2022-01-31 13:56:30 +00:00
|
|
|
|
using SecurityContext = ASC.Core.SecurityContext;
|
2019-05-17 08:32:23 +00:00
|
|
|
|
|
2022-02-03 13:19:48 +00:00
|
|
|
|
namespace ASC.Api.Core.Auth;
|
|
|
|
|
|
|
|
|
|
[Scope]
|
|
|
|
|
public class CookieAuthHandler : AuthenticationHandler<AuthenticationSchemeOptions>
|
2019-05-17 08:32:23 +00:00
|
|
|
|
{
|
2022-02-03 13:19:48 +00:00
|
|
|
|
private readonly AuthorizationHelper _authorizationHelper;
|
|
|
|
|
private readonly SecurityContext _securityContext;
|
|
|
|
|
private readonly CookiesManager _cookiesManager;
|
|
|
|
|
|
|
|
|
|
public CookieAuthHandler(
|
|
|
|
|
IOptionsMonitor<AuthenticationSchemeOptions> options,
|
|
|
|
|
ILoggerFactory logger,
|
|
|
|
|
UrlEncoder encoder,
|
|
|
|
|
ISystemClock clock)
|
|
|
|
|
: base(options, logger, encoder, clock) { }
|
|
|
|
|
|
|
|
|
|
public CookieAuthHandler(IOptionsMonitor<AuthenticationSchemeOptions> options,
|
|
|
|
|
ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock,
|
|
|
|
|
AuthorizationHelper authorizationHelper,
|
|
|
|
|
SecurityContext securityContext,
|
|
|
|
|
CookiesManager cookiesManager)
|
|
|
|
|
: this(options, logger, encoder, clock)
|
2019-05-17 08:32:23 +00:00
|
|
|
|
{
|
2022-02-03 13:19:48 +00:00
|
|
|
|
_authorizationHelper = authorizationHelper;
|
|
|
|
|
_securityContext = securityContext;
|
|
|
|
|
_cookiesManager = cookiesManager;
|
|
|
|
|
}
|
2021-09-07 19:58:01 +00:00
|
|
|
|
|
2022-02-03 13:19:48 +00:00
|
|
|
|
protected override Task<AuthenticateResult> HandleAuthenticateAsync()
|
|
|
|
|
{
|
|
|
|
|
var result = _authorizationHelper.ProcessBasicAuthorization(out _);
|
|
|
|
|
if (!result)
|
2019-05-17 08:32:23 +00:00
|
|
|
|
{
|
2022-02-03 13:19:48 +00:00
|
|
|
|
_securityContext.Logout();
|
|
|
|
|
_cookiesManager.ClearCookies(CookiesType.AuthKey);
|
|
|
|
|
_cookiesManager.ClearCookies(CookiesType.SocketIO);
|
2019-05-17 08:32:23 +00:00
|
|
|
|
}
|
|
|
|
|
|
2022-02-03 13:19:48 +00:00
|
|
|
|
return Task.FromResult(
|
|
|
|
|
result ?
|
|
|
|
|
AuthenticateResult.Success(new AuthenticationTicket(Context.User, new AuthenticationProperties(), Scheme.Name)) :
|
2022-02-07 16:03:16 +00:00
|
|
|
|
AuthenticateResult.Fail(new AuthenticationException(HttpStatusCode.Unauthorized.ToString())));
|
2019-05-17 08:32:23 +00:00
|
|
|
|
}
|
2022-02-03 13:19:48 +00:00
|
|
|
|
}
|