protected void Application_AuthenticateRequest(object sender, EventArgs e) { var authorization = HttpContext.Current.Request.Headers["Authorization"]; if (string.IsNullOrEmpty(authorization)) throw new WebFaultException(HttpStatusCode.Unauthorized); if (!authorization.StartsWith("OAuth2 ")) throw new WebFaultException(HttpStatusCode.Unauthorized); var nameValuePair = authorization.Substring( "OAuth2 ".Length).Split(new char[] { '=' }, 2); if (nameValuePair.Length != 2 || nameValuePair[0] != "access_token" || !nameValuePair[1].StartsWith("\"") || !nameValuePair[1].EndsWith("\"")) { throw new WebFaultException(HttpStatusCode.Unauthorized); } var token = nameValuePair[1].Substring(1, nameValuePair[1].Length - 2); var tokenSigningKey = Convert.ToBase64String(Settings.TokenSigningKey); var validator = new TokenValidator( Settings.AcsNamespace, Settings.Realm.AbsoluteUri, tokenSigningKey); if (!validator.Validate(token)) throw new WebFaultException(HttpStatusCode.Unauthorized); }
protected void Application_AuthenticateRequest(object sender, EventArgs e) { var authorization = HttpContext.Current.Request.Headers["Authorization"]; if (string.IsNullOrEmpty(authorization)) { throw new WebFaultException(HttpStatusCode.Unauthorized); } if (!authorization.StartsWith("OAuth2 ")) { throw new WebFaultException(HttpStatusCode.Unauthorized); } var nameValuePair = authorization.Substring( "OAuth2 ".Length).Split(new char[] { '=' }, 2); if (nameValuePair.Length != 2 || nameValuePair[0] != "access_token" || !nameValuePair[1].StartsWith("\"") || !nameValuePair[1].EndsWith("\"")) { throw new WebFaultException(HttpStatusCode.Unauthorized); } var token = nameValuePair[1].Substring(1, nameValuePair[1].Length - 2); var tokenSigningKey = Convert.ToBase64String(Settings.TokenSigningKey); var validator = new TokenValidator( Settings.AcsNamespace, Settings.Realm.AbsoluteUri, tokenSigningKey); if (!validator.Validate(token)) { throw new WebFaultException(HttpStatusCode.Unauthorized); } }