internal static IAuthenticationResult ReadAuthenticationResult(HttpContext httpContext)
{
if (httpContext.Items.TryGetValue(AUTHENTICATION_RESULT_KEY, out object value))
{
if (value is IAuthenticationResult result)
{
return(result);
}
}
IAuthenticationResult tempresult = AuthenticationResult.Unauthenticated();
SaveAuthenticationResult(httpContext, tempresult);
return(tempresult);
}
public void OnAuthorization(AuthorizationFilterContext context)
{
HttpContext httpContext = context.HttpContext;
AuthenticationInternalResult authresult = AuthenticationHelper.Authenticate(context);
if (authresult != null)
{
if (authresult.IsRredirect)
{
context.Result = new RedirectResult(authresult.RedirectUrl, true);
return;
}
else if (authresult.KeepUnauthenticated)
{
IAuthenticationResult unauthenticatedResult = AuthenticationResult.Unauthenticated();
AuthenticationHelper.SaveAuthenticationResult(httpContext, unauthenticatedResult);
return;
}
else
{
IAuthenticationResult authenticationResult = AuthenticationResult.Authenticated(authresult.Authenticator.Type, authresult.User);
AuthenticationHelper.SaveAuthenticationResult(httpContext, authenticationResult);
return;
}
}
switch (FailedAction)
{
case AuthenticationFailedAction.KeepUnauthenticated:
{
IAuthenticationResult unauthenticatedResult = AuthenticationResult.Unauthenticated();
AuthenticationHelper.SaveAuthenticationResult(httpContext, unauthenticatedResult);
return;
}
case AuthenticationFailedAction.RedirectCAS:
context.Result = new HttpCASRedirectResult();
return;
case AuthenticationFailedAction.Return403:
context.Result = new HttpAuthenticationForbiddenResult();
return;
case AuthenticationFailedAction.CustomHandler:
{
List <Type> customAuthenticators = null;
AuthenticationFailedHandlerAttribute[] handlers = null;
switch (context.ActionDescriptor)
{
case ControllerActionDescriptor controllerActionDescriptor:
customAuthenticators = GetCustomAuthenticators(controllerActionDescriptor);
handlers = GetCustomHandlers(controllerActionDescriptor);
break;
case CompiledPageActionDescriptor compiledPageActionDescriptor:
customAuthenticators = GetCustomAuthenticators(compiledPageActionDescriptor);
handlers = GetCustomHandlers(compiledPageActionDescriptor);
break;
default:
throw new Exception($"not handled with action descriptor of type {context.ActionDescriptor.GetType().Name}");
}
if (handlers != null && handlers.Length > 0)
{
IActionResult actionResult = AuthenticationHelper.ExecuteHandler(handlers[0].Handler, handlers[0].ConstructParameters, httpContext, Policy, customAuthenticators.ToArray());
if (actionResult != null)
{
context.Result = actionResult;
return;
}
else
{
// not handled
throw new Exception($"not handled");
}
}
}
return;
}
}
