protected override Task <AuthenticateResult> HandleAuthenticateAsync() { var config = Context.Items.Get <StormpathConfiguration>(OwinKeys.StormpathConfiguration); var scheme = Context.Items.Get <string>(OwinKeys.StormpathUserScheme); var account = Context.Items.Get <IAccount>(OwinKeys.StormpathUser); var deleteCookieAction = new Action <WebCookieConfiguration>(cookie => { Response.Cookies.Delete(cookie.Name, new CookieOptions() { Domain = cookie.Domain, Path = cookie.Path }); }); var setStatusCodeAction = new Action <int>(code => Response.StatusCode = code); var redirectAction = new Action <string>(location => Response.Redirect(location)); this.handler = new RouteProtector( config.Web, deleteCookieAction, setStatusCodeAction, redirectAction, this.stormpathLogger); if (!this.handler.IsAuthenticated(scheme, Options.AuthenticationScheme, account)) { return(Task.FromResult(AuthenticateResult.Fail("Request is not properly authenticated."))); } var principal = AccountIdentityTransformer.CreatePrincipal(account, scheme); var ticket = new AuthenticationTicket(principal, new AuthenticationProperties(), scheme); return(Task.FromResult(AuthenticateResult.Success(ticket))); }
private static void GetUserIdentity(HttpContext httpContext, ILogger logger) { var config = httpContext.Items.Get <StormpathConfiguration>(OwinKeys.StormpathConfiguration); var scheme = httpContext.Items.Get <string>(OwinKeys.StormpathUserScheme); var account = httpContext.Items.Get <IAccount>(OwinKeys.StormpathUser); var handler = new RouteProtector(config.Web, null, null, null, logger); var isAuthenticatedRequest = handler.IsAuthenticated(scheme, scheme, account); if (isAuthenticatedRequest) { httpContext.User = AccountIdentityTransformer.CreatePrincipal(account, scheme); } if (httpContext.User == null) { httpContext.User = new GenericPrincipal(new GenericIdentity(""), new string[0]); } }