/// <summary> /// Returns whether or not the current HTTP rquest is allowed to proceeed /// </summary> /// <param name="request">The current HTTP request</param> /// <returns>True if the current HTTP request is allowed; false, otherwise</returns> protected override bool IsRequestAllowed(HttpRequestMessage request) { request.NotNull(nameof(request)); string securityToken; if (!TryRetrieveToken(request, out securityToken)) return !ForceAuthentication; return ValidateToken(request, securityToken); }
/// <summary> /// Returns whether or not the current HTTP request is allowed to proceeed /// </summary> /// <param name="request">The current HTTP request</param> /// <returns>True if the current HTTP request is allowed; false, otherwise</returns> protected override bool IsRequestAllowed( HttpRequestMessage request) { request.NotNull(nameof(request)); AclClientCredentials credentials; if (!TryRetrieveApiCredentials(request, out credentials)) return !ForceAuthentication; return ValidateApiCredentials(request, credentials); }
/// <summary> /// Tries to convert the authorization header from the request (if any) /// into an instance of AclClientCredentials /// </summary> /// <param name="request">The request</param> /// <param name="credentials">The credentials</param> /// <returns>True when a valid base-64 basic authorization is found; false, otherwise</returns> public bool TryParse( HttpRequestMessage request, out AclClientCredentials credentials) { request.NotNull(nameof(request)); credentials = null; var authorization = ExtractCredentials(request.Headers.Authorization); if (authorization.Length != 2) return false; credentials = new AclClientCredentials( authorization[0], authorization[1]); return true; }