101 lines
3.4 KiB
C#
101 lines
3.4 KiB
C#
// Copyright (c) .NET Foundation. All rights reserved.
|
|
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
|
|
|
using System;
|
|
using System.Threading.Tasks;
|
|
using Microsoft.AspNet.Http.Features.Authentication;
|
|
using Microsoft.Extensions.Logging;
|
|
|
|
namespace Microsoft.AspNet.Authentication
|
|
{
|
|
public abstract class RemoteAuthenticationHandler<TOptions> : AuthenticationHandler<TOptions> where TOptions : RemoteAuthenticationOptions
|
|
{
|
|
public override async Task<bool> HandleRequestAsync()
|
|
{
|
|
if (Options.CallbackPath == Request.Path)
|
|
{
|
|
return await HandleRemoteCallbackAsync();
|
|
}
|
|
return false;
|
|
}
|
|
|
|
protected virtual async Task<bool> HandleRemoteCallbackAsync()
|
|
{
|
|
var authResult = await HandleRemoteAuthenticateAsync();
|
|
if (authResult == null || !authResult.Succeeded)
|
|
{
|
|
var errorContext = new ErrorContext(Context, authResult?.Error ?? new Exception("Invalid return state, unable to redirect."));
|
|
Logger.LogInformation("Error from RemoteAuthentication: " + errorContext.Error.Message);
|
|
await Options.Events.RemoteError(errorContext);
|
|
if (errorContext.HandledResponse)
|
|
{
|
|
return true;
|
|
}
|
|
if (errorContext.Skipped)
|
|
{
|
|
return false;
|
|
}
|
|
|
|
Context.Response.StatusCode = 500;
|
|
return true;
|
|
}
|
|
|
|
// We have a ticket if we get here
|
|
var ticket = authResult.Ticket;
|
|
var context = new TicketReceivedContext(Context, Options, ticket)
|
|
{
|
|
ReturnUri = ticket.Properties.RedirectUri,
|
|
};
|
|
// REVIEW: is this safe or good?
|
|
ticket.Properties.RedirectUri = null;
|
|
|
|
await Options.Events.TicketReceived(context);
|
|
|
|
if (context.HandledResponse)
|
|
{
|
|
Logger.LogVerbose("The SigningIn event returned Handled.");
|
|
return true;
|
|
}
|
|
else if (context.Skipped)
|
|
{
|
|
Logger.LogVerbose("The SigningIn event returned Skipped.");
|
|
return false;
|
|
}
|
|
|
|
if (context.Principal != null)
|
|
{
|
|
await Context.Authentication.SignInAsync(Options.SignInScheme, context.Principal, context.Properties);
|
|
}
|
|
|
|
if (context.ReturnUri != null)
|
|
{
|
|
Response.Redirect(context.ReturnUri);
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
protected abstract Task<AuthenticateResult> HandleRemoteAuthenticateAsync();
|
|
|
|
protected override Task<AuthenticateResult> HandleAuthenticateAsync()
|
|
{
|
|
return Task.FromResult(AuthenticateResult.Failed("Remote authentication does not support authenticate"));
|
|
}
|
|
|
|
protected override Task HandleSignOutAsync(SignOutContext context)
|
|
{
|
|
throw new NotSupportedException();
|
|
}
|
|
|
|
protected override Task HandleSignInAsync(SignInContext context)
|
|
{
|
|
throw new NotSupportedException();
|
|
}
|
|
|
|
protected override Task<bool> HandleForbiddenAsync(ChallengeContext context)
|
|
{
|
|
throw new NotSupportedException();
|
|
}
|
|
}
|
|
} |