protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { if (PriorHandler != null) { var authenticateContext = new AuthenticateContext(Options.SignInScheme); await PriorHandler.AuthenticateAsync(authenticateContext); if (authenticateContext.Accepted) { if (authenticateContext.Error != null) { return(AuthenticateResult.Fail(authenticateContext.Error)); } if (authenticateContext.Principal != null) { return(AuthenticateResult.Success(new AuthenticationTicket(authenticateContext.Principal, new AuthenticationProperties(authenticateContext.Properties), Options.AuthenticationScheme))); } return(AuthenticateResult.Fail("Not authenticated")); } } return(AuthenticateResult.Fail("Remote authentication does not support authenticate")); }
public async Task AuthenticateAsync(AuthenticateContext context) { var handled = false; if (ShouldHandleScheme(context.AuthenticationScheme, Options.AutomaticAuthenticate)) { // Calling Authenticate more than once should always return the original value. var result = await HandleAuthenticateOnceAsync(); if (result?.Failure != null) { context.Failed(result.Failure); } else { var ticket = result?.Ticket; if (ticket?.Principal != null) { context.Authenticated(ticket.Principal, ticket.Properties.Items, Options.Description.Items); Logger.AuthenticationSchemeAuthenticated(Options.AuthenticationScheme); handled = true; } else { context.NotAuthenticated(); Logger.AuthenticationSchemeNotAuthenticated(Options.AuthenticationScheme); } } } if (PriorHandler != null && !handled) { await PriorHandler.AuthenticateAsync(context); } }
protected override async Task <bool> HandleForbiddenAsync(ChallengeContext context) { var challengeContext = new ChallengeContext(Options.SignInScheme, context.Properties, ChallengeBehavior.Forbidden); await PriorHandler.ChallengeAsync(challengeContext); return(challengeContext.Accepted); }
public void GetDescriptions(DescribeSchemesContext describeContext) { describeContext.Accept(BaseOptions.Description.Items); if (PriorHandler != null) { PriorHandler.GetDescriptions(describeContext); } }
public virtual void GetDescriptions(IAuthTypeContext authTypeContext) { authTypeContext.Accept(BaseOptions.Description.Dictionary); if (PriorHandler != null) { PriorHandler.GetDescriptions(authTypeContext); } }
public virtual void GetDescriptions(IDescribeSchemesContext describeContext) { describeContext.Accept(BaseOptions.Description.Dictionary); if (PriorHandler != null) { PriorHandler.GetDescriptions(describeContext); } }
public virtual void Challenge(IChallengeContext context) { if (SecurityHelper.LookupChallenge(context.AuthenticationTypes, BaseOptions.AuthenticationType, BaseOptions.AuthenticationMode)) { ChallengeContext = context; context.Accept(BaseOptions.AuthenticationType, BaseOptions.Description.Dictionary); } if (PriorHandler != null) { PriorHandler.Challenge(context); } }
public virtual void Challenge(IChallengeContext context) { if (ShouldHandleScheme(context.AuthenticationSchemes)) { ChallengeContext = context; context.Accept(BaseOptions.AuthenticationScheme, BaseOptions.Description.Dictionary); } if (PriorHandler != null) { PriorHandler.Challenge(context); } }
public virtual void SignOut(ISignOutContext context) { if (ShouldHandleScheme(context.AuthenticationScheme)) { SignInContext = null; SignOutContext = context; context.Accept(); } if (PriorHandler != null) { PriorHandler.SignOut(context); } }
public virtual void SignOut(ISignOutContext context) { if (SecurityHelper.LookupSignOut(context.AuthenticationTypes, BaseOptions.AuthenticationType, BaseOptions.AuthenticationMode)) { SignInIdentityContext = null; SignOutContext = context; context.Accept(BaseOptions.AuthenticationType, BaseOptions.Description.Dictionary); } if (PriorHandler != null) { PriorHandler.SignOut(context); } }
public virtual void SignIn(ISignInContext context) { if (ShouldHandleScheme(context.AuthenticationScheme)) { SignInContext = new SignInContext(context.Principal, new AuthenticationProperties(context.Properties)); SignOutContext = null; context.Accept(BaseOptions.Description.Dictionary); } if (PriorHandler != null) { PriorHandler.SignIn(context); } }
public async Task SignInAsync(SignInContext context) { if (ShouldHandleScheme(context.AuthenticationScheme, handleAutomatic: false)) { SignInAccepted = true; await HandleSignInAsync(context); Logger.LogInformation(3, "AuthenticationScheme: {scheme} signed in.", Options.AuthenticationScheme); context.Accept(); } else if (PriorHandler != null) { await PriorHandler.SignInAsync(context); } }
public async Task SignOutAsync(SignOutContext context) { if (ShouldHandleScheme(context.AuthenticationScheme)) { SignOutAccepted = true; await HandleSignOutAsync(context); context.Accept(); } if (PriorHandler != null) { await PriorHandler.SignOutAsync(context); } }
public async Task SignOutAsync(SignOutContext context) { if (ShouldHandleScheme(context.AuthenticationScheme, handleAutomatic: false)) { SignOutAccepted = true; await HandleSignOutAsync(context); Logger.AuthenticationSchemeSignedOut(Options.AuthenticationScheme); context.Accept(); } else if (PriorHandler != null) { await PriorHandler.SignOutAsync(context); } }
public virtual void SignIn(ISignInContext context) { ClaimsIdentity identity; if (SecurityHelper.LookupSignIn(context.Identities, BaseOptions.AuthenticationType, out identity)) { SignInIdentityContext = new SignInIdentityContext(identity, new AuthenticationProperties(context.Properties)); SignOutContext = null; context.Accept(BaseOptions.AuthenticationType, BaseOptions.Description.Dictionary); } if (PriorHandler != null) { PriorHandler.SignIn(context); } }
public virtual void Authenticate(IAuthenticateContext context) { if (context.AuthenticationTypes.Contains(BaseOptions.AuthenticationType, StringComparer.Ordinal)) { AuthenticationTicket ticket = Authenticate(); if (ticket != null && ticket.Identity != null) { context.Authenticated(ticket.Identity, ticket.Properties.Dictionary, BaseOptions.Description.Dictionary); } else { context.NotAuthenticated(BaseOptions.AuthenticationType, properties: null, description: BaseOptions.Description.Dictionary); } } if (PriorHandler != null) { PriorHandler.Authenticate(context); } }
public async Task ChallengeAsync(ChallengeContext context) { bool handled = false; ChallengeCalled = true; if (ShouldHandleScheme(context.AuthenticationScheme)) { switch (context.Behavior) { case ChallengeBehavior.Automatic: // If there is a principal already, invoke the forbidden code path var ticket = await HandleAuthenticateOnceAsync(); if (ticket?.Principal != null) { handled = await HandleForbiddenAsync(context); } else { handled = await HandleUnauthorizedAsync(context); } break; case ChallengeBehavior.Unauthorized: handled = await HandleUnauthorizedAsync(context); break; case ChallengeBehavior.Forbidden: handled = await HandleForbiddenAsync(context); break; } context.Accept(); } if (!handled && PriorHandler != null) { await PriorHandler.ChallengeAsync(context); } }
public virtual void Authenticate(IAuthenticateContext context) { if (ShouldHandleScheme(context.AuthenticationScheme)) { var ticket = Authenticate(); if (ticket?.Principal != null) { AuthenticateCalled = true; context.Authenticated(ticket.Principal, ticket.Properties.Dictionary, BaseOptions.Description.Dictionary); } else { context.NotAuthenticated(); } } if (PriorHandler != null) { PriorHandler.Authenticate(context); } }
public async Task AuthenticateAsync(AuthenticateContext context) { if (ShouldHandleScheme(context.AuthenticationScheme)) { // Calling Authenticate more than once should always return the original value. var ticket = await HandleAuthenticateOnceAsync(); if (ticket?.Principal != null) { context.Authenticated(ticket.Principal, ticket.Properties.Items, BaseOptions.Description.Items); } else { context.NotAuthenticated(); } } if (PriorHandler != null) { await PriorHandler.AuthenticateAsync(context); } }
public async Task ChallengeAsync(ChallengeContext context) { ChallengeCalled = true; var handled = false; if (ShouldHandleScheme(context.AuthenticationScheme, Options.AutomaticChallenge)) { switch (context.Behavior) { case ChallengeBehavior.Automatic: // If there is a principal already, invoke the forbidden code path var result = await HandleAuthenticateOnceAsync(); if (result?.Ticket?.Principal != null) { goto case ChallengeBehavior.Forbidden; } goto case ChallengeBehavior.Unauthorized; case ChallengeBehavior.Unauthorized: handled = await HandleUnauthorizedAsync(context); Logger.AuthenticationSchemeChallenged(Options.AuthenticationScheme); break; case ChallengeBehavior.Forbidden: handled = await HandleForbiddenAsync(context); Logger.AuthenticationSchemeForbidden(Options.AuthenticationScheme); break; } context.Accept(); } if (!handled && PriorHandler != null) { await PriorHandler.ChallengeAsync(context); } }
protected override Task FinishResponseAsync() { //We need to fix the issues that the CookieAuthenticationHandler is leaving behind //CookieAuthenticationHandler doesn't work well with NTLM handshaking //but we need it to retain the session and remove unnecessary handshaking if (Response.StatusCode == 302) { if (Context.Items.ContainsKey(RespondNoNtlmKey) || Context.Items.ContainsKey(RespondType2Key)) { //we're cleaning up the location set by CookieAuthenticationHandler.HandleUnauthorizedAsync Response.Headers.Remove(LocationKey); Response.StatusCode = 401; } if ((Context.Items.ContainsKey(AuthenticatedKey)) && Request.Query.ContainsKey(Options.Cookies.ApplicationCookie.ReturnUrlParameter)) { //we're cleaning up the location set by CookieAuthenticationHandler.HandleUnauthorizedAsync Response.Redirect(Request.Query[Options.Cookies.ApplicationCookie.ReturnUrlParameter]); } } //The following prevents the Cookie auth middleware to set the response to 403 Forbidden if ((Response.StatusCode == 401) && (Context.Items.ContainsKey(RespondNoNtlmKey)) || (Context.Items.ContainsKey(RespondType2Key))) { if (PriorHandler.GetType().FullName == "Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler") { var challengeContext = new ChallengeContext(ActiveDirectoryOptions.DefaultAuthenticationScheme); PriorHandler.ChallengeAsync(challengeContext); } } return(base.FinishResponseAsync()); }