/// <summary> /// Executes the <see cref="DigestAccessAuthenticationMiddleware"/>. /// </summary> /// <param name="context">The context of the current request.</param> /// <returns>A task that represents the execution of this middleware.</returns> public override async Task Invoke(HttpContext context) { if (!AuthenticationUtility.TryAuthenticate(context, Options.RequireSecureConnection, AuthorizationHeaderParser, TryAuthenticate)) { context.Response.StatusCode = AuthenticationUtility.HttpNotAuthorizedStatusCode; string etag = context.Response.Headers[HeaderNames.ETag]; if (string.IsNullOrEmpty(etag)) { etag = "no-entity-tag"; } Func <string> opaqueGenerator = Options.OpaqueGenerator; Func <byte[]> nonceSecret = Options.NonceSecret; Func <DateTime, string, byte[], string> nonceGenerator = Options.NonceGenerator; string staleNonce = context.Items["staleNonce"] as string ?? "FALSE"; context.Response.Headers.Add(HeaderNames.WWWAuthenticate, "{0} realm=\"{1}\", qop=\"{2}\", nonce=\"{3}\", opaque=\"{4}\", stale=\"{5}\", algorithm=\"{6}\"".FormatWith( AuthenticationScheme, Options.Realm, DigestAuthenticationUtility.CredentialQualityOfProtectionOptions, nonceGenerator(DateTime.UtcNow, etag, nonceSecret()), opaqueGenerator(), staleNonce, DigestAuthenticationUtility.ParseAlgorithm(Options.Algorithm))); await context.WriteHttpNotAuthorizedBody(Options.HttpNotAuthorizedBody).ContinueWithSuppressedContext(); return; } await Next.Invoke(context).ContinueWithSuppressedContext(); }
/// <summary> /// Executes the <see cref="BasicAuthenticationMiddleware"/>. /// </summary> /// <param name="context">The context of the current request.</param> /// <returns>A task that represents the execution of this middleware.</returns> public override async Task Invoke(HttpContext context) { if (!AuthenticationUtility.TryAuthenticate(context, Options.RequireSecureConnection, AuthorizationHeaderParser, TryAuthenticate)) { context.Response.StatusCode = AuthenticationUtility.HttpNotAuthorizedStatusCode; context.Response.Headers.Add(HeaderNames.WWWAuthenticate, "{0} realm=\"{1}\"".FormatWith(AuthenticationScheme, Options.Realm)); await context.WriteHttpNotAuthorizedBody(Options.HttpNotAuthorizedBody).ContinueWithSuppressedContext(); return; } await Next.Invoke(context).ContinueWithSuppressedContext(); }
private Template <string, string> AuthorizationHeaderParser(HttpContext context, string authorizationHeader) { if (AuthenticationUtility.IsAuthenticationSchemeValid(authorizationHeader, Options.AuthenticationScheme) && authorizationHeader.Length > Options.AuthenticationScheme.Length) { var credentials = authorizationHeader.Remove(0, Options.AuthenticationScheme.Length + 1).Split(':'); if (credentials.Length == 2) { var publicKey = credentials[0]; var signature = credentials[1]; if (!publicKey.IsNullOrWhiteSpace() && !signature.IsNullOrWhiteSpace()) { return(TupleUtility.CreateTwo(publicKey, signature)); } } } return(null); }
private Dictionary <string, string> AuthorizationHeaderParser(HttpContext context, string authorizationHeader) { if (AuthenticationUtility.IsAuthenticationSchemeValid(authorizationHeader, AuthenticationScheme)) { string digestCredentials = authorizationHeader.Remove(0, AuthenticationScheme.Length + 1); string[] credentials = digestCredentials.Split(AuthenticationUtility.DigestAuthenticationCredentialSeparator); if (IsDigestCredentialsValid(credentials)) { Dictionary <string, string> result = new Dictionary <string, string>(StringComparer.OrdinalIgnoreCase); for (int i = 0; i < credentials.Length; i++) { string[] credentialPair = StringUtility.Split(credentials[i], "="); result.Add(credentialPair[0].Trim(), Converter.Parse(credentialPair[1], QuotedStringParser)); } return(IsDigestCredentialsValid(result) ? result : null); } } return(null); }
private Template <string, string> AuthorizationHeaderParser(HttpContext context, string authorizationHeader) { if (AuthenticationUtility.IsAuthenticationSchemeValid(authorizationHeader, AuthenticationScheme)) { string base64Credentials = authorizationHeader.Remove(0, AuthenticationScheme.Length + 1); if (StringUtility.IsBase64(base64Credentials)) { string[] credentials = StringConverter.FromBytes(Convert.FromBase64String(base64Credentials), options => { options.Encoding = EncodingUtility.AsciiEncoding; options.Preamble = PreambleSequence.Remove; }).Split(AuthenticationUtility.BasicAuthenticationCredentialSeparator); if (credentials.Length == 2 && !string.IsNullOrEmpty(credentials[0]) && !string.IsNullOrEmpty(credentials[1])) { return(TupleUtility.CreateTwo(credentials[0], credentials[1])); } } } return(null); }