JohnAguirre JohnAguirre - 2 months ago 32
C# Question

How do i set up a default for ActiveAuthenticationSchemes?

In my ASP.Net Core 2 project, I have a custom

AuthenticationHandler
middleware that i want to plug in.

public class BasicAuthenticationMiddleware : AuthenticationHandler<AuthenticationSchemeOptions>
{
public BasicAuthenticationMiddleware(IOptionsMonitor<AuthenticationSchemeOptions> options,
ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock)
: base(options, logger, encoder, clock)
{
}
protected override Task<AuthenticateResult> HandleAuthenticateAsync()
{
var principal = new GenericPrincipal(new GenericIdentity("User"), null);
var ticket = new AuthenticationTicket(principal, new AuthenticationProperties(), "BasicAuth");
return Task.FromResult(AuthenticateResult.Success(ticket));
}
}


In my startup I have the following:

public void ConfigureServices(IServiceCollection services)
{
services.AddMvc();
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = "BasicAuth";
options.DefaultChallengeScheme = "BasicAuth";
options.AddScheme("BasicAuth", x => {
x.DisplayName = "BasicAuthenticationMiddleware";
x.HandlerType = typeof(BasicAuthenticationMiddleware);
});
});
}


And finally my view controller:

[Route("api/[controller]")]
public class ValuesController : Controller
{
// GET api/values/Works
[HttpGet]
[Route("Works")]
[Authorize(ActiveAuthenticationSchemes = "BasicAuth")]
public string Works()
{
return "works";
}

// GET api/values/DoesNotWork
[HttpGet]
[Route("DoesNotWork")]
[Authorize]
public string DoesNotWork()
{
return "does not work";
}

}


My authenticator
HandleAuthenticateAsync
will be called when I specify
ActiveAuthenticationSchemes
to my scheme name, but otherwise it will not. I have a demo app showing the behavior here: https://github.com/JohnPAguirre/AuthenticationSchemaProblem

I want my
BasicAuthenticationMiddleware
to log everyone in with my demo logic. How can i make the
ActiveAuthenticationSchemes
default to "BasicAuth" for all requests?

Anyone have any ideas on what I could be missing?

Answer Source

I don't think you can set a default, but you have some other options.

  1. Create your own custom authorisation attribute:

    public class BasicAuthAuthorizeAttribute : AuthorizeAttribute
    {
        public BasicAuthAuthorizeAttribute()
        {
            ActiveAuthenticationSchemes = "BasicAuth";
        }
    }
    

    And use it on your actions like you would before:

    [BasicAuthAuthorize]
    public string SomeAction()
    {
        //snip
    }
    
  2. Add the Authorize attribute to all your actions and only override it where needed. To do that, in your `` method:

    public void ConfigureServices(IServiceCollection services)
    {
        services.AddMvc(options =>
        {
            options.Filters.Add(new AuthorizeAttribute
            {
                ActiveAuthenticationSchemes = "BasicAuth" 
            });
    
        });
    
        //snip
    }
    

    And overriding it:

    [AllowAnonymous]
    public string UnsecureAction()
    {
        //snip
    }