/// <summary>
/// 获取凭证验证器实例。
/// </summary>
public virtual Common.IValidator <Credential> GetValidator(Func <Type, Common.IValidator <Credential> > creator = null)
{
if (_validator == null)
{
var type = this.ValidatorType;
if (type == null)
{
return(null);
}
if (creator == null)
{
creator = _ => Activator.CreateInstance(_) as Common.IValidator <Credential>;
}
lock (type)
{
if (_validator == null)
{
_validator = creator(type);
}
}
}
return(_validator);
}
private ActionResult ValidateCredential(HttpContextBase httpContext, CredentialPrincipal principal, Common.IValidator <Credential> validator)
{
//获取凭证提供者服务
var credentialProvider = this.CredentialProvider;
if (credentialProvider == null)
{
throw new MissingMemberException(this.GetType().FullName, "CredentialProvider");
}
//如果指定的主体为空,或对应的凭证编号不存在,或对应的凭证已过期则返回未验证结果
if (principal == null || principal.Identity == null || !credentialProvider.Validate(principal.Identity.CredentialId))
{
return(new HttpUnauthorizedResult());
}
//使用凭证验证器对指定的凭证进行验证,如果验证失败
if (validator != null && !validator.Validate(principal.Identity.Credential))
{
//如果当前请求的路径是主页,并且是从登录页面跳转而来的返回特定的结果
if (httpContext.Request.Path == "/" && httpContext.Request.UrlReferrer != null && string.Equals(httpContext.Request.UrlReferrer.LocalPath, AuthenticationUtility.GetLoginUrl(), StringComparison.OrdinalIgnoreCase))
{
return(new HttpStatusCodeResult(444, "Invalid Credential"));
}
return(new HttpStatusCodeResult(System.Net.HttpStatusCode.Forbidden));
}
//返回空,表示成功
return(null);
}
