public AuthenticationHandler(HttpAuthentication authentication, HttpConfiguration httpConfiguration = null) { _authN = authentication; if (httpConfiguration != null) { InnerHandler = new HttpControllerDispatcher(httpConfiguration); } }
private static bool AuthorizeRequest(HttpRequestMessage request) { var authN = new HttpAuthentication(WebApiConfig.Configuration); // Code to minimize time after token expiration when token is still successfully validated. Just for test purposes! authN.Configuration.Mappings.First().TokenHandler.Configuration.MaxClockSkew = TimeSpan.FromSeconds(3); ClaimsPrincipal principal; try { principal = authN.Authenticate(request); } catch (SecurityTokenValidationException) { return false; } return principal.Identity.IsAuthenticated; }
public IHttpActionResult Get(HttpRequestMessage request) { var authN = new HttpAuthentication(WebApiConfig.Configuration); // Code to minimize time after token expiration when token is still successfully validated. Just for test purposes! authN.Configuration.Mappings.First().TokenHandler.Configuration.MaxClockSkew = TimeSpan.FromSeconds(3); try { ClaimsPrincipal principal = authN.Authenticate(request); if (principal.Identity.IsAuthenticated == false) { return StatusCode(HttpStatusCode.Forbidden); } } catch (SecurityTokenValidationException) { return StatusCode(HttpStatusCode.Forbidden); } return Ok(); }
public AuthenticationHandler(HttpAuthentication authentication, HttpMessageHandler innerHandler) { _authN = authentication; InnerHandler = innerHandler; }