public override void OnAuthorization(HttpActionContext actionContext) { string authHeader = (from h in actionContext.Request.Headers where h.Key == "Authorization" select h.Value.First()).FirstOrDefault(); if (authHeader == null) { HandleUnauthorizedRequest(actionContext); } else { string[] tokens = authHeader.Split(' '); if (tokens[0] == "Bearer") { string jwt = tokens[1]; if (isValidRequest(jwt) == false) { HandleUnauthorizedRequest(actionContext); } var controller = actionContext.ControllerContext.Controller as ApiController; if (controller != null) { var jwtToken = new JwtSecurityToken(tokens[1]); var claims = jwtToken.Claims; var name = claims.Where(x => x.Type == "nameid") .Select(x => x.Value) .FirstOrDefault(); TlvIdentity identity = new TlvIdentity() { Name = name, IsAuthenticated = true }; controller.User = new TlvPrincipal(identity, claims); } return; } } }
public TlvPrincipal(TlvIdentity identity, IEnumerable <Claim> claims) { this.Identity = identity; this.Claims = claims; }