Пример #1
0
        public AuthResult Authenticate(AuthRequest authRequest)
        {
            OAuthRequestContext context = new OAuthRequestContext();

            IHttpContext httpContext = HttpContextWrapper.Wrap(authRequest.Context);

            try {
                ParseParameters(httpContext, context);
                SetConsumer(context);
                SetAccessToken(context);
                context.IsOAuthRequest = true;
            } catch (OAuthRequestException ex) {
                // The request may not be an OAuth request so don't pass the exception to the consumer
                context.AddError(ex);
                context.IsOAuthRequest = false;

                AuthResult error = new AuthResult(false, ex.Code, ex.Message);
                CopyParameters(context.ResponseParameters, error.OutputData);
                return error;
            }

            try {
                SetSignProvider(context);
                SetRequestId(context);
                SetSignature(httpContext, context);
            } catch (OAuthRequestException ex) {
                context.AddError(ex);

                AuthResult error = new AuthResult(false, ex.Code, ex.Message);
                CopyParameters(context.ResponseParameters, error.OutputData);
                return error;
            }

            UpdateAccessToken(httpContext, context);

            bool canAccess;

            try {
                canAccess = VerifyAccess(authRequest.PathName, httpContext, context);
            } catch (AuthenticationException ex) {
                AuthResult error = new AuthResult(false, ex.Code, ex.Message);
                CopyParameters(context.ResponseParameters, error.OutputData);
                return error;
            }

            AuthResult result = new AuthResult(canAccess);
            CopyParameters(context.ResponseParameters, result.OutputData);
            return result;
        }
Пример #2
0
 public AuthResult Authenticate(AuthenticationPoint authPoint, AuthRequest authRequest)
 {
     throw new NotImplementedException();
 }
Пример #3
0
        protected ResponseMessage HandleRequest(object context, RequestType type, string pathName, IDictionary<string, PathValue> args, Stream requestStream)
        {
            //TODO: allow having multiple handlers for the service ...
            HandlerContainer handler = GetMethodHandler(pathName);
            if (handler == null)
                throw new InvalidOperationException("No handler was found for the path '" + pathName + "' in this context.");

            if (!handler.Handler.CanHandleClientType(Type))
                throw new InvalidOperationException("The handler for the path '" + pathName + "' cannot support client of type '" + Type + "'.");

            IPathTransaction transaction;

            if (TransactionIdKey != null && (args != null && args.ContainsKey(TransactionIdKey))) {
                int tid = args[TransactionIdKey].ToInt32();
                transaction = GetTransaction(pathName, tid);
            } else {
                transaction = CreateTransaction(pathName);
            }

            ClientRequestMessage request = GetMethodRequest(type, ((PathTransaction) transaction), requestStream);
            if (args != null) {
                foreach(KeyValuePair<string, PathValue> pair in args) {
                    request.Attributes.Add(pair.Key, pair.Value);
                }
            }
            request.Seal();

            if (authenticator != null) {
                AuthRequest authRequest = new AuthRequest(context, pathName);
                foreach (KeyValuePair<string, object> pair in request.Attributes)
                    authRequest.AuthData.Add(pair.Key, new AuthObject(pair.Value));

                AuthResult authResult = authenticator.Authenticate(AuthenticationPoint.Client, authRequest);
                if (authResult != null) {
                    if (!authResult.Success) {
                        Logger.Info(authenticator, String.Format("Unauthorized: {0} ({1})", authResult.Message, authResult.Code));

                        ResponseMessage responseMessage = request.CreateResponse("error");
                        responseMessage.Code = MessageResponseCode.Unauthorized;
                        //TODO: Extend MessageError to include an error specific code ...
                        responseMessage.Arguments.Add(new MessageError(authResult.Message));
                        return responseMessage;
                    }

                    Logger.Info(authenticator, String.Format("Authorized: {0}", authResult.Message));
                }
            }

            return handler.Handler.HandleRequest(request);
        }