{
if (module == null)
{
throw new ArgumentNullException("module");
}
if (configuration == null)
{
throw new ArgumentNullException("configuration");
}
if (!configuration.IsValid)
{
throw new ArgumentException("Configuration is invalid", "configuration");
}
module.Before.AddItemToStartOfPipeline(GetLoadAuthenticationHook(configuration));
}
protected override void RequestStartup(ILifetimeScope container, IPipelines pipelines, NancyContext context)
{
StaticConfiguration.DisableErrorTraces = false;
var configuration =
new StatelessAuthenticationConfiguration(
ctx =>
{
string token = GetTokenFromRequest(ctx);
bool hasToken = !string.IsNullOrEmpty(token);
if (hasToken)
{
var apiUserMapper = container.Resolve<IApiUserMapper<Guid>>();
Guid tokenGuid;
if (!string.IsNullOrEmpty(token) && Guid.TryParse(token, out tokenGuid))
{
try
{
IUserIdentity userFromAccessToken =
apiUserMapper.GetUserFromAccessToken(tokenGuid);
return userFromAccessToken;
}
catch (TokenDoesNotExistException)
{
}
}
}
return new FireTowerUserIdentity(new VisitorSession());
});
pipelines.OnError += (ctx, err) => HandleExceptions(err, ctx);
pipelines.AfterRequest.AddItemToEndOfPipeline(AddCorsHeaders());
StatelessAuthentication.Enable(pipelines, configuration);
base.RequestStartup(container, pipelines, context);
}
protected override void ApplicationStartup(ILifetimeScope container, IPipelines pipelines)
{
base.ApplicationStartup(container, pipelines);
/*enable lightningcache, vary by url params id,query,take and skip*/
//this.EnableLightningCache(container.Resolve<IRouteResolver>(), ApplicationPipelines, new[] { "id", "query", "take", "skip" });
CustomNancyLightningCache.Enable(this, container.Resolve<IRouteResolver>(), ApplicationPipelines, new[] { "id", "query", "take", "skip"});
var statelessAuthConfiguration = new StatelessAuthenticationConfiguration(ctx => container.Resolve<NancyContextAuthenticator>().Authenticate(ctx));
StatelessAuthentication.Enable(pipelines, statelessAuthConfiguration);
pipelines.OnError.AddItemToEndOfPipeline((z, a) =>
{
while (null != a.InnerException) a = a.InnerException;
return new TextResponse(a.Message) {StatusCode = HttpStatusCode.InternalServerError};
});
}
protected override void RequestStartup(TinyIoCContainer container, IPipelines pipelines, NancyContext context)
{
base.RequestStartup(container, pipelines, context);
var configuration =
new StatelessAuthenticationConfiguration(
delegate(NancyContext ctx)
{
var apiKey = (string)ctx.Request.Query.ApiKey.Value;
if (apiKey.Equals("pass@word1"))
{
return new ApiUser();
}
return null;
});
AllowAccessToConsumingSite(pipelines);
StatelessAuthentication.Enable(pipelines, configuration);
}
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines)
{
base.ApplicationStartup(container, pipelines);
// At request startup we modify the request pipelines to
// include stateless authentication
//
// Configuring stateless authentication is simple. Just use the
// NancyContext to get the apiKey. Then, use the apiKey to get
// your user's identity.
var configuration =
new StatelessAuthenticationConfiguration(nancyContext =>
{
const string key = "Bearer ";
string accessToken = null;
if (nancyContext.Request.Headers.Authorization.StartsWith(key))
{
accessToken = nancyContext.Request.Headers.Authorization.Substring(key.Length);
}
if (string.IsNullOrWhiteSpace(accessToken))
return null;
var userValidator = container.Resolve<IUserApiMapper>();
return userValidator.GetUserFromAccessToken(accessToken);
});
StatelessAuthentication.Enable(pipelines, configuration);
//Make every request SSL based
//pipelines.BeforeRequest += ctx =>
//{
// return (!ctx.Request.Url.Scheme.Equals("https", StringComparison.OrdinalIgnoreCase)) ?
// (Response)HttpStatusCode.Unauthorized :
// null;
//};
}
protected override void RequestStartup(TinyIoCContainer requestContainer, IPipelines pipelines, NancyContext context)
{
// At request startup we modify the request pipelines to
// include stateless authentication
//
// Configuring stateless authentication is simple. Just use the
// NancyContext to get the apiKey. Then, use the apiKey to get
// your user's identity.
var configuration =
new StatelessAuthenticationConfiguration(nancyContext =>
{
//for now, we will pull the apiKey from the querystring,
//but you can pull it from any part of the NancyContext
var apiKey = (string) nancyContext.Request.Query.ApiKey.Value;
//get the user identity however you choose to (for now, using a static class/method)
return UserDatabase.GetUserFromApiKey(apiKey);
});
AllowAccessToConsumingSite(pipelines);
StatelessAuthentication.Enable(pipelines, configuration);
}
protected override void RequestStartup(ILifetimeScope container, IPipelines pipelines, NancyContext context)
{
var configuration =
new StatelessAuthenticationConfiguration(
ctx =>
{
dynamic token = ctx.Request.Query.token;
if (!token.HasValue)
{
return null;
}
return container.Resolve<IApiUserMapper<Guid>>()
.GetUserFromAccessToken(Guid.Parse((string) token));
});
pipelines.OnError += (ctx, err) => HandleExceptions(err, ctx);
AllowAccessToConsumingSite(pipelines);
StatelessAuthentication.Enable(pipelines, configuration);
base.RequestStartup(container, pipelines, context);
}
public PerformActionModule(TinyIoCContainer container)
{
var performActionConfiguration =
new StatelessAuthenticationConfiguration(context =>
{
var actionId = (int)this.Request.Form.Id;
var password = (string)context.Request.Form.Password;
var player = container.Resolve<IRepository>().Get<Action>(actionId).Owner;
if (player.Password == null || player.VerifyPassword(password))
{
return new PlayerIdentity() { UserName = player.Id.ToString() };
}
else
{
return null;
}
});
StatelessAuthentication.Enable(this, performActionConfiguration);
this.RequiresAuthentication();
Post["/PerformAction"] = parameters =>
{
using (var repository = container.Resolve<IRepository>())
{
var action = repository.Get<Haven.Action>((int)this.Request.Form.Id);
int gameId = repository.Find<Player>(x => x.Id == action.OwnerId).First().GameId;
action.PerformAction((string)this.Request.Form.Input);
var players = repository.Find<Player>(x => x.GameId == gameId);
repository.Commit();
return JsonConvert.SerializeObject(players);
}
};
}
/// <summary>
/// For our use case this method exists for the purpose of enabling Nancy's Stateless authentication (http://goo.gl/Dtxhve)
/// </summary>
protected override void RequestStartup(TinyIoCContainer requestContainer, IPipelines pipelines, NancyContext context)
{
// At request startup we modify the request pipelines to
// include stateless authentication
//
// Configuring stateless authentication is simple. Just use the
// NancyContext to get the apiKey. Then, use the authorization code to get
// your user's identity from Azure Active Directory via ADAL.
//
// If the authorization code required to do this is missing, NancyModules
// secured via RequiresAuthentication() cannot be invoked...
var configuration =
new StatelessAuthenticationConfiguration(nancyContext =>
{
// the only way a user will be authenticated is if a request contains an authentication code
// attached to it...
if (!nancyContext.Request.Query.code.HasValue)
{
return null; // by returning null we essentially do not authenticate the incoming request
}
try
{
//for now, we will pull the apiKey from the querystring,
//but you can pull it from any part of the NancyContext
var authorizationCode = (string)nancyContext.Request.Query.code;
return AADHelper.GetAuthenticatedUserIDentity(authorizationCode);//inject a user's identity (retrieved from AAD) into Nancy via StatelessAuthenticationConfiguration
}
catch (Exception)
{
return null;
}
});
StatelessAuthentication.Enable(pipelines, configuration);
}
protected override void RequestStartup(global::Nancy.TinyIoc.TinyIoCContainer container, IPipelines pipelines, NancyContext context)
{
// At request startup we modify the request pipelines to
// include stateless authentication
//
// Configuring stateless authentication is simple. Just use the
// NancyContext to get the apiKey. Then, use the apiKey to get
// your user's identity.
var configuration =
new StatelessAuthenticationConfiguration(c =>
{
var apiKey = (string) c.Request.Query.ApiKey.Value ?? c.Request.Form.ApiKey.Value;
// Support loading the ApiKey from a cookie
if (apiKey == null && c.Request.Cookies.ContainsKey("ApiKey"))
apiKey = c.Request.Cookies["ApiKey"];
context.Items.Add("ApiKey", apiKey);
return NSembleUserAuthentication.GetUserFromApiKey(container.Resolve<IDocumentSession>(), apiKey);
});
StatelessAuthentication.Enable(pipelines, configuration);
}
/// <summary>
/// 每一次Request将执行此函数,在此函数中校验用户的身份
/// </summary>
/// <param name="container"></param>
/// <param name="pipelines"></param>
/// <param name="context"></param>
protected override void RequestStartup(TinyIoCContainer container, IPipelines pipelines, NancyContext context)
{
pipelines.AfterRequest += AfterRequest;
var configuration =
new StatelessAuthenticationConfiguration(nancyContext =>
{
var authorization = nancyContext.Request.Headers.Authorization;
if (string.IsNullOrEmpty(authorization))
{
return null;
}
else
{
var result = CheckHeaders(context, authorization);
if (result)
{
return new UserIdentify
{
UserName = authorization.Split(':')[1],
Claims = new[]
{
authorization.Split(':')[1]
}
};
}
else
{
return null;
}
}
});
StatelessAuthentication.Enable(pipelines, configuration);
}
protected override void RequestStartup(TinyIoCContainer requestContainer, IPipelines pipelines, NancyContext context)
{
// At request startup we modify the request pipelines to
// include stateless authentication
//
// Configuring stateless authentication is simple. Just use the
// NancyContext to get the apiKey. Then, use the apiKey to get
// your user's identity.
var configuration =
new StatelessAuthenticationConfiguration(nancyContext =>
{
// For now, we will get the apiKey from a cookie.
// If there's no cookie, check the query string.
try
{
string apiKey = "";
if (!nancyContext.Request.Cookies.TryGetValue("BCR_apiKey", out apiKey))
{
apiKey = (string) nancyContext.Request.Query.ApiKey.Value;
}
return BCR.UserDatabase.GetUserFromApiKey(apiKey);
}
catch (Exception e)
{
System.Windows.Forms.MessageBox.Show("Error while initializing the user data:\n" + e.ToString(), "BCR Error");
Console.WriteLine(e.ToString());
}
return null;
});
AllowAccessToConsumingSite(pipelines);
StatelessAuthentication.Enable(pipelines, configuration);
}
/// <summary>
/// This function override the RequestStartup which is used each time a request came to Nancy
/// </summary>
protected override void RequestStartup(TinyIoCContainer requestContainer, IPipelines pipelines, NancyContext context)
{
var configuration =
new StatelessAuthenticationConfiguration(nancyContext =>
{
//try to take "apikey" from header
string apiKey = nancyContext.Request.Headers["apikey"].FirstOrDefault();
if (string.IsNullOrEmpty(apiKey))
{
//take out value of "apikey" from query that was pass in request and check for User
apiKey = (string)nancyContext.Request.Query.apikey.Value;
}
if (apiKey != null)
{
return UserDatabase.GetUserFromApiKey(apiKey);
}
else
{
return null;
}
});
StaticConfiguration.DisableErrorTraces = false;
StatelessAuthentication.Enable(pipelines, configuration);
pipelines.OnError += (NancyContext ctx, Exception ex) => onError(ctx, ex);
pipelines.BeforeRequest += (NancyContext ctx) => BeforeProcessing(ctx);
pipelines.AfterRequest += (NancyContext ctx) => AfterProcessing(ctx);
#region CORS Enable
pipelines.AfterRequest.AddItemToEndOfPipeline((ctx) =>
{
ctx.Response.WithHeader("Access-Control-Allow-Origin", "*")
.WithHeader("Access-Control-Allow-Methods", "POST,GET")
.WithHeader("Access-Control-Allow-Headers", "Accept, Origin, Content-type");
});
#endregion
#region Gzip compression
GzipCompressionSettings gzipsettings = new GzipCompressionSettings();
gzipsettings.MinimumBytes = 16384; //16k
gzipsettings.MimeTypes.Add("application/xml");
gzipsettings.MimeTypes.Add("application/json");
pipelines.EnableGzipCompression(gzipsettings);
#endregion
}
protected override void RequestStartup(ILifetimeScope container, IPipelines pipelines, NancyContext context)
{
StaticConfiguration.DisableErrorTraces = false;
var configuration =
new StatelessAuthenticationConfiguration(
ctx =>
{
string token = GetTokenFromRequest(ctx);
bool hasToken = !string.IsNullOrEmpty(token);
if (hasToken)
{
var apiUserMapper = container.Resolve<IApiUserMapper<Guid>>();
Guid tokenGuid;
if (!string.IsNullOrEmpty(token) && Guid.TryParse(token, out tokenGuid))
{
try
{
IUserIdentity userFromAccessToken =
apiUserMapper.GetUserFromAccessToken(tokenGuid);
return userFromAccessToken;
}
catch (TokenDoesNotExistException)
{
}
}
}
return new LoggedInUserIdentity(new VisitorSession());
});
StatelessAuthentication.Enable(pipelines, configuration);
RestExceptionRepackager.Configure(x => x.WithResponse(CorsResponse)).Register(pipelines);
DataBaseErrorHandling.Enable(pipelines, container);
pipelines.AfterRequest.AddItemToEndOfPipeline(x => CorsResponse(x.Response));
base.RequestStartup(container, pipelines, context);
}
