private AuthenticateResult HandleAuthenticate() { string token = null; if (!Context.Request.Headers.TryGetValue(ArmTokenHeaderName, out StringValues values)) { return(AuthenticateResult.NoResult()); } token = values.First(); try { if (!SimpleWebTokenHelper.ValidateToken(token, Clock)) { return(AuthenticateResult.Fail("Token validation failed.")); } var claims = new List <Claim> { new Claim(SecurityConstants.AuthLevelClaimType, AuthorizationLevel.Admin.ToString()) }; var identity = new ClaimsIdentity(claims, ArmAuthenticationDefaults.AuthenticationScheme); return(AuthenticateResult.Success(new AuthenticationTicket(new ClaimsPrincipal(identity), Scheme.Name))); } catch (Exception exc) { _logger.LogError(exc, "ARM authentication token validation failed."); return(AuthenticateResult.Fail(exc)); } }
public void GetAdminToken_Succeeds() { // Arrange _mockEnvironment.Setup(p => p.GetEnvironmentVariable(It.Is <string>(k => k == EnvironmentSettingNames.ContainerName))).Returns <string>(v => v = "ContainerName"); var key = TestHelpers.GenerateKeyBytes(); var stringKey = TestHelpers.GenerateKeyHexString(key); using (new TestScopedEnvironmentVariable(EnvironmentSettingNames.WebSiteAuthEncryptionKey, stringKey)) { // Act ObjectResult result = (ObjectResult)_hostController.GetAdminToken(); HttpStatusCode resultStatus = (HttpStatusCode)result.StatusCode; string token = (string)result.Value; // Assert Assert.Equal(HttpStatusCode.OK, resultStatus); Assert.True(SimpleWebTokenHelper.ValidateToken(token, new SystemClock())); } }