Esempio n. 1
0
        public override async Task OnActionExecutingAsync(HttpActionContext actionContext, CancellationToken cancellationToken)
        {
            var provider         = this.GetCredentialProvider();
            var botAuthenticator = new BotAuthenticator(provider, GetOpenIdConfigurationUrl(), DisableEmulatorTokens);

            try
            {
                var identityToken = await botAuthenticator.AuthenticateAsync(actionContext.Request, GetActivities(actionContext), cancellationToken);

                // the request is not authenticated, fail with 401.
                if (!identityToken.Authenticated)
                {
                    actionContext.Response = BotAuthenticator.GenerateUnauthorizedResponse(actionContext.Request, "BotAuthenticator failed to authenticate incoming request!");
                    return;
                }
            }
            catch (Exception e)
            {
                actionContext.Response = BotAuthenticator.GenerateUnauthorizedResponse(actionContext.Request, $"Failed authenticating incoming request: {e.ToString()}");
                return;
            }

            await base.OnActionExecutingAsync(actionContext, cancellationToken);
        }
        public async override Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
        {
            var provider         = this.GetCredentialProvider();
            var botAuthenticator = new BotAuthenticator(provider, GetOpenIdConfigurationUrl(), DisableEmulatorTokens);

            try
            {
                var identityToken = await botAuthenticator.AuthenticateAsync(context.HttpContext.Request,
                                                                             GetActivities(context), context.HttpContext.RequestAborted);

                // the request is not authenticated, fail with 401.
                if (!identityToken.Authenticated)
                {
                    context.Result = BotAuthenticator.GenerateUnauthorizedResponse(context.HttpContext, "BotAuthenticator failed to authenticate incoming request!");
                    return;
                }
            }
            catch (Exception e)
            {
                context.Result = BotAuthenticator.GenerateUnauthorizedResponse(context.HttpContext, $"Failed authenticating incoming request: {e.ToString()}");
                return;
            }
            await next();
        }