filter jwt for AUTHORIZATION code example
Example: jwt authentication filter c#
using System;
using System.Security.Principal;
using System.Threading;
using System.Threading.Tasks;
using System.Web.Http.Filters;
namespace myspace.filters
{
public class JwtAuthenticationAttribute : Attribute, IAuthenticationFilter
{
private ILog log = LogFactory.GetLogger("JwtAuthValidationLogs");
public string Realm { get; set; }
public bool AllowMultiple => false;
public async Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken)
{
log.Info("Authenticating JWT");
var request = context.Request;
var authorization = request.Headers.Authorization;
if (authorization == null || authorization.Scheme != "Bearer")
{
context.ErrorResult = new AuthenticationFailureResult("Missing Jwt Token", request);
return;
}
if (string.IsNullOrEmpty(authorization.Parameter))
{
context.ErrorResult = new AuthenticationFailureResult("Missing Jwt Token", request);
return;
}
var token = authorization.Parameter;
try
{
IPrincipal principal = await SecurityUtils.validateToken(token);
if (principal == null)
{
context.ErrorResult = new AuthenticationFailureResult("Invalid token", request);
}
else
{
context.Principal = principal;
}
}
catch (Exception ex)
{
log.Error("Exception occured Validating Jwt Token "+ ex.Message + " Inner Exception : " + ex.InnerException);
context.ErrorResult = new AuthenticationFailureResult("Invalid token", request);
}
}
public Task ChallengeAsync(HttpAuthenticationChallengeContext context, CancellationToken cancellationToken)
{
return Task.FromResult(0);
}
}
}