public override async Task OnActionExecutingAsync(HttpActionContext actionContext, CancellationToken cancellationToken) { var provider = this.GetCredentialProvider(); var botAuthenticator = new BotAuthenticator(provider, GetOpenIdConfigurationUrl(), DisableEmulatorTokens); try { var identityToken = await botAuthenticator.AuthenticateAsync(actionContext.Request, GetActivities(actionContext), cancellationToken); // the request is not authenticated, fail with 401. if (!identityToken.Authenticated) { actionContext.Response = BotAuthenticator.GenerateUnauthorizedResponse(actionContext.Request, "BotAuthenticator failed to authenticate incoming request!"); return; } } catch (Exception e) { actionContext.Response = BotAuthenticator.GenerateUnauthorizedResponse(actionContext.Request, $"Failed authenticating incoming request: {e.ToString()}"); return; } await base.OnActionExecutingAsync(actionContext, cancellationToken); }
public async override Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next) { var provider = this.GetCredentialProvider(); var botAuthenticator = new BotAuthenticator(provider, GetOpenIdConfigurationUrl(), DisableEmulatorTokens); try { var identityToken = await botAuthenticator.AuthenticateAsync(context.HttpContext.Request, GetActivities(context), context.HttpContext.RequestAborted); // the request is not authenticated, fail with 401. if (!identityToken.Authenticated) { context.Result = BotAuthenticator.GenerateUnauthorizedResponse(context.HttpContext, "BotAuthenticator failed to authenticate incoming request!"); return; } } catch (Exception e) { context.Result = BotAuthenticator.GenerateUnauthorizedResponse(context.HttpContext, $"Failed authenticating incoming request: {e.ToString()}"); return; } await next(); }