예제 #1
0
    /// <summary>
    /// Authenticate user
    /// </summary>
    /// <param name="authService"></param>
    /// <param name="authHeader"></param>
    /// <returns></returns>
    internal async Task<AuthUser> authenticate(IAuthService authService, AuthenticationHeaderValue authHeader)
    {
      AuthUser authUser = null;
      
      // Check if current expected authentication scheme matches request authentication header scheme
      if (authHeader != null && authHeader.Scheme.Equals(this.expectedAuthScheme.ToString(), StringComparison.OrdinalIgnoreCase))
      {
        // authenticate user using expected auth scheme
        switch (this.expectedAuthScheme)
        {
          case AuthTypes.BEARER:
            authUser = await authService.bearerAuthentication(authHeader.Parameter);
            break;

          case AuthTypes.BASIC:
            // Decode base64 and authenticate
            string[] creds = null;
            try
            {
              byte[] data = Convert.FromBase64String(authHeader.Parameter);
              string decodedHeaderParam = Encoding.UTF8.GetString(data);
              creds = decodedHeaderParam.Split(':');
            }
            catch (Exception ex)
            {
              // silently drop this exception b/c it is an invalid scheme
            }
            if (creds != null && creds.Length == 2)
            {
              authUser = await authService.basicAuthentication(creds[0], creds[1]);
            }
            break;

          default:
            authUser = null;
            break;
        }
      }

      return authUser;
    }