/// <summary>
/// Handles all request comming into server
/// </summary>
/// <param name="request">request being sent to server</param>
/// <param name="cancellationToken">operation </param>
/// <returns>success</returns>
protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
try
{
//get token from request
string token = new RequestTransformer().GetToken(request);
if (token == null)
{
return(base.SendAsync(request, cancellationToken));
}
// check if token is valid. returns principals
var incommingprincipal = new VerifyJWT().VerifyToken(token);
// Authenticates principals and gets user claims fromd db
ClaimsPrincipal AuthenticatedPrincipal = new ClaimsTransformer().Authenticate(incommingprincipal);
// create IPrincipal
IPrincipal principal = AuthenticatedPrincipal;
// run thread in principal
Thread.CurrentPrincipal = principal;
HttpContext.Current.User = principal;
return(base.SendAsync(request, cancellationToken));
}
catch (Exception)
{
// send to unauthenticated
return(UnAuthenticated());
}
}
public void ValidTokenWithoutScheme()
{
HttpRequestMessage request = mockData.NoSchemeValidTokenRequestMessage();
RequestTransformer test = new RequestTransformer();
string token = test.GetToken(request);
Assert.Null(token);
}
public void NoTokenInParam()
{
HttpRequestMessage request = mockData.EmptyAuthorizationParam();
RequestTransformer test = new RequestTransformer();
string token = test.GetToken(request);
Assert.Null(token);
}
public void ValidToken()
{
HttpRequestMessage request = mockData.validRequestMessage();
RequestTransformer test = new RequestTransformer();
string mockToken = mockData.VALID_TOKEN_WITHOUT_SCHEME;
string tokenFromRequest = test.GetToken(request);
Assert.Equal(mockToken, tokenFromRequest);
}
/// <summary>
/// Sso Authenticate Handler
/// </summary>
/// <param name="request">request being sent to server</param>
/// <param name="cancellationToken">operation </param>
/// <returns>success</returns>
protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
try
{
var token = new RequestTransformer().GetToken(request);
if (token == null)
{
return(base.SendAsync(request, cancellationToken));
}
var incommingPrincipal = new VerifyJWT().SsoVerifyToken(token);
Thread.CurrentPrincipal = incommingPrincipal;
HttpContext.Current.User = incommingPrincipal;
return(base.SendAsync(request, cancellationToken));
}
catch (NullReferenceException)
{
// send to unauthenticated
return(UnAuthenticated());
}
}
