Use [Authorize] Attribute with Token
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.Net; | |
using System.Net.Http; | |
using System.Net.Http.Headers; | |
using System.Web.Http; | |
using EventStoreService.Main; | |
namespace EventStoreService.Controllers | |
{ | |
public class AccountController : ApiController | |
{ | |
// GET: api/Account | |
//public IEnumerable<string> Get() | |
//{ | |
// return new string[] { "value1", "value2" }; | |
//} | |
// GET: api/Account/5 | |
public HttpResponseMessage Get(string id) | |
{ | |
var resp = new HttpResponseMessage(); | |
switch (id) { | |
case "LogOn": { | |
if (!RequestContext.Principal.Identity.IsAuthenticated) { throw new UnauthorizedAccessException(); } | |
var token = HttpRequestMesssageToken.GetToken(Request); | |
if (string.IsNullOrEmpty(token)) { throw new UnauthorizedAccessException(); } | |
var cookie = new CookieHeaderValue(HttpRequestMesssageToken.CookieName, token) { | |
Expires = DateTimeOffset.Now.AddDays(1000), | |
//Domain = Request.RequestUri.Host, // beware of port number for development environment | |
Path = "/", | |
}; | |
resp.Headers.AddCookies(new[] { cookie }); | |
resp.Content = new StringContent("Logged in"); | |
} | |
break; | |
case "LogOff": { | |
var cookie = Request.Headers.GetCookies(HttpRequestMesssageToken.CookieName); | |
if (cookie != null) { | |
var newCookie = new CookieHeaderValue(HttpRequestMesssageToken.CookieName, "_loggedout") { | |
Expires = DateTimeOffset.Now.AddDays(-1), | |
//Domain = Request.RequestUri.Host, | |
Path = "/", | |
}; | |
resp.Headers.AddCookies(new[] { newCookie }); | |
} | |
resp.Content = new StringContent("Logged out"); | |
} | |
break; | |
default: throw new HttpResponseException(HttpStatusCode.NotFound); | |
} | |
resp.Content.Headers.ContentType = new MediaTypeHeaderValue("application/json"); | |
return resp; | |
} | |
// POST: api/Account | |
//public void Post([FromBody]string value) | |
//{ | |
//} | |
//// PUT: api/Account/5 | |
//public void Put(int id, [FromBody]string value) | |
//{ | |
//} | |
//// DELETE: api/Account/5 | |
//public void Delete(int id) | |
//{ | |
//} | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System.Linq; | |
using System.Net.Http; | |
using System.Web; | |
namespace EventStoreService.Main | |
{ | |
public static class HttpRequestMesssageToken | |
{ | |
public const string QueryKey = "token"; | |
public const string CookieName = "token"; | |
public const string HeaderName = "X-Token"; | |
public static string GetToken(HttpRequestMessage request) | |
{ | |
string token = ""; | |
if (string.IsNullOrEmpty(token)) { | |
token = HttpUtility.ParseQueryString(request.RequestUri.Query)[QueryKey]; | |
} | |
if (string.IsNullOrEmpty(token)) { | |
token = request.Headers.Contains("X-Token") ? request.Headers.GetValues(HeaderName).FirstOrDefault() : null; | |
} | |
if (string.IsNullOrEmpty(token)) { | |
var cookie = request.Headers.GetCookies(CookieName).FirstOrDefault(); | |
if (cookie != null) { | |
token = cookie["token"].Value; | |
} | |
} | |
return token; | |
} | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.Security.Principal; | |
using Microsoft.WindowsAzure; | |
using Microsoft.WindowsAzure.ServiceRuntime; | |
namespace EventStoreService.Main | |
{ | |
public static class SimpleCloudConfigurationManagerSettingsPrincipalProvider | |
{ | |
public static IPrincipal GetPrincipal(string token) | |
{ | |
IPrincipal principal = null; | |
if (!RoleEnvironment.IsAvailable) { throw new Exception("Not running in RoleEnvironment. Wrong startup project?"); } | |
// ReSharper disable once ConditionIsAlwaysTrueOrFalse | |
if (principal == null) { | |
if (token == CloudConfigurationManager.GetSetting("ClientToken")) { | |
var identity = new GenericIdentity("Client"); | |
principal = new GenericPrincipal(identity, new[] { "Client" }); | |
} | |
} | |
if (principal == null) { | |
if (token == CloudConfigurationManager.GetSetting("AdminToken")) { | |
var identity = new GenericIdentity("Admin"); | |
principal = new GenericPrincipal(identity, new[] { "Admin" }); | |
} | |
} | |
return principal; | |
} | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System.Net.Http; | |
using System.Security.Principal; | |
using System.Web; | |
namespace EventStoreService.Main | |
{ | |
public class TokenAuthenticationHandler : DelegatingHandler | |
{ | |
public delegate IPrincipal PrincipalFromToken(string token); | |
private readonly PrincipalFromToken PrincipalFromTokenCallback; | |
public TokenAuthenticationHandler(PrincipalFromToken callback) | |
{ | |
PrincipalFromTokenCallback = callback; | |
} | |
protected override System.Threading.Tasks.Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, System.Threading.CancellationToken cancellationToken) | |
{ | |
var token = HttpRequestMesssageToken.GetToken(request); | |
var principal = PrincipalFromTokenCallback(token); | |
if (principal == null) { | |
return base.SendAsync(request, cancellationToken); | |
} | |
var context = request.Properties["MS_HttpContext"] as HttpContextWrapper; | |
if (context != null) { | |
context.User = principal; | |
} | |
return base.SendAsync(request, cancellationToken); | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment