internal static async Task <bool> IsAuthenticatedAsync(this HttpContext context, SharedOptionsBase options)
{
if (options.AllowAnonymous)
{
return(true);
}
var authSchemes = options.AuthenticationSchemes.Any()
? options.AuthenticationSchemes
: context.RequestServices.GetService <IAuthenticationSchemeProvider>()
.GetAllSchemesAsync().Result.Select(scheme => scheme.Name).ToArray();
foreach (var authScheme in authSchemes)
{
var cp = await context.AuthenticateAsync(authScheme);
if (cp == null || !cp.Succeeded)
{
continue;
}
context.User = cp.Principal;
break;
}
return(context.User != null && context.User.Identity.IsAuthenticated);
}
internal static async Task <bool> IsAuthorizedAsync(this HttpContext context, SharedOptionsBase options, ILibrary library, string policy)
{
var authService = context.RequestServices.GetService <IAuthorizationService>();
var policyProvider = context.RequestServices.GetService <IAuthorizationPolicyProvider>();
return(options.AllowAnonymous ||
await policyProvider.GetPolicyAsync(policy) == null ||
(await authService.AuthorizeAsync(context.User, new LibraryServerAuthorizationResource(context, library), policy)).Succeeded);
}
internal static bool IsAuthenticated(this HttpContext context, SharedOptionsBase options) => IsAuthenticatedAsync(context, options).Result;
internal static bool IsAuthorized(this HttpContext context, SharedOptionsBase options, ILibrary library, string policy) => IsAuthorizedAsync(context, options, library, policy).Result;