protected override void RequestStartup(Nancy.TinyIoc.TinyIoCContainer container, Nancy.Bootstrapper.IPipelines pipelines, NancyContext context) { base.RequestStartup(container, pipelines, context); var configuration = new StatelessAuthenticationConfiguration(GetLoadAuthenticationHook); StatelessAuthentication.Enable(pipelines, configuration); pipelines.AfterRequest.AddItemToEndOfPipeline( (ctx) => { var session = container.Resolve<IDocumentSession>(); if (session == null) return; session.SaveChanges(); session.Dispose(); }); //pipelines.BeforeRequest.AddItemToStartOfPipeline(GetLoadAuthenticationHook(configuration)); pipelines.AfterRequest.AddItemToEndOfPipeline(GetRedirectToLoginHook()); }
protected override void RequestStartup(TinyIoCContainer requestContainer, IPipelines pipelines, NancyContext context) { base.RequestStartup(requestContainer, pipelines, context); // At request startup we modify the request pipelines to // include forms authentication - passing in our now request // scoped user name mapper. // // The pipelines passed in here are specific to this request, // so we can add/remove/update items in them as we please. var loginService = requestContainer.Resolve<LoginService>(); var authConfiguration = new StatelessAuthenticationConfiguration(c => { var apiKeyFromRequest = ((DynamicDictionaryValue)c.Request.Query.ApiKey).Value as ApiKey ?? ((DynamicDictionaryValue)c.Request.Form.ApiKey).Value as ApiKey; if (apiKeyFromRequest == null) return null; if (loginService.IsApiKeyValid(apiKeyFromRequest)) { return new UserIdentity(apiKeyFromRequest.Username, new List<string>()); } return null; }); StatelessAuthentication.Enable(pipelines, authConfiguration); }
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines) { base.ApplicationStartup(container, pipelines); var configuration = new BasicAuthenticationConfiguration(container.Resolve<IUserValidator>(), "test-realm"); BasicAuthentication.Enable(pipelines,configuration); var stateless = new StatelessAuthenticationConfiguration(c => { const string key = "X-Auth-Token"; string token = null; if (c.Request.Headers.Authorization == null || !c.Request.Headers.Authorization.Any()) { _log.ErrorFormat("No request headers are present in the request {0}", c); return null; } if (c.Request.Headers.FirstOrDefault(f => f.Key == key).Value == null || string.IsNullOrEmpty(c.Request.Headers.FirstOrDefault(f => f.Key == key).Value.First())) { _log.ErrorFormat("No Key present in the request headers"); return null; } token = c.Request.Headers.FirstOrDefault(f => f.Key == key).Value.First(); _log.InfoFormat("Token used {0}", token); var user = container.Resolve<IUserApiMapper>(); return user.GetUserFromToken(token); }); StatelessAuthentication.Enable(pipelines, stateless); }
public static IPipelines EnableStatelessAuthentication(this IPipelines pipelines, IAuthenticateUser authenticator) { var configuration = new StatelessAuthenticationConfiguration(context => { var token = context.AuthorizationHeaderToken(); return String.IsNullOrWhiteSpace(token) ? null : authenticator != null ? authenticator.GetUserIdentity(token) : null; }); StatelessAuthentication.Enable(pipelines, configuration); return pipelines; }
/// <summary> /// Gets the pre request hook for loading the authenticated user's details /// from apikey given in request. /// </summary> /// <param name="configuration">Stateless authentication configuration to use</param> /// <returns>Pre request hook delegate</returns> private static Func<NancyContext, Response> GetLoadAuthenticationHook(StatelessAuthenticationConfiguration configuration) { if (configuration == null) { throw new ArgumentNullException("configuration"); } return context => { context.CurrentUser = configuration.GetUserIdentity(context); return null; }; }
protected override void RequestStartup(TinyIoCContainer container, IPipelines pipelines, NancyContext context) { var config = new StatelessAuthenticationConfiguration(nancyContext => { var apiKey = nancyContext.Request.Headers["x-ApiKey"].FirstOrDefault(); if (apiKey == null) { return null; } // In case the ApiKey is passed as a query parameter. //if (!nancyContext.Request.Query.apiKey.HasValue) { return null; } //var apiKey = (string)nancyContext.Request.Query.apiKey.Value; return DataBaseMock.GetUserFromApiKey(apiKey); }); AllowAccessToConsumingSite(pipelines); StatelessAuthentication.Enable(pipelines, config); }
public UserModuleTests() { _provider = A.Fake<IAuthenticationProvider>(); _repository = A.Fake<IRepository>(); _browser = new Browser(config => { config.Module<UserModule>(); config.Dependency(_repository); config.Dependency(_provider); config.ApplicationStartup((ioc, pipelines) => { var statelessAuthConfiguration = new StatelessAuthenticationConfiguration(ctx => ioc.Resolve<NancyContextAuthenticator>().Authenticate(ctx)); StatelessAuthentication.Enable(pipelines, statelessAuthConfiguration); }); }); }
/// <summary> /// This method exists for the purpose of enabling Nancy's Stateless authentication (http://goo.gl/Dtxhve) /// </summary> protected override void RequestStartup(TinyIoCContainer requestContainer, IPipelines pipelines, NancyContext context) { // At request startup we modify the request pipelines to // include stateless authentication // // Configuring stateless authentication is simple. Just use the // NancyContext to get the apiKey. Then, use the authorization code to get // your user's identity from Azure Active Directory via ADAL. // // If the authorization code required to do this is missing, NancyModules // secured via RequiresAuthentication() cannot be invoked... var configuration = new StatelessAuthenticationConfiguration(nancyContext => { // the only way a user will be authenticated is if a request contains an authentication code // attached to it... if (!nancyContext.Request.Query.code.HasValue) { return null; } try { //for now, we will pull the apiKey from the querystring, //but you can pull it from any part of the NancyContext var authorizationCode = (string)nancyContext.Request.Query.code; //get the user identity however you choose to (for now, using a static class/method) return ActiveDirectoryAuthenticationHelper.GetAuthenticatedUserIDentity(authorizationCode); } // exceptions during ADAL authentication will block user authentication catch (ArgumentNullException) { return null; } catch (Exception) { return null; } }); StatelessAuthentication.Enable(pipelines, configuration); }
/// <summary> /// Enables stateless authentication for the application /// </summary> /// <param name="pipelines">Pipelines to add handlers to (usually "this")</param> /// <param name="configuration">Stateless authentication configuration</param> public static void Enable(IPipelines pipelines, StatelessAuthenticationConfiguration configuration) { if (pipelines == null) { throw new ArgumentNullException("pipelines"); } if (configuration == null) { throw new ArgumentNullException("configuration"); } if (!configuration.IsValid) { throw new ArgumentException("Configuration is invalid", "configuration"); } pipelines.BeforeRequest.AddItemToStartOfPipeline(GetLoadAuthenticationHook(configuration)); }
/// <summary> /// Enables stateless authentication for a module /// </summary> /// <param name="module">Module to add handlers to (usually "this")</param> /// <param name="configuration">Stateless authentication configuration</param> public static void Enable(INancyModule module, StatelessAuthenticationConfiguration configuration) { if (module == null) { throw new ArgumentNullException("module"); } if (configuration == null) { throw new ArgumentNullException("configuration"); } if (!configuration.IsValid) { throw new ArgumentException("Configuration is invalid", "configuration"); } module.Before.AddItemToStartOfPipeline(GetLoadAuthenticationHook(configuration)); }
protected override void RequestStartup(ILifetimeScope container, IPipelines pipelines, NancyContext context) { StaticConfiguration.DisableErrorTraces = false; var configuration = new StatelessAuthenticationConfiguration( ctx => { string token = GetTokenFromRequest(ctx); bool hasToken = !string.IsNullOrEmpty(token); if (hasToken) { var apiUserMapper = container.Resolve<IApiUserMapper<Guid>>(); Guid tokenGuid; if (!string.IsNullOrEmpty(token) && Guid.TryParse(token, out tokenGuid)) { try { IUserIdentity userFromAccessToken = apiUserMapper.GetUserFromAccessToken(tokenGuid); return userFromAccessToken; } catch (TokenDoesNotExistException) { } } } return new FireTowerUserIdentity(new VisitorSession()); }); pipelines.OnError += (ctx, err) => HandleExceptions(err, ctx); pipelines.AfterRequest.AddItemToEndOfPipeline(AddCorsHeaders()); StatelessAuthentication.Enable(pipelines, configuration); base.RequestStartup(container, pipelines, context); }
protected override void ApplicationStartup(ILifetimeScope container, IPipelines pipelines) { base.ApplicationStartup(container, pipelines); /*enable lightningcache, vary by url params id,query,take and skip*/ //this.EnableLightningCache(container.Resolve<IRouteResolver>(), ApplicationPipelines, new[] { "id", "query", "take", "skip" }); CustomNancyLightningCache.Enable(this, container.Resolve<IRouteResolver>(), ApplicationPipelines, new[] { "id", "query", "take", "skip"}); var statelessAuthConfiguration = new StatelessAuthenticationConfiguration(ctx => container.Resolve<NancyContextAuthenticator>().Authenticate(ctx)); StatelessAuthentication.Enable(pipelines, statelessAuthConfiguration); pipelines.OnError.AddItemToEndOfPipeline((z, a) => { while (null != a.InnerException) a = a.InnerException; return new TextResponse(a.Message) {StatusCode = HttpStatusCode.InternalServerError}; }); }
protected override void RequestStartup(TinyIoCContainer container, IPipelines pipelines, NancyContext context) { base.RequestStartup(container, pipelines, context); var configuration = new StatelessAuthenticationConfiguration( delegate(NancyContext ctx) { var apiKey = (string)ctx.Request.Query.ApiKey.Value; if (apiKey.Equals("pass@word1")) { return new ApiUser(); } return null; }); AllowAccessToConsumingSite(pipelines); StatelessAuthentication.Enable(pipelines, configuration); }
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines) { base.ApplicationStartup(container, pipelines); // At request startup we modify the request pipelines to // include stateless authentication // // Configuring stateless authentication is simple. Just use the // NancyContext to get the apiKey. Then, use the apiKey to get // your user's identity. var configuration = new StatelessAuthenticationConfiguration(nancyContext => { const string key = "Bearer "; string accessToken = null; if (nancyContext.Request.Headers.Authorization.StartsWith(key)) { accessToken = nancyContext.Request.Headers.Authorization.Substring(key.Length); } if (string.IsNullOrWhiteSpace(accessToken)) return null; var userValidator = container.Resolve<IUserApiMapper>(); return userValidator.GetUserFromAccessToken(accessToken); }); StatelessAuthentication.Enable(pipelines, configuration); //Make every request SSL based //pipelines.BeforeRequest += ctx => //{ // return (!ctx.Request.Url.Scheme.Equals("https", StringComparison.OrdinalIgnoreCase)) ? // (Response)HttpStatusCode.Unauthorized : // null; //}; }
protected override void RequestStartup(TinyIoCContainer requestContainer, IPipelines pipelines, NancyContext context) { // At request startup we modify the request pipelines to // include stateless authentication // // Configuring stateless authentication is simple. Just use the // NancyContext to get the apiKey. Then, use the apiKey to get // your user's identity. var configuration = new StatelessAuthenticationConfiguration(nancyContext => { //for now, we will pull the apiKey from the querystring, //but you can pull it from any part of the NancyContext var apiKey = (string) nancyContext.Request.Query.ApiKey.Value; //get the user identity however you choose to (for now, using a static class/method) return UserDatabase.GetUserFromApiKey(apiKey); }); AllowAccessToConsumingSite(pipelines); StatelessAuthentication.Enable(pipelines, configuration); }
protected override void RequestStartup(ILifetimeScope container, IPipelines pipelines, NancyContext context) { var configuration = new StatelessAuthenticationConfiguration( ctx => { dynamic token = ctx.Request.Query.token; if (!token.HasValue) { return null; } return container.Resolve<IApiUserMapper<Guid>>() .GetUserFromAccessToken(Guid.Parse((string) token)); }); pipelines.OnError += (ctx, err) => HandleExceptions(err, ctx); AllowAccessToConsumingSite(pipelines); StatelessAuthentication.Enable(pipelines, configuration); base.RequestStartup(container, pipelines, context); }
public PerformActionModule(TinyIoCContainer container) { var performActionConfiguration = new StatelessAuthenticationConfiguration(context => { var actionId = (int)this.Request.Form.Id; var password = (string)context.Request.Form.Password; var player = container.Resolve<IRepository>().Get<Action>(actionId).Owner; if (player.Password == null || player.VerifyPassword(password)) { return new PlayerIdentity() { UserName = player.Id.ToString() }; } else { return null; } }); StatelessAuthentication.Enable(this, performActionConfiguration); this.RequiresAuthentication(); Post["/PerformAction"] = parameters => { using (var repository = container.Resolve<IRepository>()) { var action = repository.Get<Haven.Action>((int)this.Request.Form.Id); int gameId = repository.Find<Player>(x => x.Id == action.OwnerId).First().GameId; action.PerformAction((string)this.Request.Form.Input); var players = repository.Find<Player>(x => x.GameId == gameId); repository.Commit(); return JsonConvert.SerializeObject(players); } }; }
/// <summary> /// For our use case this method exists for the purpose of enabling Nancy's Stateless authentication (http://goo.gl/Dtxhve) /// </summary> protected override void RequestStartup(TinyIoCContainer requestContainer, IPipelines pipelines, NancyContext context) { // At request startup we modify the request pipelines to // include stateless authentication // // Configuring stateless authentication is simple. Just use the // NancyContext to get the apiKey. Then, use the authorization code to get // your user's identity from Azure Active Directory via ADAL. // // If the authorization code required to do this is missing, NancyModules // secured via RequiresAuthentication() cannot be invoked... var configuration = new StatelessAuthenticationConfiguration(nancyContext => { // the only way a user will be authenticated is if a request contains an authentication code // attached to it... if (!nancyContext.Request.Query.code.HasValue) { return null; // by returning null we essentially do not authenticate the incoming request } try { //for now, we will pull the apiKey from the querystring, //but you can pull it from any part of the NancyContext var authorizationCode = (string)nancyContext.Request.Query.code; return AADHelper.GetAuthenticatedUserIDentity(authorizationCode);//inject a user's identity (retrieved from AAD) into Nancy via StatelessAuthenticationConfiguration } catch (Exception) { return null; } }); StatelessAuthentication.Enable(pipelines, configuration); }
protected override void RequestStartup(global::Nancy.TinyIoc.TinyIoCContainer container, IPipelines pipelines, NancyContext context) { // At request startup we modify the request pipelines to // include stateless authentication // // Configuring stateless authentication is simple. Just use the // NancyContext to get the apiKey. Then, use the apiKey to get // your user's identity. var configuration = new StatelessAuthenticationConfiguration(c => { var apiKey = (string) c.Request.Query.ApiKey.Value ?? c.Request.Form.ApiKey.Value; // Support loading the ApiKey from a cookie if (apiKey == null && c.Request.Cookies.ContainsKey("ApiKey")) apiKey = c.Request.Cookies["ApiKey"]; context.Items.Add("ApiKey", apiKey); return NSembleUserAuthentication.GetUserFromApiKey(container.Resolve<IDocumentSession>(), apiKey); }); StatelessAuthentication.Enable(pipelines, configuration); }
/// <summary> /// 每一次Request将执行此函数,在此函数中校验用户的身份 /// </summary> /// <param name="container"></param> /// <param name="pipelines"></param> /// <param name="context"></param> protected override void RequestStartup(TinyIoCContainer container, IPipelines pipelines, NancyContext context) { pipelines.AfterRequest += AfterRequest; var configuration = new StatelessAuthenticationConfiguration(nancyContext => { var authorization = nancyContext.Request.Headers.Authorization; if (string.IsNullOrEmpty(authorization)) { return null; } else { var result = CheckHeaders(context, authorization); if (result) { return new UserIdentify { UserName = authorization.Split(':')[1], Claims = new[] { authorization.Split(':')[1] } }; } else { return null; } } }); StatelessAuthentication.Enable(pipelines, configuration); }
protected override void RequestStartup(TinyIoCContainer requestContainer, IPipelines pipelines, NancyContext context) { // At request startup we modify the request pipelines to // include stateless authentication // // Configuring stateless authentication is simple. Just use the // NancyContext to get the apiKey. Then, use the apiKey to get // your user's identity. var configuration = new StatelessAuthenticationConfiguration(nancyContext => { // For now, we will get the apiKey from a cookie. // If there's no cookie, check the query string. try { string apiKey = ""; if (!nancyContext.Request.Cookies.TryGetValue("BCR_apiKey", out apiKey)) { apiKey = (string) nancyContext.Request.Query.ApiKey.Value; } return BCR.UserDatabase.GetUserFromApiKey(apiKey); } catch (Exception e) { System.Windows.Forms.MessageBox.Show("Error while initializing the user data:\n" + e.ToString(), "BCR Error"); Console.WriteLine(e.ToString()); } return null; }); AllowAccessToConsumingSite(pipelines); StatelessAuthentication.Enable(pipelines, configuration); }
/// <summary> /// This function override the RequestStartup which is used each time a request came to Nancy /// </summary> protected override void RequestStartup(TinyIoCContainer requestContainer, IPipelines pipelines, NancyContext context) { var configuration = new StatelessAuthenticationConfiguration(nancyContext => { //try to take "apikey" from header string apiKey = nancyContext.Request.Headers["apikey"].FirstOrDefault(); if (string.IsNullOrEmpty(apiKey)) { //take out value of "apikey" from query that was pass in request and check for User apiKey = (string)nancyContext.Request.Query.apikey.Value; } if (apiKey != null) { return UserDatabase.GetUserFromApiKey(apiKey); } else { return null; } }); StaticConfiguration.DisableErrorTraces = false; StatelessAuthentication.Enable(pipelines, configuration); pipelines.OnError += (NancyContext ctx, Exception ex) => onError(ctx, ex); pipelines.BeforeRequest += (NancyContext ctx) => BeforeProcessing(ctx); pipelines.AfterRequest += (NancyContext ctx) => AfterProcessing(ctx); #region CORS Enable pipelines.AfterRequest.AddItemToEndOfPipeline((ctx) => { ctx.Response.WithHeader("Access-Control-Allow-Origin", "*") .WithHeader("Access-Control-Allow-Methods", "POST,GET") .WithHeader("Access-Control-Allow-Headers", "Accept, Origin, Content-type"); }); #endregion #region Gzip compression GzipCompressionSettings gzipsettings = new GzipCompressionSettings(); gzipsettings.MinimumBytes = 16384; //16k gzipsettings.MimeTypes.Add("application/xml"); gzipsettings.MimeTypes.Add("application/json"); pipelines.EnableGzipCompression(gzipsettings); #endregion }
protected override void RequestStartup(ILifetimeScope container, IPipelines pipelines, NancyContext context) { StaticConfiguration.DisableErrorTraces = false; var configuration = new StatelessAuthenticationConfiguration( ctx => { string token = GetTokenFromRequest(ctx); bool hasToken = !string.IsNullOrEmpty(token); if (hasToken) { var apiUserMapper = container.Resolve<IApiUserMapper<Guid>>(); Guid tokenGuid; if (!string.IsNullOrEmpty(token) && Guid.TryParse(token, out tokenGuid)) { try { IUserIdentity userFromAccessToken = apiUserMapper.GetUserFromAccessToken(tokenGuid); return userFromAccessToken; } catch (TokenDoesNotExistException) { } } } return new LoggedInUserIdentity(new VisitorSession()); }); StatelessAuthentication.Enable(pipelines, configuration); RestExceptionRepackager.Configure(x => x.WithResponse(CorsResponse)).Register(pipelines); DataBaseErrorHandling.Enable(pipelines, container); pipelines.AfterRequest.AddItemToEndOfPipeline(x => CorsResponse(x.Response)); base.RequestStartup(container, pipelines, context); }