public Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken)
{
context.Principal = null;
IEnumerable <string> headers;
if (context.Request.Headers.TryGetValues("accessToken", out headers) == true)
{
var accessToken = headers.First();
var user = UsersStorage.Find(accessToken, DateTime.Now);
if (user != null)
{
var getnericIdentiry = new GenericIdentity(user.Login);
getnericIdentiry.AddClaim(new Claim("Id", user.Id + ""));
getnericIdentiry.AddClaim(new Claim("Login", user.Login));
getnericIdentiry.AddClaim(new Claim("Password", user.Password));
getnericIdentiry.AddClaim(new Claim("AccessToken", accessToken));
context.Principal = new GenericPrincipal(getnericIdentiry, null);
}
else
{
context.ErrorResult = new AuthenticationErrorResult("Не действительный токен доступа.");
}
}
else
{
context.ErrorResult = new AuthenticationErrorResult("Не указан токен доступа.");
}
return(Task.FromResult <object>(null));
}
private HttpRequest Create(IOwinRequest owinRequest)
{
var request = new HttpRequest()
{
DateTime = DateTime.Now,
Host = owinRequest.Host.Value,
Method = owinRequest.Method,
Url = owinRequest.Path.Value,
QueryString = owinRequest.QueryString.Value
};
string[] headers;
if (owinRequest.Headers.TryGetValue("accessToken", out headers) == true)
{
var accessToken = headers.First();
var user = UsersStorage.Find(accessToken, DateTime.Now);
if (user != null)
{
request.Login = user.Login;
}
}
using (var reader = new StreamReader(owinRequest.Body, Encoding.UTF8))
{
request.Body = reader.ReadToEnd();
}
var memoryStream = new MemoryStream();
var bytesToWrite = Encoding.UTF8.GetBytes(request.Body);
memoryStream.Write(bytesToWrite, 0, bytesToWrite.Length);
memoryStream.Seek(0, SeekOrigin.Begin);
owinRequest.Body = memoryStream;
return(request);
}
