private static AuthenticationHandler GetDefaultAuthenticationHandler()
{
var authConfig = new AuthenticationConfiguration();
#region Basic Authentication
authConfig.AddBasicAuthentication((userName, password) => { return userName == password; });
#endregion
//#region SWT
//authConfig.Handler.AddSimpleWebToken(
// "SWT",
// Constants.Issuer,
// Constants.Realm,
// "Dc9Mpi3jbooUpBQpB/4R7XtUsa3D/ALSjTVvK8IUZbg=");
//#endregion
#region SAML2 tokens
var registry = new ConfigurationBasedIssuerNameRegistry();
registry.AddTrustedIssuer("D263DDCF598E716F0037380796A4A62DF017ADB8", "TEST");
var saml2Config = new SecurityTokenHandlerConfiguration();
saml2Config.AudienceRestriction.AllowedAudienceUris.Add(new Uri("https://test"));
saml2Config.IssuerNameRegistry = registry;
saml2Config.CertificateValidator = X509CertificateValidator.None;
authConfig.AddSaml2(saml2Config, AuthenticationOptions.ForAuthorizationHeader("Saml2"));
#endregion
var authHandler = new AuthenticationHandler(authConfig);
return authHandler;
}
public static void MapRebarODataRoute(
this HttpConfiguration config,
string routeName,
string routePrefix,
IEdmModel model,
IEnumerable<Func<DelegatingHandler>> handlers,
string serviceIdentifier = null)
{
if (config == null)
{
throw new ArgumentNullException("config");
}
HttpMessageHandler delegatingHandler;
if (handlers != null)
{
delegatingHandler = HttpClientFactory.CreatePipeline(new HttpControllerDispatcher(config), handlers.Select(x => x()));
}
else
{
delegatingHandler = HttpClientFactory.CreatePipeline(new HttpControllerDispatcher(config), null);
}
DelegatingHandler handler;
var uriBuilder = new UriBuilder();
var disableSecurity = ConfigurationManager.AppSettings[DisableSecuritySetting];
var isSecurityDisabled = !string.IsNullOrWhiteSpace(disableSecurity) && bool.Parse(disableSecurity);
if (uriBuilder.Host.Equals("localhost", StringComparison.OrdinalIgnoreCase) && isSecurityDisabled)
{
handler = new EmptyAuthenticationHandler(delegatingHandler);
}
else
{
var identifier = serviceIdentifier ?? ((NameValueCollection)ConfigurationManager.GetSection("accenture.security.eso.service"))["Services:Identifier"];
var authConfig = new AuthenticationConfiguration { RequireSsl = false, SetPrincipalOnRequestInstance = true };
authConfig.AddMsftJsonWebToken(identifier);
handler = new AuthenticationHandler(authConfig, delegatingHandler);
}
// Create the default odata route using regular conventions
config.MapODataServiceRoute(
routeName: routeName,
routePrefix: routePrefix,
model: model,
pathHandler: new DefaultODataPathHandler(),
routingConventions: ODataRoutingConventions.CreateDefaultWithAttributeRouting(config, model),
defaultHandler: handler);
}
private void RegisterAuth(HttpConfiguration config)
{
// NOTE: You need to get into the ASP.NET Web API pipeline
// in order to retrieve the session token.
// e.g: GET /token should get you the token but instead you get 404.
// but GET /api/token works as you are inside the ASP.NET Web API pipeline now.
var auth = new AuthenticationConfiguration {
// ClaimsAuthenticationManager = new ClaimsTransformer(),
DefaultAuthenticationScheme = "Basic",
EnableSessionToken = true // default lifetime is 10 hours
};
auth.AddBasicAuthentication(IsValid);
var authHandler = new AuthenticationHandler(auth);
config.MessageHandlers.Add(authHandler);
}
public static void Register(HttpConfiguration config)
{
var idsvrId = "http://idsrv.local/trust";
var cert = X509.LocalMachine.TrustedPeople.SubjectDistinguishedName.Find("CN=sts", false).Single();
{
var authConfig = new AuthenticationConfiguration();
authConfig.AddMsftJsonWebToken(
idsvrId,
"http://localhost/rp-adfs-webapi1",
cert);
var authHandler = new AuthenticationHandler(authConfig, config);
config.Routes.MapHttpRoute(
name: "test1",
routeTemplate: "api/test1",
defaults: new { controller = "Test1" },
constraints: null,
handler: authHandler
);
}
{
var authConfig = new AuthenticationConfiguration();
authConfig.AddMsftJsonWebToken(
idsvrId,
"http://localhost/rp-adfs-webapi2",
cert);
var authHandler = new AuthenticationHandler(authConfig, config);
config.Routes.MapHttpRoute(
name: "test2",
routeTemplate: "api/test2",
defaults: new { controller="Test2" },
constraints: null,
handler: authHandler
);
}
}
