public AuthenticationHandler(HttpAuthentication authentication, HttpConfiguration httpConfiguration = null)
{
_authN = authentication;
if (httpConfiguration != null)
{
InnerHandler = new HttpControllerDispatcher(httpConfiguration);
}
}
public AuthenticationHandler(HttpAuthentication authentication, HttpConfiguration httpConfiguration = null)
{
_authN = authentication;
if (httpConfiguration != null)
{
InnerHandler = new HttpControllerDispatcher(httpConfiguration);
}
}
private static bool AuthorizeRequest(HttpRequestMessage request)
{
var authN = new HttpAuthentication(WebApiConfig.Configuration);
// Code to minimize time after token expiration when token is still successfully validated. Just for test purposes!
authN.Configuration.Mappings.First().TokenHandler.Configuration.MaxClockSkew = TimeSpan.FromSeconds(3);
ClaimsPrincipal principal;
try
{
principal = authN.Authenticate(request);
}
catch (SecurityTokenValidationException)
{
return false;
}
return principal.Identity.IsAuthenticated;
}
public IHttpActionResult Get(HttpRequestMessage request)
{
var authN = new HttpAuthentication(WebApiConfig.Configuration);
// Code to minimize time after token expiration when token is still successfully validated. Just for test purposes!
authN.Configuration.Mappings.First().TokenHandler.Configuration.MaxClockSkew = TimeSpan.FromSeconds(3);
try
{
ClaimsPrincipal principal = authN.Authenticate(request);
if (principal.Identity.IsAuthenticated == false)
{
return StatusCode(HttpStatusCode.Forbidden);
}
} catch (SecurityTokenValidationException)
{
return StatusCode(HttpStatusCode.Forbidden);
}
return Ok();
}
public AuthenticationHandler(HttpAuthentication authentication, HttpMessageHandler innerHandler)
{
_authN = authentication;
InnerHandler = innerHandler;
}
public AuthenticationHandler(HttpAuthentication authentication, HttpMessageHandler innerHandler)
{
_authN = authentication;
InnerHandler = innerHandler;
}
