public async Task <ClaimsIdentity> AuthenticateAsync(HttpRequest httpRequest, HttpResponse httpResponse)
{
if (httpRequest == null)
{
throw new ArgumentNullException(nameof(httpRequest));
}
if (httpResponse == null)
{
throw new ArgumentNullException(nameof(httpResponse));
}
var authorizationHeader = httpRequest.Headers["Authorization"];
if (string.IsNullOrWhiteSpace(authorizationHeader))
{
httpResponse.StatusCode = (int)HttpStatusCode.Unauthorized;
return(null);
}
var claimsIdentity = await _authenticationProvider.AuthenticateAsync(authorizationHeader).ConfigureAwait(false);
if (claimsIdentity == null)
{
httpResponse.StatusCode = (int)HttpStatusCode.Unauthorized;
return(null);
}
var appIdClaimName = AuthHelpers.GetAppIdClaimName(claimsIdentity);
var appId = claimsIdentity.Claims.FirstOrDefault(c => c.Type == appIdClaimName)?.Value;
if (_whitelistAuthenticationProvider.AppsWhitelist != null &&
_whitelistAuthenticationProvider.AppsWhitelist.Count > 0 &&
!_whitelistAuthenticationProvider.AppsWhitelist.Contains(appId))
{
httpResponse.StatusCode = (int)HttpStatusCode.Unauthorized;
await httpResponse.WriteAsync("Skill could not allow access from calling bot.").ConfigureAwait(false);
}
return(claimsIdentity);
}