/// <summary>
///
/// </summary>
/// <param name="module"></param>
public static void RequiresOwinAuthentication(this INancyModule module)
{
module.AddBeforeHookOrExecute(ctx =>
{
IAuthenticationManager auth = ctx.GetAuthenticationManager();
return(auth?.User?.Identity == null || !auth.User.Identity.IsAuthenticated ? HttpStatusCode.Unauthorized: (NancyResponce)null);
}, "Requires Owin authentication");
}
/// <summary>
/// This module requires the security claims to be validated.
/// </summary>
/// <param name="module"></param>
/// <param name="isValid"></param>
public static void RequiresSecurityClaims(this INancyModule module, Func <Claim[], bool> isValid)
{
module.RequiresMSOwinAuthentication();
module.AddBeforeHookOrExecute(ctx =>
{
IAuthenticationManager auth = ctx.GetAuthenticationManager();
return(isValid(auth.User.Claims.ToArray())
? (Response)null
: HttpStatusCode.Unauthorized);
}, "Requires valid security claims");
}
/// <summary>This module requires authentication</summary>
/// <param name="module">Module to enable</param>
public static void RequiresAuthentication(this INancyModule module, string[] except = null)
{
module.AddBeforeHookOrExecute((ctx =>
{
if (except != null && except.Contains(ctx.ResolvedRoute.Description.Name))
{
return(null);
}
return(SecurityHooks.RequiresAuthentication(ctx));
}), "Requires Authentication");
}
public void RequiresThrottling(
INancyModule module,
ThrottlingProperties propertiesSet,
ThrottlingPeriod period,
int requestCountLimit,
Func <NancyContext, bool> checkIf = null,
Func <NancyContext, bool> skipIf = null,
params string[] requestKeys)
{
module.AddBeforeHookOrExecute(
ctx => CheckThrottlingLimitHook(ctx, propertiesSet, period, requestCountLimit,
checkIf: checkIf,
skipIf: skipIf,
requestKeys: requestKeys),
"RequiresThrottling");
}
public static void RequiresBasicAuth(this INancyModule module, string username, string password)
{
module.AddBeforeHookOrExecute(c =>
{
var header = c.Request.Headers["Authorization"].FirstOrDefault();
if (header == null)
{
return(HttpStatusCode.Unauthorized);
}
var auth = "Basic " + string.Join(":", username, password);
var base64 = Convert.ToBase64String(Encoding.ASCII.GetBytes(auth));
if (!string.Equals(base64, header, StringComparison.InvariantCulture))
{
return(HttpStatusCode.Unauthorized);
}
return(null);
}, "Requires Authentication");
}
public static void RequiresAuthentication(this INancyModule module, string[] excludes)
{
module.AddBeforeHookOrExecute(p =>
{
Response response = null;
if (excludes.Contains(p.ResolvedRoute.Description.Name))
{
return(response);
}
if (p.CurrentUser == null ||
string.IsNullOrWhiteSpace(p.CurrentUser.UserName))
{
response = new Response
{
StatusCode = HttpStatusCode.Unauthorized
};
}
return(response);
}, "Requires Authentication");
}
/// <summary>
/// This module requires claims to be validated
/// </summary>
/// <param name="module">Module to enable</param>
/// <param name="isValid">Claims validator</param>
public static void RequiresValidatedClaims(this INancyModule module, Func <IEnumerable <string>, bool> isValid)
{
module.AddBeforeHookOrExecute(SecurityHooks.RequiresAuthentication(), "Requires Authentication");
module.AddBeforeHookOrExecute(SecurityHooks.RequiresValidatedClaims(isValid), "Requires Validated Claim");
}
/// <summary>
/// This module requires authentication and any one of certain claims to be present.
/// </summary>
/// <param name="module">Module to enable</param>
/// <param name="requiredClaims">Claim(s) required</param>
public static void RequiresAnyClaim(this INancyModule module, IEnumerable <string> requiredClaims)
{
module.AddBeforeHookOrExecute(SecurityHooks.RequiresAuthentication(), "Requires Authentication");
module.AddBeforeHookOrExecute(SecurityHooks.RequiresAnyClaim(requiredClaims), "Requires Any Claim");
}
/// <summary>
/// This module requires authentication
/// </summary>
/// <param name="module">Module to enable</param>
public static void RequiresAuthentication(this INancyModule module)
{
module.AddBeforeHookOrExecute(SecurityHooks.RequiresAuthentication(), "Requires Authentication");
}
/// <summary>
/// This module requires authentication and any one of certain claims to be present.
/// </summary>
/// <param name="module">Module to enable</param>
/// <param name="requiredClaims">Claim(s) required</param>
public static void RequiresAnyClaim(this INancyModule module, params Predicate <Claim>[] requiredClaims)
{
module.AddBeforeHookOrExecute(SecurityHooks.RequiresAuthentication(), "Requires Authentication");
module.AddBeforeHookOrExecute(SecurityHooks.RequiresAnyClaim(requiredClaims), "Requires Any Claim");
}
/// <summary>
/// This module requires authentication and NO certain claims to be present.
/// </summary>
/// <param name="module">Module to enable</param>
/// <param name="requiredClaims">Claim(s) required</param>
public static void DoesNotHaveClaim(this INancyModule module, params string[] bannedClaims)
{
module.AddBeforeHookOrExecute(SecurityHooks.RequiresAuthentication(), "Requires Authentication");
module.AddBeforeHookOrExecute(DoesNotHaveClaims(bannedClaims), "Has Banned Claims");
}
public static void RequiresDropboxAuthentication(this INancyModule module, IDropNetClient dropNetClient)
{
module.AddBeforeHookOrExecute(SecurityHooks.RequiresDropboxAuthentication(dropNetClient), "Authentication failed.");
}
public static void AllowFromLocalHost(this INancyModule module, IUserIdentity user = null)
{
module.AddBeforeHookOrExecute(SecurityHooks.CheckIsLocal(user ?? LOCAL_USER), "Allow from localhost");
}
public static void RequiresAuthentication(this INancyModule module, HttpContext httpContext)
{
module.AddBeforeHookOrExecute(_requiresAuthentication(httpContext), "Requires Authentication");
}
/// <summary>
/// This module requires authentication and any one of certain roles to be present.
/// </summary>
/// <param name="module">Module to enable</param>
/// <param name="requiredRoles">Role(s) at least one of which is required</param>
public static void RequiresAnyRole(this INancyModule module, params string[] requiredRoles)
{
module.AddBeforeHookOrExecute(SecurityHooks.RequiresAuthentication(), "Requires Authentication");
module.AddBeforeHookOrExecute(SecurityHooks.RequiresAnyRole(requiredRoles), "Requires Any Role");
}
