public PipelineContinuation ReadCredentials(ICommunicationContext context) { if (!this.resolver.HasDependency(typeof(IAuthenticationProvider))) { return PipelineContinuation.Continue; } this.authentication = this.resolver.Resolve<IAuthenticationProvider>(); DigestHeader authorizeHeader = GetDigestHeader(context); if (authorizeHeader == null) { return PipelineContinuation.Continue; } string digestUri = GetAbsolutePath(authorizeHeader.Uri); if (digestUri != context.Request.Uri.AbsolutePath) { return ClientError(context); } Credentials creds = this.authentication.GetByUsername(authorizeHeader.Username); if (creds == null) { return NotAuthorized(context); } var checkHeader = new DigestHeader(authorizeHeader) { Password = creds.Password, Uri = authorizeHeader.Uri }; string hashedDigest = checkHeader.GetCalculatedResponse(context.Request.HttpMethod); if (authorizeHeader.Response == hashedDigest) { IIdentity id = new GenericIdentity(creds.Username, "Digest"); context.User = new GenericPrincipal(id, creds.Roles); return PipelineContinuation.Continue; } return NotAuthorized(context); }
IResponse RetryWithHttpAuthenticationCredentials(IClientRequest request, IResponse response) { if (response.Headers["WWW-Authenticate"] != null && response.Headers["WWW-Authenticate"].Contains("Digest")) { var responseDigest = DigestHeader.Parse(response.Headers["WWW-Authenticate"]); var header = new DigestHeader(responseDigest) { Username = request.Credentials.Username, Password = request.Credentials.Password, Nonce = responseDigest.Nonce, ClientNonce = "none", Uri = request.Uri.GetLeftPart(UriPartial.Path) }; header.Response = header.GetCalculatedResponse(request.HttpMethod); request.Headers["Authorization"] = header.ClientRequestHeader; return _host.ProcessRequest(request); } return response; }