// MessageReceived event private Task MessageReceived(Microsoft.AspNetCore.Authentication.JwtBearer.MessageReceivedContext context) { // If no token found, no further work possible if (string.IsNullOrEmpty(context.Token)) { //return AuthenticateResult.NoResult(); } return(Task.FromResult(0)); }
/* This method is needed to authorize SignalR javascript client. * SignalR can not send authorization header. So, we are getting it from query string as an encrypted text. */ private static Task QueryStringTokenResolver(MessageReceivedContext context) { if (!context.HttpContext.Request.Path.HasValue || !context.HttpContext.Request.Path.Value.StartsWith("/signalr")) { return(Task.CompletedTask); } var qsAuthToken = context.HttpContext.Request.Query["enc_auth_token"].FirstOrDefault(); if (qsAuthToken == null) { return(Task.CompletedTask); } // Set auth token from cookie context.Token = SimpleStringCipher.Instance.Decrypt(qsAuthToken, AppConsts.DefaultPassPhrase); return(Task.CompletedTask); }
/// <summary> /// Searches the 'Authorization' header for a 'Bearer' token. If the 'Bearer' token is found, it is validated using <see cref="TokenValidationParameters"/> set in the options. /// </summary> /// <returns></returns> protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { string token = null; try { // Give application opportunity to find from a different location, adjust, or reject token var messageReceivedContext = new MessageReceivedContext(Context, Scheme, Options); // event can set the token await Events.MessageReceived(messageReceivedContext); if (messageReceivedContext.Result != null) { return(messageReceivedContext.Result); } // If application retrieved token from somewhere else, use that. token = messageReceivedContext.Token; if (string.IsNullOrEmpty(token)) { string authorization = Request.Headers["Authorization"]; // If no authorization header found, nothing to process further if (string.IsNullOrEmpty(authorization)) { return(AuthenticateResult.NoResult()); } if (authorization.StartsWith("Bearer ", StringComparison.OrdinalIgnoreCase)) { token = authorization.Substring("Bearer ".Length).Trim(); } // If no token found, no further work possible if (string.IsNullOrEmpty(token)) { return(AuthenticateResult.NoResult()); } } if (_configuration == null && Options.ConfigurationManager != null) { _configuration = await Options.ConfigurationManager.GetConfigurationAsync(Context.RequestAborted); } var validationParameters = Options.TokenValidationParameters.Clone(); if (_configuration != null) { var issuers = new[] { _configuration.Issuer }; validationParameters.ValidIssuers = validationParameters.ValidIssuers?.Concat(issuers) ?? issuers; validationParameters.IssuerSigningKeys = validationParameters.IssuerSigningKeys?.Concat(_configuration.SigningKeys) ?? _configuration.SigningKeys; } List <Exception> validationFailures = null; SecurityToken validatedToken; foreach (var validator in Options.SecurityTokenValidators) { if (validator.CanReadToken(token)) { ClaimsPrincipal principal; try { principal = validator.ValidateToken(token, validationParameters, out validatedToken); } catch (Exception ex) { Logger.TokenValidationFailed(token, ex); // Refresh the configuration for exceptions that may be caused by key rollovers. The user can also request a refresh in the event. if (Options.RefreshOnIssuerKeyNotFound && Options.ConfigurationManager != null && ex is SecurityTokenSignatureKeyNotFoundException) { Options.ConfigurationManager.RequestRefresh(); } if (validationFailures == null) { validationFailures = new List <Exception>(1); } validationFailures.Add(ex); continue; } Logger.TokenValidationSucceeded(); var tokenValidatedContext = new TokenValidatedContext(Context, Scheme, Options) { Principal = principal, SecurityToken = validatedToken }; await Events.TokenValidated(tokenValidatedContext); if (tokenValidatedContext.Result != null) { return(tokenValidatedContext.Result); } if (Options.SaveToken) { tokenValidatedContext.Properties.StoreTokens(new[] { new AuthenticationToken { Name = "access_token", Value = token } }); } tokenValidatedContext.Success(); return(tokenValidatedContext.Result); } } if (validationFailures != null) { var authenticationFailedContext = new AuthenticationFailedContext(Context, Scheme, Options) { Exception = (validationFailures.Count == 1) ? validationFailures[0] : new AggregateException(validationFailures) }; await Events.AuthenticationFailed(authenticationFailedContext); if (authenticationFailedContext.Result != null) { return(authenticationFailedContext.Result); } return(AuthenticateResult.Fail(authenticationFailedContext.Exception)); } return(AuthenticateResult.Fail("No SecurityTokenValidator available for token: " + token ?? "[null]")); } catch (Exception ex) { Logger.ErrorProcessingMessage(ex); var authenticationFailedContext = new AuthenticationFailedContext(Context, Scheme, Options) { Exception = ex }; await Events.AuthenticationFailed(authenticationFailedContext); if (authenticationFailedContext.Result != null) { return(authenticationFailedContext.Result); } throw; } }
/// <summary> /// Invoked when a protocol message is first received. /// </summary> public virtual Task MessageReceived(MessageReceivedContext context) => OnMessageReceived(context);
public virtual Task MessageReceived(MessageReceivedContext context) => OnMessageReceived(context);
// private OpenIdConnectConfiguration _configuration; /// <summary> /// Searches the 'Authorization' header for a 'Bearer' token. If the 'Bearer' token is found, it is validated using <see cref="TokenValidationParameters"/> set in the options. /// </summary> /// <returns></returns> protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { string url = Microsoft.AspNetCore.Http.Extensions.UriHelper.GetDisplayUrl(Context.Request); System.Console.WriteLine(url); string token = null; AuthenticateResult result = null; try { // Give application opportunity to find from a different location, adjust, or reject token var messageReceivedContext = new MessageReceivedContext(Context, Options); // event can set the token // await Options.Events.MessageReceived(messageReceivedContext); if (messageReceivedContext.CheckEventResult(out result)) { return(result); } // If application retrieved token from somewhere else, use that. token = messageReceivedContext.Token; if (string.IsNullOrEmpty(token)) { string authorization = Request.Headers["Authorization"]; // If no authorization header found, nothing to process further if (string.IsNullOrEmpty(authorization)) { return(AuthenticateResult.Skip()); } if (authorization.StartsWith("Bearer ", StringComparison.OrdinalIgnoreCase)) { token = authorization.Substring("Bearer ".Length).Trim(); } // If no token found, no further work possible if (string.IsNullOrEmpty(token)) { return(AuthenticateResult.Skip()); } } /* * if (_configuration == null && Options.ConfigurationManager != null) * { * _configuration = await Options.ConfigurationManager.GetConfigurationAsync(Context.RequestAborted); * } * * var validationParameters = Options.TokenValidationParameters.Clone(); * if (_configuration != null) * { * if (validationParameters.ValidIssuer == null && !string.IsNullOrEmpty(_configuration.Issuer)) * { * validationParameters.ValidIssuer = _configuration.Issuer; * } * else * { * var issuers = new[] { _configuration.Issuer }; * validationParameters.ValidIssuers = (validationParameters.ValidIssuers == null ? issuers : validationParameters.ValidIssuers.Concat(issuers)); * } * * validationParameters.IssuerSigningKeys = (validationParameters.IssuerSigningKeys == null ? _configuration.SigningKeys : validationParameters.IssuerSigningKeys.Concat(_configuration.SigningKeys)); * } */ /* * List<Exception> validationFailures = null; * SecurityToken validatedToken; * foreach (var validator in Options.SecurityTokenValidators) * { * if (validator.CanReadToken(token)) * { * ClaimsPrincipal principal; * try * { * principal = validator.ValidateToken(token, validationParameters, out validatedToken); * } * catch (Exception ex) * { * Logger.TokenValidationFailed(token, ex); * * // Refresh the configuration for exceptions that may be caused by key rollovers. The user can also request a refresh in the event. * if (Options.RefreshOnIssuerKeyNotFound && Options.ConfigurationManager != null * && ex is SecurityTokenSignatureKeyNotFoundException) * { * Options.ConfigurationManager.RequestRefresh(); * } * * if (validationFailures == null) * { * validationFailures = new List<Exception>(1); * } * validationFailures.Add(ex); * continue; * } * * Logger.TokenValidationSucceeded(); * * var ticket = new AuthenticationTicket(principal, new AuthenticationProperties(), Options.AuthenticationScheme); * var tokenValidatedContext = new TokenValidatedContext(Context, Options) * { * Ticket = ticket, * SecurityToken = validatedToken, * }; * * await Options.Events.TokenValidated(tokenValidatedContext); * if (tokenValidatedContext.CheckEventResult(out result)) * { * return result; * } * ticket = tokenValidatedContext.Ticket; * * if (Options.SaveToken) * { * ticket.Properties.StoreTokens(new[] * { * new AuthenticationToken { Name = "access_token", Value = token } * }); * } * * return AuthenticateResult.Success(ticket); * } * } */ /* * if (validationFailures != null) * { * var authenticationFailedContext = new AuthenticationFailedContext(Context, Options) * { * Exception = (validationFailures.Count == 1) ? validationFailures[0] : new AggregateException(validationFailures) * }; * * await Options.Events.AuthenticationFailed(authenticationFailedContext); * if (authenticationFailedContext.CheckEventResult(out result)) * { * return result; * } * * return AuthenticateResult.Fail(authenticationFailedContext.Exception); * } */ return(AuthenticateResult.Fail("No SecurityTokenValidator available for token: " + token ?? "[null]")); } catch (Exception ex) { // Logger.ErrorProcessingMessage(ex); var authenticationFailedContext = new AuthenticationFailedContext(Context, Options) { Exception = ex }; // await Options.Events.AuthenticationFailed(authenticationFailedContext); if (authenticationFailedContext.CheckEventResult(out result)) { return(result); } throw; } }
// Replaced: https://github.com/aspnet/Security/commit/3f596108aac3d8fc7fb40d39e19a7f897a90c198 public override Task MessageReceived(MessageReceivedContext context) { _logger.TokenReceived(); return base.MessageReceived(context); }
private Task JwtBearerMessageReceived(Microsoft.AspNetCore.Authentication.JwtBearer.MessageReceivedContext arg) { _logger.LogDebug("JwtBearerMessageReceived!"); return(Task.FromResult(0)); }
private static Task OnMessageReceived(MessageReceivedContext arg) => Task.CompletedTask;
private static Task OnMessageReceived(MessageReceivedContext arg) { Console.WriteLine(arg); return(Task.FromResult(0)); }