private static AuthenticationHandler GetDefaultAuthenticationHandler() { var authConfig = new AuthenticationConfiguration(); #region Basic Authentication authConfig.AddBasicAuthentication((userName, password) => { return userName == password; }); #endregion //#region SWT //authConfig.Handler.AddSimpleWebToken( // "SWT", // Constants.Issuer, // Constants.Realm, // "Dc9Mpi3jbooUpBQpB/4R7XtUsa3D/ALSjTVvK8IUZbg="); //#endregion #region SAML2 tokens var registry = new ConfigurationBasedIssuerNameRegistry(); registry.AddTrustedIssuer("D263DDCF598E716F0037380796A4A62DF017ADB8", "TEST"); var saml2Config = new SecurityTokenHandlerConfiguration(); saml2Config.AudienceRestriction.AllowedAudienceUris.Add(new Uri("https://test")); saml2Config.IssuerNameRegistry = registry; saml2Config.CertificateValidator = X509CertificateValidator.None; authConfig.AddSaml2(saml2Config, AuthenticationOptions.ForAuthorizationHeader("Saml2")); #endregion var authHandler = new AuthenticationHandler(authConfig); return authHandler; }
public static void MapRebarODataRoute( this HttpConfiguration config, string routeName, string routePrefix, IEdmModel model, IEnumerable<Func<DelegatingHandler>> handlers, string serviceIdentifier = null) { if (config == null) { throw new ArgumentNullException("config"); } HttpMessageHandler delegatingHandler; if (handlers != null) { delegatingHandler = HttpClientFactory.CreatePipeline(new HttpControllerDispatcher(config), handlers.Select(x => x())); } else { delegatingHandler = HttpClientFactory.CreatePipeline(new HttpControllerDispatcher(config), null); } DelegatingHandler handler; var uriBuilder = new UriBuilder(); var disableSecurity = ConfigurationManager.AppSettings[DisableSecuritySetting]; var isSecurityDisabled = !string.IsNullOrWhiteSpace(disableSecurity) && bool.Parse(disableSecurity); if (uriBuilder.Host.Equals("localhost", StringComparison.OrdinalIgnoreCase) && isSecurityDisabled) { handler = new EmptyAuthenticationHandler(delegatingHandler); } else { var identifier = serviceIdentifier ?? ((NameValueCollection)ConfigurationManager.GetSection("accenture.security.eso.service"))["Services:Identifier"]; var authConfig = new AuthenticationConfiguration { RequireSsl = false, SetPrincipalOnRequestInstance = true }; authConfig.AddMsftJsonWebToken(identifier); handler = new AuthenticationHandler(authConfig, delegatingHandler); } // Create the default odata route using regular conventions config.MapODataServiceRoute( routeName: routeName, routePrefix: routePrefix, model: model, pathHandler: new DefaultODataPathHandler(), routingConventions: ODataRoutingConventions.CreateDefaultWithAttributeRouting(config, model), defaultHandler: handler); }
private void RegisterAuth(HttpConfiguration config) { // NOTE: You need to get into the ASP.NET Web API pipeline // in order to retrieve the session token. // e.g: GET /token should get you the token but instead you get 404. // but GET /api/token works as you are inside the ASP.NET Web API pipeline now. var auth = new AuthenticationConfiguration { // ClaimsAuthenticationManager = new ClaimsTransformer(), DefaultAuthenticationScheme = "Basic", EnableSessionToken = true // default lifetime is 10 hours }; auth.AddBasicAuthentication(IsValid); var authHandler = new AuthenticationHandler(auth); config.MessageHandlers.Add(authHandler); }
public static void Register(HttpConfiguration config) { var idsvrId = "http://idsrv.local/trust"; var cert = X509.LocalMachine.TrustedPeople.SubjectDistinguishedName.Find("CN=sts", false).Single(); { var authConfig = new AuthenticationConfiguration(); authConfig.AddMsftJsonWebToken( idsvrId, "http://localhost/rp-adfs-webapi1", cert); var authHandler = new AuthenticationHandler(authConfig, config); config.Routes.MapHttpRoute( name: "test1", routeTemplate: "api/test1", defaults: new { controller = "Test1" }, constraints: null, handler: authHandler ); } { var authConfig = new AuthenticationConfiguration(); authConfig.AddMsftJsonWebToken( idsvrId, "http://localhost/rp-adfs-webapi2", cert); var authHandler = new AuthenticationHandler(authConfig, config); config.Routes.MapHttpRoute( name: "test2", routeTemplate: "api/test2", defaults: new { controller="Test2" }, constraints: null, handler: authHandler ); } }