//Also shared by RequiredRoleAttribute and RequiredPermissionAttribute public static User AuthenticateBasicAuth(IHttpRequest req, IHttpResponse res) { var userCredentialsPair = req.GetBasicAuthUserAndPassword(); var email = userCredentialsPair.HasValue ? userCredentialsPair.Value.Key : String.Empty; var password = userCredentialsPair.HasValue ? userCredentialsPair.Value.Value : String.Empty; User user = null; bool isValid = false; using (var session = NHibernateHelper.OpenSession()) { using (var transaction = session.BeginTransaction()) { var userQuery = session.QueryOver <User>() .Where(table => table.Email == email) .And(table => table.Password == password); user = userQuery.SingleOrDefault(); transaction.Commit(); isValid = (user != null); } } if (!isValid) { res.StatusCode = (int)HttpStatusCode.Unauthorized; res.EndServiceStackRequest(); } return(user); }
public static ApiUser getUser(IHttpRequest request) { var basicAuth = request.GetBasicAuthUserAndPassword(); string key = basicAuth.Value.Key; string api_token = basicAuth.Value.Value; if (key.Length != 13 || !key[6].Equals('-')) { throw new HttpError(HttpStatusCode.Forbidden, "Org/Instance is not correct."); } string[] split = key.Split('-'); string org_key = split[0]; string instance_key = split[1]; if (api_token.Length != 32) { throw new HttpError(HttpStatusCode.Forbidden, "Token is not correct."); } ApiUser apiUser = new ApiUser(api_token); if (!apiUser.ValidateAccess(org_key, instance_key)) { throw new HttpError(HttpStatusCode.Forbidden, "User is Inactive or does not have access to this Organization/Instance"); } return(apiUser); }
//Also shared by RequiredRoleAttribute and RequiredPermissionAttribute public static User AuthenticateBasicAuth(IHttpRequest req, IHttpResponse res) { var userCredentialsPair = req.GetBasicAuthUserAndPassword(); var email = userCredentialsPair.HasValue ? userCredentialsPair.Value.Key : String.Empty; var password = userCredentialsPair.HasValue ? userCredentialsPair.Value.Value : String.Empty; User user = null; bool isValid = false; using (var session = NHibernateHelper.OpenSession()) { using (var transaction = session.BeginTransaction()) { var userQuery = session.QueryOver<User>() .Where(table => table.Email == email) .And(table => table.Password == password); user = userQuery.SingleOrDefault(); transaction.Commit(); isValid = (user != null); } } if (!isValid) { res.StatusCode = (int)HttpStatusCode.Unauthorized; res.EndServiceStackRequest(); } return user; }
public void Authorize(IHttpRequest httpRequest, IHttpResponse httpResponse, object arg3) { var apikey = httpRequest.GetBasicAuthUserAndPassword(); bool authorized = IsAuthorized(apikey); if (!authorized) { httpResponse.ReturnAuthRequired(); return; } // Don't need to do anything if a valid API key }
public static void AuthenticateIfBasicAuth(IHttpRequest req, IHttpResponse res) { var userPass = req.GetBasicAuthUserAndPassword(); if (userPass != null) { var authService = req.TryResolve<AuthService>(); authService.RequestContext = new HttpRequestContext(req, res, null); var response = authService.Post(new Auth.Auth { provider = BasicAuthProvider.Name, UserName = userPass.Value.Key, Password = userPass.Value.Value }); } }
public override void Execute(IHttpRequest httpReq, IHttpResponse httpResp, object request) { var basicAuth = httpReq.GetBasicAuthUserAndPassword(); ApiRequest apiRequest = request as ApiRequest; if (apiRequest == null) { //Custom Auth needed return; } string api_token = ""; if (basicAuth == null) { api_token = httpReq.QueryString["api_token"]; if (string.IsNullOrEmpty(api_token)) { httpResp.AddHeader(HttpHeaders.WwwAuthenticate, "Basic realm=\"/login\""); throw new HttpError(HttpStatusCode.Unauthorized, "Invalid BasicAuth credentials"); } else if (api_token.Length != 32) { throw new HttpError(HttpStatusCode.Forbidden, "Token is not correct."); } } else { string key = basicAuth.Value.Key; string password = basicAuth.Value.Value; if (string.IsNullOrEmpty(key) || string.IsNullOrEmpty(password)) { throw new HttpError(HttpStatusCode.Forbidden, "Token is not correct."); } if (key == "x") { if (password.Length != 32) { throw new HttpError(HttpStatusCode.Forbidden, "Token is not correct."); } apiRequest.api_token = password; } else { apiRequest.ApiUser = ApiUser.getUser(httpReq); } } }
public static void AuthenticateIfBasicAuth(IHttpRequest req, IHttpResponse res) { var userPass = req.GetBasicAuthUserAndPassword(); if (userPass != null) { var authService = req.TryResolve <AuthService>(); authService.RequestContext = new HttpRequestContext(req, res, null); var response = authService.Post(new Auth.Auth { provider = BasicAuthProvider.Name, UserName = userPass.Value.Key, Password = userPass.Value.Value }); } }
public override void Execute(IHttpRequest req, IHttpResponse res, object requestDto) { if (AuthService.AuthConfigs == null) { throw new InvalidOperationException("The AuthService must be initialized by calling " + "AuthService.Init to use an authenticate attribute"); } var matchingOAuthConfigs = AuthService.AuthConfigs.Where(x => this.Provider.IsNullOrEmpty() || x.Provider == this.Provider).ToList(); if (matchingOAuthConfigs.Count == 0) { res.WriteError(req, requestDto, "No OAuth Configs found matching {0} provider" .Fmt(this.Provider ?? "any")); res.Close(); return; } var userPass = req.GetBasicAuthUserAndPassword(); if (userPass != null) { var authService = req.TryResolve <AuthService>(); authService.RequestContext = new HttpRequestContext(req, res, requestDto); var response = authService.Post(new Auth.Auth { provider = BasicAuthConfig.Name, UserName = userPass.Value.Key, Password = userPass.Value.Value }); } using (var cache = req.GetCacheClient()) { var sessionId = req.GetPermanentSessionId(); var session = sessionId != null?cache.GetSession(sessionId) : null; if (session == null || !matchingOAuthConfigs.Any(x => session.IsAuthorized(x.Provider))) { res.StatusCode = (int)HttpStatusCode.Unauthorized; res.AddHeader(HttpHeaders.WwwAuthenticate, "{0} realm=\"{1}\"" .Fmt(matchingOAuthConfigs[0].Provider, matchingOAuthConfigs[0].AuthRealm)); res.Close(); } } }
public static ApiUser getUser(IHttpRequest request) { var basicAuth = request.GetBasicAuthUserAndPassword(); string key = basicAuth.Value.Key; string api_token = basicAuth.Value.Value; if (key.IndexOf('-') < 6) { throw new HttpError(HttpStatusCode.Forbidden, "Org/Instance is not correct."); } string[] split = key.Split('-'); string org_key = split[0]; string instance_key = split[1]; return(getUser(api_token, org_key, instance_key)); }
//Also shared by RequiredRoleAttribute and RequiredPermissionAttribute public static void AuthenticateIfBasicAuth(IHttpRequest req, IHttpResponse res) { //Need to run SessionFeature filter since its not executed before this attribute (Priority -100) SessionFeature.AddSessionIdToRequestFilter(req, res, null); //Required to get req.GetSessionId() var userPass = req.GetBasicAuthUserAndPassword(); if (userPass != null) { var authService = req.TryResolve<AuthService>(); authService.RequestContext = new HttpRequestContext(req, res, null); var response = authService.Post(new Auth.Auth { provider = BasicAuthProvider.Name, UserName = userPass.Value.Key, Password = userPass.Value.Value }); } }
private void AddClientDetails(IHttpRequest req, IHttpResponse res, object requestDto) { ITokenRequest request = requestDto as ITokenRequest; if (request == null) { return; } KeyValuePair <string, string>?clientdetails = req.GetBasicAuthUserAndPassword(); if (clientdetails != null) { request.client_id = clientdetails.Value.Key; request.client_password = clientdetails.Value.Value; } }
//Also shared by RequiredRoleAttribute and RequiredPermissionAttribute public static void AuthenticateIfBasicAuth(IHttpRequest req, IHttpResponse res) { //Need to run SessionFeature filter since its not executed before this attribute (Priority -100) SessionFeature.AddSessionIdToRequestFilter(req, res, null); //Required to get req.GetSessionId() var userPass = req.GetBasicAuthUserAndPassword(); if (userPass != null) { var authService = req.TryResolve <AuthService>(); authService.RequestContext = new HttpRequestContext(req, res, null); var response = authService.Post(new Auth.Auth { provider = BasicAuthProvider.Name, UserName = userPass.Value.Key, Password = userPass.Value.Value }); } }
public override void Execute(IHttpRequest req, IHttpResponse res, object requestDto) { if (AuthService.AuthConfigs == null) throw new InvalidOperationException("The AuthService must be initialized by calling " + "AuthService.Init to use an authenticate attribute"); var matchingOAuthConfigs = AuthService.AuthConfigs.Where(x => this.Provider.IsNullOrEmpty() || x.Provider == this.Provider).ToList(); if (matchingOAuthConfigs.Count == 0) { res.WriteError(req, requestDto, "No OAuth Configs found matching {0} provider" .Fmt(this.Provider ?? "any")); res.Close(); return; } var userPass = req.GetBasicAuthUserAndPassword(); if (userPass != null) { var authService = req.TryResolve<AuthService>(); authService.RequestContext = new HttpRequestContext(req, res, requestDto); var response = authService.Post(new Auth.Auth { provider = BasicAuthConfig.Name, UserName = userPass.Value.Key, Password = userPass.Value.Value }); } using (var cache = req.GetCacheClient()) { var sessionId = req.GetPermanentSessionId(); var session = sessionId != null ? cache.GetSession(sessionId) : null; if (session == null || !matchingOAuthConfigs.Any(x => session.IsAuthorized(x.Provider))) { res.StatusCode = (int)HttpStatusCode.Unauthorized; res.AddHeader(HttpHeaders.WwwAuthenticate, "{0} realm=\"{1}\"" .Fmt(matchingOAuthConfigs[0].Provider, matchingOAuthConfigs[0].AuthRealm)); res.Close(); } } }
public void ProcessRequest(IHttpRequest request, IHttpResponse response, string operationName) { try { response.ContentType = "application/json"; var basePath = request.GetBaseUrl(); var result = new SwaggerResourcesResponse { BasePath = basePath, Apis = new List <SwaggerResourceRef>(), ApiVersion = _config.ApiVersion, Info = new SwaggerInfo { Title = _config.Title ?? "Ant-SOA-API", } }; if (_config.UseBasicAuth) { var basicAuth = request.GetBasicAuthUserAndPassword(); if (basicAuth == null) { result.Info.Title = "Auth Error"; response.Write(result.ToJson()); response.EndRequest(true); return; } else { var userName = basicAuth.Value.Key; var password = basicAuth.Value.Value; var localAuth = _config.GetLocalAuthModel(); if (!localAuth.UserName.Equals(userName) && !localAuth.Password.Equals(password)) { result.Info.Title = "Auth Error"; response.Write(result.ToJson()); response.EndRequest(true); return; } } } result.Apis.Add(new SwaggerResourceRef { Path = request.ResolveAbsoluteUrl("~/" + SwaggerApiService.RESOURCE_PATH), Description = _config.HostConfig.MetadataMap.FirstOrDefault().Value.ServiceName }); result.Apis = result.Apis.OrderBy(a => a.Path).ToList(); if (ResourcesResponseFilter != null) { ResourcesResponseFilter(result); } response.Write(result.ToJson()); response.EndRequest(true); } catch (Exception) { response.EndRequestWithNoContent(); } }
public static ApiUser getUser(IHttpRequest request) { var basicAuth = request.GetBasicAuthUserAndPassword(); string key = basicAuth.Value.Key; string api_token = basicAuth.Value.Value; if (key.Length != 13 || !key[6].Equals('-')) throw new HttpError(HttpStatusCode.Forbidden, "Org/Instance is not correct."); string[] split = key.Split('-'); string org_key = split[0]; string instance_key = split[1]; if (api_token.Length != 32) throw new HttpError(HttpStatusCode.Forbidden, "Token is not correct."); ApiUser apiUser = new ApiUser(api_token); if (!apiUser.ValidateAccess(org_key, instance_key)) throw new HttpError(HttpStatusCode.Forbidden, "User is Inactive or does not have access to this Organization/Instance"); return apiUser; }
public override void Execute(IHttpRequest httpReq, IHttpResponse httpResp, object request) { var basicAuth = httpReq.GetBasicAuthUserAndPassword(); ApiRequest apiRequest = request as ApiRequest; if (apiRequest == null) { //Custom Auth needed return; } string api_token = ""; if (basicAuth == null) { api_token = httpReq.QueryString["api_token"]; if (string.IsNullOrEmpty(api_token)) { httpResp.AddHeader(HttpHeaders.WwwAuthenticate, "Basic realm=\"/login\""); throw new HttpError(HttpStatusCode.Unauthorized, "Invalid BasicAuth credentials"); } else if (api_token.Length != 32) throw new HttpError(HttpStatusCode.Forbidden, "Token is not correct."); } else { string key = basicAuth.Value.Key; string password = basicAuth.Value.Value; if (string.IsNullOrEmpty(key) || string.IsNullOrEmpty(password)) throw new HttpError(HttpStatusCode.Forbidden, "Token is not correct."); if (key == "x") { if (password.Length != 32) throw new HttpError(HttpStatusCode.Forbidden, "Token is not correct."); apiRequest.api_token = password; } else { apiRequest.ApiUser = ApiUser.getUser(httpReq); } } }