public void ToString_UseBothNoParameterAndSetParameter_AllSerializedCorrectly()
{
HttpResponseMessage response = new HttpResponseMessage();
string input = string.Empty;
AuthenticationHeaderValue auth = new AuthenticationHeaderValue("Digest",
"qop=\"auth\",algorithm=MD5-sess,nonce=\"+Upgraded+v109e309640b\",charset=utf-8,realm=\"Digest\"");
Assert.Equal(
"Digest qop=\"auth\",algorithm=MD5-sess,nonce=\"+Upgraded+v109e309640b\",charset=utf-8,realm=\"Digest\"",
auth.ToString());
response.Headers.ProxyAuthenticate.Add(auth);
input += auth.ToString();
auth = new AuthenticationHeaderValue("Negotiate");
Assert.Equal("Negotiate", auth.ToString());
response.Headers.ProxyAuthenticate.Add(auth);
input += ", " + auth.ToString();
auth = new AuthenticationHeaderValue("Custom", ""); // empty string should be treated like 'null'.
Assert.Equal("Custom", auth.ToString());
response.Headers.ProxyAuthenticate.Add(auth);
input += ", " + auth.ToString();
string result = response.Headers.ProxyAuthenticate.ToString();
Assert.Equal(input, result);
}
public async Task CheckAuthorizationHeader(string authorizationHeader)
{
var isRequestFinished = new TaskCompletionSource <object>();
AuthenticationHeaderValue authHeader = null;
var handler = new MockHttpMessageHandler((r, c) =>
{
authHeader = r.Headers.Authorization;
isRequestFinished.SetResult(null);
return(Task.FromResult(new HttpResponseMessage(HttpStatusCode.OK)));
});
var logger = new NoopLogger();
var mockConfig = new MockConfigSnapshot(logger, secretToken: _secretToken, apiKey: _apiKey, flushInterval: "1s");
var payloadSender = new PayloadSenderV2(logger, mockConfig,
Api.Service.GetDefaultService(mockConfig, logger), new Api.System(), handler, /* dbgName: */ nameof(ApiKeyFeatureContext));
using (var agent = new ApmAgent(new TestAgentComponents(logger, mockConfig, payloadSender)))
{
agent.PayloadSender.QueueTransaction(new Transaction(agent, "TestName", "TestType"));
await isRequestFinished.Task;
}
authHeader.Should().NotBeNull();
authHeader.ToString().Should().Be(authorizationHeader);
}
public HttpResponseMessage Post(RegisterModel model)
{
try
{
if (Membership.ValidateUser(model.Email, model.Password))
{
return(Request.CreateErrorResponse(HttpStatusCode.Conflict, "Member is already existed"));
}
if (Membership.CreateUser(model.MemberName, model.Password, model.Email).Equals(default(MembershipUser)))
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Member hasn't been registered"));
}
byte[] buffer = Encoding.ASCII.GetBytes(string.Format("{0}:{1}", model.Email, model.Password));
AuthenticationHeaderValue authHeader = new AuthenticationHeaderValue("Basic", Convert.ToBase64String(buffer));
return(Request.CreateResponse(HttpStatusCode.OK, new AuthorizationTicket {
Ticket = authHeader.ToString()
}));
}
catch (Exception exc)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, exc.Message));
}
}
/// <summary>
/// Makes an HTTP(S) GET request to <seealso cref="requestUrl"/> and returns the result as (awaitable Task of) <seealso cref="string"/>.
/// </summary>
/// <param name="requestUrl">The entire request URL.</param>
/// <param name="authenticationHeader"></param>
/// <returns>An (awaitable Task of) <seealso cref="string"/></returns>
/// <remarks>Will Authorise using the values of the SpotifyApiClientId and SpotifyApiClientSecret appSettings. See
/// https://developer.spotify.com/web-api/authorization-guide/#client-credentials-flow </remarks>
public static async Task <string> Get(
this HttpClient http,
string requestUrl,
AuthenticationHeaderValue authenticationHeader)
{
//TODO: Implement if-modified-since support, serving from cache if response = 304
if (string.IsNullOrEmpty(requestUrl))
{
throw new ArgumentNullException(requestUrl);
}
Logger.Debug(
$"GET {requestUrl}. Token = {authenticationHeader?.ToString()?.Substring(0, 11)}...",
nameof(RestHttpClient));
http.DefaultRequestHeaders.Authorization = authenticationHeader;
var response = await http.GetAsync(requestUrl);
Logger.Information($"Got {requestUrl} {response.StatusCode}", nameof(RestHttpClient));
await CheckForErrors(response);
return(await response.Content.ReadAsStringAsync());
}
private static void container_BuildingRequest(object sender,
global::Microsoft.OData.Client.BuildingRequestEventArgs e)
{
var headerValue = new AuthenticationHeaderValue("Bearer", accessToken);
e.Headers.Add("Authorization", headerValue.ToString());
}
bool ValidateAuthHeader(AuthenticationHeaderValue header, out string message)
{
message = string.Empty;
var validate = ConfigurationManager.AppSettings["ValidateClientAuthHeader"];
if (validate?.Equals("1") == false)
{
return(true);
}
if (header == null)
{
message = "Unknown authorization";
return(false);
}
var clientAuthHeader = ConfigurationManager.AppSettings["ClientAuthHeader"];
if (clientAuthHeader == null || clientAuthHeader?.Length == 0)
{
message = "No Authorization header value found";
return(false);
}
if (clientAuthHeader.Equals(header.ToString()))
{
return(true);
}
message = "Unknown authorization";
return(false);
}
public static IDictionary <string, string> ParseAuthHeader(AuthenticationHeaderValue header)
{
if (header == null)
{
return(null);
}
var retVal = new Dictionary <string, string>();
var raw = header.Parameter;
var regex = new Regex("(\\w+)=((\\w+)|\"([^\"]+))");
var matches = regex.Matches(raw);
if (matches.Count > 0)
{
var groups = matches[0].Groups;
var key = groups[1].Value;
var k = groups[3];
if (!k.Success)
{
k = groups[4];
}
retVal[key] = k.Value;
retVal["Scheme"] = header.Scheme;
}
retVal["WWW-Authenticate"] = header.ToString();
return(retVal);
}
/// <summary>
/// Makes an HTTP(S) POST request to <seealso cref="requestUrl"/> with <seealso cref="formData"/> as the request body. Returns the result as (awaitable Task of) <seealso cref="string"/>.
/// </summary>
/// <param name="requestUrl">The entire request URL.</param>
/// <param name="formData">The URL encoded formData in format "key1=value1&key2=value2"</param>
/// <param name="headerValue">An authentication header for the request.</param>
/// <returns>An (awaitable Task of) <seealso cref="string"/> </returns>
/// <remarks>Will Authorise using the values of the SpotifyApiClientId and SpotifyApiClientSecret appSettings. See
/// https://developer.spotify.com/web-api/authorization-guide/#client-credentials-flow </remarks>
public static async Task <string> Post(
this HttpClient http,
string requestUrl,
string formData,
AuthenticationHeaderValue headerValue)
{
if (string.IsNullOrEmpty(requestUrl))
{
throw new ArgumentNullException(requestUrl);
}
if (string.IsNullOrEmpty(formData))
{
throw new ArgumentNullException(formData);
}
Logger.Debug(
$"POST {requestUrl}. Token = {headerValue?.ToString()?.Substring(0, 11)}...",
nameof(RestHttpClient));
http.DefaultRequestHeaders.Authorization = headerValue;
var response =
await
http.PostAsync(requestUrl,
new StringContent(formData, Encoding.UTF8, "application/x-www-form-urlencoded"));
Logger.Information($"Posted {requestUrl} {response.StatusCode}", nameof(RestHttpClient));
await CheckForErrors(response);
return(await response.Content.ReadAsStringAsync());
}
/// <summary>
/// Verify the authentication header.
/// </summary>
/// <param name="header">Authentication header.</param>
/// <param name="initial">Flag to indicate whether this is the initial verification call.</param>
/// <param name="sessionToken">Session token associated with the authentication header.</param>
/// <returns>True if the initial authentication header is valid; false otherwise.</returns>
protected bool VerifyAuthenticationHeader(AuthenticationHeaderValue header, bool initial, out string sessionToken)
{
bool verified = false;
string sessionTokenChecked = null;
if (header != null)
{
AuthenticationUtils.GetSharedSecret sharedSecret;
if (initial)
{
sharedSecret = InitialSharedSecret;
}
else
{
sharedSecret = SharedSecret;
}
if ("Basic".Equals(header.Scheme))
{
verified = AuthenticationUtils.VerifyBasicAuthorisationToken(header.ToString(), sharedSecret, out sessionTokenChecked);
}
else if ("SIF_HMACSHA256".Equals(header.Scheme))
{
verified = true;
}
}
sessionToken = sessionTokenChecked;
return(verified);
}
public async Task <ActionResult> Payment(Payment payment)
{
//var userIp = HttpContext.Request.Host;
var _IP = "RemoteIp:" + Request.HttpContext.Connection.RemoteIpAddress.ToString() + " - LocalIpAddress:" +
Request.HttpContext.Connection.LocalIpAddress;
String payendpoint = configuration.GetValue <string>("SecurePay:Endpoint") + configuration.GetValue <string>("SecurePay:PayAPI");
String merchantcode = configuration.GetValue <string>("SecurePay:MerchantCode");
var authValue = new AuthenticationHeaderValue("Bearer", payment.AccessToken);
var authValueString = authValue.ToString();
var IdempotencyKey = Guid.NewGuid();
client.DefaultRequestHeaders.Authorization = authValue;
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
client.DefaultRequestHeaders.Add("Idempotency-Key", IdempotencyKey.ToString());
var payModel = new PayModel
{
merchantCode = merchantcode,
amount = payment.Amount,
token = payment.Token,
ip = Request.HttpContext.Connection.RemoteIpAddress.ToString()
};
string json = JsonConvert.SerializeObject(payModel);
var stringContent = new StringContent(json, Encoding.UTF8, "application/json");
var response = await client.PostAsync(payendpoint, stringContent);
var responseString = await response.Content.ReadAsStringAsync();
return(Ok(responseString));
}
/// <summary>
/// This method returns Base64 encoded values required for Basic Authentication
/// </summary>
public static string Base64EncodedBaiscAuth()
{
var byteArray = Encoding.ASCII.GetBytes($"{DEFAULT_USERNAME}:{DEFAULT_PASSWORD}");
var clientAuthrizationHeader = new AuthenticationHeaderValue("Basic", Convert.ToBase64String(byteArray));
return(clientAuthrizationHeader.ToString());
}
static string EncodeBasicAuth(string UserName, string Password)
{
var byteArray = Encoding.UTF8.GetBytes($"{UserName}:{Password}");
var clientAuthrizationHeader = new AuthenticationHeaderValue("Basic",
Convert.ToBase64String(byteArray));
return(clientAuthrizationHeader.ToString());
}
public override Task OnExecutingAsync(FunctionExecutingContext executingContext, CancellationToken cancellationToken)
{
var workItem = executingContext.Arguments.First().Value as HttpRequestMessage;
ValidationPackage validationPackage = new ValidationPackage();
AuthenticationHeaderValue jwtInput = workItem.Headers.Authorization;
if (jwtInput != null)
{
String jwt = "";
if (jwtInput.ToString().StartsWith("Bearer ", StringComparison.OrdinalIgnoreCase))
{
jwt = jwtInput.ToString().Substring("Bearer ".Length).Trim();
}
JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler();
if (!string.IsNullOrEmpty(jwt))
{
try
{
validationPackage = ExtractClaims(jwt, handler);
}
catch (Exception e)
{
// log.Error("Exception caught while validating token", e);
}
}
else
{
//log.Error("Auth Token begins with [" + jwtInput.ToString().Substring(0, 12) + "...]");
}
}
if (!validationPackage.validToken)
{
workItem.Headers.Add("AuthorizationStatus", Convert.ToInt32(HttpStatusCode.Unauthorized).ToString());
}
else
{
workItem.Headers.Add("AuthorizationStatus", Convert.ToInt32(HttpStatusCode.Accepted).ToString());
}
return(base.OnExecutingAsync(executingContext, cancellationToken));
}
public GithubRepository(string connectionString, AuthenticationHeaderValue credentials, string organization)
{
_sqlConnection = new SqlConnection(connectionString);
_client = new HttpClient();
_client.DefaultRequestHeaders.Add("User-Agent", "IDS/ReleasePanel");
_client.DefaultRequestHeaders.Add("Authorization", credentials.ToString());
_organization = organization;
}
protected override ClientWebSocket CreateWebSocket()
{
ClientWebSocket webSocket = base.CreateWebSocket();
AuthenticationHeaderValue authHeader = new AuthenticationHeaderValue("Bearer", this.oauthAccessToken);
webSocket.Options.SetRequestHeader("Authorization", authHeader.ToString());
webSocket.Options.SetRequestHeader("X-Is-Bot", true.ToString());
return(webSocket);
}
protected override ClientWebSocket CreateWebSocket()
{
ClientWebSocket webSocket = base.CreateWebSocket();
AuthenticationHeaderValue authHeader = new AuthenticationHeaderValue("Bearer", this.oauthAccessToken);
webSocket.Options.SetRequestHeader("Authorization", authHeader.ToString());
webSocket.Options.SetRequestHeader("X-Interactive-Version", this.InteractiveGame.versions.OrderByDescending(v => v.versionOrder).First().id.ToString());
webSocket.Options.SetRequestHeader("X-Protocol-Version", "2.0");
return(webSocket);
}
public static string GetTokenFromAuthorizationHeader(this AuthenticationHeaderValue header)
{
try
{
var tokenRaw = header.ToString();
return(tokenRaw.ToLower().StartsWith("bearer ") ? tokenRaw.Substring(7) : tokenRaw);
}
catch
{
throw new ArgumentException("Problem getting user id from Auth Header");
}
}
private string ConstructKeyBasedOnAuthorizationHeader(string mainKey, AuthenticationHeaderValue authHeader)
{
const string WithCredentials = nameof(WithCredentials);
const string NoCredentials = nameof(NoCredentials);
if (authHeader != null && string.IsNullOrWhiteSpace(authHeader.ToString()) == false)
{
return(ConstructKey(mainKey, WithCredentials));
}
return(ConstructKey(mainKey, NoCredentials));
}
public static TResult GetClaimsFromAuthorizationHeader <TResult>(this AuthenticationHeaderValue header,
Func <IEnumerable <Claim>, TResult> success,
Func <TResult> authorizationNotSet,
Func <string, TResult> failure,
string issuerConfigSetting = EastFive.Security.AppSettings.TokenIssuer,
string validationKeyConfigSetting = EastFive.Security.AppSettings.TokenKey)
{
if (default(AuthenticationHeaderValue) == header)
{
return(authorizationNotSet());
}
var jwtString = header.ToString();
return(jwtString.GetClaimsFromJwtToken(success, authorizationNotSet, failure, issuerConfigSetting, validationKeyConfigSetting));
}
/// <summary>
///
/// </summary>
public void fetchConnectionDetails()
{
string apiUsername, apiPassword;
if (resumingSession)
{
// We're resuming an existing session so fetch the robot connection details from a database
string query = "SELECT IP, AUTH FROM robot WHERE ROBOT_ID =" + id;
var getRobotData = new MySqlCommand(query, db);
using (MySqlDataReader reader = getRobotData.ExecuteReader())
{
while (reader.Read())
{
ipAddress = reader.GetString("IP");
authValue = new AuthenticationHeaderValue("Basic", reader.GetString("AUTH"));
}
}
}
else
{
// We've got a new session so input the details manually in the terminal
// Firstm fetch the details
Console.WriteLine("Please Enter The IP Address Of The Robot No " + id + ":");
ipAddress = Console.ReadLine();
// TODO: Check that the input is correct - length & type
Console.WriteLine("Enter API Username:"******"Enter API Password:"******"username:"******"Basic", Convert.ToBase64String(Encoding.UTF8.GetBytes($"{apiUsername}:{ComputeSha256Hash(apiPassword)}")));
logger(AREA, DEBUG, authValue.ToString());
// Store the data in the DB
//string query = "REPLACE INTO robot (`ROBOT_ID`, `IP`, `AUTH`) VALUES ('" + id + "', '" + ipAddress + "', '" + Convert.ToBase64String(Encoding.UTF8.GetBytes($"{apiUsername}:{ComputeSha256Hash(apiPassword)}")) + "');";
//Globals.issueInsertQuery(query);
// Change the App.config setting so that we load an existing config next time
//Globals.AddUpdateAppSettings("resumingSession", "true");
}
}
public override void OnAuthorization(HttpActionContext actionContext)
{
HttpRequestMessage request = actionContext.Request;
AuthenticationHeaderValue authorization = request.Headers.Authorization;
if (actionContext.ActionDescriptor.GetCustomAttributes <SkipFilterAttribute>().Any())
{
return;
}
ActivityAuthorize activityAuthorize = actionContext
.ActionDescriptor.GetCustomAttributes <ActivityAuthorize>().SingleOrDefault();
if (activityAuthorize == null || authorization == null)
{
actionContext.Response = request.CreateErrorResponse(HttpStatusCode.Unauthorized,
_personAppService.Localize("Unauthorized_Request_NoUser"));
return;
}
string userAuthToken = authorization.ToString();
// Authentication by validate user token
ResponseMessageDTO tokenResponseMessageDto = _tokenAppService.ValidateToken(userAuthToken);
if (!tokenResponseMessageDto.Status)
{
actionContext.Response = request.CreateErrorResponse(HttpStatusCode.Unauthorized,
tokenResponseMessageDto.Message);
return;
}
else
{
string username = _tokenAppService.GetUsernameByToken(userAuthToken);
if (string.IsNullOrEmpty(activityAuthorize.ActivityName))
{
return;
}
ResponseMessageDTO authorizeActivityResponseMessageDto = _personAppService
.CheckAuthorizeActivity(username, activityAuthorize.ActivityName);
if (!authorizeActivityResponseMessageDto.Status)
{
actionContext.Response = request.CreateErrorResponse(HttpStatusCode.Unauthorized,
authorizeActivityResponseMessageDto.Message);
return;
}
}
}
protected override ClientWebSocket CreateWebSocket()
{
ClientWebSocket webSocket = base.CreateWebSocket();
AuthenticationHeaderValue authHeader = new AuthenticationHeaderValue("Bearer", this.oauthAccessToken);
webSocket.Options.SetRequestHeader("Authorization", authHeader.ToString());
webSocket.Options.SetRequestHeader("X-Interactive-Version", this.Version.id.ToString());
webSocket.Options.SetRequestHeader("X-Protocol-Version", "2.0");
if (!string.IsNullOrEmpty(this.ShareCode))
{
webSocket.Options.SetRequestHeader("X-Interactive-Sharecode", this.ShareCode);
}
return(webSocket);
}
static void Main()
{
var authContext = new AuthenticationContext(Authority);
var result = authContext.AcquireToken(Resource, NativeClientId, new Uri(NativeClientRedirectUri));
SampleContext context = new SampleContext(new Uri(ServiceAddress));
context.SendingRequest2 += (sender, args) =>
{
var header = new AuthenticationHeaderValue("Bearer", result.AccessToken);
args.RequestMessage.SetHeader("Authorization", header.ToString());
};
var employees = context.Employees.ToArray();
Console.WriteLine(employees.Length);
}
private static BasicCredentials ParseCredentials(AuthenticationHeaderValue authHeader)
{
try
{
var credentials = Encoding.ASCII.GetString(Convert.FromBase64String(authHeader.ToString().Substring(6))).Split(':');
return(new BasicCredentials
{
Username = credentials[0],
Password = credentials[1]
});
}
catch { }
return(new BasicCredentials());
}
private static BasicCredentials ParseCredentials(AuthenticationHeaderValue authHeader)
{
try
{
var credentials = Encoding.ASCII.GetString(Convert.FromBase64String(authHeader.ToString().Substring(6)));
int splitOn = credentials.IndexOf(':');
return(new BasicCredentials
{
Username = credentials.Substring(0, splitOn),
Password = credentials.Substring(splitOn + 1)
});
}
catch { }
return(new BasicCredentials());
}
public bool IsAuthorized(AuthenticationHeaderValue authorization, UserContract user)
{
if (authorization == null)
{
throw new ValidationException(System.Net.HttpStatusCode.Unauthorized, Resources.ApiResources.NotAuthorized);
}
var tokenExpired = (DateTime.UtcNow.TimeOfDay - user.LastLogin.Value.TimeOfDay).TotalMinutes > 30;
if (tokenExpired)
{
throw new ValidationException(System.Net.HttpStatusCode.Unauthorized, ApiResources.SessionExpired);
}
var requestAuthorizationToken = authorization.ToString().Replace(tokenPrefix, "").Trim();
return(string.Equals(requestAuthorizationToken, user.AccessToken));
}
/// <summary>
/// <example>POST https://{instance}/DefaultCollection/[{project}/]_apis/wit/wiql?api-version={version}</example>
/// </summary>
/// <param name="url"></param>
/// <param name="data"></param>
/// <returns></returns>
public static string Post(string url, string data)
{
try
{
using (var client = new WebClient())
{
var credentials = Convert.ToBase64String(Encoding.ASCII.GetBytes($":{accessToken}"));
var authHeader = new AuthenticationHeaderValue("Basic", credentials);
client.Headers.Add(HttpRequestHeader.Authorization, authHeader.ToString());
client.Headers.Add(HttpRequestHeader.ContentType, "application/json");
client.Headers.Add(HttpRequestHeader.AcceptCharset, "utf-8");
return(client.UploadString(url, data));
}
}
catch (Exception ex) {
throw;
}
}
public HttpResponseMessage Post(LogOnModel model)
{
try
{
if (Membership.ValidateUser(model.Email, model.Password) == false)
{
return(Request.CreateErrorResponse(HttpStatusCode.NotFound, "Member doesn't exist"));
}
byte[] buffer = Encoding.ASCII.GetBytes(string.Format("{0}:{1}", model.Email, model.Password));
AuthenticationHeaderValue authHeader = new AuthenticationHeaderValue("Basic", Convert.ToBase64String(buffer));
return(Request.CreateResponse(HttpStatusCode.OK, new AuthorizationTicket {
Ticket = authHeader.ToString()
}));
}
catch (Exception exc)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, exc.Message));
}
}
public static AdalResponse CallGraph(string uri, dynamic postContent = null, bool isUpdate = false, string graphResource = null)
{
string resource = (graphResource != null) ? graphResource : Settings.GraphResource;
var res = new AdalResponse
{
Successful = true
};
HttpResponseMessage response = null;
try
{
AuthenticationResult authResult = null;
// Get auth token
var task = Task.Run(async() => {
authResult = await AuthenticateApp(resource);
});
task.Wait();
string accessToken = authResult.AccessToken;
var bearer = new AuthenticationHeaderValue("Bearer", accessToken);
//getting inconsistent results (chunked vs not chunked) with async calls - switching to webclient/sync
if (postContent != null)
{
using (var httpClient = new HttpClient())
{
httpClient.Timeout = TimeSpan.FromSeconds(300);
httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
httpClient.DefaultRequestHeaders.Add("client-request-id", Guid.NewGuid().ToString());
httpClient.DefaultRequestHeaders.GetValues("client-request-id").Single();
string serialized = JsonConvert.SerializeObject(postContent);
HttpContent content = new StringContent(serialized, Encoding.UTF8, "application/json");
if (isUpdate)
{
var method = new HttpMethod("PATCH");
var request = new HttpRequestMessage(method, uri)
{
Content = content
};
response = httpClient.SendAsync(request).Result;
}
else
{
response = httpClient.PostAsync(uri, content).Result;
}
res.ResponseContent = response.Content.ReadAsStringAsync().Result;
res.StatusCode = response.StatusCode;
res.Message = response.ReasonPhrase;
if (!response.IsSuccessStatusCode)
{
res.Successful = false;
var serverError = JsonConvert.DeserializeObject <GraphError>(res.ResponseContent);
var reason = (response == null ? "N/A" : response.ReasonPhrase);
var serverErrorMessage = (serverError.Error == null) ? "N/A" : serverError.Error.Message;
res.Message = string.Format("Server response: {0}. Server detail: {1})", reason, serverErrorMessage);
return(res);
}
}
}
else
{
using (var webClient = new WebClient())
{
webClient.Headers.Add("Authorization", bearer.ToString());
webClient.Headers.Add("client-request-id", Guid.NewGuid().ToString());
res.ResponseContent = webClient.DownloadString(uri);
}
}
return(res);
}
catch (Exception ex)
{
res.Successful = false;
res.Message = ex.Message;
return(res);
}
}
/// <summary>
/// Authenticate async.
/// This method:
/// - checks that there is an authorization field
/// - checks that if the authorization scheme is Anon the controller called is labelled with the Allow Anonymous attribute
/// - dispatches the authorization parameter to the appropriate auth manager
/// - populates the HTTP context with the user and app principals
/// </summary>
/// <remarks>
/// Requirements for different schemes:
/// - SocialPlus: must include token
/// - Anon: must include app key
/// - OAuth: must include app key and token
/// - AADS2S: must include app key and token (and optionally user handle)
/// In summary: the app key cannot be null unless AuthScheme is SocialPlus; token cannot be null unless AuthScheme is Anon
/// </remarks>
/// <param name="context">Http context</param>
/// <param name="cancellationToken">Cancellation token</param>
/// <returns>Authenticate async task</returns>
public async Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken)
{
HttpActionContext actionContext = context.ActionContext;
HttpRequestMessage request = context.Request;
int versionMajor = 0;
int versionMinor = 0;
List <IPrincipal> principals = null;
// parse out the api version number from the request url
try
{
UrlParser.GetMajorMinorAPIVersion(request.RequestUri, out versionMajor, out versionMinor);
}
catch (Exception e)
{
string errorMessage = "Request API version is malformed.";
this.log.LogError(errorMessage, e);
context.ErrorResult = new BadRequestMessageResult(ResponseStrings.VersionNumbersMalformed, request);
return;
}
AuthenticationHeaderValue authorization = request.Headers.Authorization;
if (authorization == null)
{
string errorMessage = "No authorization header field present.";
this.log.LogError(errorMessage);
context.ErrorResult = new UnauthorizedMessageResult(ResponseStrings.GenericUnauthorizedError, context.Request);
return;
}
// Anon authorization is only allowed on controllers labelled with the AllowAnonymous attribute
if (authorization.Scheme == AnonScheme && (actionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any() == false))
{
string errorMessage = $"Anon auth attempted on a controller/action not labelled AllowAnonymous. Auth: {authorization.ToString()}";
this.log.LogError(errorMessage);
context.ErrorResult = new UnauthorizedMessageResult(ResponseStrings.GenericUnauthorizedError, context.Request);
return;
}
// Validate the authorization string
try
{
principals = await this.authManager.ValidateAuth(authorization.Parameter, authorization.Scheme);
}
catch (Exception e)
{
// Catch unauthorized exceptions, log them, and return unauthorized
string errorMessage = $"Invalid authorization header: {authorization.ToString()}";
this.log.LogError(errorMessage, e);
context.ErrorResult = new UnauthorizedMessageResult(ResponseStrings.GenericUnauthorizedError, context.Request);
return;
}
// Save user and app principal in the HTTP context
foreach (var p in principals)
{
if (p is AppPrincipal)
{
HttpContext.Current.Items["AppPrincipal"] = p;
}
else if (p is UserPrincipal)
{
HttpContext.Current.User = p;
}
}
}
