/// <summary> /// Handles the AuthenticateRequest event of the HttpApplication. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param> private void context_AuthenticateRequest(object sender, EventArgs e) { // Don't read OAuth messages directed at the OAuth controller or else we'll fail nonce checks. if (this.IsOAuthControllerRequest()) { return; } using (var crypto = OAuthResourceServer.CreateRSA()) { var tokenAnalyzer = new SpecialAccessTokenAnalyzer(crypto, crypto); var resourceServer = new ResourceServer(tokenAnalyzer); var context = this.application.Context; Task.Run( async delegate { ProtocolFaultResponseException exception = null; try { IPrincipal principal = await resourceServer.GetPrincipalAsync(new HttpRequestWrapper(context.Request)); context.User = principal; return; } catch (ProtocolFaultResponseException ex) { exception = ex; } var errorResponse = await exception.CreateErrorResponseAsync(CancellationToken.None); await errorResponse.SendAsync(); }).Wait(); } }
/// <summary> /// Handles the AuthenticateRequest event of the HttpApplication. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param> private void context_AuthenticateRequest(object sender, EventArgs e) { // Don't read OAuth messages directed at the OAuth controller or else we'll fail nonce checks. if (this.IsOAuthControllerRequest()) { return; } using (var crypto = OAuthResourceServer.CreateRSA()) { var tokenAnalyzer = new SpecialAccessTokenAnalyzer(crypto, crypto); var resourceServer = new ResourceServer(tokenAnalyzer); IPrincipal principal; var errorMessage = resourceServer.VerifyAccess(new HttpRequestInfo(this.application.Context.Request), out principal); if (errorMessage == null) { this.application.Context.User = principal; } } }
protected override bool CheckAccessCore(OperationContext operationContext) { if (!base.CheckAccessCore(operationContext)) { return false; } var httpDetails = operationContext.RequestContext.RequestMessage.Properties[HttpRequestMessageProperty.Name] as HttpRequestMessageProperty; var requestUri = operationContext.RequestContext.RequestMessage.Properties.Via; return Task.Run( async delegate { using (var crypto = OAuthResourceServer.CreateRSA()) { var tokenAnalyzer = new SpecialAccessTokenAnalyzer(crypto, crypto); var resourceServer = new ResourceServer(tokenAnalyzer); ProtocolFaultResponseException exception = null; try { IPrincipal principal = await resourceServer.GetPrincipalAsync(httpDetails, requestUri, CancellationToken.None, operationContext.IncomingMessageHeaders.Action); var policy = new OAuthPrincipalAuthorizationPolicy(principal); var policies = new List<IAuthorizationPolicy> { policy, }; var securityContext = new ServiceSecurityContext(policies.AsReadOnly()); if (operationContext.IncomingMessageProperties.Security != null) { operationContext.IncomingMessageProperties.Security.ServiceSecurityContext = securityContext; } else { operationContext.IncomingMessageProperties.Security = new SecurityMessageProperty { ServiceSecurityContext = securityContext, }; } securityContext.AuthorizationContext.Properties["Identities"] = new List<IIdentity> { principal.Identity, }; return true; } catch (ProtocolFaultResponseException ex) { // Return the appropriate unauthorized response to the client. exception = ex; } catch (DotNetOpenAuth.Messaging.ProtocolException /* ex*/) { ////Logger.Error("Error processing OAuth messages.", ex); } var errorResponse = await exception.CreateErrorResponseAsync(CancellationToken.None); await errorResponse.SendAsync(); } return false; }).Result; }
protected override bool CheckAccessCore(OperationContext operationContext) { if (!base.CheckAccessCore(operationContext)) { return false; } var httpDetails = operationContext.RequestContext.RequestMessage.Properties[HttpRequestMessageProperty.Name] as HttpRequestMessageProperty; var requestUri = operationContext.RequestContext.RequestMessage.Properties.Via; using (var crypto = OAuthAuthorizationServer.CreateAsymmetricKeyServiceProvider()) { var tokenAnalyzer = new SpecialAccessTokenAnalyzer(crypto, crypto); var resourceServer = new ResourceServer(tokenAnalyzer); try { IPrincipal principal; var errorResponse = resourceServer.VerifyAccess(httpDetails, requestUri, out principal); if (errorResponse == null) { var policy = new OAuthPrincipalAuthorizationPolicy(principal); var policies = new List<IAuthorizationPolicy> { policy, }; var securityContext = new ServiceSecurityContext(policies.AsReadOnly()); if (operationContext.IncomingMessageProperties.Security != null) { operationContext.IncomingMessageProperties.Security.ServiceSecurityContext = securityContext; } else { operationContext.IncomingMessageProperties.Security = new SecurityMessageProperty { ServiceSecurityContext = securityContext, }; } securityContext.AuthorizationContext.Properties["Identities"] = new List<IIdentity> { principal.Identity, }; // Only allow this method call if the access token scope permits it. if (principal.IsInRole(operationContext.IncomingMessageHeaders.Action)) { return true; } } } catch (ProtocolException /*ex*/) { ////Logger.Error("Error processing OAuth messages.", ex); } } return false; }
/// <summary> /// Handles the AuthenticateRequest event of the HttpApplication. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param> private void context_AuthenticateRequest(object sender, EventArgs e) { // Don't read OAuth messages directed at the OAuth controller or else we'll fail nonce checks. if (this.IsOAuthControllerRequest()) { return; } using (var crypto = OAuthResourceServer.CreateRSA()) { var tokenAnalyzer = new SpecialAccessTokenAnalyzer(crypto, crypto); var resourceServer = new ResourceServer(tokenAnalyzer); try { IPrincipal principal = resourceServer.GetPrincipal(new HttpRequestWrapper(this.application.Context.Request)); this.application.Context.User = principal; } catch (ProtocolFaultResponseException ex) { ex.CreateErrorResponse().Send(); } } }