protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
// Is this relevant to us?
if (!Request.Headers.TryGetValue(Options.HTTPHeader, out var authValue))
{
return(AuthenticateResult.NoResult());
}
// Is it a good pair?
var actualAuthValue = authValue.FirstOrDefault();
var apiValues = actualAuthValue.Split(':', 2);
if (apiValues.Length != 2 || String.IsNullOrEmpty(apiValues[0]) || String.IsNullOrEmpty(apiValues[1]))
{
return(AuthenticateResult.Fail($"Invalid authentication format, expected 'id:secret'"));
}
var customerAuthId = CustomerAuthenticationId.FromString(apiValues[0]);
var secret = apiValues[1];
var principal = await _membership.GetOneTimeLoginAsync(customerAuthId, secret, CredentialType.CustomerAPIKey);
if (principal == null)
{
return(AuthenticateResult.Fail("Invalid authentication provided, access denied."));
}
var ticket = new AuthenticationTicket(principal, Options.AuthenticationScheme);
return(AuthenticateResult.Success(ticket));
}
