-
Notifications
You must be signed in to change notification settings - Fork 13
/
HeaderAuthenticationHandler.cs
64 lines (60 loc) · 2.77 KB
/
HeaderAuthenticationHandler.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Claims;
using System.Text.Encodings.Web;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;
namespace WeihanLi.AspNetCore.Authentication.HeaderAuthentication
{
public class HeaderAuthenticationHandler : AuthenticationHandler<HeaderAuthenticationOptions>
{
public HeaderAuthenticationHandler(IOptionsMonitor<HeaderAuthenticationOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock) : base(options, logger, encoder, clock)
{
}
protected override Task<AuthenticateResult> HandleAuthenticateAsync()
{
if (!Request.Headers.ContainsKey(Options.UserIdHeaderName))
{
return Task.FromResult(AuthenticateResult.NoResult());
}
var userId = Request.Headers[Options.UserIdHeaderName].ToString();
var claims = new List<Claim>()
{
new Claim(ClaimTypes.NameIdentifier, userId),
};
if (Request.Headers.ContainsKey(Options.UserNameHeaderName))
{
claims.Add(new Claim(ClaimTypes.Name, Request.Headers[Options.UserNameHeaderName].ToString()));
}
if (Request.Headers.ContainsKey(Options.UserRolesHeaderName))
{
var userRoles = Request.Headers[Options.UserRolesHeaderName].ToString()
.Split(new[] { Options.Delimiter }, StringSplitOptions.RemoveEmptyEntries);
claims.AddRange(userRoles.Select(r => new Claim(ClaimTypes.Role, r)));
}
if (Options.AdditionalHeaderToClaims.Count > 0)
{
foreach (var headerToClaim in Options.AdditionalHeaderToClaims)
{
if (Request.Headers.ContainsKey(headerToClaim.Key))
{
foreach (var val in Request.Headers[headerToClaim.Key].ToString().Split(new[] { Options.Delimiter }, StringSplitOptions.RemoveEmptyEntries))
{
claims.Add(new Claim(headerToClaim.Value, val));
}
}
}
}
// claims identity 's authentication type can not be null https://stackoverflow.com/questions/45261732/user-identity-isauthenticated-always-false-in-net-core-custom-authentication
var principal = new ClaimsPrincipal(new ClaimsIdentity(claims, Scheme.Name));
var ticket = new AuthenticationTicket(
principal,
Scheme.Name
);
return Task.FromResult(AuthenticateResult.Success(ticket));
}
}
}