public static async Task <string> AddKeyToQueryStringAsync( this IApiKeyProvider apiKeyProvider, string url, CancellationToken cancellationToken) { // Validate parameters. if (apiKeyProvider == null) { throw new ArgumentNullException(nameof(apiKeyProvider)); } if (string.IsNullOrWhiteSpace(url)) { throw new ArgumentNullException(nameof(url)); } // The key. const string name = "key"; // Get the value. string value = await apiKeyProvider .GetApiKeyAsync(cancellationToken) .ConfigureAwait(false); // Append and return. return(QueryHelpers.AddQueryString(url, name, value)); }
protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { string apiKey = default; if (Options.EnableHeaderAuthentication) { // First try setting from the header if enabled if (Request.Headers.TryGetValue(Options.ApiKeyHeader, out var apiKeyHeader)) { apiKey = apiKeyHeader.FirstOrDefault(); } } if (apiKey.IsNullOrWhitespace() && Options.EnableQueryStringAuthentication) { if (Request.Query.TryGetValue(Options.ApiKeyQueryString, out var apiKeyParameter)) { apiKey = apiKeyParameter.FirstOrDefault(); } } if (apiKey.IsNullOrWhitespace()) { return(AuthenticateResult.NoResult()); } var actualApiKey = await apiKeyProvider.GetApiKeyAsync(apiKey); if (actualApiKey == null) { return(AuthenticateResult.Fail("Invalid API Key.")); } IEnumerable <Claim> claims = new List <Claim> { new Claim(ClaimTypes.NameIdentifier, actualApiKey.UserId), }; if (actualApiKey.AdditionalClaims != null && actualApiKey.AdditionalClaims.Count() > 0) { claims = claims.Concat(actualApiKey.AdditionalClaims); } var authenticationTicket = new AuthenticationTicket( new ClaimsPrincipal( new List <ClaimsIdentity> { new ClaimsIdentity(claims, Options.Scheme), }), Options.Scheme); return(AuthenticateResult.Success(authenticationTicket)); }