common/AMWD.Common.AspNetCore/BasicAuthentication/BasicAuthenticationMiddleware.cs

using System;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Http;

namespace AMWD.Common.AspNetCore.BasicAuthentication
{
	/// <summary>
	/// Implements a basic authentication.
	/// </summary>
	public class BasicAuthenticationMiddleware
	{
		private readonly RequestDelegate next;
		private readonly IBasicAuthenticationValidator validator;

		/// <summary>
		/// Initializes a new instance of the <see cref="BasicAuthenticationMiddleware"/> class.
		/// </summary>
		/// <param name="next">The following delegate in the process chain.</param>
		/// <param name="validator">A basic authentication validator.</param>
		public BasicAuthenticationMiddleware(RequestDelegate next, IBasicAuthenticationValidator validator)
		{
			this.next = next;
			this.validator = validator;
		}

		/// <summary>
		/// The delegate invokation.
		/// Performs the authentication check.
		/// </summary>
		/// <param name="httpContext">The corresponding HTTP context.</param>
		/// <returns>An awaitable task.</returns>
		public async Task InvokeAsync(HttpContext httpContext)
		{
			if (httpContext.Request.Headers.TryGetValue("Authorization", out var authHeader)
				&& ((string)authHeader).StartsWith("Basic "))
			{
				string encoded = ((string)authHeader).Split(' ', StringSplitOptions.RemoveEmptyEntries).LastOrDefault() ?? "";

				string decoded = Encoding.UTF8.GetString(Convert.FromBase64String(encoded));
				string[] parts = decoded.Split(':', 2);

				var principal = validator.ValidateAsync(parts[0], parts[1], httpContext.GetRemoteIpAddress());
				if (principal != null)
				{
					await next.Invoke(httpContext);
					return;
				}
			}

			httpContext.Response.Headers["WWW-Authenticate"] = "Basic";
			if (!string.IsNullOrWhiteSpace(validator.Realm))
				httpContext.Response.Headers["WWW-Authenticate"] += $" realm=\"{validator.Realm}\"";

			httpContext.Response.StatusCode = StatusCodes.Status401Unauthorized;
		}
	}
}