public void Unregister(HttpEndpoinConfiguration endpointConfiguration)
{
HttpEndpoinConfiguration removedObject;
// Add the endpoint to registration list
_registeredEndpoints.TryRemove(endpointConfiguration.Id, out removedObject);
}
public void Register(HttpEndpoinConfiguration endpointConfiguration)
{
// Add the endpoint to registration list
_registeredEndpoints.TryAdd(endpointConfiguration.Id, endpointConfiguration);
}
/// <summary>
/// Authenticates a request.
/// </summary>
/// <param name="authorizationHeader">Authorization header</param>
/// <param name="endpoint">Endpoint configuration</param>
/// <exception cref="AuthenticationException">Thrown if authentication failed</exception>
private void AuthenticateRequest(string authorizationHeader, HttpEndpoinConfiguration endpoint)
{
if ((endpoint.Authentication == null) || (endpoint.Authentication.Type == AuthenticationType.None))
{
return;
}
switch (endpoint.Authentication.Type)
{
case AuthenticationType.Basic:
if (!string.IsNullOrWhiteSpace(authorizationHeader) && authorizationHeader.StartsWith("Basic "))
{
// Get the username & password from the header:
string credentialsStr;
try
{
var credentialsBase64 = authorizationHeader.Substring(6).Trim(); // Strip the "Basic " string from auth header
credentialsStr = Encoding.UTF8.GetString(Convert.FromBase64String(credentialsBase64));
}
catch (FormatException ex)
{
_logger.Warning("Client credentials were incorrectly encoded to base64 format", ex);
throw new AuthenticationException("Username and password are required to be in Authorization header in base64 encoded format");
}
var credentials = credentialsStr.Split(':');
if (credentials.Length != 2)
{
_logger.Warning("Client didn't provide credentials in a correct 'username:password' format");
throw new AuthenticationException("Username or password was incorrect");
}
var username = credentials[0];
var password = credentials[1];
// Check if the header credentials match the configured endpoint credentials:
if (!(string.Equals(endpoint.Authentication.Credentials.UserName, username) &&
string.Equals(endpoint.Authentication.Credentials.Password, password)))
{
_logger.Warning("Client provided incorrect username or password");
throw new AuthenticationException("Username or password was incorrect");
}
}
else
{
_logger.Warning("Client didn't provide credentials for basic authenticated REST interface");
throw new AuthenticationException("This service requires basic authentication credentials in Authorization header");
}
break;
case AuthenticationType.ApiToken:
if (!string.IsNullOrWhiteSpace(authorizationHeader) && authorizationHeader.StartsWith("Bearer "))
{
var bearerToken = authorizationHeader.Substring(7); // Strip the "Bearer " string from auth header
if (!string.Equals(bearerToken, endpoint.Authentication.ApiToken))
{
_logger.Warning("Client didn't provide correct bearer token");
throw new AuthenticationException("Bearer token was incorrect");
}
}
else
{
_logger.Warning("Client didn't provide authorization header");
throw new AuthenticationException("This service requires bearer Authorization header");
}
break;
}
}
