protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
DateTimeOffset requestTime = DateTime.UtcNow;
if (!Request.Headers.TryGetValue(ApiKeyHeaderName, out var apiKeyHeaderValues))
{
return(AuthenticateResult.NoResult());
}
var providedApiKey = apiKeyHeaderValues.FirstOrDefault();
if (!apiKeyHeaderValues.Any() || string.IsNullOrWhiteSpace(providedApiKey))
{
return(AuthenticateResult.NoResult());
}
ApiKey apiKey = await _apiKeyRepository.FindByKey(providedApiKey);
if (apiKey != null && requestTime < apiKey.ValidUntil && requestTime > apiKey.ValidFrom)
{
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, apiKey.Owner.MerchantId.ToString())
};
var identity = new ClaimsIdentity(claims, Options.AuthenticationType);
var identities = new List <ClaimsIdentity> {
identity
};
var principal = new ClaimsPrincipal(identities);
var ticket = new AuthenticationTicket(principal, Options.Scheme);
return(AuthenticateResult.Success(ticket));
}
return(AuthenticateResult.Fail("Invalid API Key provided."));
}