public override async Task <ProxyAuthenticationContext> Accept(SessionEventArgsBase session, string token)
{
ClaimsIdentity identity;
try
{
identity = await authenticator.Authenticate(token);
}
catch (Exception kvex)
{
Logger.Error(kvex);
return(ProxyAuthenticationContext.Failed());
}
if (identity == null)
{
return(new ProxyAuthenticationContext {
Result = ProxyAuthenticationResult.ContinuationNeeded
});
}
session.SetUserData("request.identity", identity);
return(new ProxyAuthenticationContext {
Result = ProxyAuthenticationResult.Success
});
}
private Task <ProxyAuthenticationContext> AuthenticateScheme(
SessionEventArgsBase session,
string scheme,
string token
)
{
Log($"{scheme}: {token}");
switch (scheme.ToLowerInvariant())
{
case "kerberos":
case "negotiate":
return(Negotiate(session, token));
case "ntlm":
return(Ntlm(session, token));
}
return(Task.FromResult(ProxyAuthenticationContext.Succeeded()));
}
//private readonly object syncNtlm = new object();
//private NtlmContext ntlmContext;
private Task <ProxyAuthenticationContext> Ntlm(SessionEventArgsBase session, string token)
{
if (token.StartsWith("TlRMTVNTUA"))
{
session.SetUserData("request.ntlm", "true");
}
return(Task.FromResult(ProxyAuthenticationContext.Succeeded()));
//if (ntlmContext == null)
//{
// lock (syncNtlm)
// {
// if (ntlmContext == null)
// {
// ntlmContext = new NtlmContext(settings.Authentication, Logger);
// }
// }
//}
//return await ntlmContext.Accept(session, token);
}
