private void Authenticate(HttpApplication app, string authorizationHeader)
{
try
{
var authorizationType = authorizationHeader.Split(' ')[0];
if (authorizationType.Equals(AUTHORIZATION_TYPE))
{
var authenticationData = new AuthenticationData(app.Context);
var authenticator = GetAuthenticator(authenticationData);
var responseToCache = authenticator.AuthenticateMessage(authenticationData);
_cache.Set(authenticationData.SharedKey, responseToCache, null);
app.Context.User = new GenericPrincipal(new GenericIdentity(authenticationData.SharedKey, "API"), null);
}
}
catch (SecurityException securityEx)
{
app.Context.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
app.Context.Response.StatusDescription = securityEx.Message;
app.Context.Response.Flush();
}
catch (TimeoutException timeOutEx)
{
app.Context.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
app.Context.Response.SubStatusCode = (int)HttpStatusCode.RequestTimeout;
app.Context.Response.StatusDescription = timeOutEx.Message;
app.Context.Response.Flush();
}
catch (Exception ex)
{
app.Context.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
app.Context.Response.SubStatusCode = (int)HttpStatusCode.InternalServerError;
app.Context.Response.Flush();
}
}
private IMessageAuthenticationCodeVerifier GetAuthenticator(AuthenticationData authenticationData)
{
IMessageAuthenticationCodeVerifier authenticator;
SuccessfulResponse cashedResponseData;
if (_cache.TryGet(authenticationData.SharedKey, out cashedResponseData))
authenticator = new HMACAuthenticator(cashedResponseData.SecretKey);
else
authenticator = new HMACAuthenticator(authenticationData);
return authenticator;
}