public void OnAuthentication(AuthenticationContext filterContext) { var request = filterContext.HttpContext.Request; var authorization = request.Headers["Authorization"]; // No authorization, do nothing if (string.IsNullOrEmpty(authorization) || !authorization.Contains("Basic")) return; // Parse username and password from header byte[] encodedDataAsBytes = Convert.FromBase64String(authorization.Replace("Basic ", "")); string value = Encoding.ASCII.GetString(encodedDataAsBytes); string username = value.Substring(0, value.IndexOf(':')); string password = value.Substring(value.IndexOf(':') + 1); if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password)) { filterContext.Result = new HttpUnauthorizedResult("Username or password missing"); return; } // Validate username and password var user = AuthenticatedUsers.Users.FirstOrDefault(u => u.Name == username && u.Password == password); if (user == null) { filterContext.Result = new HttpUnauthorizedResult("Invalid username and password"); return; } // Set principal filterContext.Principal = new GenericPrincipal(user, user.Roles); }
public void OnAuthentication(AuthenticationContext filterContext) { IIdentity ident = filterContext.Principal.Identity; if (!ident.IsAuthenticated || !(ident.Name == "admin" || ident.Name == "alex")) filterContext.Result = new HttpUnauthorizedResult(); //доступ к данному ресурсу для пользовател запрещен }
protected override void OnAuthentication(AuthenticationContext filterContext) { if (filterContext.HttpContext.User.Identity.IsAuthenticated) { IEnumerable<string> permissions = null; using (var client = new HttpClient()) { client.BaseAddress = new Uri(ConfigurationManager.AppSettings["BaseUrl"]); client.DefaultRequestHeaders.Accept.Clear(); client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); HttpResponseMessage response = client.GetAsync("api/security/GetPermissionsForUser?username=" + User.Identity.Name).Result; if (response.IsSuccessStatusCode) { permissions = response.Content.ReadAsAsync<IEnumerable<string>>().Result; } } var id = ClaimsPrincipal.Current.Identities.First(); if (permissions != null) { foreach (var permission in permissions) { id.AddClaim(new Claim(ClaimTypes.Role, permission)); } } } }
protected override void OnAuthentication(AuthenticationContext filterContext) { if (filterContext.Principal.Identity.IsAuthenticated && Session["UserInfo"] == null) WebSecurity.Logout(); base.OnAuthentication(filterContext); }
public void OnAuthentication(AuthenticationContext filterContext) { filterContext.Principal = new GenericPrincipal( filterContext.HttpContext.User.Identity, new[] {"Admin"} ); }
public void OnAuthentication(System.Web.Mvc.Filters.AuthenticationContext filterContext) { SessionSecurityToken sst = null; try { if (FederatedAuthentication.SessionAuthenticationModule.TryReadSessionTokenFromCookie(out sst)) { var ticketClaim = sst.ClaimsPrincipal.Claims.FirstOrDefault(c => c.Type == "token"); // validate that the cookie wasn't expired if (ticketClaim != null && !IsExpired(ticketClaim.Value)) { filterContext.Principal = sst.ClaimsPrincipal; if (BaseController.CurrentUser == null) { var token = (sst.ClaimsPrincipal.Identity as ClaimsIdentity).FindFirst("token")?.Value; BaseController.CurrentUser = AuthProviderHost.PrimaryAuthProvider.GetAccount(token, null); } } else { // clear the cookie so we don't have to do this every time SignOut(); } } } catch { // unfortunately, "TryReadSession" throws. often. } }
public void OnAuthentication(AuthenticationContext filterContext) { HttpRequestBase request = filterContext.HttpContext.Request; string[] values = request.Headers.GetValues("Authorization"); if (values == null || values.Length != 1) { // No authentication was attempted (for this authentication method). // Do not set either Principal (which would indicate success) or Result (which would indicate an error). return; } string value = values[0]; if (value == null || !value.StartsWith("Basic ")) { // No authentication was attempted (for this authentication method). // Do not set either Principal (which would indicate success) or Result (which would indicate an error). return; } string encodedCredentials = value.Substring("Basic ".Length); if (encodedCredentials != null) { encodedCredentials = encodedCredentials.TrimStart(' '); } if (String.IsNullOrEmpty(encodedCredentials)) { // Authentication was attempted but failed. Set Result to indicate an error. filterContext.Result = new HttpStatusCodeResult(401, "Missing credentials"); return; } Tuple<string, string> userNameAndPasword = ExtractUserNameAndPassword(encodedCredentials); if (userNameAndPasword == null) { // Authentication was attempted but failed. Set Result to indicate an error. filterContext.Result = new HttpStatusCodeResult(401, "Invalid credentials"); return; } string userName = userNameAndPasword.Item1; string password = userNameAndPasword.Item2; IPrincipal principal = Authenticate(userName, password); if (principal == null) { // Authentication was attempted but failed. Set Result to indicate an error. filterContext.Result = new HttpStatusCodeResult(401, "Invalid username or password"); } else { // Authentication was attempted and succeeded. Set Principal to the authenticated user. filterContext.Principal = principal; } }
public void OnAuthentication(AuthenticationContext context) { IIdentity ident = context.Principal.Identity; if (!ident.IsAuthenticated || !ident.Name.EndsWith("@google.com")) { context.Result = new HttpUnauthorizedResult(); } }
protected virtual bool IsAuthenticated(AuthenticationContext filterContext, out IPrincipal user) { user = filterContext.Principal; if (null != user & user.Identity.IsAuthenticated) { return true; } AuthenticationHeaderValue token = this.GetAuthenticationHeaderValue(filterContext); if (null != token && token.Scheme == BasicAuthenticationScheme) { string credential = Encoding.Default.GetString(Convert.FromBase64String(token.Parameter)); string[] split = credential.Split(':'); if (split.Length == 2) { string userName = split[0]; string password; if (userAccounters.TryGetValue(userName, out password)) { if (password == split[1]) { GenericIdentity identity = new GenericIdentity(userName); user = new GenericPrincipal(identity, new string[0]); return true; } } } } return false; }
public void OnAuthentication(AuthenticationContext filterContext) { var user = filterContext.HttpContext.User; //Demo purpose only. The custom principal could be retrived via the current context. filterContext.Principal = new MyCustomPrincipal(filterContext.HttpContext.User.Identity, new[] { "Admin" }, "Red"); }
public void OnAuthentication(AuthenticationContext context) { if (!Common.ChekSuperAdmin()) { context.Result = new HttpUnauthorizedResult(); // mark unauthorized } }
public void OnAuthentication(AuthenticationContext filterContext) { System.Diagnostics.StackFrame stackFrame = new System.Diagnostics.StackFrame(); System.Reflection.MethodBase methodBase = stackFrame.GetMethod(); log.Debug("Start: " + methodBase.Name); try { if (UserLogin.ValidateUserRequest()) { filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary { { "controller", "Home" }, { "action", "Login" }, { "area", "" } }); } else { string context = filterContext.Controller.ControllerContext.HttpContext.Request.Path; int UserID = Convert.ToInt32(filterContext.HttpContext.Session["UserID"]); string Role = MenuBinding.CheckURlAndGetUserRole(context, UserID); if (Role == null) { filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary { { "controller", "Home" }, { "action", "Index" }, { "area", "" } }); } filterContext.Controller.ViewBag.Role = Role; } } catch (Exception ex) { log.Error("Error: " + ex); } log.Debug("End: " + methodBase.Name); }
public void OnAuthentication(AuthenticationContext filterContext) { IIdentity ident = filterContext.Principal.Identity; if (!ident.IsAuthenticated) filterContext.Result = new HttpUnauthorizedResult(); }
protected override void OnAuthentication(AuthenticationContext filterContext) { base.OnAuthentication(filterContext); try { string action = filterContext.RouteData.Values["action"].ToString(); if (string.Equals(action, "login", StringComparison.OrdinalIgnoreCase)) { return; } if (string.Equals(action, "logout", StringComparison.OrdinalIgnoreCase)) { return; } if (Request.IsAuthenticated) { UserInfo user = JsonConvert.DeserializeObject<UserInfo>(User.Identity.Name); LoginUser = user; filterContext.HttpContext.Items.Add("currentUser", user); } else { Response.Redirect("/Admin/User/Login"); filterContext.Result = new EmptyResult(); } } catch (Exception ex) { Response.Redirect("/Admin/User/Login"); filterContext.Result = new EmptyResult(); throw ex; } }
public void OnAuthentication(AuthenticationContext filterContext) { if (!UserContext.User.IsAdmin) { filterContext.Result = new HttpUnauthorizedResult(); } }
/// <summary> /// Sets the filterContext.HttpContext.User to the principal built /// from the McoCitizen of the current McoSession (if there is any /// McoCitizen in the session). /// </summary> /// <param name="filterContext">The context of the current /// ActionFilter</param> public void OnAuthentication(AuthenticationContext filterContext) { McoCitizen citizen = McoSession.GetCitizen(filterContext.HttpContext); if (citizen != null) { filterContext.HttpContext.User = citizen.Principal; } }
public void OnAuthentication(AuthenticationContext filterContext) { var user = filterContext.HttpContext.User; if (user == null || !user.Identity.IsAuthenticated) { filterContext.Result = new HttpUnauthorizedResult(); } }
public void OnAuthentication(AuthenticationContext filterContext) { IIdentity ident = filterContext.Principal.Identity; var user = Storage.currentUser; if (!ident.IsAuthenticated || user == null ) filterContext.Result = new HttpUnauthorizedResult(); //доступ к данному ресурсу для пользовател запрещен }
public void OnAuthentication(AuthenticationContext filterContext) { if (filterContext == null || filterContext.Principal == null || filterContext.Principal.Identity == null || !filterContext.Principal.Identity.IsAuthenticated) { filterContext.Result = new HttpUnauthorizedResult(); } }
public void OnAuthentication(AuthenticationContext filterContext) { if (SkipAuthentication(filterContext)) return; if (!AuthenticateSuccess(filterContext)) HandleUnauthenticated(filterContext); }
protected override void OnAuthentication(AuthenticationContext filterContext) { base.OnAuthentication(filterContext); var user= Session["user"] as User; if (user==null ) { Response.Redirect("/Login"); } }
public void OnAuthentication(AuthenticationContext filterContext) { //In real life your custom principal might be retrieved via //different source. i.e context/request etc. //We can also fill it from Session variable filterContext.Principal = filterContext.HttpContext.User; //TODO: Make some story around that. }
public void OnAuthentication(AuthenticationContext filterContext) { var credentialId = AuthenticationUtility.CredentialId; if(string.IsNullOrWhiteSpace(credentialId)) filterContext.Principal = CredentialPrincipal.Empty; else filterContext.Principal = new CredentialPrincipal(new CredentialIdentity(credentialId, this.CredentialProvider)); }
private bool SkipAuthentication(AuthenticationContext context) { var request = context.HttpContext.Request; if (request.AppRelativeCurrentExecutionFilePath.ToLower() == _loginAction || request.CurrentExecutionFilePath.ToLower() == _loginAction) return true; return _skipAuthentication(context); }
public virtual void OnAuthentication(System.Web.Mvc.Filters.AuthenticationContext filterContext) { var currentUser = filterContext.HttpContext.Session["user"] as Account; if (currentUser != null) { filterContext.Principal = new LocalPrincipal(new LocalIdentity(currentUser.Id, currentUser.Username, currentUser.EmailAddress)); } }
public void OnAuthentication(AuthenticationContext filterContext) { if (!filterContext.ActionDescriptor.GetCustomAttributes(typeof(AllowAnonymousAttribute), true).Any() && !filterContext.ActionDescriptor.ControllerDescriptor.GetCustomAttributes(typeof(AllowAnonymousAttribute), true).Any() && UserContext.User == null) { filterContext.Result = new HttpUnauthorizedResult(); } }
public void OnAuthentication(System.Web.Mvc.Filters.AuthenticationContext filterContext) { SessionSecurityToken sst = null; if (FederatedAuthentication.SessionAuthenticationModule.TryReadSessionTokenFromCookie(out sst)) { filterContext.Principal = sst.ClaimsPrincipal; } }
private bool IsDefinedAllowAnonymous(AuthenticationContext filterContext) { if (filterContext == null) { throw new ArgumentNullException("filterContext"); } return filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true) || filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true); }
public virtual void OnAuthentication(AuthenticationContext filterContext) { var ctx = filterContext.HttpContext.Request.GetOwinContext(); var result = AsyncHelper.RunSync(() => ctx.Authentication.AuthenticateAsync(AuthenticationType)); if (result != null && result.Identity != null && result.Identity.IsAuthenticated) { filterContext.Principal = new ClaimsPrincipal(result.Identity); } }
public void OnAuthentication(AuthenticationContext filterContext) { try { filterContext.Result = GetCodeResult(filterContext); } catch (Exception ex) { ErrorSignaler.SignalFromCurrentContext(ex); throw new BlogException(ex.Message, ex.InnerException); } }
public void OnAuthentication(AuthenticationContext filterContext) { IPrincipal user; if (this.IsAuthenticated(filterContext, out user)) { filterContext.Principal = user; } else { this.ProcessUnauthenticatedRequest(filterContext); } }
//Methods--------------------------------------------------------------------------------------------------------------// public void OnAuthentication(AuthenticationContext context) { var filterResult = new DBResult { ActionName = context.RouteData.Values["action"].ToString(), ControllerName = context.RouteData.Values["controller"].ToString(), ServiceName = "DBSrvAuthAttribute", UserName = context.Principal.Identity.Name, UserHostAddress = context.HttpContext.Request.UserHostAddress }; var dbRolesArray = dbRoles.Split(','); var isInRole = false; foreach (var dbRole in dbRolesArray) { if (context.Principal.IsInRole(dbRole)) { isInRole = true; break; } } if (!context.HttpContext.Request.IsAuthenticated || (dbRoles != "" && !isInRole)) { filterResult.StatusCode = HttpStatusCode.Conflict; filterResult.StatusDescription = "You are not logged in or request not authorized.\n" + "Try to log in again or contact SDDB administrator to obtain appropriate privileges."; Logger.LogResult(filterResult); context.HttpContext.Response.StatusCode = (int)filterResult.StatusCode; context.Result = new JsonResult() { Data = new { Success = "False", responseText = filterResult.StatusDescription }, JsonRequestBehavior = JsonRequestBehavior.AllowGet }; return; } if (ajaxRequired && !context.HttpContext.Request.IsAjaxRequest()) { filterResult.StatusCode = HttpStatusCode.Gone; filterResult.StatusDescription = "Error 0101: AJAX request allowed only."; Logger.LogResult(filterResult); context.HttpContext.Response.StatusCode = (int)filterResult.StatusCode; context.Result = new JsonResult() { Data = new { Success = "False", responseText = filterResult.StatusDescription }, JsonRequestBehavior = JsonRequestBehavior.AllowGet }; return; } }
protected override void OnAuthentication(System.Web.Mvc.Filters.AuthenticationContext filterContext) { if (!this.User.Identity.IsAuthenticated) { var loginurl = GetLoginPage(null, false); filterContext.Result = this.Redirect(loginurl); return; } string id = this.User.Identity.Name; //System.Web.Security.FormsAuthentication.SetAuthCookie(this.User.Identity.Name, true); var userInfo = this.Session.GetValue(SessionIndex.UserInfo) as Model.UserInfo; if (userInfo == null)//session丢失或者过期,重新从数据库取 { userInfo = this.BllUserInfo.GetById(Guid.Parse(id)); this.Session.SetValue(SessionIndex.UserInfo, userInfo); } var lstMenu = Model.DTO.MenuInfo.GetList(); this.ViewData["lstMenu"] = lstMenu; }
public void OnAuthentication(AuthenticationContext filterContext) { if (!filterContext.HttpContext.User.Identity.IsAuthenticated) { string WFCEOHeaderToken = "RF_USER"; string userSSO = null; if (filterContext.HttpContext.Request.Headers[WFCEOHeaderToken] != null) userSSO = HttpContext.Current.Request.Headers[WFCEOHeaderToken]; if (!string.IsNullOrWhiteSpace(userSSO)) RFAuthHelper.SetRFAuthToken(userSSO, "RF_CEO"); } }