public bool TryAuthenticateRequest(HttpContextBase context) { IPrincipal principal = null; var request = context.Request; var displayName = request.Headers[Constants.FrontEndDisplayNameHeader]; var principalName = request.Headers[Constants.FrontEndPrincipalNameHeader]; var portalToken = request.Headers[Constants.PortalTokenHeader]; if (string.Equals(principalName, Constants.AnonymousUserName, StringComparison.OrdinalIgnoreCase)) { if (request.UrlReferrer?.AbsoluteUri.StartsWith(Constants.PortalReferrer, StringComparison.OrdinalIgnoreCase) == true || request.UrlReferrer?.AbsoluteUri.StartsWith(Constants.MsPortalReferrer, StringComparison.OrdinalIgnoreCase) == true || request.UrlReferrer?.AbsoluteUri.StartsWith(Constants.RcPortalReferrer, StringComparison.OrdinalIgnoreCase) == true) { principal = new AzureFunctionsPrincipal(new AzureFunctionsIdentity(Constants.PortalAnonymousUser)); } else if (string.IsNullOrEmpty(portalToken)) { principal = new AzureFunctionsPrincipal(new AzureFunctionsIdentity(Constants.AnonymousUserName)); } else { principal = ParsePortalToken(portalToken); } } else if (!string.IsNullOrWhiteSpace(principalName) || !string.IsNullOrWhiteSpace(displayName)) { principal = new AzureFunctionsPrincipal(new AzureFunctionsIdentity(principalName ?? displayName)); } else { // throw? principal = new AzureFunctionsPrincipal(new AzureFunctionsIdentity(Constants.AnonymousUserName)); } context.User = principal; Thread.CurrentPrincipal = principal; return (principal.Identity as AzureFunctionsIdentity)?.IsAuthenticated == true; }
public bool TryAuthenticateRequest(HttpContextBase context) { IPrincipal principal = null; var request = context.Request; var displayName = request.Headers[Constants.FrontEndDisplayNameHeader]; var principalName = request.Headers[Constants.FrontEndPrincipalNameHeader]; var portalToken = request.Headers[Constants.PortalTokenHeader]; if (string.Equals(principalName, Constants.AnonymousUserName, StringComparison.OrdinalIgnoreCase)) { if (request.UrlReferrer?.AbsoluteUri.StartsWith(Constants.PortalReferrer, StringComparison.OrdinalIgnoreCase) == true || request.UrlReferrer?.AbsoluteUri.StartsWith(Constants.MsPortalReferrer, StringComparison.OrdinalIgnoreCase) == true || request.UrlReferrer?.AbsoluteUri.StartsWith(Constants.RcPortalReferrer, StringComparison.OrdinalIgnoreCase) == true) { principal = new AzureFunctionsPrincipal(new AzureFunctionsIdentity(Constants.PortalAnonymousUser)); } else if (string.IsNullOrEmpty(portalToken)) { principal = new AzureFunctionsPrincipal(new AzureFunctionsIdentity(Constants.AnonymousUserName)); } else { principal = ParsePortalToken(portalToken); } } else if (!string.IsNullOrWhiteSpace(principalName) || !string.IsNullOrWhiteSpace(displayName)) { principal = new AzureFunctionsPrincipal(new AzureFunctionsIdentity(principalName ?? displayName)); } else { // throw? principal = new AzureFunctionsPrincipal(new AzureFunctionsIdentity(Constants.AnonymousUserName)); } context.User = principal; Thread.CurrentPrincipal = principal; return((principal.Identity as AzureFunctionsIdentity)?.IsAuthenticated == true); }
public bool TryAuthenticateRequest(HttpContextBase context) { IPrincipal principal = null; var request = context.Request; var displayName = request.Headers[Constants.FrontEndDisplayNameHeader]; var principalName = request.Headers[Constants.FrontEndPrincipalNameHeader]; var portalToken = request.Headers[Constants.PortalTokenHeader] ?? request.Headers[Constants.Authorization]; if (request.UrlReferrer != null && this._noAuthReferrers.Any(r => request.UrlReferrer.Host.EndsWith(r, StringComparison.OrdinalIgnoreCase))) { principal = new AzureFunctionsPrincipal(new AzureFunctionsIdentity(Constants.PortalAnonymousUser)); } else if (string.Equals(principalName, Constants.AnonymousUserName, StringComparison.OrdinalIgnoreCase)) { if (string.IsNullOrEmpty(portalToken)) { principal = new AzureFunctionsPrincipal(new AzureFunctionsIdentity(Constants.AnonymousUserName)); } else { principal = ParsePortalToken(portalToken.Split(new[] { ' ' }).Last()); } } else if (!string.IsNullOrWhiteSpace(principalName) || !string.IsNullOrWhiteSpace(displayName)) { principal = new AzureFunctionsPrincipal(new AzureFunctionsIdentity(Constants.FrontEndAuthenticatedUser)); } else { // throw? principal = new AzureFunctionsPrincipal(new AzureFunctionsIdentity(Constants.AnonymousUserName)); } // These are needed for [Authorize] decorator to work. context.User = principal; Thread.CurrentPrincipal = principal; return((principal.Identity as AzureFunctionsIdentity)?.IsAuthenticated == true); }