public async Task Invoke(HttpContext httpContext) { AuthorizationResult result = new AuthorizationResult(); httpContext.Items["Authorization"] = result; try { string accessToken = httpContext.GetBearerToken(); accessTokenValidator.Validate(accessToken); Connection connection = connectionRepository.First(a => a.AccessToken == accessToken); httpContext.Items["Authorization.Connection"] = connection; httpContext.Items["Authorization.User"] = connection.User; result.Successed = true; result.Connection = connection; } catch (Exception e) { result.Successed = false; result.Exception = e; while (result.Exception.InnerException != null) { result.Exception = result.Exception.InnerException; } Console.Error.WriteLine("Access token is absent or is not valid"); } await nextDelegate.Invoke(httpContext); }
/// <summary> /// Validate the access token. This method extracts an /// access token from the request and then validates the /// access token by calling <c>Validate()</c> method of /// <c>Authlete.Web.AccessTokenValidator</c>. /// </summary> /// /// <returns> /// An instance of <c>AccessTokenValidator</c> that holds /// the result of the access token validation. See the /// API document of /// <c><a href="https://authlete.github.io/authlete-csharp/class_authlete_1_1_web_1_1_access_token_validator.html">AccessTokenValidator</a></c> /// for details as to how to use <c>AccessTokenValidator</c>. /// </returns> /// /// <param name="requiredScopes"> /// Scopes that the access token should cover. If a /// non-null value is given to this parameter, Authlete's /// <c>/api/auth/introspection</c> API checks whether the /// access token covers all the required scopes. /// </param> /// /// <param name="requiredSubject"> /// Subject (= unique identifier of an end-user) that the /// access token should be associated with. If a non-null /// value is given to this parameter, Authlete's /// <c>/api/auth/introspection</c> API checks whether the /// access token is associated with the required subject. /// </param> public async Task <AccessTokenValidator> ValidateAccessToken( string[] requiredScopes = null, string requiredSubject = null) { // Extract an access token from the request. string accessToken = ExtractAccessToken(); // Create a validator to validate the access token. var validator = new AccessTokenValidator(API); // Validate the access token. As a result of this call, // some properties of 'validator' are set. For example, // the 'IsValid' property holds the validation result. await validator.Validate( accessToken, requiredScopes, requiredSubject); // Return the validator that holds the result of the // access token validation. return(validator); }
private static bool IsValidAnonymousUser(NancyContext context, string issuer, string secretKey) { return(AccessTokenValidator.Validate(context, issuer, secretKey)); }
private static bool IsValidAuthenticatedUser(NancyContext context, string issuer, string secretKey) { return(AccessTokenValidator.Validate(context, issuer, secretKey) && !string.IsNullOrWhiteSpace(context.CurrentUser != null ? context.CurrentUser.UserName : null)); }
public void Validate_ValidToken() { String token = CreateConnection().AccessToken; validator.Validate(token); }
public void Validate_ValidToken() { String token = CreateAuthorization().AccessToken; validator.Validate(token); }