Home Explore Help
Register Sign In
wartheking
/
WaterFlush
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 26b9e86ba4
Branches Tags
WaterFlush
/
Packages
/
com.tivadar.best.http
/
Runtime
/
HTTP
/
Request
/
Authenticators
/
CredentialAuthenticator.cs

CredentialAuthenticator.cs 4.1 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091 
  1. using System;
    2. 

  2. using System.Text;
    3. 

  3. 

  4. using Best.HTTP.Request.Authentication;
    5. 

  5. using Best.HTTP.Shared;
    6. 

  6. 

  7. namespace Best.HTTP.Request.Authenticators
    8. 

  8. {
    9. 

  9.     /// <summary>
    10. 

  10.     /// An <see cref="IAuthenticator"/> implementation for HTTP Basic or Digest authentication.
    11. 

  11.     /// </summary>
    12. 

  12.     public class CredentialAuthenticator : IAuthenticator
    13. 

  13.     {
    14. 

  14.         /// <summary>
    15. 

  15.         /// Gets or sets the <see cref="Authentication.Credentials"/> associated with this authenticator.
    16. 

  16.         /// </summary>
    17. 

  17.         public Credentials Credentials { get; set; }
    18. 

  18. 

  19.         /// <summary>
    20. 

  20.         /// Initializes a new instance of the CrendetialAuthenticator class with the specified <see cref="Authentication.Credentials"/>.
    21. 

  21.         /// </summary>
    22. 

  22.         /// <param name="credentials">The <see cref="Authentication.Credentials"/> to use for authentication.</param>
    23. 

  23.         /// <exception cref="ArgumentNullException">Thrown if <paramref name="credentials"/> is null.</exception>
    24. 

  24.         public CredentialAuthenticator(Credentials credentials)
    25. 

  25.         {
    26. 

  26.             if (credentials == null)
    27. 

  27.                 throw new ArgumentNullException(nameof(credentials));
    28. 

  28. 

  29.             this.Credentials = credentials;
    30. 

  30.         }
    31. 

  31. 

  32.         /// <summary>
    33. 

  33.         /// Sets up the required headers for the HTTP request based on the provided credentials.
    34. 

  34.         /// </summary>
    35. 

  35.         /// <param name="request">The HTTP request for which headers should be added.</param>
    36. 

  36.         public void SetupRequest(HTTPRequest request)
    37. 

  37.         {
    38. 

  38.             HTTPManager.Logger.Information(nameof(CredentialAuthenticator), $"SetupRequest({request}, {Credentials?.Type})", request.Context);
    39. 

  39. 

  40.             if (Credentials == null)
    41. 

  41.                 return;
    42. 

  42. 

  43.             switch (Credentials.Type)
    44. 

  44.             {
    45. 

  45.                 case AuthenticationTypes.Basic:
    46. 

  46.                     // With Basic authentication we don't want to wait for a challenge, we will send the hash with the first request
    47. 

  47.                     request.SetHeader("Authorization", string.Concat("Basic ", Convert.ToBase64String(Encoding.UTF8.GetBytes(Credentials.UserName + ":" + Credentials.Password))));
    48. 

  48.                     break;
    49. 

  49. 

  50.                 case AuthenticationTypes.Unknown:
    51. 

  51.                 case AuthenticationTypes.Digest:
    52. 

  52.                     var digest = DigestStore.Get(request.CurrentUri);
    53. 

  53.                     if (digest != null)
    54. 

  54.                     {
    55. 

  55.                         string authentication = digest.GenerateResponseHeader(Credentials, false, request.MethodType, request.CurrentUri);
    56. 

  56.                         if (!string.IsNullOrEmpty(authentication))
    57. 

  57.                             request.SetHeader("Authorization", authentication);
    58. 

  58.                     }
    59. 

  59. 

  60.                     break;
    61. 

  61.             }
    62. 

  62. 

  63.         }
    64. 

  64. 

  65.         /// <summary>
    66. 

  66.         /// Handles the server response with a 401 (Unauthorized) status code and a WWW-Authenticate header.
    67. 

  67.         /// The authenticator might determine the authentication method to use and initiate authentication if needed.
    68. 

  68.         /// </summary>
    69. 

  69.         /// <param name="req">The HTTP request that received the 401 response.</param>
    70. 

  70.         /// <param name="resp">The HTTP response containing the 401 (Unauthorized) status.</param>
    71. 

  71.         /// <returns><c>true</c> if the challenge is handled by the authenticator and the request can be resent with authentication; otherwise, <c>false</c>.</returns>
    72. 

  72.         public bool HandleChallange(HTTPRequest req, HTTPResponse resp)
    73. 

  73.         {
    74. 

  74.             var www_authenticate = resp.GetHeaderValues("www-authenticate");
    75. 

  75. 

  76.             HTTPManager.Logger.Information(nameof(CredentialAuthenticator), $"HandleChallange({req}, {resp}, \"{www_authenticate}\")", req.Context);
    77. 

  77. 

  78.             string authHeader = DigestStore.FindBest(www_authenticate);
    79. 

  79.             if (!string.IsNullOrEmpty(authHeader))
    80. 

  80.             {
    81. 

  81.                 var digest = DigestStore.GetOrCreate(req.CurrentUri);
    82. 

  82.                 digest.ParseChallange(authHeader);
    83. 

  83. 

  84.                 if (this.Credentials != null && digest.IsUriProtected(req.CurrentUri) && (!req.HasHeader("Authorization") || digest.Stale))
    85. 

  85.                     return true;
    86. 

  86.             }
    87. 

  87. 

  88.             return false;
    89. 

  89.         }
    90. 

  90.     }
    91. 

  91. }
    92.