public Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken) { IPrincipal principal = null; GenericIdentity identity; var credentials = context.ParseAuthorizationHeader(); var adminCred = CredentialsProvider.GetAdminCredentials(); var pullCred = CredentialsProvider.GetMonitorCredentials(); if (credentials == null) { return(Task.FromResult(0)); } if (credentials.Equals(adminCred)) { identity = new GenericIdentity(credentials.Id.ToString()); principal = new GenericPrincipal(identity, new[] { SecurityRole.Admin.ToString() }); } else if (credentials.Equals(pullCred)) { identity = new GenericIdentity(pullCred.Id.ToString()); principal = new GenericPrincipal(identity, new[] { SecurityRole.Monitor.ToString() }); } else { string encryptedPassword = credentials.Password.ToSha256Hash(); var endpoint = EndpointRegistry.GetById(credentials.Id); if (endpoint?.Password == encryptedPassword) { context.Request.Properties[_passwordKey] = encryptedPassword; identity = new GenericIdentity(credentials.Id.ToString()); principal = new GenericPrincipal(identity, null); } } context.Principal = principal; return(Task.FromResult(0)); }