internal static IPrincipal CreateUser(
string response,
AuthenticationSchemes scheme,
string realm,
string method,
Func <IIdentity, NetworkCredential> credentialsFinder
)
{
if (response == null || response.Length == 0)
{
return(null);
}
if (scheme == AuthenticationSchemes.Digest)
{
if (realm == null || realm.Length == 0)
{
return(null);
}
if (method == null || method.Length == 0)
{
return(null);
}
}
else
{
if (scheme != AuthenticationSchemes.Basic)
{
return(null);
}
}
if (credentialsFinder == null)
{
return(null);
}
var compType = StringComparison.OrdinalIgnoreCase;
if (response.IndexOf(scheme.ToString(), compType) != 0)
{
return(null);
}
var res = AuthenticationResponse.Parse(response);
if (res == null)
{
return(null);
}
var id = res.ToIdentity();
if (id == null)
{
return(null);
}
NetworkCredential cred = null;
try {
cred = credentialsFinder(id);
}
catch {
}
if (cred == null)
{
return(null);
}
if (scheme == AuthenticationSchemes.Basic)
{
var basicId = (HttpBasicIdentity)id;
return(basicId.Password == cred.Password
? new GenericPrincipal(id, cred.Roles)
: null);
}
var digestId = (HttpDigestIdentity)id;
return(digestId.IsValid(cred.Password, realm, method, null)
? new GenericPrincipal(id, cred.Roles)
: null);
}
internal static IPrincipal CreateUser(
string response,
AuthenticationSchemes scheme,
string realm,
string method,
Func <IIdentity, NetworkCredential> credentialsFinder
)
{
if (response == null || response.Length == 0)
{
return(null);
}
if (credentialsFinder == null)
{
return(null);
}
if (!(scheme == AuthenticationSchemes.Basic || scheme == AuthenticationSchemes.Digest))
{
return(null);
}
if (scheme == AuthenticationSchemes.Digest)
{
if (realm == null || realm.Length == 0)
{
return(null);
}
if (method == null || method.Length == 0)
{
return(null);
}
}
if (!response.StartsWith(scheme.ToString(), StringComparison.OrdinalIgnoreCase))
{
return(null);
}
var res = AuthenticationResponse.Parse(response);
if (res == null)
{
return(null);
}
var id = res.ToIdentity();
if (id == null)
{
return(null);
}
NetworkCredential cred = null;
try {
cred = credentialsFinder(id);
}
catch {
}
if (cred == null)
{
return(null);
}
if (scheme == AuthenticationSchemes.Basic &&
((HttpBasicIdentity)id).Password != cred.Password
)
{
return(null);
}
if (scheme == AuthenticationSchemes.Digest &&
!((HttpDigestIdentity)id).IsValid(cred.Password, realm, method, null)
)
{
return(null);
}
return(new GenericPrincipal(id, cred.Roles));
}