am-wd/common
1
0
Fork 0
Code Actions Activity

BasicAuthenticationAttribute now respects the IBasicAuthenticationValidator.Realm when the own Realm property is not set. IBasicAuthenticationValidator.Realm is now a read-only property (removed public set).

Browse Source
This commit is contained in:
Andreas Müller
2022-07-04 19:30:40 +02:00
parent bfe500dfa1
commit 8754e40c91
2 changed files with 11 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
AMWD.Common.AspNetCore/Attributes/BasicAuthenticationAttribute.cs
View File

@@ -73,9 +73,16 @@ namespace Microsoft.AspNetCore.Authorization
private void SetAuthenticateRequest(AuthorizationFilterContext context)
{
var validator = context.HttpContext.RequestServices.GetService<IBasicAuthenticationValidator>();
string realm = string.IsNullOrWhiteSpace(Realm)
? string.IsNullOrWhiteSpace(validator?.Realm)
? null
: validator.Realm
: Realm;
context.HttpContext.Response.Headers["WWW-Authenticate"] = "Basic";
if (!string.IsNullOrWhiteSpace(Realm))
context.HttpContext.Response.Headers["WWW-Authenticate"] += $" realm=\"{Realm.Replace("\"", "")}\"";
if (!string.IsNullOrWhiteSpace(realm))
context.HttpContext.Response.Headers["WWW-Authenticate"] += $" realm=\"{realm.Trim().Replace("\"", "")}\"";
context.HttpContext.Response.StatusCode = StatusCodes.Status401Unauthorized;
context.Result = new StatusCodeResult(StatusCodes.Status401Unauthorized);