protected async override Task <AuthenticationTicket> AuthenticateCoreAsync() { if (Request.IsPayloadHashPresent()) { // buffer the request body requestBuffer = new MemoryStream(); await Request.Body.CopyToAsync(requestBuffer); Request.Body = requestBuffer; } IRequestMessage requestMessage = new OwinRequestMessage(Request); server = new HawkServer(requestMessage, Options.HawkOptions); var principal = await server.AuthenticateAsync(); if (principal != null && principal.Identity.IsAuthenticated) { var callback = Options.HawkOptions.ResponsePayloadHashabilityCallback; if (callback != null && callback(requestMessage)) // buffer the response body { stream = Response.Body; responseBuffer = new MemoryStream(); Response.Body = responseBuffer; } return(new AuthenticationTicket(principal.Identity as ClaimsIdentity, (AuthenticationProperties)null)); } return(new AuthenticationTicket(null, (AuthenticationProperties)null)); }
protected async override Task <AuthenticationTicket> AuthenticateCoreAsync() { try { if (Request.IsPayloadHashPresent()) { // buffer the request body requestBuffer = new MemoryStream(); await Request.Body.CopyToAsync(requestBuffer); Request.Body = requestBuffer; } IRequestMessage requestMessage = new OwinRequestMessage(Request); server = new HawkServer(requestMessage, Options.HawkOptions); var principal = await server.AuthenticateAsync(); if (principal != null && principal.Identity.IsAuthenticated) { if (!server.IsBewitRequest) // Bewit means no server authorization and hence no need for buffering. { var callback = Options.HawkOptions.ResponsePayloadHashabilityCallback; if (callback != null && callback(requestMessage)) // buffer the response body { stream = Response.Body; responseBuffer = new MemoryStream(); Response.Body = responseBuffer; HawkEventSource.Log.Debug("Response Body Buffered"); } } return(new AuthenticationTicket(principal.Identity as ClaimsIdentity, (AuthenticationProperties)null)); } } catch (Exception exception) { HawkEventSource.Log.Exception(exception.ToString()); if (responseBuffer != null) { Response.Body = this.stream; } throw; } return(new AuthenticationTicket(null, (AuthenticationProperties)null)); }