• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号

ASP.NET Web API 通过Authentication特性来实现身份认证

原作者: [db:作者] 来自: [db:来源] 收藏 邀请
 1 using System;
 2 using System.Collections.Generic;
 3 using System.Net.Http.Headers;
 4 using System.Security.Principal;
 5 using System.Text;
 6 using System.Threading;
 7 using System.Threading.Tasks;
 8 using System.Web.Http.Filters;
 9 using System.Web.Http.Results;
10 
11 namespace WebApi
12 {
13     [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method)]
14     public class AuthenticateAttribute : FilterAttribute, IAuthenticationFilter
15     {
16         private static readonly Dictionary<string, string> UserAccounts;
17 
18         static AuthenticateAttribute()
19         {
20             UserAccounts = new Dictionary<string, string>(StringComparer.OrdinalIgnoreCase)
21             {
22                 {"Foo", "Password"},
23                 {"Bar", "Password"},
24                 {"Baz", "Password"}
25             };
26         }
27 
28         public Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken)
29         {
30             IPrincipal user = null;
31             var headerValue = context.Request.Headers.Authorization;
32             if (null != headerValue && headerValue.Scheme == "Basic")
33             {
34                 var credential = Encoding.Default.GetString(Convert.FromBase64String(headerValue.Parameter));
35                 var split = credential.Split(':');
36                 if (split.Length == 2)
37                 {
38                     var userName = split[0];
39                     string password;
40                     if (UserAccounts.TryGetValue(userName, out password))
41                     {
42                         if (password == split[1])
43                         {
44                             var identity = new GenericIdentity(userName);
45                             user = new GenericPrincipal(identity, new string[0]);
46                         }
47                     }
48                 }
49             }
50             context.Principal = user;
51             return Task.FromResult<object>(null);
52         }
53 
54         public Task ChallengeAsync(HttpAuthenticationChallengeContext context, CancellationToken cancellationToken)
55         {
56             var user = context.ActionContext.ControllerContext.RequestContext.Principal;
57             if (null != user && user.Identity.IsAuthenticated) return Task.FromResult<object>(null);
58             var parameter = $"realm={context.Request.RequestUri.DnsSafeHost}";
59             var challenge = new AuthenticationHeaderValue("Basic", parameter);
60             context.Result = new UnauthorizedResult(new[] {challenge}, context.Request);
61             return Task.FromResult<object>(null);
62         }
63     }
64 }

 


鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
热门推荐
热门话题
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap