/// <summary>
/// Raises the Authenticate event
/// </summary>
private void OnAuthenticateRequest(AuthenticationArgs e)
{
if (AuthenticateRequest != null)
{
AuthenticateRequest(this, e);
}
}
private void FileWebDAVModule_Authentication(object sender, AuthenticationArgs e)
{
String solutionName = SolutionFromUri(e.RequestUri);
if (!String.IsNullOrEmpty(solutionName))
{
e.ProcessAuthorization = true;
e.Realm = solutionName;
}
else
{
e.ProcessAuthorization = false;
}
}
void context_EndRequest(object sender, EventArgs e)
{
HttpApplication _httpApp = (HttpApplication)sender;
if (_httpApp.Response.StatusCode == 401)
{
AuthenticationArgs _authArgs = (AuthenticationArgs)_httpApp.Context.Items["WebDAVModule_AuthArgs"];
if (_authArgs != null)
{
switch (this.ModuleAuthentication)
{
case Authentication.Basic:
string _authHeader = String.Format("Basic realm=\"{0}\"", _authArgs.Realm);
_httpApp.Response.AppendHeader("WWW-Authenticate", _authHeader);
break;
case Authentication.Digest:
bool _isNonceStale = false;
if (_httpApp.Context.Items["WebDAVModule_DigestStaleNonce"] != null)
{
_isNonceStale = (bool)_httpApp.Context.Items["WebDAVModule_DigestStaleNonce"];
}
StringBuilder _digestHeader = new StringBuilder("Digest");
_digestHeader.Append(" realm=\"");
_digestHeader.Append(_authArgs.Realm);
_digestHeader.Append("\"");
_digestHeader.Append(", nonce=\"");
_digestHeader.Append(this.GetCurrentNonce());
_digestHeader.Append("\"");
_digestHeader.Append(", opaque=\"0000000000000000\"");
_digestHeader.Append(", stale=");
_digestHeader.Append(!_isNonceStale ? "false" : "true");
_digestHeader.Append(", algorithm=MD5");
_digestHeader.Append(", qop=\"auth\"");
_httpApp.Response.AppendHeader("WWW-Authenticate", _digestHeader.ToString());
break;
}
}
}
}
public Task <AuthResult> Authenticate(AuthenticationArgs args)
{
return(Task.Run(() => AuthResult.Success));
}
private void context_AuthenticateRequest(object sender, EventArgs e)
{
bool _requestAuthorized = true;
HttpApplication _httpApp = (HttpApplication)sender;
//Since we are processing all wildcards...
// The web project will not load if we intercept its request.
// Therefore... if the User-Agent is the studio... do nothing
if (_httpApp.Request.Headers["User-Agent"] != null && !_httpApp.Request.Headers["User-Agent"].StartsWith("Microsoft-Visual-Studio.NET"))
{
//Check to see if the request needs to be authenticated
if (this.ModuleAuthentication != Authentication.None)
{
AuthenticationArgs _authArgs = new AuthenticationArgs(_httpApp.Request.Url, "", this.ModuleAuthentication);
AuthorizationArgs _authorizationArgs = new AuthorizationArgs(_authArgs);
//Fire the event
this.OnAuthenticateRequest(_authArgs);
if (_authArgs.ProcessAuthorization)
{
_httpApp.Context.Items["WebDAVModule_AuthArgs"] = _authArgs;
string _authStr = _httpApp.Request.Headers["Authorization"];
switch (this.ModuleAuthentication)
{
case Authentication.Basic:
//By default the request is not authorized
_requestAuthorized = false;
if (!string.IsNullOrEmpty(_authStr) && _authStr.StartsWith("Basic"))
{
byte[] _decodedBytes = Convert.FromBase64String(_authStr.Substring(6));
string[] _authInfo = System.Text.Encoding.ASCII.GetString(_decodedBytes).Split(':');
BasicAuthorizationArgs _basicAuthArgs = new BasicAuthorizationArgs(_authInfo[0], _authInfo[1], _authArgs.Realm);
//Set the authorization username
_authorizationArgs.UserName = _basicAuthArgs.UserName;
//Fire the event
this.OnBasicAuthorization(_basicAuthArgs);
if (_basicAuthArgs.Authorized)
{
_requestAuthorized = true;
_httpApp.Context.User = new GenericPrincipal(new GenericIdentity(_basicAuthArgs.UserName, "Basic"), null);
}
_authorizationArgs.RequestAuthorized = _requestAuthorized;
//Fire the event
this.OnAuthorizationComplete(_authorizationArgs);
}
break;
case Authentication.Digest:
//By default the request is not authorized
_requestAuthorized = false;
if (!string.IsNullOrEmpty(_authStr) && _authStr.StartsWith("Digest"))
{
_authStr = _authStr.Substring(7);
SortedList <string, string> _authItems = new SortedList <string, string>();
foreach (string _authItem in _authStr.Split(','))
{
string[] _authItemArray = _authItem.Split('=');
string _authKey = _authItemArray[0].Trim(new char[] { ' ', '\"' });
string _authValue = _authItemArray[1].Trim(new char[] { ' ', '\"' });
_authItems[_authKey] = _authValue;
}
DigestAuthorizationArgs _digestAuthArgs = new DigestAuthorizationArgs(_authItems["username"], _authItems["realm"]);
//Set the authorization username
_authorizationArgs.UserName = _digestAuthArgs.UserName;
//Fire the event
this.OnDigestAuthorization(_digestAuthArgs);
//Validate password
string _userInfo = String.Format("{0}:{1}:{2}", _authItems["username"], _authArgs.Realm, _digestAuthArgs.Password);
string _hashedUserInfo = GetMD5HashBinHex(_userInfo);
string _uriInfo = String.Format("{0}:{1}", _httpApp.Request.HttpMethod, _authItems["uri"]);
string _hashedUriInfo = GetMD5HashBinHex(_uriInfo);
string _nonceInfo = null;
if (_authItems.ContainsKey("qop"))
{
_nonceInfo = String.Format
(
"{0}:{1}:{2}:{3}:{4}:{5}",
new object[] {
_hashedUserInfo,
_authItems["nonce"],
_authItems["nc"],
_authItems["cnonce"],
_authItems["qop"],
_hashedUriInfo
}
);
}
else
{
_nonceInfo = String.Format
(
"{0}:{1}:{2}",
_hashedUserInfo,
_authItems["nonce"],
_hashedUriInfo
);
}
string _hashedNonceInfo = GetMD5HashBinHex(_nonceInfo);
bool _staleNonce = !this.IsValidNonce(_authItems["nonce"]);
_httpApp.Context.Items["WebDAVModule_DigestStaleNonce"] = _staleNonce;
if (_authItems["response"] == _hashedNonceInfo && !_staleNonce)
{
_requestAuthorized = true;
_httpApp.Context.User = new GenericPrincipal(new GenericIdentity(_digestAuthArgs.UserName, "Digest"), null);
}
_authorizationArgs.RequestAuthorized = _requestAuthorized;
//Fire the event
this.OnAuthorizationComplete(_authorizationArgs);
}
break;
}
}
}
if (!_requestAuthorized)
{
DenyAccess(_httpApp);
}
else
{
//Check to see if we should process the request
DavModuleProcessRequestArgs _processRequestArgs = new DavModuleProcessRequestArgs(_httpApp.Request.Url, this.IsWebDAVRequest);
//Fire the event
this.OnProcessRequest(_processRequestArgs);
if (_processRequestArgs.ProcessRequest)
{
if (!string.IsNullOrEmpty(this.DebugFilePath))
{
WebDavProcessor.DebugFilePath = this.DebugFilePath;
}
this.__webDavProcessor.ProcessRequest(_httpApp);
}
//Fire the event
this.OnRequestProcessed();
}
}
}