Exemplo n.º 1
0
 /// <summary>
 /// Implements the interface method by invoking the related delegate method
 /// </summary>
 /// <param name="context">Contains information about the event</param>
 public virtual Task AuthenticationFailed(AuthenticationFailedContext context) => OnAuthenticationFailed(context);
Exemplo n.º 2
0
        protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
        {
            var events = Events as BasicEvents;

            try {
                // .NET Core as of 2.0 does not support HTTP auth on sockets
                // This is alternative solution to anonymous access in SessionController.GetPipe()
                // but it only works for local connections (which may be OK for VSC but it won't work
                // in VSC with remote or Docker containers.

                //if (Uri.TryCreate(CurrentUri, UriKind.Absolute, out var uri)) {
                //    if (uri.IsLoopback && !Request.IsHttps) {
                //        var claims = new[] {
                //            new Claim(ClaimTypes.Name, "RTVS"),
                //            new Claim(Claims.RUser, string.Empty),
                //        };
                //        var principal = new ClaimsPrincipal(new ClaimsIdentity(claims, BasicDefaults.AuthenticationScheme));
                //        var t = new AuthenticationTicket(principal, new AuthenticationProperties(), Scheme.Name);
                //        return AuthenticateResult.Success(t);
                //    }
                //}

                // retrieve authorization header
                string authorization = Request.Headers[HeaderNames.Authorization];

                if (string.IsNullOrEmpty(authorization))
                {
                    return(AuthenticateResult.NoResult());
                }

                if (!authorization.StartsWith(RequestHeaderPrefix, StringComparison.OrdinalIgnoreCase))
                {
                    return(AuthenticateResult.NoResult());
                }

                // retrieve credentials from header
                var encodedCredentials = authorization.Substring(RequestHeaderPrefix.Length);
                var decodedCredentials = default(string);
                try {
                    decodedCredentials = Encoding.UTF8.GetString(Convert.FromBase64String(encodedCredentials));
                } catch (Exception) {
                    return(AuthenticateResult.Fail("Invalid basic authentication header encoding."));
                }

                var index = decodedCredentials.IndexOf(':');
                if (index == -1)
                {
                    return(AuthenticateResult.Fail("Invalid basic authentication header format."));
                }

                var username      = decodedCredentials.Substring(0, index);
                var password      = decodedCredentials.Substring(index + 1);
                var signInContext = new BasicSignInContext(Context, Scheme, Options)
                {
                    Username = username,
                    Password = password,
                };

                await events.SignIn(signInContext);

                if (signInContext.Principal == null)
                {
                    return(AuthenticateResult.Fail("Invalid basic authentication credentials."));
                }

                var ticket = new AuthenticationTicket(signInContext.Principal, new AuthenticationProperties(), Scheme.Name);

                return(AuthenticateResult.Success(ticket));
            } catch (Exception ex) {
                var authenticationFailedContext = new AuthenticationFailedContext(Context, Scheme, Options)
                {
                    Exception = ex,
                };

                await events.AuthenticationFailed(authenticationFailedContext);

                if (authenticationFailedContext.Result != null)
                {
                    return(authenticationFailedContext.Result);
                }

                throw;
            }
        }
Exemplo n.º 3
0
        protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
        {
            try
            {
                // retrieve authorization header
                string authorization = Request.Headers[HeaderNames.Authorization];

                if (string.IsNullOrEmpty(authorization))
                {
                    return(AuthenticateResult.NoResult());
                }

                if (!authorization.StartsWith(RequestHeaderPrefix, StringComparison.OrdinalIgnoreCase))
                {
                    return(AuthenticateResult.NoResult());
                }

                // retrieve credentials from header
                var encodedCredentials = authorization.Substring(RequestHeaderPrefix.Length);
                var decodedCredentials = default(string);
                try
                {
                    decodedCredentials = Encoding.UTF8.GetString(Convert.FromBase64String(encodedCredentials));
                }
                catch (Exception)
                {
                    return(AuthenticateResult.Fail("Invalid basic authentication header encoding."));
                }

                var index = decodedCredentials.IndexOf(':');
                if (index == -1)
                {
                    return(AuthenticateResult.Fail("Invalid basic authentication header format."));
                }

                var username = decodedCredentials.Substring(0, index);
                var password = decodedCredentials.Substring(index + 1);

                // invoke sign in event
                var signInContext = new BasicSignInContext(Context, Scheme, Options)
                {
                    Username = username,
                    Password = password,
                };
                await Events.SignIn(signInContext);

                if (signInContext.Result != null)
                {
                    return(signInContext.Result);
                }

                // allow sign in event to modify received credentials
                username = signInContext.Username;
                password = signInContext.Password;

                // verify credentials against options
                BasicCredential credentials = null;
                for (var i = 0; i < Options.Credentials.Length; i++)
                {
                    var currentCredentials = Options.Credentials[i];

                    if (currentCredentials.Username == username && currentCredentials.Password == password)
                    {
                        credentials = currentCredentials;
                        break;
                    }
                }
                if (credentials == null)
                {
                    return(AuthenticateResult.Fail("Invalid basic authentication credentials."));
                }

                var claims = new Claim[credentials.Claims.Length + 1];
                claims[0] = new Claim(ClaimsIdentity.DefaultNameClaimType, credentials.Username);
                for (var i = 0; i < credentials.Claims.Length; i++)
                {
                    var currentClaim = credentials.Claims[i];

                    claims[i + 1] = new Claim(currentClaim.Type, currentClaim.Value);
                }

                var principal = new ClaimsPrincipal(new ClaimsIdentity(claims, Scheme.Name));

                var ticket = new AuthenticationTicket(principal, new AuthenticationProperties(), Scheme.Name);

                return(AuthenticateResult.Success(ticket));
            }
            catch (Exception ex)
            {
                var authenticationFailedContext = new AuthenticationFailedContext(Context, Scheme, Options)
                {
                    Exception = ex,
                };

                await Events.AuthenticationFailed(authenticationFailedContext);

                if (authenticationFailedContext.Result != null)
                {
                    return(authenticationFailedContext.Result);
                }

                throw;
            }
        }