public override void OnAuthorization(HttpActionContext actionContext) { //如果当前为HTTPS请求,授权通过 if (actionContext.Request.RequestUri.Scheme == Uri.UriSchemeHttps) { base.OnAuthorization(actionContext); return; } //对于HTTP-GET请求,将Scheme替换成https进行重定向 if (actionContext.Request.Method == HttpMethod.Get) { Uri requestUri = actionContext.Request.RequestUri; string location = string.Format("https://{0}/{1}", requestUri.Host, requestUri.LocalPath.TrimStart('/')); IHttpActionResult actionResult = new RedirectResult(new Uri(location), actionContext.Request); actionContext.Response = actionResult.ExecuteAsync(new CancellationToken()).Result; return; } //采用其他HTTP方法的请求被视为Bad Request actionContext.Response = new HttpResponseMessage(HttpStatusCode.BadRequest) { ReasonPhrase = "SSL Required" }; }
/// <summary> /// /// </summary> /// <param name="controller"></param> /// <param name="url"></param> /// <returns></returns> public static RedirectResult ApiRedirectResult(this ApiController controller, string url) { Uri tempUri = new Uri(url); var result = new System.Web.Http.Results.RedirectResult(tempUri, controller); return(result); }
/// <summary> /// Generate the reponse async /// </summary> /// <param name="message">The request input message</param> /// <param name="result">The validation result</param> /// <param name="request">The original http request</param> /// <returns></returns> public async Task<IHttpActionResult> GenerateResponseAsync(SignInRequestMessage message, SignInValidationResult result,HttpRequestMessage request) { Logger.Info("Creating SiteFinity signin response"); var principal = new ClaimsPrincipal(result.Subject); var identity = ClaimsPrincipal.PrimaryIdentitySelector(principal.Identities); var token = CreateToken(identity.Name, identity.Claims, result); NameValueCollection queryString; if (!String.IsNullOrEmpty(result.ReplyUrl)) { string path; var idx = result.ReplyUrl.IndexOf('?'); if (idx != -1) { path = result.ReplyUrl.Substring(0, idx); queryString = ParseQueryString(result.ReplyUrl.Substring(idx + 1)); } else { path = result.ReplyUrl; queryString = new NameValueCollection(); } WrapSWT(queryString, token, message.Deflate); path = String.Concat(path, ToQueryString(queryString)); var uri = new Uri(new Uri(result.Realm), path); var redirectResult = new RedirectResult(uri,request); return redirectResult; } queryString = new NameValueCollection(); WrapSWT(queryString, token, message.Deflate); var content = new StringContent(ToQueryString(queryString, false), Encoding.UTF8,"application/x-www-form-urlencoded"); var responseMessage = request.CreateResponse(HttpStatusCode.OK,content); return new ResponseMessageResult(responseMessage); }