public override void Execute(IHttpRequest req, IHttpResponse res, object requestDto) { if (AuthService.AuthProviders == null) { throw new InvalidOperationException("The AuthService must be initialized by calling " + "AuthService.Init to use an authenticate attribute"); } var matchingOAuthConfigs = AuthService.AuthProviders.Where(x => this.Provider.IsNullOrEmpty() || x.Provider == this.Provider).ToList(); if (matchingOAuthConfigs.Count == 0) { res.WriteError(req, requestDto, "No OAuth Configs found matching {0} provider" .Fmt(this.Provider ?? "any")); res.Close(); return; } AuthenticateIfBasicAuth(req, res); using (var cache = req.GetCacheClient()) { var sessionId = req.GetSessionId(); var session = sessionId != null?cache.GetSession(sessionId) : null; if (session == null || !matchingOAuthConfigs.Any(x => session.IsAuthorized(x.Provider))) { AuthProvider.HandleFailedAuth(matchingOAuthConfigs[0], session, req, res); } } }
public static IAuthSession GetSession(this IHttpRequest httpReq, bool reload = false) { if (httpReq == null) { return(null); } object oSession = null; if (!reload) { httpReq.Items.TryGetValue(RequestItemsSessionKey, out oSession); } if (oSession != null) { return((IAuthSession)oSession); } using (var cache = httpReq.GetCacheClient()) { var session = GetSession(cache, httpReq.GetSessionId()); if (session != null) { httpReq.Items.Add(RequestItemsSessionKey, session); } return(session); } }
public static IAuthSession GetSession(this IHttpRequest httpReq, bool reload = false) { if (httpReq == null) { return(null); } object oSession = null; if (!reload) { httpReq.Items.TryGetValue(RequestItemsSessionKey, out oSession); } if (oSession != null) { return((IAuthSession)oSession); } using (var cache = httpReq.GetCacheClient()) { var sessionId = httpReq.GetSessionId(); var session = cache.Get <IAuthSession>(SessionFeature.GetSessionKey(sessionId)); if (session == null) { session = AuthService.CurrentSessionFactory(); session.Id = sessionId; session.CreatedAt = session.LastModified = DateTime.UtcNow; session.OnCreated(httpReq); } httpReq.Items.Add(RequestItemsSessionKey, session); return(session); } }
public static void RemoveSession(this IHttpRequest httpReq) { if (httpReq == null) return; using (var cache = httpReq.GetCacheClient()) { var sessionKey = SessionFeature.GetSessionKey(httpReq.GetSessionId()); cache.Remove(sessionKey); } httpReq.Items.Remove(RequestItemsSessionKey); }
public static void SaveSession(this IHttpRequest httpReq, IAuthSession session, TimeSpan? expiresIn = null) { if (httpReq == null) return; using (var cache = httpReq.GetCacheClient()) { var sessionKey = SessionFeature.GetSessionKey(httpReq.GetSessionId()); cache.CacheSet(sessionKey, session, expiresIn ?? AuthFeature.GetDefaultSessionExpiry()); } httpReq.Items[RequestItemsSessionKey] = session; }
public override void Execute(IHttpRequest req, IHttpResponse res, object requestDto) { if (AuthService.AuthProviders == null) { throw new InvalidOperationException("The AuthService must be initialized by calling " + "AuthService.Init to use an authenticate attribute"); } var matchingOAuthConfigs = AuthService.AuthProviders.Where(x => this.Provider.IsNullOrEmpty() || x.Provider == this.Provider).ToList(); if (matchingOAuthConfigs.Count == 0) { res.WriteError(req, requestDto, "No OAuth Configs found matching {0} provider" .Fmt(this.Provider ?? "any")); res.EndServiceStackRequest(); return; } if (matchingOAuthConfigs.Any(x => x.Provider == DigestAuthProvider.Name)) { AuthenticateIfDigestAuth(req, res); } if (matchingOAuthConfigs.Any(x => x.Provider == BasicAuthProvider.Name)) { AuthenticateIfBasicAuth(req, res); } using (var cache = req.GetCacheClient()) { var session = req.GetSession(); if (session == null || !matchingOAuthConfigs.Any(x => session.IsAuthorized(x.Provider))) { var htmlRedirect = HtmlRedirect ?? AuthService.HtmlRedirect; if (htmlRedirect != null && req.ResponseContentType.MatchesContentType(ContentType.Html)) { var url = htmlRedirect; if (url.SafeSubstring(0, 2) == "~/") { url = req.GetBaseUrl().CombineWith(url.Substring(2)); } url = url.AddQueryParam("redirect", req.AbsoluteUri); res.RedirectToUrl(url); return; } AuthProvider.HandleFailedAuth(matchingOAuthConfigs[0], session, req, res); } } }
public override void Execute(IHttpRequest req, IHttpResponse res, object requestDto) { if (AuthService.AuthConfigs == null) { throw new InvalidOperationException("The AuthService must be initialized by calling " + "AuthService.Init to use an authenticate attribute"); } var matchingOAuthConfigs = AuthService.AuthConfigs.Where(x => this.Provider.IsNullOrEmpty() || x.Provider == this.Provider).ToList(); if (matchingOAuthConfigs.Count == 0) { res.WriteError(req, requestDto, "No OAuth Configs found matching {0} provider" .Fmt(this.Provider ?? "any")); res.Close(); return; } var userPass = req.GetBasicAuthUserAndPassword(); if (userPass != null) { var authService = req.TryResolve <AuthService>(); authService.RequestContext = new HttpRequestContext(req, res, requestDto); var response = authService.Post(new Auth.Auth { provider = BasicAuthConfig.Name, UserName = userPass.Value.Key, Password = userPass.Value.Value }); } using (var cache = req.GetCacheClient()) { var sessionId = req.GetPermanentSessionId(); var session = sessionId != null?cache.GetSession(sessionId) : null; if (session == null || !matchingOAuthConfigs.Any(x => session.IsAuthorized(x.Provider))) { res.StatusCode = (int)HttpStatusCode.Unauthorized; res.AddHeader(HttpHeaders.WwwAuthenticate, "{0} realm=\"{1}\"" .Fmt(matchingOAuthConfigs[0].Provider, matchingOAuthConfigs[0].AuthRealm)); res.Close(); } } }
public override void Execute(IHttpRequest req, IHttpResponse res, object requestDto) { if (AuthService.AuthProviders == null) throw new InvalidOperationException("The AuthService must be initialized by calling " + "AuthService.Init to use an authenticate attribute"); var matchingOAuthConfigs = AuthService.AuthProviders.Where(x => this.Provider.IsNullOrEmpty() || x.Provider == this.Provider).ToList(); if (matchingOAuthConfigs.Count == 0) { res.WriteError(req, requestDto, "No OAuth Configs found matching {0} provider" .Fmt(this.Provider ?? "any")); res.EndServiceStackRequest(); return; } if (matchingOAuthConfigs.Any(x => x.Provider == DigestAuthProvider.Name)) AuthenticateIfDigestAuth(req, res); if (matchingOAuthConfigs.Any(x => x.Provider == BasicAuthProvider.Name)) AuthenticateIfBasicAuth(req, res); using (var cache = req.GetCacheClient()) { var session = req.GetSession(); if (session == null || !matchingOAuthConfigs.Any(x => session.IsAuthorized(x.Provider))) { var htmlRedirect = HtmlRedirect ?? AuthService.HtmlRedirect; if (htmlRedirect != null && req.ResponseContentType.MatchesContentType(ContentType.Html)) { var url = htmlRedirect; if (url.SafeSubstring(0, 2) == "~/") { url = req.GetBaseUrl().CombineWith(url.Substring(2)); } url = url.AddQueryParam("redirect", req.AbsoluteUri); res.RedirectToUrl(url); return; } AuthProvider.HandleFailedAuth(matchingOAuthConfigs[0], session, req, res); } } }
public override void Execute(IHttpRequest req, IHttpResponse res, object requestDto) { if (AuthService.AuthProviders == null) throw new InvalidOperationException("The AuthService must be initialized by calling " + "AuthService.Init to use an authenticate attribute"); var matchingOAuthConfigs = AuthService.AuthProviders.Where(x => this.Provider.IsNullOrEmpty() || x.Provider == this.Provider).ToList(); if (matchingOAuthConfigs.Count == 0) { res.WriteError(req, requestDto, "No OAuth Configs found matching {0} provider" .Fmt(this.Provider ?? "any")); res.Close(); return; } AuthenticateIfDigestAuth(req, res); AuthenticateIfBasicAuth(req, res); using (var cache = req.GetCacheClient()) { var sessionId = req.GetSessionId(); var session = sessionId != null ? cache.GetSession(sessionId) : null; if (session == null || !matchingOAuthConfigs.Any(x => session.IsAuthorized(x.Provider))) { AuthProvider.HandleFailedAuth(matchingOAuthConfigs[0], session, req, res); } } }
public override void Execute(IHttpRequest req, IHttpResponse res, object requestDto) { if (AuthService.AuthConfigs == null) throw new InvalidOperationException("The AuthService must be initialized by calling " + "AuthService.Init to use an authenticate attribute"); var matchingOAuthConfigs = AuthService.AuthConfigs.Where(x => this.Provider.IsNullOrEmpty() || x.Provider == this.Provider).ToList(); if (matchingOAuthConfigs.Count == 0) { res.WriteError(req, requestDto, "No OAuth Configs found matching {0} provider" .Fmt(this.Provider ?? "any")); res.Close(); return; } var userPass = req.GetBasicAuthUserAndPassword(); if (userPass != null) { var authService = req.TryResolve<AuthService>(); authService.RequestContext = new HttpRequestContext(req, res, requestDto); var response = authService.Post(new Auth.Auth { provider = BasicAuthConfig.Name, UserName = userPass.Value.Key, Password = userPass.Value.Value }); } using (var cache = req.GetCacheClient()) { var sessionId = req.GetPermanentSessionId(); var session = sessionId != null ? cache.GetSession(sessionId) : null; if (session == null || !matchingOAuthConfigs.Any(x => session.IsAuthorized(x.Provider))) { res.StatusCode = (int)HttpStatusCode.Unauthorized; res.AddHeader(HttpHeaders.WwwAuthenticate, "{0} realm=\"{1}\"" .Fmt(matchingOAuthConfigs[0].Provider, matchingOAuthConfigs[0].AuthRealm)); res.Close(); } } }