bool VerifyUsername(IAuthenticationCallbackInfo info)
{
// no username is invalid
if (string.IsNullOrEmpty(info.UserName))
{
return(false);
}
// first do a lookup of the password - this might come from a database, file, etc
string password = GetPasswordForUser(info.UserName);
if (password == null)
{
return(false);
}
// determine the type
BasicAuthInfo basic = info as BasicAuthInfo;
if (basic != null)
{
// we're using basic auth
return(basic.Password == password);
}
// it wasn't basic, so it must be digest
DigestAuthInfo digest = info as DigestAuthInfo;
return(digest.MatchCredentials(password));
}
private bool CheckUserWithServerCallback(DigestAuthInfo digest)
{
try
{
return(ServerConfig.GetConfig().Authentication.AuthenticationCallback(digest));
}
catch
{
return(false);
}
}
/// <summary>
///
/// </summary>
/// <param name="context"></param>
/// <param name="authentication"></param>
/// <returns></returns>
public override bool AcceptCredentials(HttpContext context, string authentication)
{
bool auth = false;
var config = ServerConfig.GetConfig();
DigestAuthInfo digest = new DigestAuthInfo(context.Request.HttpMethod);
string[] elements = authentication.Split(',');
foreach (string element in elements)
{
int splitIndex = element.IndexOf('=');
string K = element.Substring(0, splitIndex).Trim(new char[] { ' ', '\"' });
string V = element.Substring(splitIndex + 1).Trim(new char[] { ' ', '\"' });
digest.AddElement(K, V);
}
m_user = digest["username"];
if (config.Authentication.AuthenticationCallback == null)
{
auth = CheckConfigUserList(digest);
}
else
{
auth = CheckUserWithServerCallback(digest);
}
// set the user info
var id = new GenericIdentity(User, this.AuthenticationMethod.ToLower());
id.IsAuthenticated = auth;
var principal = new GenericPrincipal(id);
context.User = principal;
return(auth);
}
private bool CheckConfigUserList(DigestAuthInfo digest)
{
AuthenticationConfiguration authConfig = ServerConfig.GetConfig().Authentication;
var user = authConfig.Users.Find(digest.UserName);
if (user == null)
{
return(false);
}
var password = user.Password;
var hash = digest.GetHashCode(password);
return(digest["response"].Equals(hash));
//if (authConfig.Users.Find(User) == null)
//{
// // Username does not exist configuration
// return false;
//}
//string realm = authConfig.Realm;
//// Calculate the digest hashes (taken from RFC2617)
//// A1 = unq(username-value) ":" unq(realm-value) ":" passwd
//string A1 = String.Format("{0}:{1}:{2}", User, realm, password);
//// H(A1) = MD5(A1)
//string HA1 = MD5Hash(A1);
//// A2 = method ":" digest-uri
//string A2 = String.Format("{0}:{1}", method, digest["uri"]);
//// H(A2) = MD5(A2)
//string HA2 = MD5Hash(A2);
//// KD(secret, data) = H(concat(secret, ":", data))
//// if qop == auth:
//// request-digest = <"> < KD ( H(A1), unq(nonce-value)
//// ":" nc-value
//// ":" unq(cnonce-value)
//// ":" unq(qop-value)
//// ":" H(A2)
//// ) <">
//// if qop is not present,
//// request-digest =
//// <"> < KD ( H(A1), unq(nonce-value) ":" H(A2) ) > <">
//string unhashedDigest;
//if (digest["qop"].Equals("auth"))
//{
// unhashedDigest = String.Format("{0}:{1}:{2}:{3}:{4}:{5}",
// HA1,
// digest["nonce"],
// digest["nc"],
// digest["cnonce"],
// digest["qop"],
// HA2);
//}
//else
//{
// unhashedDigest = String.Format("{0}:{1}:{2}",
// HA1, digest["nonce"], HA2);
//}
//string hashedDigest = MD5Hash(unhashedDigest);
}
