我正在尝试创建一个新的API密钥自定义身份验证提供程序,以插入到我的OWIN管道中。 我还使用了Cookie、OAuth和ADFS提供程序。 我实现的代码基本上是这样的:
public static class ApiKeyAuthenticationExtension
{
public static IAppBuilder UseApiKeyAuthentication(this IAppBuilder appBuilder, ApiKeyAuthenticationOptions options = null)
{
appBuilder.Use<ApiKeyAuthenticationMiddleware>(options ?? new ApiKeyAuthenticationOptions("ApiKey"));
appBuilder.UseStageMarker(PipelineStage.Authenticate);
return appBuilder;
}
}
public class ApiKeyAuthenticationMiddleware : AuthenticationMiddleware<AuthenticationOptions>
{
public ApiKeyAuthenticationMiddleware(OwinMiddleware next, AuthenticationOptions options) : base(next, options)
{
}
protected override AuthenticationHandler<AuthenticationOptions> CreateHandler()
{
return new ApiKeyAuthenticationHandler();
}
}
public class ApiKeyAuthenticationHandler : AuthenticationHandler<AuthenticationOptions>
{
private const string ApiKey = ".....";
protected override Task<AuthenticationTicket> AuthenticateCoreAsync()
{
string apiKey = Context.Request.Headers["ApiKey"];
if (!string.IsNullOrEmpty(apiKey) && ApiKey.Equals(apiKey))
{
var identity = new ClaimsIdentity(Options.AuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, "Id", null, Options.AuthenticationType));
identity.AddClaim(new Claim(ClaimTypes.Name, "Name"));
identity.AddClaim(new Claim(ClaimTypes.Email, "bla@blu.com"));
return new Task<AuthenticationTicket>(() => new AuthenticationTicket(identity, new AuthenticationProperties()));
}
return Task.FromResult(null as AuthenticationTicket);
}
}
public class ApiKeyAuthenticationOptions : AuthenticationOptions
{
public ApiKeyAuthenticationOptions(string authenticationType) : base(authenticationType)
{
}
}
我的 Startup.Auth 文件看起来像这样:
app.UseCookieAuthentication(...
app.UseActiveDirectoryFederationServicesBearerAuthentication(...
app.UseOAuthAuthorizationServer(...
app.UseOAuthBearerAuthentication(...
最后
app.UseApiKeyAuthentication(...
当执行进入AuthenticateCoreAsync并返回身份验证票证时,浏览器会停滞不前,执行似乎没有任何进展。此后什么也没有发生。
我在这里漏掉了什么?