Exemplo n.º 1
0
        public void Authorize(HttpRequestHeader header)
        {
            if (!header.Headers.TryGetValue(cookieHeader, out IList <string> cookieHeaderValue))
            {
                if (!header.Headers.TryGetValue(authorizeHeader, out cookieHeaderValue))
                {
                    return;
                }
            }

            var cookies = CookieParser.CookiesFromString(cookieHeaderValue[0]);

            if (cookies.TryGetValue(cookieName, out string authCookieDataEncoded))
            {
                var authCookieDataEncrypted = Base64UrlEncoder.FromBase64String(authCookieDataEncoded);
                var authCookieDataBytes     = SymmetricEncryptor.Decrypt(encryptionAlgorithm, encryptionKey, authCookieDataEncrypted);
                var authCookieData          = Encoding.UTF8.GetString(authCookieDataBytes);
                if (authCookieData == "I can access this")
                {
                    var claims = new Claim[] {
                        new Claim(ClaimTypes.Authentication, Boolean.TrueString),
                        new Claim(ClaimTypes.NameIdentifier, "1234", ClaimValueTypes.String),
                        new Claim(ClaimTypes.Name, "Tester", ClaimValueTypes.String),
                        new Claim(ClaimTypes.Role, "Admin", ClaimValueTypes.String)
                    };

                    var identity  = new ClaimsIdentity(claims, "Cookies");
                    var principal = new ClaimsPrincipal(identity);
                    System.Threading.Thread.CurrentPrincipal = principal;
                }
            }
        }