public override bool AuthorizeHubConnection(HubDescriptor hubDescriptor, IRequest request) { IPrincipal p = null; try { var key = request.Headers.SingleOrDefault(h => h.Key == "apikey").Value; if (key == Settings.STSApiKey) { //branch just for STS calls if (!AuthAndAddClaims(new RemoteSite { ApiKey = key, Id = key, OnPremDomainName = "CustomSTS", SiteType = SiteTypes.LocalADOnly }, ref p, request)) { return(false); } request.Environment["server.User"] = p; request.GetHttpContext().User = p; return(true); } RemoteSite site = null; var task = Task.Run(async() => { site = await SiteUtils.AuthorizeApiAsync(key); }); task.Wait(); if (site == null) { return(false); } //we're authenticated if (!AuthAndAddClaims(site, ref p, request)) { return(false); } request.Environment["server.User"] = p; request.GetHttpContext().User = p; return(true); } catch (Exception ex) { throw new Exception("Error authorizing access", ex); } }
public override void OnAuthorization(HttpActionContext actionContext) { try { var key = actionContext.Request.Headers.SingleOrDefault(h => h.Key == "apikey").Value.FirstOrDefault(); RemoteSite site = null; var task = Task.Run(async() => { site = await SiteUtils.AuthorizeApiAsync(key); }); task.Wait(); if (site == null) { Unauthorized(ref actionContext); base.OnAuthorization(actionContext); return; } if (_isAdmin && site.SiteType != SiteTypes.MasterHQ) { Unauthorized(ref actionContext); base.OnAuthorization(actionContext); return; } //we're authenticated var p = actionContext.RequestContext.Principal; if (!AuthAndAddClaims(site, ref p)) { Unauthorized(ref actionContext); base.OnAuthorization(actionContext); return; } actionContext.RequestContext.Principal = p; base.OnAuthorization(actionContext); return; } catch (Exception ex) { throw new Exception("Error authorizing access", ex); } }