public override void OnAuthorization(AuthorizationContext filterContext)
{
if (SkipAuthorization(filterContext.ActionDescriptor))
{
return;
}
AuthenticationModule module = new AuthenticationModule();
module.Authenticate();
}
/// <summary>
/// Handle authentication
/// </summary>
/// <param name="request"></param>
/// <param name="response"></param>
/// <param name="session"></param>
/// <returns>true if request can be handled; false if not.</returns>
/// <exception cref="BadRequestException">Invalid authorization header</exception>
protected virtual bool ProcessAuthentication(IHttpRequest request, IHttpResponse response, IHttpSession session)
{
if (_authModules.Count > 0)
{
bool authenticate = false;
object authTag = null;
if (request.Headers["authorization"] != null)
{
authenticate = true;
string authHeader = request.Headers["authorization"];
int pos = authHeader.IndexOf(' ');
if (pos == -1)
{
throw new BadRequestException("Invalid authorization header");
}
// first word identifies the type of authentication to use.
string word = authHeader.Substring(0, pos).ToLower();
// find the mod to use.
AuthenticationModule mod = null;
lock (_authModules)
{
foreach (AuthenticationModule aModule in _authModules)
{
if (aModule.Name != word)
{
continue;
}
mod = aModule;
break;
}
}
if (mod != null)
{
authTag = mod.Authenticate(authHeader, GetRealm(request), request.Method);
session[AuthenticationModule.AuthenticationTag] = authTag;
}
}
// Check if auth is needed.
if (authTag == null)
{
lock (_authModules)
{
foreach (AuthenticationModule module in _authModules)
{
if (!module.AuthenticationRequired(request))
{
continue;
}
RequestAuthentication(module, request, response);
return(false);
}
// modules can have inited the authentication
// and then the module.AuthenticationRequired method will not have been used.
if (authenticate && _authModules.Count > 0)
{
RequestAuthentication(_authModules[0], request, response);
return(false);
}
}
}
}
return(true);
}
