public bool DispatchBasicAuthentication(HttpContextBase context, out bool anonymAuthenticated)
{
anonymAuthenticated = false;
var authHeader = AuthenticationHelper.GetBasicAuthHeader();
if (authHeader == null || !authHeader.StartsWith("Basic "))
{
return(false);
}
var base64Encoded = authHeader.Substring(6); // 6: length of "Basic "
var bytes = Convert.FromBase64String(base64Encoded);
string[] userPass = Encoding.UTF8.GetString(bytes).Split(":".ToCharArray());
if (userPass.Length != 2)
{
context.User = AuthenticationHelper.GetVisitorPrincipal();
anonymAuthenticated = true;
return(true);
}
try
{
var username = userPass[0];
var password = userPass[1];
// Elevation: we need to load the user here, regardless of the current users permissions
using (AuthenticationHelper.GetSystemAccount())
{
if (AuthenticationHelper.IsUserValid(username, password))
{
context.User = AuthenticationHelper.LoadUserPrincipal(username);
}
else
{
context.User = AuthenticationHelper.GetVisitorPrincipal();
anonymAuthenticated = true;
}
}
}
catch (Exception e) // logged
{
SnLog.WriteException(e);
context.User = AuthenticationHelper.GetVisitorPrincipal();
anonymAuthenticated = true;
}
return(true);
}
private void TokenAccess(string accessHeadAndPayload, TokenManager tokenManager, HttpContextBase context)
{
if (!string.IsNullOrWhiteSpace(accessHeadAndPayload))
{
var authCookie = CookieHelper.GetCookie(context.Request, AccessSignatureCookieName);
if (authCookie == null)
{
throw new UnauthorizedAccessException("Missing access cookie.");
}
var accessSignature = authCookie.Value;
var principal = tokenManager.ValidateToken(accessHeadAndPayload + "." + accessSignature);
if (principal == null)
{
throw new UnauthorizedAccessException("Invalid access token.");
}
var userName = tokenManager.GetPayLoadValue(accessHeadAndPayload.Split(Convert.ToChar("."))[1], "name");
using (AuthenticationHelper.GetSystemAccount())
{
context.User = AuthenticationHelper.LoadUserPrincipal(userName);
}
}
}
