public void AuthenticationRequiredEventArgs_Initialises_To_Known_State_And_Properties_Work() { AuthenticationRequiredEventArgs args = new AuthenticationRequiredEventArgs("Abc", "Def"); Assert.AreEqual("Abc", args.User); Assert.AreEqual("Def", args.Password); TestUtilities.TestProperty(args, r => r.IsAuthenticated, false); TestUtilities.TestProperty(args, r => r.IsHandled, false); }
/// <summary> /// Raises <see cref="OnAuthenticationRequired"/>. /// </summary> /// <param name="args"></param> private void OnAuthenticationRequired(AuthenticationRequiredEventArgs args) { if(AuthenticationRequired != null) AuthenticationRequired(this, args); }
/// <summary> /// Handles the authentication events from the server. /// </summary> /// <param name="sender"></param> /// <param name="args"></param> private void Server_AuthenticationRequired(object sender, AuthenticationRequiredEventArgs args) { lock(_AuthenticationSyncLock) { if(!args.IsHandled && WebServer.AuthenticationScheme == AuthenticationSchemes.Basic) { args.IsAuthenticated = args.User != null && args.User.Equals(_BasicAuthenticationUser, StringComparison.OrdinalIgnoreCase); if(args.IsAuthenticated) args.IsAuthenticated = _BasicAuthenticationPasswordHash.PasswordMatches(args.Password); args.IsHandled = true; } } }
/// <summary> /// Authenticates the request from the browser. /// </summary> /// <param name="context"></param> /// <returns></returns> private bool Authenticated(IContext context) { bool result = false; switch(AuthenticationScheme) { case AuthenticationSchemes.None: case AuthenticationSchemes.Anonymous: result = true; break; case AuthenticationSchemes.Basic: bool useCache = CacheCredentials; if(useCache && context.BasicUserName != null) { string password; result = _AuthenticatedUserCache.TryGetValue(context.BasicUserName, out password) && context.BasicPassword == password; } if(!result) { var args = new AuthenticationRequiredEventArgs(context.BasicUserName, context.BasicPassword); OnAuthenticationRequired(args); result = args.IsAuthenticated; if(result) { if(useCache && args.User != null) _AuthenticatedUserCache.Add(args.User, args.Password); } else { context.Response.StatusCode = HttpStatusCode.Unauthorized; context.Response.AddHeader("WWW-Authenticate", String.Format(@"Basic Realm=""{0}""", Provider.ListenerRealm)); } } break; default: throw new NotImplementedException(); } return result; }