protected async override Task <AuthenticationTicket> AuthenticateCoreAsync()
{
if (Request.IsPayloadHashPresent())
{
// buffer the request body
requestBuffer = new MemoryStream();
await Request.Body.CopyToAsync(requestBuffer);
Request.Body = requestBuffer;
}
IRequestMessage requestMessage = new OwinRequestMessage(Request);
server = new HawkServer(requestMessage, Options.HawkOptions);
var principal = await server.AuthenticateAsync();
if (principal != null && principal.Identity.IsAuthenticated)
{
var callback = Options.HawkOptions.ResponsePayloadHashabilityCallback;
if (callback != null && callback(requestMessage)) // buffer the response body
{
stream = Response.Body;
responseBuffer = new MemoryStream();
Response.Body = responseBuffer;
}
return(new AuthenticationTicket(principal.Identity as ClaimsIdentity, (AuthenticationProperties)null));
}
return(new AuthenticationTicket(null, (AuthenticationProperties)null));
}
protected async override Task <AuthenticationTicket> AuthenticateCoreAsync()
{
try
{
if (Request.IsPayloadHashPresent())
{
// buffer the request body
requestBuffer = new MemoryStream();
await Request.Body.CopyToAsync(requestBuffer);
Request.Body = requestBuffer;
}
IRequestMessage requestMessage = new OwinRequestMessage(Request);
server = new HawkServer(requestMessage, Options.HawkOptions);
var principal = await server.AuthenticateAsync();
if (principal != null && principal.Identity.IsAuthenticated)
{
if (!server.IsBewitRequest) // Bewit means no server authorization and hence no need for buffering.
{
var callback = Options.HawkOptions.ResponsePayloadHashabilityCallback;
if (callback != null && callback(requestMessage)) // buffer the response body
{
stream = Response.Body;
responseBuffer = new MemoryStream();
Response.Body = responseBuffer;
HawkEventSource.Log.Debug("Response Body Buffered");
}
}
return(new AuthenticationTicket(principal.Identity as ClaimsIdentity, (AuthenticationProperties)null));
}
}
catch (Exception exception)
{
HawkEventSource.Log.Exception(exception.ToString());
if (responseBuffer != null)
{
Response.Body = this.stream;
}
throw;
}
return(new AuthenticationTicket(null, (AuthenticationProperties)null));
}
protected async override Task <HttpResponseMessage> SendAsync(
HttpRequestMessage request, CancellationToken cancellationToken)
{
Tracing.Start("HawkAuthenticationHandler");
try
{
var server = new HawkServer(new WebApiRequestMessage(request), options);
var principal = await server.AuthenticateAsync();
if (principal != null && principal.Identity.IsAuthenticated)
{
Thread.CurrentPrincipal = principal;
if (HttpContext.Current != null)
{
HttpContext.Current.User = principal;
}
request.SetUserPrincipal(principal);
var requestContext = request.Properties["MS_RequestContext"] as System.Web.Http.Controllers.HttpRequestContext;
if (requestContext != null)
{
requestContext.Principal = principal;
}
Tracing.Verbose("Authentication Successful and principal set for " + principal.Identity.Name);
}
var response = await base.SendAsync(request, cancellationToken);
var header = await server.CreateServerAuthorizationAsync(new WebApiResponseMessage(response));
if (header != null)
{
response.Headers.Add(header.Item1, header.Item2);
}
return(response);
}
catch (Exception ex)
{
Tracing.Error("Exception: " + ex.ToString());
var response = request.CreateResponse(HttpStatusCode.Unauthorized);
response.Headers.WwwAuthenticate.Add(new AuthenticationHeaderValue(HawkConstants.Scheme));
return(response);
}
}
protected override async Task <HttpResponseMessage> SendAsync(
HttpRequestMessage request, CancellationToken cancellationToken)
{
try
{
HawkServer server = new HawkServer(new WebApiRequestMessage(request), options);
var principal = await server.AuthenticateAsync();
if (principal != null && principal.Identity.IsAuthenticated)
{
request.SetUserPrincipal(principal);
HawkEventSource.Log.Debug("Authentication Successful and principal set for " + principal.Identity.Name);
}
var response = await base.SendAsync(request, cancellationToken);
var header = await server.CreateServerAuthorizationAsync(new WebApiResponseMessage(response));
if (header != null)
{
response.Headers.Add(header.Item1, header.Item2);
}
return(response);
}
catch (Exception exception)
{
HawkEventSource.Log.Exception(exception.ToString());
var response = new HttpResponseMessage()
{
StatusCode = HttpStatusCode.Unauthorized,
RequestMessage = request
};
response.Headers.WwwAuthenticate.Add(new AuthenticationHeaderValue(HawkConstants.Scheme));
return(response);
}
}
protected async override Task <HttpResponseMessage> SendAsync(
HttpRequestMessage request, CancellationToken cancellationToken)
{
Tracing.Start("HawkAuthenticationHandler");
try
{
HawkServer server = new HawkServer(request, credentialsCallback, verificationCallback);
var principal = await server.AuthenticateAsync();
if (principal != null && principal.Identity.IsAuthenticated)
{
Thread.CurrentPrincipal = principal;
if (HttpContext.Current != null)
{
HttpContext.Current.User = principal;
}
Tracing.Verbose("Authentication Successful and principal set for " + principal.Identity.Name);
}
var response = await base.SendAsync(request, cancellationToken);
await server.CreateServerAuthorizationAsync(response, this.normalizationCallback);
return(response);
}
catch (Exception ex)
{
Tracing.Error("Exception: " + ex.ToString());
var response = request.CreateResponse(HttpStatusCode.Unauthorized);
response.Headers.WwwAuthenticate.Add(new AuthenticationHeaderValue(HawkConstants.Scheme));
return(response);
}
}
