public override bool AuthorizeHubConnection(HubDescriptor hubDescriptor, IRequest request)
{
IPrincipal p = null;
try
{
var key = request.Headers.SingleOrDefault(h => h.Key == "apikey").Value;
if (key == Settings.STSApiKey)
{
//branch just for STS calls
if (!AuthAndAddClaims(new RemoteSite
{
ApiKey = key,
Id = key,
OnPremDomainName = "CustomSTS",
SiteType = SiteTypes.LocalADOnly
}, ref p, request))
{
return(false);
}
request.Environment["server.User"] = p;
request.GetHttpContext().User = p;
return(true);
}
RemoteSite site = null;
var task = Task.Run(async() =>
{
site = await SiteUtils.AuthorizeApiAsync(key);
});
task.Wait();
if (site == null)
{
return(false);
}
//we're authenticated
if (!AuthAndAddClaims(site, ref p, request))
{
return(false);
}
request.Environment["server.User"] = p;
request.GetHttpContext().User = p;
return(true);
}
catch (Exception ex)
{
throw new Exception("Error authorizing access", ex);
}
}
public override void OnAuthorization(HttpActionContext actionContext)
{
try
{
var key = actionContext.Request.Headers.SingleOrDefault(h => h.Key == "apikey").Value.FirstOrDefault();
RemoteSite site = null;
var task = Task.Run(async() => {
site = await SiteUtils.AuthorizeApiAsync(key);
});
task.Wait();
if (site == null)
{
Unauthorized(ref actionContext);
base.OnAuthorization(actionContext);
return;
}
if (_isAdmin && site.SiteType != SiteTypes.MasterHQ)
{
Unauthorized(ref actionContext);
base.OnAuthorization(actionContext);
return;
}
//we're authenticated
var p = actionContext.RequestContext.Principal;
if (!AuthAndAddClaims(site, ref p))
{
Unauthorized(ref actionContext);
base.OnAuthorization(actionContext);
return;
}
actionContext.RequestContext.Principal = p;
base.OnAuthorization(actionContext);
return;
}
catch (Exception ex)
{
throw new Exception("Error authorizing access", ex);
}
}
