public static async Task <string> AddKeyToQueryStringAsync(
this IApiKeyProvider apiKeyProvider,
string url,
CancellationToken cancellationToken)
{
// Validate parameters.
if (apiKeyProvider == null)
{
throw new ArgumentNullException(nameof(apiKeyProvider));
}
if (string.IsNullOrWhiteSpace(url))
{
throw new ArgumentNullException(nameof(url));
}
// The key.
const string name = "key";
// Get the value.
string value = await apiKeyProvider
.GetApiKeyAsync(cancellationToken)
.ConfigureAwait(false);
// Append and return.
return(QueryHelpers.AddQueryString(url, name, value));
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
string apiKey = default;
if (Options.EnableHeaderAuthentication)
{
// First try setting from the header if enabled
if (Request.Headers.TryGetValue(Options.ApiKeyHeader, out var apiKeyHeader))
{
apiKey = apiKeyHeader.FirstOrDefault();
}
}
if (apiKey.IsNullOrWhitespace() && Options.EnableQueryStringAuthentication)
{
if (Request.Query.TryGetValue(Options.ApiKeyQueryString, out var apiKeyParameter))
{
apiKey = apiKeyParameter.FirstOrDefault();
}
}
if (apiKey.IsNullOrWhitespace())
{
return(AuthenticateResult.NoResult());
}
var actualApiKey = await apiKeyProvider.GetApiKeyAsync(apiKey);
if (actualApiKey == null)
{
return(AuthenticateResult.Fail("Invalid API Key."));
}
IEnumerable <Claim> claims = new List <Claim>
{
new Claim(ClaimTypes.NameIdentifier, actualApiKey.UserId),
};
if (actualApiKey.AdditionalClaims != null && actualApiKey.AdditionalClaims.Count() > 0)
{
claims = claims.Concat(actualApiKey.AdditionalClaims);
}
var authenticationTicket = new AuthenticationTicket(
new ClaimsPrincipal(
new List <ClaimsIdentity>
{
new ClaimsIdentity(claims, Options.Scheme),
}), Options.Scheme);
return(AuthenticateResult.Success(authenticationTicket));
}
