protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
if (!Request.Headers.TryGetValue("Authorization", out var headerValue))
{
Logger.LogInformation("Missing authorization header.");
return(AuthenticateResult.Fail("Missing authorization header."));
}
if (!AuthenticationHeaderValue.TryParse(headerValue, out var authHeader))
{
Logger.LogInformation("Invalid authorization header.");
return(AuthenticateResult.Fail("Invalid authorization header."));
}
var jwt = authHeader.ToString().Replace("Bearer ", "").Trim();
if (!_JwtService.TryDecode(jwt, out var decodedClaims))
{
return(AuthenticateResult.Fail("Invalid jwt token"));
}
if (!decodedClaims.ContainsKey("id") || !decodedClaims.ContainsKey("access_token") || !await _JwtClaimValidator.Validate(decodedClaims))
{
return(AuthenticateResult.Fail("Invalid jwt token"));
}
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, decodedClaims["id"]),
new Claim(TheIdentityHubClaimTypes.AccessToken, decodedClaims["access_token"]),
};
var identity = new ClaimsIdentity(claims, Scheme.Name);
var principal = new ClaimsPrincipal(identity);
var ticket = new AuthenticationTicket(principal, Scheme.Name);
return(AuthenticateResult.Success(ticket));
}
