internal static AuthenticationInternalResult ExecuteCAS(HttpContext httpContext) { lock (CASLocker) { if (casAuthenticatorData == null) { IAuthenticatorMethodCache cache = httpContext.RequestServices.GetRequiredService <IAuthenticatorMethodCache>(); casAuthenticatorData = cache.Get(typeof(CASAuthenticator)); } return(ExecuteAuthenticator(httpContext, casAuthenticatorData)); } }
internal AuthenticationInternalResult Authenticate(HttpContext httpContext) { if (authenticators.Length <= 0) { return(null); } IAuthenticatorMethodCache cache = httpContext.RequestServices.GetRequiredService <IAuthenticatorMethodCache>(); foreach (Type authenticator in authenticators) { if (AuthenticationHelper.IsValidAuthenticator(cache, authenticator, out AuthenticatorMetadata metadata)) { AuthenticationInternalResult result = AuthenticationHelper.ExecuteAuthenticator(httpContext, metadata); if (result != null) { return(result); } } } return(null); }
internal static bool IsValidAuthenticator(IAuthenticatorMethodCache cache, Type authenticator, out AuthenticatorMetadata authenticateMethod) { authenticateMethod = cache.Get(authenticator); return(authenticateMethod != null); }
// if casResult == null, the url does not contain ticket private static void CheckRequestUrl(HttpContext httpContext, out AuthenticationInternalResult casResult) { HttpRequest request = httpContext.Request; ICASOption option = httpContext.RequestServices.GetRequiredService <ICASOption>(); IQueryCollection query = request.Query; string rawurl = request.GetDisplayUrl(); if (query.TryGetValue("ticket", out StringValues ticketValue)) { string ticket = ticketValue.ToArray()[0]; string url = request.GetDisplayUrl(); // remove ticket url = Regex.Replace(url, @"ticket\=[^\&]+\&?", ""); while (url[url.Length - 1] == '&' || url[url.Length - 1] == '?') { url = url.Substring(0, url.Length - 1); } string querystr = request.QueryString.Value; querystr = Regex.Replace(querystr, @"ticket\=[^\&]+\&?", ""); while (querystr.Length > 0 && (querystr[querystr.Length - 1] == '&' || querystr[querystr.Length - 1] == '?')) { querystr = querystr.Substring(0, querystr.Length - 1); } string url_not_escaped = url; url = url.EscapeAll(); string target = $"{option.ValidateUrl}?service={url}&ticket={ticket}"; request.QueryString = new QueryString(querystr); // validate // if true, set session try { HttpClient client = new HttpClient(); HttpRequestMessage validateRequest = new HttpRequestMessage() { Method = HttpMethod.Get, RequestUri = new Uri(target) }; validateRequest.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue(option.ResponseAccept)); using (HttpResponseMessage response = client.SendAsync(validateRequest).GetAwaiter().GetResult()) { if (response.StatusCode == System.Net.HttpStatusCode.OK) { string message = response.Content.ReadAsStringAsync().GetAwaiter().GetResult(); Type handlerType = option.ResponseHandler; ICASResponseHandler handler = (ICASResponseHandler)ActivatorUtilities.CreateInstance(httpContext.RequestServices, handlerType); IUser user = handler.Invoke(httpContext, message, url_not_escaped, out string redirect_url); if (redirect_url != null) { casResult = new AuthenticationInternalResult(false, redirect_url, null, null); return; } if (user == null) { casResult = new AuthenticationInternalResult(true, null, null, null); return; } else { lock (CASLocker) { if (casAuthenticatorData == null) { IAuthenticatorMethodCache cache = httpContext.RequestServices.GetRequiredService <IAuthenticatorMethodCache>(); casAuthenticatorData = cache.Get(typeof(CASAuthenticator)); } } casResult = new AuthenticationInternalResult(false, null, user, casAuthenticatorData); return; } } } } catch { casResult = null; } } casResult = null; }