Created
August 6, 2016 17:07
-
-
Save n3rd/d95f0dcd142ef7a6ecb42648d6ea793e to your computer and use it in GitHub Desktop.
HttpAuthModule
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.Linq; | |
using System.Security.Claims; | |
using System.Text; | |
using System.Threading; | |
using System.Web; | |
namespace HttpAuthModule | |
{ | |
public class HttpAuthModule : IHttpModule | |
{ | |
private static string Realm = "TestAuthModule"; | |
private static string UserName = "Test"; | |
private static string Password = "p@ssw0rd"; | |
private static string Role = "Admin"; | |
private bool IsHeaderPresent | |
{ | |
get | |
{ | |
return Array.Exists(HttpContext.Current.Request.Headers.AllKeys, k => "Authorization".Equals(k, StringComparison.OrdinalIgnoreCase)); | |
} | |
} | |
public void Init(HttpApplication context) | |
{ | |
context.AuthenticateRequest += (sender, e) => | |
{ | |
if(!IsHeaderPresent || !AuthenticateUser()) | |
{ | |
DenyAccess(); | |
} | |
}; | |
context.EndRequest += (sender, e) => | |
{ | |
if (HttpContext.Current.Response.StatusCode == 401) | |
{ | |
SendAuthenticationHeader(); | |
} | |
}; | |
} | |
private bool AuthenticateUser() | |
{ | |
string username, password; | |
string authHeader = HttpContext.Current.Request.Headers["Authorization"]; | |
if (authHeader != null && authHeader.StartsWith("Basic", StringComparison.OrdinalIgnoreCase)) | |
{ | |
string[] credentials = ExtractCredentials(authHeader); | |
if (credentials.Count() < 2) | |
return false; | |
username = credentials[0]; | |
password = credentials[1]; | |
if (ValidateUser(username, password)) | |
{ | |
SetPrincipal(username); | |
return true; | |
} | |
} | |
return false; | |
} | |
private void SetPrincipal(string username) | |
{ | |
var principal = new ClaimsPrincipal(new ClaimsIdentity(new[] { | |
new Claim(ClaimTypes.Name, username), | |
new Claim(ClaimTypes.Role, Role) | |
})); | |
Thread.CurrentPrincipal = principal; | |
HttpContext.Current.User = principal; | |
} | |
private bool ValidateUser(string username, string password) | |
{ | |
return UserName.Equals(username, StringComparison.OrdinalIgnoreCase) | |
&& Password.Equals(password, StringComparison.Ordinal); | |
} | |
private string[] ExtractCredentials(string authHeader) | |
{ | |
string credentials = authHeader.Substring(6); | |
return DecodeBase64(credentials).Split(new []{ ':' }); | |
} | |
private string DecodeBase64(string encodedString) | |
{ | |
byte[] data = Convert.FromBase64String(encodedString); | |
return Encoding.UTF8.GetString(data); | |
} | |
private void DenyAccess() | |
{ | |
HttpContext context = HttpContext.Current; | |
context.Response.StatusCode = 401; | |
context.Response.End(); | |
} | |
private void SendAuthenticationHeader() | |
{ | |
HttpContext context = HttpContext.Current; | |
context.Response.StatusCode = 401; | |
context.Response.AddHeader("WWW-Authenticate", $"Basic realm={Realm}"); | |
} | |
public void Dispose() | |
{ | |
} | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="UTF-8"?> | |
<configuration> | |
<system.webServer> | |
<modules> | |
<add name="HttpAuthModule" type="HttpAuthModule.HttpAuthModule" /> | |
</modules> | |
</system.webServer> | |
</configuration> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment