protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
string authHeader = request.Headers.GetValues("Authorization").First();
string header = "OAuth ";
string token = string.Empty;
if (string.CompareOrdinal(authHeader, 0, header, 0, header.Length) == 0)
{
token = authHeader.Remove(0, header.Length);
}
else
{
throw new HttpException((int)System.Net.HttpStatusCode.Unauthorized, "The authorization header was invalid");
}
var validator = new SimpleWebTokenValidator
{
SharedKeyBase64 = "yourtokensigningkey"
};
var swt = validator.ValidateToken(token);
return(base.SendAsync(request, cancellationToken));
}
/// <summary>
/// The authenticate.
/// </summary>
/// <param name="credentials">
/// The credentials.
/// </param>
/// <param name="flags">A general purpose flags set</param>
/// <returns>
/// The <see cref="AuthPayload"/>.
/// </returns>
public AuthPayload Authenticate(SecurityCredentials credentials, HashSet <string> flags = null)
{
AuthPayload result = null;
if (SimpleWebTokenValidator.Validate(credentials.Token, ResourceNamespace, String.Format(ResourceTemplate, credentials.Name),
TrustedSigningKey) == true)
{
result = new AuthPayload(new CustomIdentity(credentials.Token, credentials.Name, credentials.SecurityProviderName));
}
return(result);
}
/// <summary>
/// The is authorized.
/// </summary>
/// <param name="payload">
/// The payload.
/// </param>
/// <param name="roles">
/// The roles.
/// </param>
/// <returns>
/// The <see cref="bool"/>.
/// </returns>
public bool IsAuthorized(AuthPayload payload, string[] roles)
{
bool result = false;
Dictionary <string, string> parameters =
SimpleWebTokenValidator.ExtractTokenProperties(payload.CustomIdentity.PresentedClientToken);
if (String.Equals(parameters["Audience"],
String.Format(ResourceTemplate, roles[0]), StringComparison.OrdinalIgnoreCase) == true)
{
result = true;
}
return(result);
}
public TokenData Get(IpData data)
{
// Validate security token
var validator = new SimpleWebTokenValidator
{
SharedKeyBase64 = "ZY+lm6+MQeWVSeMdV+apXAaaIGNTZT7ztfBskldOMn0="
};
Dictionary <string, string> claims;
try
{
claims = validator.ValidateToken(data.Token).Claims;
}
catch (HttpException e)
{
throw new BadRequestException(e);
}
catch (InvalidSecurityTokenException e)
{
throw new BadRequestException(e);
}
// Get values
string identityProvider = claims.Single(p => p.Key == CommonClaims.AcsIdentityProvider).Value;
return(new TokenData
{
UserIdentifier = claims.Single(p => p.Key == CommonClaims.NameIdentifier).Value,
Name = claims.SingleOrDefault(p => p.Key == CommonClaims.Name).Value,
Email = claims.SingleOrDefault(p => p.Key == CommonClaims.Email).Value,
IdentityProvider = IdentityTypeParser.ParseProviderType(identityProvider),
Token = GetToken(claims),
TokenSecret = GetTokenSecret(claims)
});
}
