Home未分类ASP.NETCore编程实现基本认证

ASP.NETCore编程实现基本认证

2010 年 3 月 21 日
# ......

namespace EqidManager.Services

{

    public static class BasicAuthenticationScheme

    {

        public const string DefaultScheme = "Basic";

    }

    public class BasicAuthenticationOption:AuthenticationSchemeOptions

    {

        public string Realm { get; set; }

        public string UserName { get; set; }

        public string UserPwd { get; set; }

    }




    public class BasicAuthenticationHandler : AuthenticationHandler

    {

        private readonly BasicAuthenticationOption authOptions;

        public BasicAuthenticationHandler(

            IOptionsMonitor options,

            ILoggerFactory logger,

            UrlEncoder encoder,

            ISystemClock clock)

            : base(options, logger, encoder, clock)

        {

            authOptions = options.CurrentValue;

        }




        /// 

        /// 认证逻辑

        /// 

        protected override async Task HandleAuthenticateAsync()

        {

            if (!Request.Headers.ContainsKey("Authorization"))

                return AuthenticateResult.Fail("Missing Authorization Header");

            string username, password;

            try

            {

                var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);

                var credentialBytes = Convert.FromBase64String(authHeader.Parameter);

                var credentials = Encoding.UTF8.GetString(credentialBytes).Split(':');

                 username = credentials[0];

                 password = credentials[1];

                 var isValidUser= IsAuthorized(username,password);

                if(isValidUser== false)

                    return AuthenticateResult.Fail("Invalid username or password");

            }

            catch

                return AuthenticateResult.Fail("Invalid Authorization Header");

            var claims = new[] {

                new Claim(ClaimTypes.NameIdentifier,username),

                new Claim(ClaimTypes.Name,username),

            };

            var identity = new ClaimsIdentity(claims, Scheme.Name);

            var principal = new ClaimsPrincipal(identity);

            var ticket = new AuthenticationTicket(principal, Scheme.Name);

            return await Task.FromResult(AuthenticateResult.Success(ticket));

        }




        /// 

        /// 质询

        /// 

        protected override async Task HandleChallengeAsync(AuthenticationProperties properties)

        {

            Response.Headers["WWW-Authenticate"] = $"Basic realm=\"{Options.Realm}\"";

            await base.HandleChallengeAsync(properties);

        }




        /// 

        /// 认证失败

        /// 

        protected override async Task HandleForbiddenAsync(AuthenticationProperties properties)

        {

           await base.HandleForbiddenAsync(properties); 

        }

        private bool IsAuthorized(string username, string password)

        {

            return username.Equals(authOptions.UserName, StringComparison.InvariantCultureIgnoreCase)

                   && password.Equals(authOptions.UserPwd);

        }

    }


}

Related Posts

About The Author

hellowo