/// <summary> /// Tries to authenticate/elevate the <paramref name="session"/> with the <paramref name="authMessage"/>. /// </summary> /// <param name="session">Session attempting to authenticate.</param> /// <param name="authMessage">Auth message.</param> /// <returns>True if the session authenticated.</returns> public bool TryAuthenticate(IElevatableSession session, AuthenticationMessage authMessage) { Logger.DebugFormat("Authenticated requested for Session {0}.", session.ToString()); //We reduce contention by only read locking for a short moment lockObj.EnterReadLock(); try { //Check if this is a token we granted if (!authTokenMap.ContainsKey(session.UniqueAuthToken)) { Logger.WarnFormat("Session {0} tried to authenticate with Token {1} but that token was not issued.", session.ToString(), session.UniqueAuthToken); return(false); } //Check if the session matches the token if (authTokenMap[session.UniqueAuthToken].Session != session) { Logger.WarnFormat("Session {0} tried to authenticate with Token {1} but that token was not issued for that session. Was issued for {2}.", session.ToString(), session.UniqueAuthToken, authTokenMap[session.UniqueAuthToken].Session); return(false); } } finally { lockObj.ExitReadLock(); } bool result = HandleAuthentication(session.UniqueAuthToken.ToByteArray(), authMessage.SignedMessage); if (!result) { return(false); } AddAuthenticatedSession(session.UniqueAuthToken, session); return(true); }
/// <summary> /// Creates a new Auth request with the message used for authorization. /// </summary> /// <param name="message">Message to be used to determine authorization.</param> public AuthenticationRequest(AuthenticationMessage message) { Message = message; }