public RequestMessageContext GetApiKeyFromHeader()
{
this.Logger.LogDebug($"Attempting to retrieve API key value from header ${this.Options.HeaderName}.");
var message = new RequestMessageContext();
if (!this.Request.Headers.TryGetValue(this.Options.HeaderName, out Microsoft.Extensions.Primitives.StringValues headerValue))
{
return(message);
}
var parts = headerValue[0].Split(':');
if (parts.Length != 2)
{
message.Result = AuthenticateResult.Fail("Invalid API Key format.");
return(message);
}
message.Key = new ApiKey()
{
ClientID = parts[0],
Secret = parts[1]
};
return(message);
}
public RequestMessageContext GetApiKeyFromAuthorizationHeader()
{
this.Logger.LogDebug($"Attempting to retrieve API key value from Authorization header.");
var message = new RequestMessageContext();
if (!this.Request.Headers.TryGetValue(AuthorizationHeader, out Microsoft.Extensions.Primitives.StringValues headerValue))
{
message.Result = AuthenticateResult.NoResult();
return(message);
}
if (!AuthorizationHeaderValue.TryParse(headerValue, out AuthorizationHeaderValue auth_header))
{
message.Result = AuthenticateResult.NoResult();
return(message);
}
if (!auth_header.AuthenticationType.Equals(this.Options.AuthenticationType, StringComparison.OrdinalIgnoreCase))
{
message.Result = AuthenticateResult.NoResult();
return(message);
}
string[] valueParts = auth_header.Value.Split(':');
if (valueParts.Length != 2)
{
message.Result = AuthenticateResult.Fail("Invalid API Key format.");
return(message);
}
message.Key = new ApiKey()
{
ClientID = valueParts[0],
Secret = valueParts[1]
};
return(message);
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
ApiKey keyFromRequest;
var requestMessage = new RequestMessageContext();
await this.Options.Events.OnRequestAsync(requestMessage);
if (requestMessage.Result != null)
{
return(requestMessage.Result);
}
keyFromRequest = requestMessage.Key;
if (keyFromRequest == null)
{
// Get clientid and key from the authorization header or another header
if (this.Options.HeaderName.Equals("Authorization", StringComparison.OrdinalIgnoreCase))
{
requestMessage = GetApiKeyFromAuthorizationHeader();
}
else
{
requestMessage = GetApiKeyFromHeader();
}
}
if (requestMessage.Result != null)
{
return(requestMessage.Result);
}
if (requestMessage?.Key?.ClientID == null)
{
this.Logger.LogInformation("ClientID not provided or is malformed.");
return(AuthenticateResult.Fail("Client is not valid."));
}
var keyFromStore = await _keyStore.GetKeyAsync(requestMessage.Key.ClientID);
if (keyFromStore == null)
{
this.Logger.LogInformation("Failed to locate the API key.");
return(AuthenticateResult.Fail("Client is not valid."));
}
if (!(await this.Options.KeyValidator.ValidateKeyAsync(keyFromStore, requestMessage.Key)))
{
this.Logger.LogInformation("Key is not valid.");
return(AuthenticateResult.Fail("Invalid Key"));
}
//var keyValidated = await RunKeyValidatedEventAsync(keyFromStore, key);
//if (keyValidated.Result != null)
//{
// keyValidated.Result.Handled
//}
var principal = await CreateUserAsync(requestMessage.Key);
//TODO: Hook for options to modify claims/user
return(AuthenticateResult.Success(new AuthenticationTicket(principal, this.Scheme.Name)));
}