/// <copydoc cref="AuthenticationHandler.AuthenticateCoreAsync" /> protected override async Task <AuthenticationTicket> AuthenticateCoreAsync() { var request = Context.Request; var authorization = request.Headers.Authentication(); reasonPhrase = "Unauthorized"; if (authorization == null) { // No authentication, so ignore return(null); } if (authorization.Scheme != HmacAuthentication.AuthenticationScheme) { logger.WriteVerbose("Not HMAC authenticated"); // Not our scheme, so ignore return(null); } if (string.IsNullOrEmpty(authorization.Parameter)) { // Authentication was attempted but failed. Set ErrorResult to indicate an error. logger.WriteWarning("Missing credentials"); reasonPhrase = "Missing credentials"; return(null); } var httpRequest = request.ToHttpRequestMessage(); var identity = await authenticator.Authenticate(httpRequest); if (identity == null) { // Authentication was attempted but failed. Set ErrorResult to indicate an error. logger.WriteWarning("Invalid signature"); reasonPhrase = "Invalid signature"; return(null); } var ticket = new AuthenticationTicket(identity, null); return(ticket); }
protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { // Do we have authorization if (!AuthenticationHeaderValue.TryParse(Request.Headers["Authorization"], out var authorization)) { // No Authorization header, so ignore return(AuthenticateResult.NoResult()); } if (authorization.Scheme != Options.Scheme) { Logger.LogDebug("Not HMAC authenticated"); // Not our scheme, so ignore return(AuthenticateResult.NoResult()); } if (string.IsNullOrEmpty(authorization.Parameter)) { // Authentication was attempted but failed. Set ErrorResult to indicate an error. Logger.LogWarning("Missing credentials"); return(AuthenticateResult.Fail("Missing credentials")); } var httpRequest = new HttpRequestMessageFeature(Context); var identity = await authenticator.Authenticate(httpRequest.HttpRequestMessage); if (identity == null) { // Authentication was attempted but failed. Set ErrorResult to indicate an error. Logger.LogWarning("Invalid signature"); return(AuthenticateResult.Fail("Invalid signature")); } // Ok, wrap the identity in a principal and say we're ok. var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, Options.Scheme); return(AuthenticateResult.Success(ticket)); }