public AuthResult Authenticate(AuthRequest authRequest)
{
OAuthRequestContext context = new OAuthRequestContext();
IHttpContext httpContext = HttpContextWrapper.Wrap(authRequest.Context);
try {
ParseParameters(httpContext, context);
SetConsumer(context);
SetAccessToken(context);
context.IsOAuthRequest = true;
} catch (OAuthRequestException ex) {
// The request may not be an OAuth request so don't pass the exception to the consumer
context.AddError(ex);
context.IsOAuthRequest = false;
AuthResult error = new AuthResult(false, ex.Code, ex.Message);
CopyParameters(context.ResponseParameters, error.OutputData);
return error;
}
try {
SetSignProvider(context);
SetRequestId(context);
SetSignature(httpContext, context);
} catch (OAuthRequestException ex) {
context.AddError(ex);
AuthResult error = new AuthResult(false, ex.Code, ex.Message);
CopyParameters(context.ResponseParameters, error.OutputData);
return error;
}
UpdateAccessToken(httpContext, context);
bool canAccess;
try {
canAccess = VerifyAccess(authRequest.PathName, httpContext, context);
} catch (AuthenticationException ex) {
AuthResult error = new AuthResult(false, ex.Code, ex.Message);
CopyParameters(context.ResponseParameters, error.OutputData);
return error;
}
AuthResult result = new AuthResult(canAccess);
CopyParameters(context.ResponseParameters, result.OutputData);
return result;
}
public AuthResult Authenticate(AuthenticationPoint authPoint, AuthRequest authRequest)
{
throw new NotImplementedException();
}
protected ResponseMessage HandleRequest(object context, RequestType type, string pathName, IDictionary<string, PathValue> args, Stream requestStream)
{
//TODO: allow having multiple handlers for the service ...
HandlerContainer handler = GetMethodHandler(pathName);
if (handler == null)
throw new InvalidOperationException("No handler was found for the path '" + pathName + "' in this context.");
if (!handler.Handler.CanHandleClientType(Type))
throw new InvalidOperationException("The handler for the path '" + pathName + "' cannot support client of type '" + Type + "'.");
IPathTransaction transaction;
if (TransactionIdKey != null && (args != null && args.ContainsKey(TransactionIdKey))) {
int tid = args[TransactionIdKey].ToInt32();
transaction = GetTransaction(pathName, tid);
} else {
transaction = CreateTransaction(pathName);
}
ClientRequestMessage request = GetMethodRequest(type, ((PathTransaction) transaction), requestStream);
if (args != null) {
foreach(KeyValuePair<string, PathValue> pair in args) {
request.Attributes.Add(pair.Key, pair.Value);
}
}
request.Seal();
if (authenticator != null) {
AuthRequest authRequest = new AuthRequest(context, pathName);
foreach (KeyValuePair<string, object> pair in request.Attributes)
authRequest.AuthData.Add(pair.Key, new AuthObject(pair.Value));
AuthResult authResult = authenticator.Authenticate(AuthenticationPoint.Client, authRequest);
if (authResult != null) {
if (!authResult.Success) {
Logger.Info(authenticator, String.Format("Unauthorized: {0} ({1})", authResult.Message, authResult.Code));
ResponseMessage responseMessage = request.CreateResponse("error");
responseMessage.Code = MessageResponseCode.Unauthorized;
//TODO: Extend MessageError to include an error specific code ...
responseMessage.Arguments.Add(new MessageError(authResult.Message));
return responseMessage;
}
Logger.Info(authenticator, String.Format("Authorized: {0}", authResult.Message));
}
}
return handler.Handler.HandleRequest(request);
}