/// <summary>
/// Executes the <see cref="DigestAccessAuthenticationMiddleware"/>.
/// </summary>
/// <param name="context">The context of the current request.</param>
/// <returns>A task that represents the execution of this middleware.</returns>
public override async Task Invoke(HttpContext context)
{
if (!AuthenticationUtility.TryAuthenticate(context, Options.RequireSecureConnection, AuthorizationHeaderParser, TryAuthenticate))
{
context.Response.StatusCode = AuthenticationUtility.HttpNotAuthorizedStatusCode;
string etag = context.Response.Headers[HeaderNames.ETag];
if (string.IsNullOrEmpty(etag))
{
etag = "no-entity-tag";
}
Func <string> opaqueGenerator = Options.OpaqueGenerator;
Func <byte[]> nonceSecret = Options.NonceSecret;
Func <DateTime, string, byte[], string> nonceGenerator = Options.NonceGenerator;
string staleNonce = context.Items["staleNonce"] as string ?? "FALSE";
context.Response.Headers.Add(HeaderNames.WWWAuthenticate, "{0} realm=\"{1}\", qop=\"{2}\", nonce=\"{3}\", opaque=\"{4}\", stale=\"{5}\", algorithm=\"{6}\"".FormatWith(
AuthenticationScheme,
Options.Realm,
DigestAuthenticationUtility.CredentialQualityOfProtectionOptions,
nonceGenerator(DateTime.UtcNow, etag, nonceSecret()),
opaqueGenerator(),
staleNonce,
DigestAuthenticationUtility.ParseAlgorithm(Options.Algorithm)));
await context.WriteHttpNotAuthorizedBody(Options.HttpNotAuthorizedBody).ContinueWithSuppressedContext();
return;
}
await Next.Invoke(context).ContinueWithSuppressedContext();
}
/// <summary>
/// Executes the <see cref="BasicAuthenticationMiddleware"/>.
/// </summary>
/// <param name="context">The context of the current request.</param>
/// <returns>A task that represents the execution of this middleware.</returns>
public override async Task Invoke(HttpContext context)
{
if (!AuthenticationUtility.TryAuthenticate(context, Options.RequireSecureConnection, AuthorizationHeaderParser, TryAuthenticate))
{
context.Response.StatusCode = AuthenticationUtility.HttpNotAuthorizedStatusCode;
context.Response.Headers.Add(HeaderNames.WWWAuthenticate, "{0} realm=\"{1}\"".FormatWith(AuthenticationScheme, Options.Realm));
await context.WriteHttpNotAuthorizedBody(Options.HttpNotAuthorizedBody).ContinueWithSuppressedContext();
return;
}
await Next.Invoke(context).ContinueWithSuppressedContext();
}
private Template <string, string> AuthorizationHeaderParser(HttpContext context, string authorizationHeader)
{
if (AuthenticationUtility.IsAuthenticationSchemeValid(authorizationHeader, Options.AuthenticationScheme) && authorizationHeader.Length > Options.AuthenticationScheme.Length)
{
var credentials = authorizationHeader.Remove(0, Options.AuthenticationScheme.Length + 1).Split(':');
if (credentials.Length == 2)
{
var publicKey = credentials[0];
var signature = credentials[1];
if (!publicKey.IsNullOrWhiteSpace() && !signature.IsNullOrWhiteSpace())
{
return(TupleUtility.CreateTwo(publicKey, signature));
}
}
}
return(null);
}
private Dictionary <string, string> AuthorizationHeaderParser(HttpContext context, string authorizationHeader)
{
if (AuthenticationUtility.IsAuthenticationSchemeValid(authorizationHeader, AuthenticationScheme))
{
string digestCredentials = authorizationHeader.Remove(0, AuthenticationScheme.Length + 1);
string[] credentials = digestCredentials.Split(AuthenticationUtility.DigestAuthenticationCredentialSeparator);
if (IsDigestCredentialsValid(credentials))
{
Dictionary <string, string> result = new Dictionary <string, string>(StringComparer.OrdinalIgnoreCase);
for (int i = 0; i < credentials.Length; i++)
{
string[] credentialPair = StringUtility.Split(credentials[i], "=");
result.Add(credentialPair[0].Trim(), Converter.Parse(credentialPair[1], QuotedStringParser));
}
return(IsDigestCredentialsValid(result) ? result : null);
}
}
return(null);
}
private Template <string, string> AuthorizationHeaderParser(HttpContext context, string authorizationHeader)
{
if (AuthenticationUtility.IsAuthenticationSchemeValid(authorizationHeader, AuthenticationScheme))
{
string base64Credentials = authorizationHeader.Remove(0, AuthenticationScheme.Length + 1);
if (StringUtility.IsBase64(base64Credentials))
{
string[] credentials = StringConverter.FromBytes(Convert.FromBase64String(base64Credentials), options =>
{
options.Encoding = EncodingUtility.AsciiEncoding;
options.Preamble = PreambleSequence.Remove;
}).Split(AuthenticationUtility.BasicAuthenticationCredentialSeparator);
if (credentials.Length == 2 &&
!string.IsNullOrEmpty(credentials[0]) &&
!string.IsNullOrEmpty(credentials[1]))
{
return(TupleUtility.CreateTwo(credentials[0], credentials[1]));
}
}
}
return(null);
}