public static async Task <bool> AuthenticateAsync(IRequest req, object requestDto = null, IAuthSession session = null, IAuthProvider[] authProviders = null)
{
if (HostContext.HasValidAuthSecret(req))
{
return(true);
}
session ??= await(req ?? throw new ArgumentNullException(nameof(req))).GetSessionAsync().ConfigAwait();
authProviders ??= AuthenticateService.GetAuthProviders();
var authValidate = HostContext.GetPlugin <AuthFeature>()?.OnAuthenticateValidate;
var ret = authValidate?.Invoke(req);
if (ret != null)
{
return(false);
}
req.PopulateFromRequestIfHasSessionId(requestDto);
if (!req.Items.ContainsKey(Keywords.HasPreAuthenticated))
{
//Unauthorized or invalid requests will terminate the response and return false
var mockResponse = new BasicRequest().Response;
req.Items[Keywords.HasPreAuthenticated] = true;
foreach (var authWithRequest in authProviders.OfType <IAuthWithRequest>())
{
await authWithRequest.PreAuthenticateAsync(req, mockResponse).ConfigAwait();
if (mockResponse.IsClosed)
{
return(false);
}
}
foreach (var authWithRequest in authProviders.OfType <IAuthWithRequestSync>())
{
authWithRequest.PreAuthenticate(req, mockResponse);
if (mockResponse.IsClosed)
{
return(false);
}
}
}
var sessionIsAuthenticated = session != null && (authProviders.Length > 0
? authProviders.Any(x => session.IsAuthorized(x.Provider))
: session.IsAuthenticated);
return(sessionIsAuthenticated);
}
